606ff984eb
ops/nixos: minotarproxy-as-a-lib
2021-07-01 01:48:12 +00:00
cadeef609f
hm/hgrc: switch from hggit to in-tree git
2021-06-22 20:48:11 +00:00
072cecb2e5
hm/gc-wayland: oops, no notification attr
2021-06-22 20:27:52 +00:00
eef598ec1f
hm/graphical-client: add 1password to startup
2021-06-19 19:07:32 +01:00
c56b6b358f
coredns: add blade-{oa,vcenet1,vcenet2,vcm}
2021-05-24 13:54:14 +00:00
1fc6e8f032
coredns: bump serials
2021-05-24 02:37:27 +00:00
499ff8f945
coredns: move bvm to root zone, out of public
2021-05-24 02:31:09 +00:00
ed79fe89bd
bvm-minecraft: init
2021-05-24 01:32:58 +00:00
38b306b095
bvm-matrix: add tailscale IP
2021-05-22 22:48:03 +00:00
4dc516722b
ops/nixos: add bvm-matrix
2021-05-22 21:48:13 +00:00
dccdaa2608
common: map www.nhs.uk to Akamai IPv6 address
2021-05-21 15:21:29 +00:00
df870ded34
as205479.net: add fp-la{,-pri,-sec}
2021-05-09 11:28:28 +00:00
34117ecd00
bvm-nixosmgmt: allocate .5
2021-05-09 10:26:34 +00:00
b7cd20c769
ops/nixos: refactoring for sway
2021-05-06 03:56:20 +01:00
1c571d965a
ops/nixos: add wayland support
2021-05-05 22:13:27 +01:00
a4631a8fda
ops/nixos/lib/blade: set rgw_data_log_backing back to omap
2021-04-23 13:32:34 +00:00
42e8b1eed0
bvm-ipfs: add public IPv4/v6 addresses
2021-04-18 16:04:25 +00:00
2ee3044113
switch-prebuilt: use nix build instead of nix copy to use cache.nixos.org
2021-04-17 23:55:31 +00:00
43e8e05e7b
ops/nixos: tweak alacritty settings
2021-04-17 20:28:27 +01:00
11066035e2
ops/nixos: add alacritty everywhere
2021-04-17 20:17:43 +01:00
0372f4b848
ops/nixos: set isNormalUser for all existing users
...
Now there's an assertion which requires either isNormalUser or isSystemUser, so
we set one of them for all the users we have already.
2021-04-17 20:16:27 +01:00
e0241545d2
add mercurial to rundeck path
2021-04-10 22:17:28 +00:00
bfa7051e2f
ops/nixos: tidy up hostnames
2021-04-10 20:15:30 +00:00
ecd086eae4
ops/nixos: set up things for generating rundeck nodes
2021-04-10 19:59:56 +00:00
5533fd502a
ops/nixos: try setting searchDomains differently
2021-04-10 19:40:10 +00:00
91f6cb3317
clouvider-lon01: add mac-mini as remote builder
2021-04-09 18:14:06 +00:00
6465f98036
as205479.net: add mac-mini.int
2021-04-09 18:51:07 +01:00
02db8ea7cb
ops/nixos/lib/hm: support macOS again
...
The ntfy package expects to have pyobjc available when running under Darwin,
which is currently broken in nixpkgs. There's a fairly involved ongoing effort
to package it again, but in the mean time we just patch out the dep. I'm using
the pushover backend anyway.
To avoid having to rebuild it rather than just fetch from the NixOS cache, I
only override it when running on Darwin.
2021-04-09 18:48:46 +01:00
13f2f79e6d
graphical-client: add wallpapers
...
If I find more I like, I'll add them here, I guess. For the moment, there's
just the one.
2021-04-06 09:53:56 +01:00
f5622acaf7
nix/pkgs/flameshot: bump to my patched version
2021-04-05 14:57:59 +01:00
48bdb3559c
lib/hm/graphical-client: add flameshot to environment
2021-04-05 13:00:02 +01:00
21fe79c904
ops/nixos: enable flameshot on graphical-client hosts
2021-04-05 12:42:35 +01:00
d582d3f352
ops/nixos/lib: inline latest_system_closure.sh
...
I can't be bothered to make it a proper script, and I also don't really want to
rely on invoking nix-shell at runtime (I'd rather have all the needed tools in
the system closure).
