Commit graph

345 commits

Author SHA1 Message Date
84b964fffd porcorosso: add 'windows' script for rebooting to windows 2020-05-10 15:25:37 +01:00
823eab4775 secretsync: escape $ in variable content
GitLab doesn't treat $ as literals in file content, which means that it
tries to do variable interpolation.

This is bad and annoying, because e.g. password hashes tend to contain $,
so they get variable-interpolated and thus corrupted.

Fix this by escaping $ on input to GitLab.
2020-05-10 12:11:26 +01:00
f994f155cd gitlab-ci: RAAAARGH 2020-05-10 02:32:05 +01:00
bcdb449269 hack/populate_secrets: whyyy 2020-05-10 02:25:52 +01:00
06fed43cf0 hack/populate_secrets: give up on posix compliance 2020-05-10 02:24:03 +01:00
58dd878674 hack/populate_secrets: try again 2020-05-10 02:21:18 +01:00
aa52f1a64b hack/populate_secrets: oops, dollars 2020-05-10 02:19:11 +01:00
e715c20f64 porcorosso: add deluge 2020-05-10 02:12:29 +01:00
ec086d27dd deluge: fix running the Gtk UI 2020-05-10 02:12:00 +01:00
44018a1a07 hack/populate_secret: oops, did it wrong 2020-05-10 00:29:54 +01:00
5f1f8bd386 hack/populate_secrets: make POSIX-compliant? 2020-05-10 00:28:25 +01:00
6f33f49b9c hack/populate_secrets: try using nix-shell to pull in bash 2020-05-10 00:23:57 +01:00
0cee10a83c gitlab-ci: make populating secrets into repo more consistent 2020-05-10 00:20:10 +01:00
3b8f4a2472 gitlab-ci: reenable binary cache building 2020-05-10 00:15:11 +01:00
48299e775c gitlab-ci: resource_group doesn't work 2020-05-10 00:13:35 +01:00
40cee28bd5 gitlab-ci: more fixes to deploy 2020-05-10 00:12:25 +01:00
493f2382d5 gitlab-ci: ugh, IPv4, fine 2020-05-10 00:09:33 +01:00
f8bf41b36a hack/deploy: SECRETS_MANIFEST is a file now 2020-05-10 00:08:28 +01:00
818751bac1 gitlab-ci: just inline the variables 2020-05-10 00:06:29 +01:00
2f7e50cc35 gitlab-ci: add more hosts 2020-05-10 00:01:47 +01:00
91d742c1cd gitlab-ci: try and get deploys works 2020-05-09 23:49:32 +01:00
118ebf59fd gitlab-ci: oh, rules isn't in this version of gitlab... 2020-05-09 18:55:39 +01:00
84f607d7cf *: try setting up automated deploys
This won't work yet, since the deployer user isn't correctly configured,
but this should at least trigger the right sets of things to happen.
2020-05-09 18:53:17 +01:00
c5d03b795e ops/nixos: give everything a consistent mercurial 2020-05-09 18:15:12 +01:00
0c461e9422 common: add my hgrc so I can have evolve everywhere 2020-05-09 14:42:19 +01:00
0236b2450b porcorosso: start using manifest variable 2020-05-09 14:27:10 +01:00
a9cb53fa16 secretsync: add concept of manifest variable
This is a file-type variable which contains the original mapping of
VARIABLE_NAME to VARIABLE_DATA.

This can be used to automatically repopulate a repository with
secrets that were originally taken from it and transmitted via
GitLab variables (i.e. out-of-band).
2020-05-09 14:26:54 +01:00
0949accaea gitlab-ci: drop cache directive entirely 2020-05-09 13:54:15 +01:00
b9e5dac14c gitlab-ci: tweak caching strategy
/nix/store is now just a Docker volume on the host running the build,
so the store should just implicitly get shared.
2020-05-09 13:48:37 +01:00
ed8c77a9c6 heptapod-runner: make sure our wrapped Mercurial is on the PATH 2020-05-09 13:22:49 +01:00
e613112eda ci-root: add ciPackages to the root derivation as well 2020-05-09 13:09:29 +01:00
c110580d82 porcorosso: swap path to a string.
Can't use a path here since this doesn't exist on CI.
2020-05-09 12:59:51 +01:00
0474fea9f7 clouvider-fra01: set deluge.authFile 2020-05-09 12:56:56 +01:00
11f8b7f5aa gitlab-ci: use different caching strategy 2020-05-09 12:52:31 +01:00
a708872dec porcorosso: add a configured secretsync 2020-05-09 12:45:31 +01:00
6266b42b66 secretsync: add
This is a helper utility for syncing filesystem files into GitLab variables, for
deploy-time secrets.
2020-05-09 12:45:13 +01:00
02112f071c clouvider-fra01: deluge 2020-05-09 11:14:37 +01:00
606151ddb4 ops/nixos: move rebuilder derivation into its own file. 2020-05-09 11:14:25 +01:00
fc8e2e7419 ci-root: rework to using linkFarm derivation 2020-05-09 11:14:07 +01:00
5b96c181b2 heptapod-runner: add derivation 2020-05-09 01:10:49 +01:00
f34991e545 nixos/lib/common: oops, meant "cache", not hydra 2020-05-09 01:10:37 +01:00
2508b6ed9a ops/nixos: add deployer user 2020-05-09 01:10:20 +01:00
bc50bdb7d2 ops/nixos: add GCP binary cache 2020-05-09 00:03:21 +01:00
19c29c56ff ops/nixos: fix things 2020-05-08 23:34:17 +01:00
06910a0445 ixvm-fra01: remove bird.nix 2020-05-08 23:29:30 +01:00
c4a6c2592f ixvm-fra01: merge useless changes 2020-05-08 23:29:10 +01:00
83cfa93b11 merge in local changes from marukuru 2020-05-08 23:28:42 +01:00
1e7fcadc97 ops/nixos: rework everything to factor common things out 2020-05-08 23:26:21 +01:00
24fe8291c2 marukuru: switch to heptapod 2020-05-08 22:24:50 +00:00
bcaf738b8f ixvm-fra01: add export_community 2020-05-08 21:48:44 +00:00