Commit graph

257 commits

Author SHA1 Message Date
21fe79c904 ops/nixos: enable flameshot on graphical-client hosts 2021-04-05 12:42:35 +01:00
d582d3f352 ops/nixos/lib: inline latest_system_closure.sh
I can't be bothered to make it a proper script, and I also don't really want to
rely on invoking nix-shell at runtime (I'd rather have all the needed tools in
the system closure).
2021-04-04 19:35:38 +01:00
8dab1a04fe ops/nixos/lib: fix latest_system_closure for machines with - in hostname 2021-04-04 19:25:02 +01:00
33cfba2e2f ops/nixos/lib: enable 'switch-prebuilt latest' for getting latest closure 2021-04-04 18:25:01 +01:00
fbc3b47854 bvm-prosody: fix :/ 2021-04-01 15:55:54 +00:00
bcf1266bfe bvm-prosody: configure IP addresses 2021-04-01 15:50:27 +00:00
bea33016f6 nixos/blade: oops, forgot }; 2021-03-31 21:20:56 +00:00
5b63d1555a nixos/blade: use tmpfs for /var/log and /var/cache 2021-03-31 21:20:08 +00:00
c972f3ae12 as205479.net: add bvm-win10 2021-03-31 19:39:56 +00:00
f71179cbd6 coredns: add bvm-korobi 2021-03-30 12:51:17 +01:00
62dce112db blade-router: fix radvd prefix to actually be onlink 2021-03-30 11:59:27 +01:00
4c013cb2bc blade-router: use absolute path to birdc 2021-03-30 00:18:08 +00:00
e80a1750b8 blade-router: tweak notify script config 2021-03-30 00:09:02 +00:00
8b2238cf1e blade-router: add shebang to VRRP notify script 2021-03-30 00:01:19 +00:00
f05a063fce blade-router: add keepalived notify script for announcing/withdrawing routes 2021-03-29 23:54:26 +00:00
1071202e7f coredns: update DNS to match swapped IPs 2021-03-29 23:13:01 +00:00
bff07335b5 blade-router: switch router VIP 2021-03-29 23:09:26 +00:00
cae0c4eb94 blade-router: we need config attribute... 2021-03-29 23:29:26 +01:00
7de4d2690e blade-router: put radvd config in correct place 2021-03-29 23:27:40 +01:00
c5fc727f7a blade-router: fix 2021-03-29 23:26:50 +01:00
ac63880ed7 ops/nixos: abstract into blade-router 2021-03-29 23:24:57 +01:00
e1e3a24f36 ops/nixos/lib/coredns: add DNS records 2021-03-29 20:45:39 +00:00
b559512200 blade-paris/blade-tuvok: add BGP config 2021-03-29 11:47:44 +00:00
a3ed8a6da3 hm: add ntfy everywhere 2021-03-28 23:08:02 +00:00
2b8dce0920 depot-wide: overhaul GitLab CI configuration
We now use a stub configuration to kick off the pipeline, which is dynamically
generated using Nix config.
2021-03-28 15:27:46 +00:00
f8b4903286 bvm-prosody: add tailscale IP 2021-03-28 14:33:54 +00:00
2eeba92d9e bvm-twitterchiver: add tailscale IP 2021-03-28 14:32:16 +00:00
e6c56c9a74 bvm-ipfs: add tailscale IP 2021-03-28 14:00:25 +00:00
f27a8f8f1a ops/nixos: mkBefore needs lib. in bvm.nix/blade.nix 2021-03-28 12:32:01 +00:00
f34d539462 bvm-nixosmgmt: condense down and abstract out 2021-03-28 12:26:11 +00:00
c1f450eb33 ops/nixos: flesh out DNS for internal blade IPs 2021-03-28 12:18:06 +00:00
701ab955af coredns: update serial for as205479.net 2021-03-28 01:16:10 +00:00
b2e2f965c5 ops/nixos: rename various machines to comply with naming convention
* *-frantech should be frantech-*, it's provider first