2021-04-04 19:35:38 +01:00
8dab1a04fe
ops/nixos/lib: fix latest_system_closure for machines with - in hostname
2021-04-04 19:25:02 +01:00
33cfba2e2f
ops/nixos/lib: enable 'switch-prebuilt latest' for getting latest closure
2021-04-04 18:25:01 +01:00
fbc3b47854
bvm-prosody: fix :/
2021-04-01 15:55:54 +00:00
bcf1266bfe
bvm-prosody: configure IP addresses
2021-04-01 15:50:27 +00:00
bea33016f6
nixos/blade: oops, forgot };
2021-03-31 21:20:56 +00:00
5b63d1555a
nixos/blade: use tmpfs for /var/log and /var/cache
2021-03-31 21:20:08 +00:00
c972f3ae12
as205479.net: add bvm-win10
2021-03-31 19:39:56 +00:00
f71179cbd6
coredns: add bvm-korobi
2021-03-30 12:51:17 +01:00
62dce112db
blade-router: fix radvd prefix to actually be onlink
2021-03-30 11:59:27 +01:00
4c013cb2bc
blade-router: use absolute path to birdc
2021-03-30 00:18:08 +00:00
e80a1750b8
blade-router: tweak notify script config
2021-03-30 00:09:02 +00:00
8b2238cf1e
blade-router: add shebang to VRRP notify script
2021-03-30 00:01:19 +00:00
f05a063fce
blade-router: add keepalived notify script for announcing/withdrawing routes
2021-03-29 23:54:26 +00:00
1071202e7f
coredns: update DNS to match swapped IPs
2021-03-29 23:13:01 +00:00
bff07335b5
blade-router: switch router VIP
2021-03-29 23:09:26 +00:00
cae0c4eb94
blade-router: we need config attribute...
2021-03-29 23:29:26 +01:00
7de4d2690e
blade-router: put radvd config in correct place
2021-03-29 23:27:40 +01:00
c5fc727f7a
blade-router: fix
2021-03-29 23:26:50 +01:00
ac63880ed7
ops/nixos: abstract into blade-router
2021-03-29 23:24:57 +01:00
e1e3a24f36
ops/nixos/lib/coredns: add DNS records
2021-03-29 20:45:39 +00:00
b559512200
blade-paris/blade-tuvok: add BGP config
2021-03-29 11:47:44 +00:00
a3ed8a6da3
hm: add ntfy everywhere
2021-03-28 23:08:02 +00:00
2b8dce0920
depot-wide: overhaul GitLab CI configuration
...
We now use a stub configuration to kick off the pipeline, which is dynamically
generated using Nix config.
2021-03-28 15:27:46 +00:00
f8b4903286
bvm-prosody: add tailscale IP
2021-03-28 14:33:54 +00:00
2eeba92d9e
bvm-twitterchiver: add tailscale IP
2021-03-28 14:32:16 +00:00
e6c56c9a74
bvm-ipfs: add tailscale IP
2021-03-28 14:00:25 +00:00
f27a8f8f1a
ops/nixos: mkBefore needs lib. in bvm.nix/blade.nix
2021-03-28 12:32:01 +00:00
f34d539462
bvm-nixosmgmt: condense down and abstract out
2021-03-28 12:26:11 +00:00
c1f450eb33
ops/nixos: flesh out DNS for internal blade IPs
2021-03-28 12:18:06 +00:00
701ab955af
coredns: update serial for as205479.net
2021-03-28 01:16:10 +00:00
b2e2f965c5
ops/nixos: rename various machines to comply with naming convention
...
