the-distro/infra
9
0
Fork 5
Code Issues 39 Pull requests 6 Projects 1 Releases Packages Wiki Activity
Temp repo for Bagel-baking infrastructure
442 commits 27 branches 0 tags 3.1 MiB
Nix 89.9%
Python 4.9%
JavaScript 2%
Shell 2%
Smarty 1.2%
Find a file
Raito Bezarius fb8eea1057 feat(services/ofborg/rabbitmq): pre-provision accounts, vhosts and permissions 
No need to do it manually.

In the future, we should rework a bit the permissions for various
accounts.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2025-01-02 18:39:43 +01:00
common feat(systems): trust our infra chain on all systems 2025-01-01 03:43:13 +01:00
dashboards feat(grafana): plug jsonnet-based dashboards in provisioning 2024-08-24 16:32:21 +02:00
hosts feat(hosts/bagel-box): enable secrets-agent on this machine 2025-01-02 18:39:43 +01:00
lib chore: reformat properly the library file 2024-12-23 21:43:22 +01:00
overlays fix: pin pyroscope to go 1.22 2024-11-12 23:16:46 +03:00
pki feat(systems): trust our infra chain on all systems 2025-01-01 03:43:13 +01:00
secrets feat(secrets): init the bagel-box vault token 2025-01-02 18:39:43 +01:00
services feat(services/ofborg/rabbitmq): pre-provision accounts, vhosts and permissions 2025-01-02 18:39:43 +01:00
terraform feat(services/ofborg): add client mTLS for RabbitMQ via Vault 2025-01-02 18:39:43 +01:00
.editorconfig editorconfig: init 2024-07-13 01:10:18 +00:00
.envrc chore: add lorri to prevent direnv from blocking, closes #147 2024-10-27 09:42:11 +00:00
.gitignore gitignore: add secrets (but not encrypted secrets) to gitignore 2024-07-15 11:02:54 +00:00
default.nix feat: sign the ICA1 CSR 2024-12-31 17:50:23 +01:00
flake.lock feat(services/ofborg): add client mTLS for RabbitMQ via Vault 2025-01-02 18:39:43 +01:00
flake.nix feat(services/ofborg): add client mTLS for RabbitMQ via Vault 2025-01-02 18:39:43 +01:00
LICENSE Initial commit 2024-06-23 06:41:53 +02:00
README.md docs(README.md): explain how to deploy things 2024-10-06 08:09:53 +00:00
secrets.nix feat(secrets): init the bagel-box vault token 2025-01-02 18:39:43 +01:00

README.md

Infrastructure for the donut shaped thing that is absolutely not a donut.

Quick start

Build the infrastructure

$ colmena build --on @localboot

Notice that @localboot is load-bearing as we have some machines that cannot be deployed with vanilla Colmena. Fixing this is welcome.

Recommended deploy process

$ colmena apply dry-activate $machine # Verify that the nvd log is reasonable.
$ colmena apply $machine

Recommended upgrade process

$ nix flake update
$ colmena apply dry-activate --on @localboot # Verify that the nvd log is reasonable. Run it twice to get only NVD logs shown.
$ colmena apply --on @localboot

Troubleshooting

I failed to deploy gerrit01

Our Gerrit source build is known to have some hiccups sometimes, we are always interested in build logs, feel free to attach information in a new issue so we can make it more reliable.