Commit graph

928 commits

Author SHA1 Message Date
b82fbfb9f8 porcorosso: add obs-studio 2020-11-25 02:13:14 +00:00
8c36ae940b clouvider-lon01: add factorio server 2020-11-24 04:50:31 +00:00
311fc015f4 porcorosso: install Factorio 2020-11-24 02:56:18 +00:00
094f2334f8 ops/nixos/lib/home-manager: swap isDarwin for 'is external' check 2020-11-23 16:47:17 +00:00
80e85feede home-manager-ext: init
To allow using my home-manager config on Darwin (and other non-NixOS
machines), I introduce the concept of home-manager-ext, which gives
me a much easier hook to import my config elsewhere.
2020-11-23 07:22:00 -08:00
0f86867d05 porcorosso: swap /root for a bindmount instead 2020-11-23 15:19:23 +00:00
2043572a2b porcorosso: make /root a /persist/root symlink 2020-11-22 14:44:49 +00:00
5de4937d6d Add a GITHUB_TOKEN to my environment everywhere. 2020-11-21 00:51:24 +00:00
26352c7065 ops/nixos: add ability to define additional things to be scraped, use this for coredns 2020-11-18 02:02:23 +00:00
588a47e97f swann: set swann as DNS server for DHCP 2020-11-18 01:50:16 +00:00
68deb62b38 swann: enable coredns and use google public DNS over TLS 2020-11-18 01:49:44 +00:00
c0a6e48970 ops/nixos: add dnsutils to common for dig 2020-11-18 01:27:50 +00:00
087d774b56 swann: forward port 80 and 443 to totoro 2020-11-18 01:31:57 +00:00
2df9344303 totoro: set up pancake 2020-11-17 03:14:04 +00:00
4cb36fffbb totoro: add /srv and /srv/pancake 2020-11-17 02:39:01 +00:00
a31599ad1b ops/nixos: add restic everywhere 2020-11-17 02:21:46 +00:00
4a0897b0cb ops/nixos: add new packages, move other packages around 2020-11-17 02:10:23 +00:00
492d57ef29 hm/graphical-client: enable vaapi on chromium 2020-11-15 21:29:15 +00:00
8a9c00c7f0 porcorosso: add some vdpau/vaapi packages 2020-11-15 21:23:47 +00:00
6c91bbe714 hm: set up ssh 2020-11-09 00:21:32 +00:00
f2c8e2d3bf hm/graphical-client: set up session vars 2020-11-08 15:49:12 +00:00
07b76f5cf9 clouvider-lon01: only listen on specified IPs 2020-11-07 14:20:46 +00:00
b2384d844d clouvider-lon01: disable automatic nix-gc
It's used as a Nix build cache machine - since we don't have gcroot
generation, it's better to just not collect garbage for the moment.
2020-11-06 05:21:37 +00:00
65c2fce8a7 swann: add unifi-poller 2020-11-06 05:02:05 +00:00
17ac1212dd ops/nixos: add totoro as prometheus box; enable node-exporter everywhere 2020-11-06 04:52:54 +00:00
eba4f33a63 totoro: remove openshift cruft 2020-11-06 04:11:16 +00:00
b58f13a145 ops/nixos: globally enable zramSwap 2020-11-05 02:03:20 +00:00
57d4f7f05e nixos/home-manager: do ssh-add when making a login shell 2020-11-05 01:57:55 +00:00
bad3be7574 ops: tweak SSH auth; add red solo SK-resident key 2020-11-05 01:50:16 +00:00
2c0b4e3bb6 porcorosso: add libvirtd 2020-11-03 16:03:22 +00:00
cc5152300c marukuru/deployer: expose tailscale IPs 2020-11-04 21:58:49 +00:00
82c751a6e4 swann: install Unifi controller 2020-11-04 21:53:14 +00:00
a507a5380d ops/nixos: allow all traffic in on tailscale0 2020-11-04 21:53:02 +00:00
