ac63880ed7
ops/nixos: abstract into blade-router
2021-03-29 23:24:57 +01:00
8236c7f698
blade-{paris,tuvok}: add radvd
2021-03-29 23:04:26 +01:00
878a457c83
blade-{paris,tuvok}: allow IPv6 VRRP as well...
2021-03-29 22:53:19 +01:00
c8b482c67a
blade-{paris,tuvok}: add IPv6 link-local address as first
...
Mar 29 21:38:36 blade-tuvok Keepalived_vrrp[29221]: (mgmtGateway6) the first IPv6 VIP address should be link local
2021-03-29 22:43:53 +01:00
b0198cfa3d
blade-{paris,tuvok}: split IPv4/IPv6 VRRP
2021-03-29 22:36:03 +01:00
0d46b6d4fe
blade-{paris,tuvok}: add IPv6 gateway to keepalived
2021-03-29 21:03:06 +00:00
e1e3a24f36
ops/nixos/lib/coredns: add DNS records
2021-03-29 20:45:39 +00:00
b360944686
blade-{paris,tuvok}: add some IP addresses
2021-03-29 20:39:42 +00:00
d84075b124
clouvider-lon01: drop 92.118.28.0/24
2021-03-29 12:15:27 +00:00
3c7f759773
blade-paris/blade-tuvok: change v4/v6 announcements
2021-03-29 12:06:39 +00:00
b559512200
blade-paris/blade-tuvok: add BGP config
2021-03-29 11:47:44 +00:00
3ea210e884
marukuru: tweak GitLab Puma settings for low-mem
...
Per the GitLab docs
(https://docs.gitlab.com/ee/install/requirements.html#puma-settings ):
> If the operating system has a maximum 2 GB of memory, the recommended number
> of threads is 1. A higher value will result in excess swapping, and decrease
> performance.
and
> In a memory-constrained environment with less than 4GB of RAM available,
> consider disabling Puma Clustered mode.
>
> Configuring Puma by setting the amount of workers to 0 could reduce memory
> usage by hundreds of MB. For details on Puma worker and thread settings, see
> Puma settings.
2021-03-28 23:25:14 +00:00
a3ed8a6da3
hm: add ntfy everywhere
2021-03-28 23:08:02 +00:00
0b1ccae353
bvm-prosody: actually name depot...
2021-03-28 22:52:04 +00:00
a44b09fb46
bvm-twitterchiver: create twitterchiver user
2021-03-28 22:48:43 +00:00
5a3a55e302
bvm-prosody: add coturn
2021-03-28 22:46:55 +00:00
efe1aa51db
bvm-twitterchiver: add postgresql
2021-03-28 22:46:44 +00:00
d32585bff6
bvm-ipfs: enable ipfs
2021-03-28 15:34:54 +00:00
fe4b95c532
gitlab-ci: block parent pipeline until child is complete
...
Without strategy: depend, the parent pipeline will succeed immediately after
triggering the child. It's more useful to mirror the status, so the commit
status is rendered correctly.
2021-03-28 15:30:15 +00:00
2b8dce0920
depot-wide: overhaul GitLab CI configuration
...
We now use a stub configuration to kick off the pipeline, which is dynamically
generated using Nix config.
2021-03-28 15:27:46 +00:00
f8b4903286
bvm-prosody: add tailscale IP
2021-03-28 14:33:54 +00:00
2eeba92d9e
bvm-twitterchiver: add tailscale IP
2021-03-28 14:32:16 +00:00
e6c56c9a74
bvm-ipfs: add tailscale IP
2021-03-28 14:00:25 +00:00
7979d936a4
ops/nixos: init bvm-{twitterchiver,prosody,ipfs}
2021-03-28 13:10:27 +00:00
f27a8f8f1a
ops/nixos: mkBefore needs lib. in bvm.nix/blade.nix
2021-03-28 12:32:01 +00:00
f34d539462
bvm-nixosmgmt: condense down and abstract out
2021-03-28 12:26:11 +00:00
c1f450eb33
ops/nixos: flesh out DNS for internal blade IPs
2021-03-28 12:18:06 +00:00
0b60a516b4
bvm-nixosmgmt: actually change the hostname
2021-03-28 02:04:41 +00:00
ca02dda602
gitlab-ci: update for newer GitLab
...
We now have resource_groups, and environment.name. We don't yet have
environment.deployment_tier, though, but that can live in the base template and
be enabled once Heptapod is at GitLab 13.10.
2021-03-28 01:31:35 +00:00
701ab955af
coredns: update serial for as205479.net
2021-03-28 01:16:10 +00:00
ea927a8c34
depot: make version build faster
...
We don't need the entire depot to get the build version.
2021-03-28 01:14:59 +00:00
b2e2f965c5
ops/nixos: rename various machines to comply with naming convention
...
* *-frantech should be frantech-*, it's provider first
* blade VMs now all begin bvm-
2021-03-28 00:34:36 +00:00
6a80243cce
fup: add favicon and logo graphics
2021-03-27 20:54:40 +00:00
e4872918d5
fup: fix relative URLs in base template
2021-03-27 20:49:28 +00:00
5ddd41ac94
fup: add title to base template
2021-03-27 00:33:29 +00:00
d8e001922a
fup: don't crash on view if we don't have a cheddar
...
Classic Go typed-nil bug.
2021-03-26 21:44:13 +00:00
fa086419c8
fup: allow for pasting text content from clipboard
2021-03-26 21:42:42 +00:00
6e539188ac
fup: add paste handler for uploading things from the clipboard
2021-03-26 21:35:37 +00:00
017458ae2e
bazel-run: back to Java 11, which is AdoptOpenJDK LTS
2021-03-26 03:52:35 +00:00
Default email
d0d8e8fc71
Project import generated by Copybara.
...
GitOrigin-RevId: d3f7e969b9860fb80750147aeb56dab1c730e756
2021-03-23 19:22:30 +00:00
8b173ec8a3
ci-root: remove windows for the moment
2021-03-25 18:27:40 +00:00
0e4894096a
3p/nixpkgs: openssl 1.1.1j->k
2021-03-25 17:30:22 +00:00
1883186bb8
hm/graphical-client: switch to google-chrome-beta from chromium
2021-03-25 10:54:01 +00:00
7b5ac688b8
fup: add test for disabled TokenAuthMiddleware
2021-03-23 01:31:42 +00:00
affe252f73
fup: fix config file handling
...
Whoops! Before, config files were being read but all the contents were basically
being discarded.
Now, we both load and actually use the config file, leading to a much more positive
experience for everyone involved :)
2021-03-23 01:21:39 +00:00
a99e0309c5
ops/nixos/fup: switch to using config file
2021-03-23 00:58:18 +00:00
8271714a18
fup: allow Fup-Token header for carrying auth credentials
2021-03-23 00:58:06 +00:00
dbd711ded8
fup: add TokenAuthMiddleware
...
This is an example middleware which can be used as an AuthMiddleware for only
allowing requests to non-view pages which are accompanied by an auth token via
HTTP basic auth.
2021-03-23 00:46:33 +00:00
d96cf3d34d
fup/cmd/serve: add viper bindings for all the flags
2021-03-23 00:45:51 +00:00
5b74ceec4e
fup: add auth middleware machinery
...
This allows clients to register an authentication middleware which will be
provided values in the context that it can use to make an authn/authz decision.
2021-03-23 00:45:28 +00:00