* blade VMs now all begin bvm-
2021-03-28 00:34:36 +00:00
1883186bb8 hm/graphical-client: switch to google-chrome-beta from chromium 2021-03-25 10:54:01 +00:00
a99e0309c5 ops/nixos/fup: switch to using config file 2021-03-23 00:58:18 +00:00
11ed74003a nixos/fup: allow large file uploads 2021-03-22 13:56:16 +00:00
ca642bfa5e blade-tuvok: add fup 2021-03-22 02:43:17 +00:00
787b04737e treewide: add some SPDX headers 2021-03-20 20:46:56 +00:00
35cc195717 common: remove everything from hosts files 2021-03-20 16:42:08 +00:00
99dce2de2a as205479.net: add totoro.int 2021-03-20 16:41:26 +00:00
33fd1da091 dns: add blades to zone 2021-03-20 15:22:09 +00:00
4c78164384 ops/nixos/common: set search domains 2021-03-20 15:01:28 +00:00
5cf89fbc2f switch-prebuilt: check for existence before nix copy 2021-03-20 13:37:08 +00:00
422c47c3e0 switch-prebuilt: run stuff assuming we're a trusted-user 2021-03-20 13:22:17 +00:00
be5eee48b3 switch-prebuilt: init 2021-03-20 12:39:23 +00:00
154db9706a lib/common: add deployer to trustedUsers 2021-03-20 12:34:01 +00:00
d8086e7042 ops/nixos: add jq everywhere 2021-03-20 12:11:45 +00:00
627c8bf17c lib/coredns: fix firewall 2021-03-20 02:06:08 +00:00
b0a6ebe52d ops/nixos: add coredns 2021-03-20 02:03:23 +00:00
c51e5d478d lib/common: add --delete-older-than 2021-03-19 21:29:54 +00:00
9ddb5d75f2 blade: restrict ceph firewall rules to storage network 2021-03-19 21:27:15 +00:00
3f3c92addc blade-tuvok: serve objdump directly 2021-03-19 19:45:03 +00:00
c26a321f5f home-manager: drop enableVaapi 2021-03-18 23:56:25 +00:00
c682fc0422 blade: fix serial console 2021-03-14 17:39:07 +00:00
bb1178e82c blade: enable serial console for GRUB and boot 2021-03-14 17:34:08 +00:00
ff2be56561 blade: disable coredump writing 2021-03-14 17:25:03 +00:00
f3c5990de4 blade: nit: forgot a ) 2021-03-14 15:56:58 +00:00
22dadde50a blade-torres: remap en-storage onto a vlan 2021-03-14 15:52:53 +00:00
b3def9be96 ceph: add /var/lib/ceph mount 2021-03-14 14:35:36 +00:00
22cb1575b4 ceph: set up storage network 10.100.2.0/24 2021-03-14 14:35:32 +00:00
dc68fb7305 blade: correct IP 2021-03-14 02:01:42 +00:00
74fd32c0b8 ops/nixos/blade: switch mon IPs in config 2021-03-14 01:23:24 +00:00
a763c85e3d blade: allow tailscale 41641/udp 2021-03-13 20:58:43 +00:00
e979f4e83e blade: move journald storage to volatile 2021-03-13 20:57:04 +00:00
b2a085f84c ops/nixos/blade: enable NAT on routers 2021-03-13 16:41:05 +00:00
53b7ca1c8a ops/nixos: revamp blade network config 2021-03-12 14:47:08 +00:00
7cd70420c6 blade-janeway: fix interfaces 2021-02-25 12:29:05 +00:00
a7094217ba blade: tweak networking 2021-02-24 19:58:15 +00:00
5018ba70cd home-manager/common: add iotop/iftop 2021-02-14 21:40:41 +00:00
caea9c19c4 lib/blade: mount boot drive to /boot 2021-02-13 16:07:33 +00:00
2596579835 lib/blade: add a ceph-osd-lvm-activate to prep the OSDs 2021-02-13 16:29:18 +00:00
93b5d2c288 ops/nixos: enable ceph in libvirtd 2021-02-11 02:21:59 +00:00
