Commit graph

1228 commits

Author SHA1 Message Date
878a457c83 blade-{paris,tuvok}: allow IPv6 VRRP as well... 2021-03-29 22:53:19 +01:00
c8b482c67a blade-{paris,tuvok}: add IPv6 link-local address as first
Mar 29 21:38:36 blade-tuvok Keepalived_vrrp[29221]: (mgmtGateway6) the first IPv6 VIP address should be link local
2021-03-29 22:43:53 +01:00
b0198cfa3d blade-{paris,tuvok}: split IPv4/IPv6 VRRP 2021-03-29 22:36:03 +01:00
0d46b6d4fe blade-{paris,tuvok}: add IPv6 gateway to keepalived 2021-03-29 21:03:06 +00:00
e1e3a24f36 ops/nixos/lib/coredns: add DNS records 2021-03-29 20:45:39 +00:00
b360944686 blade-{paris,tuvok}: add some IP addresses 2021-03-29 20:39:42 +00:00
d84075b124 clouvider-lon01: drop 92.118.28.0/24 2021-03-29 12:15:27 +00:00
3c7f759773 blade-paris/blade-tuvok: change v4/v6 announcements 2021-03-29 12:06:39 +00:00
b559512200 blade-paris/blade-tuvok: add BGP config 2021-03-29 11:47:44 +00:00
3ea210e884 marukuru: tweak GitLab Puma settings for low-mem
Per the GitLab docs
(https://docs.gitlab.com/ee/install/requirements.html#puma-settings):

> If the operating system has a maximum 2 GB of memory, the recommended number
> of threads is 1. A higher value will result in excess swapping, and decrease
> performance.

and

> In a memory-constrained environment with less than 4GB of RAM available,
> consider disabling Puma Clustered mode.
>
> Configuring Puma by setting the amount of workers to 0 could reduce memory
> usage by hundreds of MB. For details on Puma worker and thread settings, see
> Puma settings.
2021-03-28 23:25:14 +00:00
a3ed8a6da3 hm: add ntfy everywhere 2021-03-28 23:08:02 +00:00
0b1ccae353 bvm-prosody: actually name depot... 2021-03-28 22:52:04 +00:00
a44b09fb46 bvm-twitterchiver: create twitterchiver user 2021-03-28 22:48:43 +00:00
5a3a55e302 bvm-prosody: add coturn 2021-03-28 22:46:55 +00:00
efe1aa51db bvm-twitterchiver: add postgresql 2021-03-28 22:46:44 +00:00
d32585bff6 bvm-ipfs: enable ipfs 2021-03-28 15:34:54 +00:00
fe4b95c532 gitlab-ci: block parent pipeline until child is complete
Without strategy: depend, the parent pipeline will succeed immediately after
triggering the child.  It's more useful to mirror the status, so the commit
status is rendered correctly.
2021-03-28 15:30:15 +00:00
2b8dce0920 depot-wide: overhaul GitLab CI configuration
We now use a stub configuration to kick off the pipeline, which is dynamically
generated using Nix config.
2021-03-28 15:27:46 +00:00
f8b4903286 bvm-prosody: add tailscale IP 2021-03-28 14:33:54 +00:00
2eeba92d9e bvm-twitterchiver: add tailscale IP 2021-03-28 14:32:16 +00:00
e6c56c9a74 bvm-ipfs: add tailscale IP 2021-03-28 14:00:25 +00:00
7979d936a4 ops/nixos: init bvm-{twitterchiver,prosody,ipfs} 2021-03-28 13:10:27 +00:00
f27a8f8f1a ops/nixos: mkBefore needs lib. in bvm.nix/blade.nix 2021-03-28 12:32:01 +00:00
f34d539462 bvm-nixosmgmt: condense down and abstract out 2021-03-28 12:26:11 +00:00
c1f450eb33 ops/nixos: flesh out DNS for internal blade IPs 2021-03-28 12:18:06 +00:00
0b60a516b4 bvm-nixosmgmt: actually change the hostname 2021-03-28 02:04:41 +00:00
ca02dda602 gitlab-ci: update for newer GitLab
We now have resource_groups, and environment.name. We don't yet have
environment.deployment_tier, though, but that can live in the base template and
be enabled once Heptapod is at GitLab 13.10.
2021-03-28 01:31:35 +00:00
701ab955af coredns: update serial for as205479.net 2021-03-28 01:16:10 +00:00
ea927a8c34 depot: make version build faster
We don't need the entire depot to get the build version.
2021-03-28 01:14:59 +00:00
b2e2f965c5 ops/nixos: rename various machines to comply with naming convention
* *-frantech should be frantech-*, it's provider first
* blade VMs now all begin bvm-
2021-03-28 00:34:36 +00:00
6a80243cce fup: add favicon and logo graphics 2021-03-27 20:54:40 +00:00
e4872918d5 fup: fix relative URLs in base template 2021-03-27 20:49:28 +00:00
5ddd41ac94 fup: add title to base template 2021-03-27 00:33:29 +00:00
d8e001922a fup: don't crash on view if we don't have a cheddar
Classic Go typed-nil bug.
2021-03-26 21:44:13 +00:00
fa086419c8 fup: allow for pasting text content from clipboard 2021-03-26 21:42:42 +00:00
6e539188ac fup: add paste handler for uploading things from the clipboard 2021-03-26 21:35:37 +00:00
017458ae2e bazel-run: back to Java 11, which is AdoptOpenJDK LTS 2021-03-26 03:52:35 +00:00
Default email
d0d8e8fc71 Project import generated by Copybara.
GitOrigin-RevId: d3f7e969b9860fb80750147aeb56dab1c730e756
2021-03-23 19:22:30 +00:00
8b173ec8a3 ci-root: remove windows for the moment 2021-03-25 18:27:40 +00:00
0e4894096a 3p/nixpkgs: openssl 1.1.1j->k 2021-03-25 17:30:22 +00:00
1883186bb8 hm/graphical-client: switch to google-chrome-beta from chromium 2021-03-25 10:54:01 +00:00
7b5ac688b8 fup: add test for disabled TokenAuthMiddleware 2021-03-23 01:31:42 +00:00
affe252f73 fup: fix config file handling
Whoops! Before, config files were being read but all the contents were basically
being discarded.

Now, we both load and actually use the config file, leading to a much more positive
experience for everyone involved :)
2021-03-23 01:21:39 +00:00
a99e0309c5 ops/nixos/fup: switch to using config file 2021-03-23 00:58:18 +00:00
8271714a18 fup: allow Fup-Token header for carrying auth credentials 2021-03-23 00:58:06 +00:00
dbd711ded8 fup: add TokenAuthMiddleware
This is an example middleware which can be used as an AuthMiddleware for only
allowing requests to non-view pages which are accompanied by an auth token via
HTTP basic auth.
2021-03-23 00:46:33 +00:00
d96cf3d34d fup/cmd/serve: add viper bindings for all the flags 2021-03-23 00:45:51 +00:00
5b74ceec4e fup: add auth middleware machinery
This allows clients to register an authentication middleware which will be
provided values in the context that it can use to make an authn/authz decision.
2021-03-23 00:45:28 +00:00
ccb7d81f1a fup: allow PUT without filename 2021-03-22 23:31:58 +00:00
48be007f79 fup: clear the file input when we start the upload
This prevents the back button from upload the same files *again*.
2021-03-22 19:33:03 +00:00