Commit graph

1095 commits

Author SHA1 Message Date
a25ba9aef6 barf: some more fixes 2024-03-12 01:43:08 +00:00
6522ddba8c web/barf: init, including sapi
sapi sapi sapi

http://totoro:11316/sam?text=OLE%20Apartments%20are%20Very%20Complicated%20and%20cannot%20be%20understood%20by%20Mere%20Mortals.
2024-03-11 04:14:39 +00:00
aad93631ca gitlab-runner-cacher: explicitly add git and heptapod-runner-mercurial to the PATH 2024-03-02 13:33:27 +00:00
2a18f7913d ops/nixos: more warnings tidying 2024-03-01 17:34:53 +00:00
41a28dc2f5 ops/nixos: tidy up various warnings 2024-03-01 17:29:10 +00:00
357ed02941 nausicaa: use sddm.wayland.enable rather than handrolling 2024-03-01 16:49:42 +00:00
fe12a21336 nixos/graphical-client: use the 1password NixOS module
We need to install binaries in /run/wrappers, which means we need the NixOS
module and can't just install in home-manager.
2024-03-01 16:49:28 +00:00
5dd4cbe7dd nausicaa: init 2024-03-01 14:23:22 +00:00
f290e16bd7 bvm-radius: update roaming0/roaming1 IPs 2024-02-12 19:25:16 +00:00
3156e14105 totoro: remove duplicate boot.zfs.requestEncryptionCredentials 2024-01-28 03:38:47 +00:00
84359a9136 totoro: want network-online.target 2024-01-27 22:57:59 +00:00
9bdab9a2fc howl/laputa/porcorosso: set networking.domain 2024-01-27 22:57:47 +00:00
107d67b780 bvm-netbox: update to 3.7 2024-01-27 22:08:52 +00:00
b015090394 journal2clickhouse: wants network-online 2024-01-27 22:08:43 +00:00
42c3248644 secretsmgr: timer should want network-online.target 2024-01-27 21:42:57 +00:00
1a0f5a5c54 graphical-client: add vscode 2024-01-27 21:00:05 +00:00
f3dd272a82 client: automatically install podman-compose if podman is installed 2024-01-27 20:59:57 +00:00
c4807bde0a totoro: boot.zfs.requestEncryptionCredentials = false 2024-01-27 20:56:42 +00:00
74448ec61e totoro: add scraping emf website metrics 2024-01-24 15:53:20 +00:00
60d27f6482 coredns: update kerrigan.int 2024-01-07 18:52:51 +00:00
e939dca694 porcorosso: disable plymouth
It's slow, it's laggy, it breaks things.

Ugh.
2024-01-17 00:38:35 +00:00
bb58d112c3 ops/nixos/laputa: init 2024-01-15 01:08:01 +00:00
240c3a72f2 etheroute-lon01: drop pomerium redis databroker 2024-01-08 00:38:42 +00:00
f7a8e1c6c9 switch-prebuilt: make latest slightly... better 2024-01-07 17:57:27 +00:00
d6638eb663 totoro: fix and add blog post describing recovery steps 2024-01-07 17:04:42 +00:00
a472b3e271 howl: bump stateversion 2024-01-01 17:13:44 +00:00
cfdaea02ae clouvider-lon01: bump stateversion 2024-01-01 17:13:36 +00:00
3ac7eb638f bvm-netbox: bump stateversion 2024-01-01 17:13:25 +00:00
ed098f984f bvm-matrix: bump stateVersion (yes yes, I know) 2023-12-23 14:44:39 +00:00
cb6cded6be hm: switch to new blast access via cloudflared 2023-12-16 15:17:28 +00:00
248d2e1026 Merge 2023-12-14 11:54:09 +00:00
f15e212875 totoro: enable freeswitch 2023-12-14 11:30:26 +00:00