* *-frantech should be frantech-*, it's provider first
* blade VMs now all begin bvm-
2021-03-28 00:34:36 +00:00
1883186bb8
hm/graphical-client: switch to google-chrome-beta from chromium
2021-03-25 10:54:01 +00:00
a99e0309c5
ops/nixos/fup: switch to using config file
2021-03-23 00:58:18 +00:00
11ed74003a
nixos/fup: allow large file uploads
2021-03-22 13:56:16 +00:00
ca642bfa5e
blade-tuvok: add fup
2021-03-22 02:43:17 +00:00
787b04737e
treewide: add some SPDX headers
2021-03-20 20:46:56 +00:00
35cc195717
common: remove everything from hosts files
2021-03-20 16:42:08 +00:00
99dce2de2a
as205479.net: add totoro.int
2021-03-20 16:41:26 +00:00
33fd1da091
dns: add blades to zone
2021-03-20 15:22:09 +00:00
4c78164384
ops/nixos/common: set search domains
2021-03-20 15:01:28 +00:00
5cf89fbc2f
switch-prebuilt: check for existence before nix copy
2021-03-20 13:37:08 +00:00
422c47c3e0
switch-prebuilt: run stuff assuming we're a trusted-user
2021-03-20 13:22:17 +00:00
be5eee48b3
switch-prebuilt: init
2021-03-20 12:39:23 +00:00
154db9706a
lib/common: add deployer to trustedUsers
2021-03-20 12:34:01 +00:00
d8086e7042
ops/nixos: add jq everywhere
2021-03-20 12:11:45 +00:00
627c8bf17c
lib/coredns: fix firewall
2021-03-20 02:06:08 +00:00
b0a6ebe52d
ops/nixos: add coredns
2021-03-20 02:03:23 +00:00
c51e5d478d
lib/common: add --delete-older-than
2021-03-19 21:29:54 +00:00
9ddb5d75f2
blade: restrict ceph firewall rules to storage network
2021-03-19 21:27:15 +00:00
3f3c92addc
blade-tuvok: serve objdump directly
2021-03-19 19:45:03 +00:00
c26a321f5f
home-manager: drop enableVaapi
2021-03-18 23:56:25 +00:00
c682fc0422
blade: fix serial console
2021-03-14 17:39:07 +00:00
bb1178e82c
blade: enable serial console for GRUB and boot
2021-03-14 17:34:08 +00:00
ff2be56561
blade: disable coredump writing
2021-03-14 17:25:03 +00:00
f3c5990de4
blade: nit: forgot a )
2021-03-14 15:56:58 +00:00
22dadde50a
blade-torres: remap en-storage onto a vlan
2021-03-14 15:52:53 +00:00
b3def9be96
ceph: add /var/lib/ceph mount
2021-03-14 14:35:36 +00:00
22cb1575b4
ceph: set up storage network 10.100.2.0/24
2021-03-14 14:35:32 +00:00
dc68fb7305
blade: correct IP
2021-03-14 02:01:42 +00:00
74fd32c0b8
ops/nixos/blade: switch mon IPs in config
2021-03-14 01:23:24 +00:00
a763c85e3d
blade: allow tailscale 41641/udp
2021-03-13 20:58:43 +00:00
e979f4e83e
blade: move journald storage to volatile
2021-03-13 20:57:04 +00:00
b2a085f84c
ops/nixos/blade: enable NAT on routers
2021-03-13 16:41:05 +00:00
53b7ca1c8a
ops/nixos: revamp blade network config
2021-03-12 14:47:08 +00:00
7cd70420c6
blade-janeway: fix interfaces
2021-02-25 12:29:05 +00:00
a7094217ba
blade: tweak networking
2021-02-24 19:58:15 +00:00
5018ba70cd
home-manager/common: add iotop/iftop
2021-02-14 21:40:41 +00:00
caea9c19c4
lib/blade: mount boot drive to /boot
2021-02-13 16:07:33 +00:00
2596579835
lib/blade: add a ceph-osd-lvm-activate to prep the OSDs
2021-02-13 16:29:18 +00:00
93b5d2c288
ops/nixos: enable ceph in libvirtd
2021-02-11 02:21:59 +00:00
a484168097
lib/blade: add ceph support to libvirtd
2021-02-11 00:34:27 +00:00
c94e94284f
lib/blade: decrease miimon
2021-02-11 00:27:25 +00:00
fc14641404
lib/blade: enable libvirtd group for lukegb
2021-02-11 00:22:47 +00:00
e81c71b85f
lib/blade: enable acpi_power_meter
2021-02-11 00:22:39 +00:00
82503b6192
ops/nixos/lib/blade: enable polkit for libvirtd access
2021-02-11 00:13:32 +00:00
4a53baab51
ops/nixos: fix lib/blade.nix
2021-02-10 23:39:36 +00:00
270b461b97
ops/nixos: create br-ext and put everything on it
2021-02-10 23:38:05 +00:00
372aed550f
ops/nixos: enable osds on blade-janeway
2021-02-09 21:47:04 +00:00
1ed83bd25a
ops/nixos/blade: add ceph
2021-02-09 01:17:54 +00:00
dad04a0062
ops/nixos: add other blade hosts
...
