Kiara Grouwstra
feebc56f97
add subdomain status
to TF (dnsimple, gandi)
2024-09-28 22:18:05 +02:00
Kiara Grouwstra
cdfe405e96
add uptime-kuma to public01
2024-09-28 22:14:42 +02:00
Kiara Grouwstra
1f05410770
feat(monitoring): add uptime-kuma for status page, see #97
...
Adds a config for a status page using uptime-kuma.
Open questions here included:
- what machine to run this on
(and if a new one how to configure their network bits);
- who could help set the secret in the age file;
- who could set up the application password (currently a manual step in
services.uptime-kuma), after which the stateless client can be re-built;
- what to monitor -- i for now commented some sub-domains i could not
publicly access to test.
2024-09-27 08:49:21 +02:00
Maxine Aubrey
8d95d1f850
fix(dns): dnsimple expects FQDNs in CNAMEs
...
DNSimple doesn't appear to follow the typical behaviour of appending the
domain unless the CNAME is terminated with `.`
To avoid further problems, let's just explicilty use the FQDN for all
CNAMEs.
https://support.dnsimple.com/articles/cname-record/
For comparison:
```
;; ANSWER SECTION:
alerts.forkos.org. 300 IN CNAME meta01.infra.p.
```
```
;; ANSWER SECTION:
alerts.forkos.org. 181 IN CNAME meta01.infra.p.forkos.org.
meta01.infra.p.forkos.org. 181 IN A 163.172.69.160
```
2024-09-24 23:11:28 +02:00
Maxine Aubrey
29c1b366c6
feat(dns): migrate forkos.org zone to dnsimple
2024-09-24 21:10:39 +02:00
Maxine Aubrey
16027be2ca
fix(dns): apex cnames are not allowed
...
change flowery.systems from CNAME to ALIAS pointing to news.forkos.org
2024-09-24 20:50:41 +02:00
Janik Haag
d780f18534
Merge pull request 'feat(dns): migrate functions from gandi to dnsimple' ( #113 ) from janik/dnsimple into main
...
Reviewed-on: #113
Reviewed-by: Maxine Aubrey <max@ine.dev>
2024-09-24 18:37:55 +00:00
Janik Haag
8acc60e328
feat(dns): migrate functions from gandi to dnsimple
2024-09-24 00:25:58 +02:00
Maxine Aubrey
e3b6cb72b4
feat(dns): add dnsimple to terraform configuration
2024-09-23 19:49:21 +02:00
raito
94d1881e10
feat(gerrit): add git-gc-preserve script
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-02 11:05:54 +02:00
raito
132d2866b5
feat(channels): add minimal ISO for x86_64-linux
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-31 20:14:02 +02:00
raito
a14f496db8
fix(channel-scripts): fix RUST_LOG=info
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-31 20:03:11 +02:00
raito
c2ad3d6d26
fix(channel-scripts): push OTLP properly now
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-31 19:56:46 +02:00
raito
4c7943349b
fix(flake): bump channel-scripts to obtain the fixed rename
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-31 19:50:02 +02:00
raito
9a04ef909b
feat(nixpkgs): run oxidized channel scripts
...
We don't need weird Perl scripts where we are going. Here's a streaming
channel-scripts deployment with plenty of bells, including OTLP.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-31 19:32:23 +02:00
Ilya K
c1712dc1fa
Set up tempo
2024-08-31 15:05:30 +03:00
raito
8073ae6942
feat(s3-revproxy): tune the cache-control
...
Adopt the original values from the Perl script.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-31 00:52:13 +02:00
raito
c38e9b482f
feat(web): provide a directory listing via s3-revproxy
...
Thanks to Jade Lovelace who built all this machinery for Lix initially.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-31 00:29:18 +02:00
raito
9063138156
feat(secrets): add s3 reverse proxy API keys
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-31 00:19:49 +02:00
raito
322f10d9ae
feat(dns): add raw S3 reverse proxies domains for channel scripts
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-31 00:19:40 +02:00
Ilya K
bf7252c210
terraform/hydra: more nixpkgses now
2024-08-30 21:34:30 +03:00
raito
c969625b0f
fix(sniproxy): outside/inside of infra, the ingress IPs are different
...
In my infrastructure, the source node is 99::1, outside of my infra,
it's ::1.
All of this machinery was never really meant to be used on this scale,
so oopsie.
We should build our own sniproxy at some point.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-30 19:01:44 +02:00
raito
1b22c1f0ae
fix(hydra): proxy it over my sniproxy
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-30 18:34:35 +02:00
Ilya K
30d759edf4
terraform/hydra: switch k900-experiments jobset to less-nixpkgses branch
2024-08-30 19:22:09 +03:00
Pierre Bourdon
cd92c9588f
flake.lock: Update
...