a484168097 lib/blade: add ceph support to libvirtd 2021-02-11 00:34:27 +00:00
c94e94284f lib/blade: decrease miimon 2021-02-11 00:27:25 +00:00
fc14641404 lib/blade: enable libvirtd group for lukegb 2021-02-11 00:22:47 +00:00
e81c71b85f lib/blade: enable acpi_power_meter 2021-02-11 00:22:39 +00:00
82503b6192 ops/nixos/lib/blade: enable polkit for libvirtd access 2021-02-11 00:13:32 +00:00
4a53baab51 ops/nixos: fix lib/blade.nix 2021-02-10 23:39:36 +00:00
270b461b97 ops/nixos: create br-ext and put everything on it 2021-02-10 23:38:05 +00:00
372aed550f ops/nixos: enable osds on blade-janeway 2021-02-09 21:47:04 +00:00
1ed83bd25a ops/nixos/blade: add ceph 2021-02-09 01:17:54 +00:00
dad04a0062 ops/nixos: add other blade hosts
blade-paris and blade-kim are TBD
2021-02-08 22:26:22 +00:00
37be1e38f8 ops/nixos: switch blades to static IPs 2021-02-08 20:45:15 +00:00
f55f861e17 ops/nixos: split most of blade-janeway into lib/blade.nix 2021-02-07 21:23:23 +00:00
e6f4d37982 ops/nixos: add fwupd to common 2021-01-30 18:47:12 +00:00
c7df81d6a1 clouvider-fra01: add ts3spotifybot 2021-01-27 18:39:58 +00:00
1fe4e04464 ops/nixos: add dev-quotes.bfob.gg to server aliases 2021-01-20 00:22:54 +00:00
5ee6a1c3b7 ops/nixos/quotes.bfob.gg: add my.quotesdb.listen option 2021-01-20 00:21:21 +00:00
b7574660de web/quotes: prodify 2021-01-19 23:43:43 +00:00
ef81a0c080 quotes.bfob.gg: add to clouvider-lon01 2021-01-19 23:41:47 +00:00
9dd18e2cdc ops/nixos/lib/common: add nixos_running_system/nixos_booted_system node metrics 2021-01-11 17:44:23 +00:00
6b95f54ca7 ops/nixos/lib/common: add systemd collector to all systems 2021-01-07 10:01:36 +00:00
aba7285824 totoro: add twitternuke timer 2021-01-06 21:29:33 +00:00
f91109cb50 nixos/lightspeed: init lightspeed-ingest and lightspeed-webrtc NixOS modules 2021-01-04 15:50:42 +00:00
34d9b4eda5 hm/graphical-client: pull in nm-applet only for i3 2020-12-19 19:39:13 +00:00
cb4ba45b1b hm/graphical-client: enable nm-applet
I'm assuming (probably wrongly) that anything using my graphical-client preset
is _also_ using NetworkManager, which is probably true for real client machines
but may not be true on terminal services machines which also end up with this
preset.

Whatever, I'll work it out later.
2020-12-19 19:25:15 +00:00
808b506123 ops/nixos/lib/low-space: fix 2020-12-06 15:22:40 +00:00
26de73b0fb marukuru: set journald SystemMaxUse to cap log size 2020-12-06 15:18:14 +00:00
9244e44518 ops/nixos/lib/common: add lukegb to 'audio' group 2020-12-03 03:00:40 +00:00
23e97ff266 ops/nixos: add whitby-distributed to clouvider-lon01 2020-11-30 23:21:56 +00:00
a589ca3e1f ops/nixos: remove propagatedBuildInputs from mercurial override 2020-11-25 13:12:36 +00:00
094f2334f8 ops/nixos/lib/home-manager: swap isDarwin for 'is external' check 2020-11-23 16:47:17 +00:00
80e85feede home-manager-ext: init
To allow using my home-manager config on Darwin (and other non-NixOS
machines), I introduce the concept of home-manager-ext, which gives
me a much easier hook to import my config elsewhere.