668bdd8486 ops/nixos/totoro: update beam ingest endpoint 2023-12-14 11:20:23 +00:00
de2cbc3b11 hm/graphical-client: google-chrome-beta -> google-chrome 2023-11-19 20:12:24 +00:00
6f11983d75 swann: add wg-eta 2023-11-17 10:59:16 +00:00
0471d22092 kerrigan: add device tree, uboot fw_printenv 2023-11-17 10:58:53 +00:00
47f3220444 3p: add poetry2nix 2023-11-19 20:12:35 +00:00
237f843e44 merge porcorosso/swann 2023-11-17 10:59:50 +00:00
5f88c7a6a5 porcorosso: no wayland for sddm because it crashes 2023-11-03 18:38:46 +00:00
20490c0853 swann: enable TFTP and HTTP for phone booting 2023-10-28 20:32:40 +00:00
b934f315dd ops/nixos: fixes for nixpkgs bump 2023-10-24 23:51:25 +01:00
80154c5673 cofractal-ams01/plex: give it a hostname and a TLS cert to match 2023-10-13 20:44:20 +00:00
ac0d2c58ed swann: switch to v6 2023-10-13 01:40:35 +00:00
04260106a1 kerrigan: enable NAT 2023-10-13 01:40:30 +00:00
710b335b59 kerrigan: add modemmanager, optionally 2023-10-12 22:34:21 +00:00
dab5bd9c5b swann: add minicom and screen 2023-10-12 20:22:17 +00:00
281b8f9f35 kerrigan: move to mmc, add modemmanager 2023-10-12 20:12:40 +00:00
6dd4431506 drop my own netbox build in favour of nixpkgs 2023-10-12 20:12:22 +00:00
dbb65cc740 swann: make ee-scape-data use the caddy proxy on kerrigan 2023-10-10 23:31:33 +00:00
60a49c7037 ops/nixos/common: give up and set wait-online.anyInterface=true by default 2023-10-10 23:31:16 +00:00
3348c34a96 kerrigan: back to using modem in ECM mode; no ModemManager
In this configuration we don't properly support IPv6. So be it, for now.
2023-10-10 23:30:19 +00:00
7b585fab0d swann: add conntrack-tools 2023-10-10 23:29:39 +00:00
0eab7d1802 swann: disable multicast snooping and vlan filtering 2023-10-02 17:08:30 +00:00
f51c993198 swann: correct the path to the bird socket 2023-09-30 21:22:50 +00:00
acb3f9c849 swann: fix en-ee routes so they belong to the ee route table 2023-09-30 21:22:36 +00:00
2a0a5d4cb6 kerrigan: have NM manage the interface 2023-09-30 21:22:15 +00:00
2420018235 etheroute-lon01: change setup of quadv 2023-09-30 01:14:36 +00:00
d7b2ca1cec kerrigan: launch ModemManager in debug mode 2023-09-30 01:13:33 +00:00
d5fd265fb7 porcorosso: add quadv-ca 2023-09-16 16:00:31 +01:00
490b63936c etheroute-lon01: make DNS lookups use v6 as well 2023-08-24 20:41:02 +01:00
bb084d5aab swann: kea/radvd if erbium is off 2023-08-19 23:54:48 +01:00
2e6ef07a23 swann: disable erbium again 2023-08-14 01:07:39 +01:00
eaa2538389 swann: fix IP for en-ee interface 2023-08-13 21:38:47 +01:00
e9b55e00a9 totoro: configure openvscode-server to listen on tailscale on v6 2023-08-19 22:43:47 +00:00
2714def613 etheroute-lon01: add code.int.lukegb.com 2023-08-19 22:43:34 +00:00
f1f295f027 swann: switch to IPv4 for wireguard as well
I'm having trouble getting a properly delegated prefix for tethering on the
Quectel modem inside kerrigan. One day I'll figure it out I guess.