8d4b7f8c47 bgp: add default to satisfy ixvm-fra01 2020-11-04 17:41:28 +00:00
855feececa clouvider-lon01: set up as cache builder 2020-11-04 17:30:28 +00:00
252ad42fb2 clouvider-lon01: add minotarproxy 2020-11-04 17:23:52 +00:00
db911ee156 porcorosso: add libvirt persistance 2020-11-04 17:09:53 +00:00
86a09dab73 clouvider-lon01: add minotarproxy IPs 2020-11-04 16:41:15 +00:00
4da102053c clouvider-lon01: add ZNC 2020-11-04 16:27:46 +00:00
129bdd0e69 clouvider-lon01: update tailscale IP 2020-11-04 15:53:18 +00:00
7795bd1d0f clouvider-lon01: init 2020-11-04 15:51:55 +00:00
1233ac2d14 swann: tweak firewall params 2020-11-04 14:27:19 +00:00
d78f055270 ops: add lukegb_porcorosso_linux key 2020-11-03 15:25:03 +00:00
847e827d0a depot: fix up things 2020-11-01 21:39:25 +00:00
7a19e14649 ops/nixos: define a new my.ip.tailscale option which gets put into /etc/hosts everywhere 2020-11-01 18:25:01 +00:00
9499761e7f home-manager: set EDITOR and VISUAL to vim 2020-11-01 18:11:48 +00:00
658c98934b nixos/lib/common: update SSH authorized_keys 2020-11-01 14:42:52 +00:00
72ae247e4a swann: tune cake parameters 2020-11-01 14:33:18 +00:00
3acb27f020 swann: init 2020-11-01 14:25:17 +00:00
74371dbe8a totoro: add br-int interface 2020-10-31 17:04:30 +00:00
d3bee9d2de ops/nixos: import home-manager into lib/common 2020-10-31 11:44:52 +00:00
4ea585daa2 ixvm-fra01: update to new ASN 2020-10-28 14:41:42 +00:00
f5c80fe35d ops/nixos: further tweaks 2020-10-25 12:00:15 +00:00
29fa1e35fd nixos: start using home-manager 2020-10-25 11:36:16 +00:00
4e14ee8111 ops/nixos: mark nix.gc.automatic as default 2020-10-18 12:59:33 +00:00
e3f83ad608 ops/nixos: run nix-collect-garbage daily, except on clients 2020-10-18 01:17:35 +00:00
1aa2236f64 graphical-client: add dino 2020-10-17 12:17:47 +01:00
89d3afd8f0 ops/nixos: move some things into a graphical-clients module 2020-10-17 12:17:18 +01:00
6edb818126 ixvm-fra01: add kernel modules for VirtIO disk 2020-10-15 13:50:52 +00:00
3bab7ede2d totoro: add secretsync 2020-10-15 13:22:18 +00:00
d5d4d6eb33 kusakabe: updates for XMPP 2020-10-15 13:24:37 +00:00
7f99b80dbe maint/update_nixpkgs: init 2020-10-10 17:10:33 +00:00
e0969055f6 ops/nixos: make references to nixpkgs modules use relative paths 2020-10-10 19:39:26 +00:00
11a7fefe1c totoro: add openshift dependencies, tailscale expose 192.168.1.0/24 2020-09-13 15:16:03 +00:00
949c86e816 kusakabe: enable send-proxy-v2 for requests to OKD haproxy 2020-10-06 00:29:37 +00:00
382dad7c6d marukuru: add nix config to deployer container 2020-10-04 03:00:03 +01:00
190606746c ops/nixos/lib/common: add the binary cache credentials to nix.envVars 2020-10-04 02:56:34 +01:00
ee7ad0adfd kusakabe: also expose k8s apiserver 2020-10-04 01:15:58 +01:00
27f446fa8e porcorosso: enable podman 2020-10-04 01:03:28 +01:00
2c613bf2f1 porcorosso: switch back to nvidia 2020-10-04 00:11:45 +01:00
4b878360f5 kusakabe: add postgresql for twitterchiver 2020-10-03 23:13:20 +00:00
2b4f4d6b16 kusakabe: revamp config as VM host 2020-10-02 14:21:49 +00:00