2020-11-23 07:22:00 -08:00
5de4937d6d Add a GITHUB_TOKEN to my environment everywhere. 2020-11-21 00:51:24 +00:00
26352c7065 ops/nixos: add ability to define additional things to be scraped, use this for coredns 2020-11-18 02:02:23 +00:00
c0a6e48970 ops/nixos: add dnsutils to common for dig 2020-11-18 01:27:50 +00:00
a31599ad1b ops/nixos: add restic everywhere 2020-11-17 02:21:46 +00:00
4a0897b0cb ops/nixos: add new packages, move other packages around 2020-11-17 02:10:23 +00:00
492d57ef29 hm/graphical-client: enable vaapi on chromium 2020-11-15 21:29:15 +00:00
6c91bbe714 hm: set up ssh 2020-11-09 00:21:32 +00:00
f2c8e2d3bf hm/graphical-client: set up session vars 2020-11-08 15:49:12 +00:00
17ac1212dd ops/nixos: add totoro as prometheus box; enable node-exporter everywhere 2020-11-06 04:52:54 +00:00
b58f13a145 ops/nixos: globally enable zramSwap 2020-11-05 02:03:20 +00:00
57d4f7f05e nixos/home-manager: do ssh-add when making a login shell 2020-11-05 01:57:55 +00:00
bad3be7574 ops: tweak SSH auth; add red solo SK-resident key 2020-11-05 01:50:16 +00:00
a507a5380d ops/nixos: allow all traffic in on tailscale0 2020-11-04 21:53:02 +00:00
8d4b7f8c47 bgp: add default to satisfy ixvm-fra01 2020-11-04 17:41:28 +00:00
86a09dab73 clouvider-lon01: add minotarproxy IPs 2020-11-04 16:41:15 +00:00
d78f055270 ops: add lukegb_porcorosso_linux key 2020-11-03 15:25:03 +00:00
7a19e14649 ops/nixos: define a new my.ip.tailscale option which gets put into /etc/hosts everywhere 2020-11-01 18:25:01 +00:00
9499761e7f home-manager: set EDITOR and VISUAL to vim 2020-11-01 18:11:48 +00:00
658c98934b nixos/lib/common: update SSH authorized_keys 2020-11-01 14:42:52 +00:00
d3bee9d2de ops/nixos: import home-manager into lib/common 2020-10-31 11:44:52 +00:00
f5c80fe35d ops/nixos: further tweaks 2020-10-25 12:00:15 +00:00
29fa1e35fd nixos: start using home-manager 2020-10-25 11:36:16 +00:00
4e14ee8111 ops/nixos: mark nix.gc.automatic as default 2020-10-18 12:59:33 +00:00
e3f83ad608 ops/nixos: run nix-collect-garbage daily, except on clients 2020-10-18 01:17:35 +00:00
1aa2236f64 graphical-client: add dino 2020-10-17 12:17:47 +01:00
89d3afd8f0 ops/nixos: move some things into a graphical-clients module 2020-10-17 12:17:18 +01:00
190606746c ops/nixos/lib/common: add the binary cache credentials to nix.envVars 2020-10-04 02:56:34 +01:00
ea8020262c ops/nixos/lib/common: add rsync 2020-09-07 10:59:47 +00:00
ab0f4b5863 ops/nixos/lib/common: replace deployer password with ! 2020-09-06 16:45:56 +00:00
863c7028f0 ops/nixos: add tailscale to common 2020-09-06 16:26:48 +00:00
a71cb99af8 nixos/porcorosso: add totoro as a builder 2020-07-19 18:47:40 +01:00
24ba5c1c36 nixos: abstract out distributed builds 2020-07-19 18:20:21 +01:00
5efba00e97 ops/nixos/lib/common: add tmux 2020-07-08 18:36:21 +00:00
00e2f9e1d3 ops/nixos: factor things useful on general 'workstation' machines out 2020-06-28 19:38:20 +01:00
1506327979 hgrc: fix smartlogstart 2020-06-18 00:20:00 +01:00
f3d1fee59d nix/pkgs: add bazel-run userenv 2020-06-16 09:39:54 +01:00
48011ebba9 licensing: Apache-2.0, make almost reuse-lint clean 2020-06-07 15:03:12 +01:00
15c82b0498 local repo fixups after bump of nixpkgs 2020-06-06 13:12:39 +01:00
643cb31750 porcorosso: try installing lutris 2020-05-31 18:58:29 +01:00
82ed70f0c9 ops/nixos/lib/hgrc: add purge extension 2020-05-22 13:09:36 +01:00
d9cc0c9de1 ops/nixos/lib: don't use the s3 binary cache except when rebuilder-ing. 2020-05-22 13:04:17 +01:00
abbbc2c216 hg-git: add 0.9.0a1 for py3, and use that 2020-05-17 03:23:54 +01:00
2712655c50 ops/nixos/lib/hgrc: colourise rev ID based on phase 2020-05-16 14:08:27 +01:00
d7897ddbe5 ops/nixos/lib: add hgrc in a more sensible way 2020-05-11 17:30:13 +01:00
6daf53d556 ops/nixos/lib/hgrc: add topics extension 2020-05-11 16:18:03 +01:00
91d742c1cd gitlab-ci: try and get deploys works 2020-05-09 23:49:32 +01:00
c5d03b795e ops/nixos: give everything a consistent mercurial 2020-05-09 18:15:12 +01:00