blade-paris and blade-kim are TBD
2021-02-08 22:26:22 +00:00
37be1e38f8
ops/nixos: switch blades to static IPs
2021-02-08 20:45:15 +00:00
f55f861e17
ops/nixos: split most of blade-janeway into lib/blade.nix
2021-02-07 21:23:23 +00:00
e6f4d37982
ops/nixos: add fwupd to common
2021-01-30 18:47:12 +00:00
c7df81d6a1
clouvider-fra01: add ts3spotifybot
2021-01-27 18:39:58 +00:00
1fe4e04464
ops/nixos: add dev-quotes.bfob.gg to server aliases
2021-01-20 00:22:54 +00:00
5ee6a1c3b7
ops/nixos/quotes.bfob.gg: add my.quotesdb.listen option
2021-01-20 00:21:21 +00:00
b7574660de
web/quotes: prodify
2021-01-19 23:43:43 +00:00
ef81a0c080
quotes.bfob.gg: add to clouvider-lon01
2021-01-19 23:41:47 +00:00
9dd18e2cdc
ops/nixos/lib/common: add nixos_running_system/nixos_booted_system node metrics
2021-01-11 17:44:23 +00:00
6b95f54ca7
ops/nixos/lib/common: add systemd collector to all systems
2021-01-07 10:01:36 +00:00
aba7285824
totoro: add twitternuke timer
2021-01-06 21:29:33 +00:00
f91109cb50
nixos/lightspeed: init lightspeed-ingest and lightspeed-webrtc NixOS modules
2021-01-04 15:50:42 +00:00
34d9b4eda5
hm/graphical-client: pull in nm-applet only for i3
2020-12-19 19:39:13 +00:00
cb4ba45b1b
hm/graphical-client: enable nm-applet
...
I'm assuming (probably wrongly) that anything using my graphical-client preset
is _also_ using NetworkManager, which is probably true for real client machines
but may not be true on terminal services machines which also end up with this
preset.
Whatever, I'll work it out later.
2020-12-19 19:25:15 +00:00
808b506123
ops/nixos/lib/low-space: fix
2020-12-06 15:22:40 +00:00
26de73b0fb
marukuru: set journald SystemMaxUse to cap log size
2020-12-06 15:18:14 +00:00
9244e44518
ops/nixos/lib/common: add lukegb to 'audio' group
2020-12-03 03:00:40 +00:00
23e97ff266
ops/nixos: add whitby-distributed to clouvider-lon01
2020-11-30 23:21:56 +00:00
a589ca3e1f
ops/nixos: remove propagatedBuildInputs from mercurial override
2020-11-25 13:12:36 +00:00
094f2334f8
ops/nixos/lib/home-manager: swap isDarwin for 'is external' check
2020-11-23 16:47:17 +00:00
80e85feede
home-manager-ext: init
...
To allow using my home-manager config on Darwin (and other non-NixOS
machines), I introduce the concept of home-manager-ext, which gives
me a much easier hook to import my config elsewhere.
2020-11-23 07:22:00 -08:00
5de4937d6d
Add a GITHUB_TOKEN to my environment everywhere.
2020-11-21 00:51:24 +00:00
26352c7065
ops/nixos: add ability to define additional things to be scraped, use this for coredns
2020-11-18 02:02:23 +00:00
c0a6e48970
ops/nixos: add dnsutils to common for dig
2020-11-18 01:27:50 +00:00
a31599ad1b
ops/nixos: add restic everywhere
2020-11-17 02:21:46 +00:00
4a0897b0cb
ops/nixos: add new packages, move other packages around
2020-11-17 02:10:23 +00:00
492d57ef29
hm/graphical-client: enable vaapi on chromium
2020-11-15 21:29:15 +00:00
6c91bbe714
hm: set up ssh
2020-11-09 00:21:32 +00:00
f2c8e2d3bf
hm/graphical-client: set up session vars
2020-11-08 15:49:12 +00:00
17ac1212dd
ops/nixos: add totoro as prometheus box; enable node-exporter everywhere
2020-11-06 04:52:54 +00:00
b58f13a145
ops/nixos: globally enable zramSwap
2020-11-05 02:03:20 +00:00
57d4f7f05e
nixos/home-manager: do ssh-add when making a login shell
2020-11-05 01:57:55 +00:00
bad3be7574
ops: tweak SSH auth; add red solo SK-resident key
2020-11-05 01:50:16 +00:00
a507a5380d
ops/nixos: allow all traffic in on tailscale0