7b53535355 misc: fix up after nixpkgs update 2020-09-30 17:39:34 +00:00
ae0eda1ba8 marukuru: disable gitlab's built-in prometheus instance 2020-09-30 16:09:41 +00:00
0a3a2043b1 porcorosso: switch to intel for X11; I'm on the move 2020-08-22 17:07:43 +01:00
ea8020262c ops/nixos/lib/common: add rsync 2020-09-07 10:59:47 +00:00
96f736ab7e marukuru/deployer: add rsync 2020-09-07 11:05:24 +00:00
03e5dbd72e kusakabe: enable libvirtd 2020-09-07 10:47:43 +00:00
054c4ee1dd porcorosso: remove obsolete fonts.fontconfig.penultimate option 2020-09-06 17:02:27 +00:00
ab0f4b5863 ops/nixos/lib/common: replace deployer password with ! 2020-09-06 16:45:56 +00:00
7b61a7e558 marukuru: migrate to virtualisation.oci-containers 2020-09-06 16:38:54 +00:00
863c7028f0 ops/nixos: add tailscale to common 2020-09-06 16:26:48 +00:00
36cca90e55 ops/nixos: add kusakabe 2020-09-05 18:37:06 +00:00
a71cb99af8 nixos/porcorosso: add totoro as a builder 2020-07-19 18:47:40 +01:00
24ba5c1c36 nixos: abstract out distributed builds 2020-07-19 18:20:21 +01:00
d629c95212 ops/nixos/totoro: add oven-media-engine 2020-07-19 17:59:20 +01:00
2088559ef5 porcorosso: add totoro mount 2020-07-19 17:49:56 +01:00
5efba00e97 ops/nixos/lib/common: add tmux 2020-07-08 18:36:21 +00:00
a74909c070 totoro: add irssi 2020-07-08 18:35:48 +00:00
a1115de05f totoro: use whitby as a build machine 2020-07-08 18:34:33 +00:00
88fbb167c9 totoro: add NFS 2020-07-04 19:36:38 +00:00
279be2c2c3 porcorosso: install virtmanager{,-qt} 2020-06-28 23:24:53 +01:00
a62a67ffd2 totoro: add lukegb to libvirtd group 2020-06-28 22:23:43 +00:00
78fee25f20 totoro: set up libvirt 2020-06-28 22:22:43 +00:00
e1c3016e0e totoro: add client 2020-06-28 18:38:49 +00:00
00e2f9e1d3 ops/nixos: factor things useful on general 'workstation' machines out 2020-06-28 19:38:20 +01:00
21fa99f68e porcorosso: add ripgrep 2020-06-28 19:33:06 +01:00
002c0cafc7 totoro: init 2020-06-28 18:32:52 +00:00
39cf295d69 porcorosso: remove hardware.u2f 2020-06-20 23:13:51 +01:00
d32ee29a2d porcorosso: postgresql/redis 2020-06-20 23:11:24 +01:00
1506327979 hgrc: fix smartlogstart 2020-06-18 00:20:00 +01:00
f3d1fee59d nix/pkgs: add bazel-run userenv 2020-06-16 09:39:54 +01:00
a7945b45f9 porcorosso: add go 2020-06-13 18:31:37 +01:00
6b09925449 porcorosso: tweak NTFS mount settings 2020-06-13 18:29:10 +01:00
48011ebba9 licensing: Apache-2.0, make almost reuse-lint clean 2020-06-07 15:03:12 +01:00
15c82b0498 local repo fixups after bump of nixpkgs 2020-06-06 13:12:39 +01:00
2d8e414bc0 ops/nixos/clouvider-fra01: enable Label plugin in Deluge 2020-06-06 00:46:24 +00:00
6f62ebd120 clouvider-fra01: apply oauth2 to int.lukegb.com as well 2020-06-01 00:10:48 +01:00
17f7cda651 clouvider-fra01: refactor HTTP config a bit 2020-05-31 23:53:39 +01:00
e656191b7b clouvider-fra01: add int.lukegb.com which points at oauth2proxy 2020-05-31 22:28:01 +00:00
299893c475 clouvider-fra01: sonarr/radarr 2020-05-31 21:27:23 +01:00
dd59e9afed clouvider-fra01: remove old mercurial package 2020-05-31 21:23:47 +01:00