Flake lock file updates:
• Updated input 'hydra':
'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=f1b552ecbf2d011cd4fdb93d7d117388ab9c0027 ' (2024-08-12)
→ 'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=44b9a7b95d23e7a8587cb963f00382046707f2db ' (2024-08-25)
• Updated input 'hydra/lix':
'git+https://git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=5137cea99044d54337e439510a647743110b2d7d ' (2024-08-10)
→ 'git+https://git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=278fddc317cf0cf4d3602d0ec0f24d1dd281fadb ' (2024-08-17)
• Updated input 'hydra/nix-eval-jobs':
'git+https://git.lix.systems/lix-project/nix-eval-jobs?ref=refs/heads/main&rev=c057494450f2d1420726ddb0bab145a5ff4ddfdd ' (2024-07-17)
→ 'git+https://git.lix.systems/lix-project/nix-eval-jobs?ref=refs/heads/main&rev=42a160bce2fd9ffebc3809746bc80cc7208f9b08 ' (2024-08-13)
• Updated input 'hydra/nix-eval-jobs/flake-parts':
'github:hercules-ci/flake-parts/9227223f6d922fee3c7b190b2cc238a99527bbb7' (2024-07-03)
→ 'github:hercules-ci/flake-parts/8471fe90ad337a8074e957b69ca4d0089218391d' (2024-08-01)
• Updated input 'hydra/nix-eval-jobs/treefmt-nix':
'github:numtide/treefmt-nix/0fb28f237f83295b4dd05e342f333b447c097398' (2024-07-15)
→ 'github:numtide/treefmt-nix/349de7bc435bdff37785c2466f054ed1766173be' (2024-08-12)
2024-08-25 22:07:24 +02:00
raito
024b431cbc
feat(grafana): plug jsonnet-based dashboards in provisioning
...
Add the gerrit dashboards as an example.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-24 16:32:21 +02:00
raito
d1ffce9336
feat(grafana): jsonnet-based dashboards
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-24 16:17:52 +02:00
Ilya K
aef541829e
Fix pyroscope datasource
2024-08-24 11:39:25 +03:00
raito
1fc15526d7
fix(pyroscope): add the gRPC endpoint as proxy as well
...
This is not documented but necessary for Alloy to operate.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-24 10:33:49 +02:00
raito
2544adba8e
fix(gerrit): setup Alloy & Pyroscope more according to the docs
...
Still not working due to "unimplemented: error 404 not found" at push
time, but it's really unclear now why this occur.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-24 08:45:20 +02:00
raito
4f4a25a5ad
feat(gerrit): push pyroscope profiling to Pyroscope
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-23 22:37:33 +02:00
raito
702867cd62
feat(pyroscope): add push API & reverse proxy
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-23 21:04:22 +02:00
raito
7cde6e92ae
feat(grafana): add Pyroscope datasource
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-23 21:04:11 +02:00
raito
42cfa695ea
dns: add pyroscope.forkos.org → meta01
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-23 21:03:07 +02:00
raito
ac7815321a
feat(pyroscope): add secrets and storage
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-23 20:58:08 +02:00
raito
db46b01ae9
feat(monitoring): add pyroscope to the infrastructure
...
Vendored for the time being.
See https://cl.forkos.org/c/nixpkgs/+/181 for upstreaming properly.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-23 20:43:00 +02:00
raito
c380f29937
fix(grafana): remove the global pgsql module dependency for now
...
We should re-introduce it once things are a bit scoped out.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-23 20:43:00 +02:00
raito
5dc6165c2e
feat(gerrit): add git in the environment to perform git-native clones
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-23 20:43:00 +02:00
raito
0eaaf860d1
feat(common): enable system wide diff in the activation output
...
This helps me to review what changes could be problematic in advance.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-23 20:43:00 +02:00
raito
bf1b8d4d19
secrets: rekey for public01 access to metrics
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-21 16:45:12 +02:00
raito
58c0dd3d2e
feat(public): add listmonk instance on news.forkos.org
...
To prepare for public communications and updates.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-21 16:45:12 +02:00
raito
8c35dfa8e0
fix(gerrit): tinker a bit with gerrit defaults for transfer & caching
...
We had some issues in the past with too many packfiles and timeout
during transfers, let's try to provide a bit of relief in bad scenarios.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-21 16:31:16 +02:00
Yureka
cfc24abfe1
adjust hydra-gc numbers
...
for the new ssds
2024-08-20 12:08:49 +02:00
Yureka
a72a991863
add A record for cache.forkos.org
2024-08-19 23:06:46 +02:00
Pierre Bourdon
f938fcb24e
hydra: increase git operations timeout
2024-08-16 17:44:45 +02:00
Pierre Bourdon
6881351f23
build-coord: copy the baremetal-builders DNS64 config
2024-08-16 09:33:48 +02:00
Pierre Bourdon
d3e053809c
hydra: log_prefix needs to be / terminated
2024-08-16 09:25:46 +02:00
Pierre Bourdon
e2a990c982
hydra: listen on 127.0.0.1 instead of localhost
...
For some cursed reasons, the latter doesn't work on build-coord:
Aug 16 07:06:22 build-coord hydra-server[109560]: Resolved [localhost]:3000 to [::1]:3000, IPv6
Aug 16 07:06:22 build-coord hydra-server[109560]: Resolved [localhost]:3000 to [127.0.0.1]:3000, IPv4
Aug 16 07:06:22 build-coord hydra-server[109560]: Binding to TCP port 3000 on host ::1 with IPv6
Aug 16 07:06:22 build-coord hydra-server[109560]: Binding to TCP port 3000 on host 127.0.0.1 with IPv4
Aug 16 07:06:22 build-coord hydra-server[109560]: 2024/08/16-07:06:22 Can't connect to TCP port 3000 on 127.0.0.1 [Invalid argument]
2024-08-16 09:20:49 +02:00
Pierre Bourdon
5fdce0e2b5
hydra: move from bagel-box to build-coord
2024-08-16 09:03:29 +02:00
Pierre Bourdon
ce3a40671c
acme: make ToS and contact config common
2024-08-16 09:03:08 +02:00