2020-11-04 21:53:02 +00:00
8d4b7f8c47
bgp: add default to satisfy ixvm-fra01
2020-11-04 17:41:28 +00:00
86a09dab73
clouvider-lon01: add minotarproxy IPs
2020-11-04 16:41:15 +00:00
d78f055270
ops: add lukegb_porcorosso_linux key
2020-11-03 15:25:03 +00:00
7a19e14649
ops/nixos: define a new my.ip.tailscale option which gets put into /etc/hosts everywhere
2020-11-01 18:25:01 +00:00
9499761e7f
home-manager: set EDITOR and VISUAL to vim
2020-11-01 18:11:48 +00:00
658c98934b
nixos/lib/common: update SSH authorized_keys
2020-11-01 14:42:52 +00:00
d3bee9d2de
ops/nixos: import home-manager into lib/common
2020-10-31 11:44:52 +00:00
f5c80fe35d
ops/nixos: further tweaks
2020-10-25 12:00:15 +00:00
29fa1e35fd
nixos: start using home-manager
2020-10-25 11:36:16 +00:00
4e14ee8111
ops/nixos: mark nix.gc.automatic as default
2020-10-18 12:59:33 +00:00
e3f83ad608
ops/nixos: run nix-collect-garbage daily, except on clients
2020-10-18 01:17:35 +00:00
1aa2236f64
graphical-client: add dino
2020-10-17 12:17:47 +01:00
89d3afd8f0
ops/nixos: move some things into a graphical-clients module
2020-10-17 12:17:18 +01:00
190606746c
ops/nixos/lib/common: add the binary cache credentials to nix.envVars
2020-10-04 02:56:34 +01:00
ea8020262c
ops/nixos/lib/common: add rsync
2020-09-07 10:59:47 +00:00
ab0f4b5863
ops/nixos/lib/common: replace deployer password with !
2020-09-06 16:45:56 +00:00
863c7028f0
ops/nixos: add tailscale to common
2020-09-06 16:26:48 +00:00
a71cb99af8
nixos/porcorosso: add totoro as a builder
2020-07-19 18:47:40 +01:00
24ba5c1c36
nixos: abstract out distributed builds
2020-07-19 18:20:21 +01:00
5efba00e97
ops/nixos/lib/common: add tmux
2020-07-08 18:36:21 +00:00
00e2f9e1d3
ops/nixos: factor things useful on general 'workstation' machines out
2020-06-28 19:38:20 +01:00
1506327979
hgrc: fix smartlogstart
2020-06-18 00:20:00 +01:00
f3d1fee59d
nix/pkgs: add bazel-run userenv
2020-06-16 09:39:54 +01:00
48011ebba9
licensing: Apache-2.0, make almost reuse-lint clean
2020-06-07 15:03:12 +01:00
15c82b0498
local repo fixups after bump of nixpkgs
2020-06-06 13:12:39 +01:00
643cb31750
porcorosso: try installing lutris
2020-05-31 18:58:29 +01:00
82ed70f0c9
ops/nixos/lib/hgrc: add purge extension
2020-05-22 13:09:36 +01:00
d9cc0c9de1
ops/nixos/lib: don't use the s3 binary cache except when rebuilder-ing.
2020-05-22 13:04:17 +01:00
abbbc2c216
hg-git: add 0.9.0a1 for py3, and use that
2020-05-17 03:23:54 +01:00
2712655c50
ops/nixos/lib/hgrc: colourise rev ID based on phase
2020-05-16 14:08:27 +01:00
d7897ddbe5
ops/nixos/lib: add hgrc in a more sensible way
2020-05-11 17:30:13 +01:00
6daf53d556
ops/nixos/lib/hgrc: add topics extension
2020-05-11 16:18:03 +01:00
91d742c1cd
gitlab-ci: try and get deploys works
2020-05-09 23:49:32 +01:00
c5d03b795e
ops/nixos: give everything a consistent mercurial
2020-05-09 18:15:12 +01:00
0c461e9422
common: add my hgrc so I can have evolve everywhere
2020-05-09 14:42:19 +01:00
606151ddb4
ops/nixos: move rebuilder derivation into its own file.
2020-05-09 11:14:25 +01:00
f34991e545
nixos/lib/common: oops, meant "cache", not hydra
2020-05-09 01:10:37 +01:00
2508b6ed9a
ops/nixos: add deployer user
2020-05-09 01:10:20 +01:00
bc50bdb7d2
ops/nixos: add GCP binary cache
2020-05-09 00:03:21 +01:00
19c29c56ff
ops/nixos: fix things
2020-05-08 23:34:17 +01:00
1e7fcadc97
ops/nixos: rework everything to factor common things out
2020-05-08 23:26:21 +01:00