1e3821be14 clouvider-fra01: add sonarr/radarr users to content group 2020-05-31 21:20:02 +01:00
0ce1f45b41 clouvider-fra01: add sonarr/radarr 2020-05-31 21:01:56 +01:00
3c28fa6878 marukuru: update heptapod to 0.13.0-py3 2020-05-31 19:51:20 +01:00
643cb31750 porcorosso: try installing lutris 2020-05-31 18:58:29 +01:00
82ed70f0c9 ops/nixos/lib/hgrc: add purge extension 2020-05-22 13:09:36 +01:00
7473787ecb porcorosso: add direnv and lorri 2020-05-22 13:04:47 +01:00
d9cc0c9de1 ops/nixos/lib: don't use the s3 binary cache except when rebuilder-ing. 2020-05-22 13:04:17 +01:00
abbbc2c216 hg-git: add 0.9.0a1 for py3, and use that 2020-05-17 03:23:54 +01:00
2712655c50 ops/nixos/lib/hgrc: colourise rev ID based on phase 2020-05-16 14:08:27 +01:00
9824a286f8 ops/nixos/porcorosso: add copybara 2020-05-16 16:44:29 +01:00
9567a9803b ops/nixos/porcorosso: add NTFS drive 2020-05-11 21:15:49 +01:00
d7897ddbe5 ops/nixos/lib: add hgrc in a more sensible way 2020-05-11 17:30:13 +01:00
a58ee896ff ops/nixos/porcorosso: add whois 2020-05-11 16:45:02 +01:00
ee46deed22 ops/nixos/porcorosso: enable fontconfig-penultimate 2020-05-11 16:39:57 +01:00
3af02e4d98 ops/nixos/porcorosso: oh, I'm supposed to use fonts.fonts 2020-05-11 16:38:09 +01:00
e3b0cbce16 ops/nixos/porcorosso: import more packages 2020-05-11 16:31:17 +01:00
3d8a588f3a ops/nixos/porcorosso: move some packages into user packages 2020-05-11 16:21:48 +01:00
75791a83a7 ops/nixos/porcorosso: install teamspeak_client globally 2020-05-11 16:18:17 +01:00
6daf53d556 ops/nixos/lib/hgrc: add topics extension 2020-05-11 16:18:03 +01:00
84b964fffd porcorosso: add 'windows' script for rebooting to windows 2020-05-10 15:25:37 +01:00
e715c20f64 porcorosso: add deluge 2020-05-10 02:12:29 +01:00
91d742c1cd gitlab-ci: try and get deploys works 2020-05-09 23:49:32 +01:00
84f607d7cf *: try setting up automated deploys
This won't work yet, since the deployer user isn't correctly configured,
but this should at least trigger the right sets of things to happen.
2020-05-09 18:53:17 +01:00
c5d03b795e ops/nixos: give everything a consistent mercurial 2020-05-09 18:15:12 +01:00
0c461e9422 common: add my hgrc so I can have evolve everywhere 2020-05-09 14:42:19 +01:00
0236b2450b porcorosso: start using manifest variable 2020-05-09 14:27:10 +01:00
c110580d82 porcorosso: swap path to a string.
Can't use a path here since this doesn't exist on CI.
2020-05-09 12:59:51 +01:00
0474fea9f7 clouvider-fra01: set deluge.authFile 2020-05-09 12:56:56 +01:00
a708872dec porcorosso: add a configured secretsync 2020-05-09 12:45:31 +01:00
02112f071c clouvider-fra01: deluge 2020-05-09 11:14:37 +01:00
606151ddb4 ops/nixos: move rebuilder derivation into its own file. 2020-05-09 11:14:25 +01:00
f34991e545 nixos/lib/common: oops, meant "cache", not hydra 2020-05-09 01:10:37 +01:00
2508b6ed9a ops/nixos: add deployer user 2020-05-09 01:10:20 +01:00
bc50bdb7d2 ops/nixos: add GCP binary cache 2020-05-09 00:03:21 +01:00