2023-08-19 22:37:13 +00:00
ddfb67cdd1 totoro: enable openvscode-server 2023-08-19 21:13:16 +00:00
b985351394 cofractal-ams01: make bindMountSvc more stable 2023-08-17 02:50:57 +00:00
e07896407e graphical-client: fonts.fonts -> fonts.packages 2023-08-11 23:09:22 +01:00
b16bfb93ce treewide: hack/nixpkgs, which uses _our_ nixpkgs, not actual nixpkgs 2023-08-11 23:05:35 +01:00
7a8614d2f7 swann: switch to erbium (this is broken) 2023-08-08 23:29:58 +01:00
e97a7d69f0 kerrigan: switch to systemd-boot 2023-08-08 23:28:42 +01:00
b5d1f9b80f ops/nixos/erbium: init 2023-08-08 23:25:06 +01:00
b904a15186 nixos/bgp: on machines with lots of routes, disable SYSTEMD_RESOLVED_SYNTHESIZE_HOSTNAME 2023-08-06 18:02:28 +01:00
dda412fa6c totoro: coventry -> coventry-2 2023-07-28 21:13:44 +00:00
1c847d3eda etheroute-lon01: set up gsl1 2023-07-28 21:13:35 +00:00
e93f012772 swann: migrate to erbium 2023-08-06 17:06:18 +01:00
670ffb4186 bgp: for 92.118.31.0/24, prepend with AS197753 for now 2023-07-24 13:28:17 +01:00
4f588c0267 coredns: quadv.net 2023-07-24 13:13:52 +01:00
7d221ced9a etheroute-lon01: make cofractal-ams01 public 2023-07-21 16:47:47 +00:00
5d47f75c2f swann: don't add mopup rules for wg-intfs, since we'll get that via BGP 2023-07-19 23:28:58 +01:00
d1a4a792ef ops/nixos: reinit blade-paris 2023-07-02 16:05:13 +00:00
dba2db07b1 patch minor incompatibilities with 3p/nixpkgs update 2023-07-01 12:53:49 +00:00
551c4f27ad etheroute-lon01: GRE->Wireguard 2023-07-15 12:09:18 +01:00
1c4530988d etheroute-lon01: switch to networkd 2023-07-11 12:01:46 +01:00
528ed1debc swann: add qvmpc6552 2023-07-11 12:01:00 +01:00
52fd493096 blade-paris: not on ZFS 2023-07-11 11:40:55 +01:00
b8f338d6fa porcorosso: try to make sddm use wayland (unsuccessfully), and hide the deployer user 2023-06-18 20:32:43 +01:00
364eaa2c55 porcorosso: systemd-stage1, plymouth, gdm->sddm 2023-05-29 02:39:49 +01:00
f7f8691649 fr24feed: try to bind /etc/fr24feed in instead 2023-05-29 00:15:19 +01:00
1c9b9e9fcd swann: boot.tmpOnTmpfs -> boot.tmp.useTmpfs 2023-05-28 01:32:25 +01:00
4921cabb8a ops/nixos: drop boot.loader.grub.version = 2 - doesn't do anything anymore 2023-05-27 20:26:35 +01:00
86f193d44a secretsmgr: add bare hostnames everywhere 2023-05-26 17:39:01 +01:00
450ae89942 cofractal-ams01: update tailcsale IP 2023-05-26 00:01:17 +01:00
eaa3bf1810 intel-oclcpuexp: init 2023-05-26 00:01:07 +01:00
e0c88bac2d porcorosso: more plasma tweaks; let's try Wayland again 2023-05-16 13:48:55 +01:00
074b3d25b6 porcorosso: let's try KDE 2023-05-14 15:04:36 +01:00
a12f2a8b07 bvm-netbox: add livetaild.lukegb.dev 2023-05-14 15:04:26 +01:00
6f95606d71 cofractal-ams01: fix systemd.network.networks 2023-05-11 11:52:47 +01:00
3eaa849f81 cofractal-ams01: tweak networkd RequiredForOnline, add libvirtd 2023-05-11 11:27:15 +01:00
dea2ddd168 hm: add blast-{csgo,worker}{1,2}-jump 2023-05-07 14:39:32 +01:00
983941331d ops/vault: add nixbuild to clouvider-lon01 2023-05-07 14:39:17 +01:00
c283dc8f90 ops/nixos: update etheroute-lon01 tailscale IP 2023-04-18 20:59:21 +00:00
7fe7452e2f ops/nixos: add tumblrandom 2023-04-18 20:05:51 +00:00
2d1bf2ffae bgp: fix problem where I forgot to add depot 2023-04-15 14:47:37 +00:00
28e7704f44 ops/nixos: move tailscale/systemd-networkd fixes to lib/bgp 2023-04-15 14:36:22 +00:00
389be0c195 cofractal-ams01: switch to tailscale-in-polling mode to reduce logspam and CPU 2023-04-15 14:31:39 +00:00