19c29c56ff ops/nixos: fix things 2020-05-08 23:34:17 +01:00
06910a0445 ixvm-fra01: remove bird.nix 2020-05-08 23:29:30 +01:00
c4a6c2592f ixvm-fra01: merge useless changes 2020-05-08 23:29:10 +01:00
83cfa93b11 merge in local changes from marukuru 2020-05-08 23:28:42 +01:00
1e7fcadc97 ops/nixos: rework everything to factor common things out 2020-05-08 23:26:21 +01:00
24fe8291c2 marukuru: switch to heptapod 2020-05-08 22:24:50 +00:00
bcaf738b8f ixvm-fra01: add export_community 2020-05-08 21:48:44 +00:00
23bb45a60a Backed out changeset 1b4ecdc5b78d 2020-05-08 16:55:57 +00:00
9c45d867e2 Merge ixvm-fra01 changes 2020-05-08 17:52:55 +01:00
c6d883af9a ixvm-fra01: fix up bird config 2020-05-08 16:52:04 +00:00
a68ea0ce27 marukuru: add builder1 user 2020-05-07 00:52:42 +01:00
cc168a96d9 ixvm-fra01: add listen bgp dual 2020-05-06 23:44:16 +01:00
326f7259b7 ixvm-fra01: allow disabling peering 2020-05-06 23:37:31 +01:00
f27ec35837 ixvm-fra01: add lukegb to bird2 group 2020-05-06 23:29:57 +01:00
cf4109aaf9 ixvm-fra01: add bird config 2020-05-06 23:27:14 +01:00
5dbc575e95 clouvider-fra01: add content user/group. 2020-05-06 10:14:04 +01:00
25956f7607 clouvider-fra01: add Plex Pass media server. 2020-05-06 10:02:00 +01:00
79c7b70a96 porcorosso: add javaws bin that drops into a FHS env.
This allows me to use Supermicro's BMC, which appears to drop a
stunnel binary into /tmp and then execute it, which doesn't work
properly in Nix because nothing is where it is expected to be.
2020-05-06 10:01:46 +01:00
07829d4e34 clouvider-fra01: no need for /etc/nixos symlink 2020-05-06 00:35:00 +01:00
d8276603fa Add first-pass for clouvider-fra01. 2020-05-06 00:28:23 +01:00
10ea6c910e marukuru: readd pygments and phabricator group 2020-05-03 19:18:12 +01:00
dfbcb353af marukuru: GRUB should be on vda
sda doesn't exist.
2020-05-03 19:01:37 +01:00
f9b63a858f ops/nixos: switch to more standard NixOS module system
Sorry tazjin.
2020-05-03 18:44:11 +01:00
27f2c9edb7 marukuru: set ACME email 2020-05-03 17:58:56 +01:00
2f35c4835b marukuru: add 2020-05-03 17:56:16 +01:00
28e47f9384 ops/nixos: add assimilate.sh script 2020-05-03 17:42:00 +01:00
306add0be2 ixvm-fra01: add rebuilder
Everything should have this, I should make this just applied in default.nix...
2020-05-03 17:03:03 +01:00
b1e61c5fc0 ixvm-fra01: learn to spell fileSystems 2020-05-03 16:55:53 +01:00
ae625bc10e ixvm-fra01: add to ops/nixos as well... 2020-05-03 15:48:07 +01:00
506f161147 ixvm-fra01: add 2020-05-03 15:42:03 +01:00
45d3894011 porcorosso: add nixpkgs to NIX_PATH, add hg-evolve.
Reviewers: lukegb

Reviewed By: lukegb

Differential Revision: https://phab.lukegb.com/D9
2020-04-30 09:50:52 +01:00
1006e41bfb ops/nixos/porcorosso: create
Summary:
Adds porcorosso to the depot, and also adds the supporting Nix architecture required to make this work.

This also tests that encryption is working correctly.

Reviewers: tazjin

Reviewed By: tazjin

Subscribers: tazjin

Differential Revision: https://phab.lukegb.com/D8
2020-04-30 05:49:19 +01:00