f0846a9171 cofractal-ams01: give systemd-networkd a chance to start up... 2023-04-15 14:11:40 +00:00
4faf4a4630 swann: disable unifi 2023-04-15 02:45:10 +00:00
857e659f1f cofractal-ams01: stop factorio versions.json splicing, disable ipfs 2023-04-15 00:41:49 +00:00
ddc00228c9 blade-tuvok: fix boot.loader.grub, update wireguard services 2023-03-18 17:53:03 +00:00
24cd61c461 etheroute-lon01: IPv4 renumber 2023-03-16 10:32:09 +00:00
20e2cd4e2c cofractal-ams01: add mod-settings 2023-03-12 21:58:43 +00:00
e602587fb6 cofractal-ams01: allow IPFS 2023-03-12 20:47:56 +00:00
7d78a2cee0 cofractal-ams01: init factorio 2023-03-12 20:33:25 +00:00
03dc26854e totoro: services.openssh.forwardX11 -> services.openssh.settings.X11Forwarding 2023-03-12 14:19:54 +00:00
721a7e6828 ops/nixos: refactor ssh_config 2023-03-12 03:58:52 +00:00
9aa6298df4 ssh-ca: also sign for otter-acoustic.ts.net 2023-03-12 03:53:42 +00:00
6d24fe6e78 ops/nixos: whitby-distributed 2023-03-12 03:51:10 +00:00
c5d4542bbb ops/nixos/lib/content: fixup 2023-03-12 03:35:48 +00:00
ca7b57a78a cofractal-ams01: adopt more responsibility from clouvider-fra01 2023-03-12 03:15:34 +00:00
f0712a966a nixbuild-distributed: tweak secret format 2023-03-12 02:04:08 +00:00
9d6aa88d2d ops/nixos: add gitlab-runner-cacher, unassign clouvider-lon01, assign cofractal-ams01 2023-03-11 18:15:45 +00:00
4daa3a593a nixbuild-distributed: create 2023-03-09 21:33:42 +00:00
a17cc6e422 totoro: enable NFS 2023-03-09 21:33:22 +00:00
40baed5b59 cofractal-ams01: enable aarch64-linux binfmt emulation 2023-03-05 12:34:40 +00:00
2f41c3a0f7 cofractal-ams01: switch back to default kernel 2023-03-05 12:31:07 +00:00
a861c3f460 3p/nixpkgs: drop prison-zxing, upstreamed 2023-03-05 12:21:05 +00:00
08d59f4e20 ops/vault: create binary-cache-deployer 2023-02-25 22:16:56 +00:00
d901b12f91 ops/vault: permit lukegbcom-deployer to write to lukegb-flipperzero bucket 2023-02-25 22:11:35 +00:00
09610ee555 hm/client: copybara only on x86 Linux 2023-02-12 17:57:39 +00:00
916240fe30 home-assistant: drop api_key/user_key 2023-02-12 17:08:46 +00:00
3efed27d62 treewide: adapt to newer nixpkgs 2023-02-04 00:24:32 +00:00
7c6bdab11c etheroute-lon01: quadv1-4 2023-02-03 23:30:35 +00:00
28cbcf08a4 kerrigan: provision IPv6 2023-01-21 22:46:00 +00:00
12d9be8909 kerrigan: working IPv6 passthru 2023-01-21 22:38:56 +00:00
6fd15f1080 kerrigan: configure radvd for IPv6 forwarding 2023-01-21 19:54:18 +00:00
d3fdb0b04d ops/nixos/common: demand system as an arg 2023-01-21 18:59:48 +00:00
c8f1d10e4e switch-prebuilt: update 2023-01-21 18:52:15 +00:00
f1118a9a04 cofractal-ams01: support v4-on-v6 + ENH 2023-01-19 09:29:37 +00:00
9213875d8b cofractal-ams01: bgp-over-ipv4 2023-01-18 23:41:42 +00:00
756c1a3dd2 cofractal-ams01: more turnup bits 2023-01-18 21:43:48 +00:00
605dae808a cofractal-ams01: init placeholder 2023-01-17 22:09:48 +00:00
0583eb2f07 clouvider-lon01: enable aarch64 emulation 2023-01-17 21:49:53 +00:00
f8aaa89d74 coredns: update oracle-lon01, add cofractal-ams01 2023-01-17 21:45:18 +00:00
3fdced1c68 kerrigan: init MochaBin 2023-01-17 19:36:53 +00:00
8731a6a37f ops/vault: allow servers to read their own wireguard keys 2023-01-15 19:23:53 +00:00
f053953bb6 ops/raritan: migrate to using vault for username/password 2023-01-15 16:37:30 +00:00
35a9ec6bf5 nhsenglandtests: delete 2023-01-15 16:26:50 +00:00
8407c1a743 hm/common: point at actual terminfo dir 2023-01-15 16:14:14 +00:00