13f2f79e6d
graphical-client: add wallpapers
...
If I find more I like, I'll add them here, I guess. For the moment, there's
just the one.
2021-04-06 09:53:56 +01:00
f5622acaf7
nix/pkgs/flameshot: bump to my patched version
2021-04-05 14:57:59 +01:00
48bdb3559c
lib/hm/graphical-client: add flameshot to environment
2021-04-05 13:00:02 +01:00
21fe79c904
ops/nixos: enable flameshot on graphical-client hosts
2021-04-05 12:42:35 +01:00
549b4f1ccc
porcorosso: switch to pipewire
2021-04-05 12:40:41 +01:00
d582d3f352
ops/nixos/lib: inline latest_system_closure.sh
...
I can't be bothered to make it a proper script, and I also don't really want to
rely on invoking nix-shell at runtime (I'd rather have all the needed tools in
the system closure).
2021-04-04 19:35:38 +01:00
8dab1a04fe
ops/nixos/lib: fix latest_system_closure for machines with - in hostname
2021-04-04 19:25:02 +01:00
33cfba2e2f
ops/nixos/lib: enable 'switch-prebuilt latest' for getting latest closure
2021-04-04 18:25:01 +01:00
09a6c8cafe
marukuru: switch heptapod image to being built with dockerTools
...
Fixes #1
2021-04-02 01:39:01 +00:00
fe3f343ef9
bvm-prosody: configure prosody
2021-04-02 00:52:45 +00:00
fbc3b47854
bvm-prosody: fix :/
2021-04-01 15:55:54 +00:00
bcf1266bfe
bvm-prosody: configure IP addresses
2021-04-01 15:50:27 +00:00
bab069b286
bvm-twitterchiver: add twitterchiver-{relatedfetcher,archiver}
2021-04-01 00:22:57 +00:00
0961a68532
twitterchiver: add secrets
2021-03-31 23:52:38 +00:00
8d4e26d3cf
bvm-twitterchiver: use correct twitterchiver-viewer name
2021-03-31 23:44:52 +00:00
3073f290b0
bvm-twitterchiver: fix
2021-03-31 23:38:39 +00:00
69aba17ba4
bvm-twitterchiver: add twitterchiver-viewer
2021-03-31 23:33:44 +00:00
66bfd9a458
etheroute-lon01: add twitterchiver
2021-03-31 22:37:01 +00:00
bea33016f6
nixos/blade: oops, forgot };
2021-03-31 21:20:56 +00:00
5b63d1555a
nixos/blade: use tmpfs for /var/log and /var/cache
2021-03-31 21:20:08 +00:00
c972f3ae12
as205479.net: add bvm-win10
2021-03-31 19:39:56 +00:00
4ab9e1b19e
marukuru: tweak gitlab settings
2021-03-30 20:49:42 +01:00
e2dffeceb5
marukuru: need to enable experimental mode
2021-03-30 20:23:26 +01:00
357a9ca041
marukuru: set random collection of IPv6 Docker options
2021-03-30 20:11:19 +01:00
f71179cbd6
coredns: add bvm-korobi
2021-03-30 12:51:17 +01:00
62dce112db
blade-router: fix radvd prefix to actually be onlink
2021-03-30 11:59:27 +01:00
4c013cb2bc
blade-router: use absolute path to birdc
2021-03-30 00:18:08 +00:00
e80a1750b8
blade-router: tweak notify script config
2021-03-30 00:09:02 +00:00
8b2238cf1e
blade-router: add shebang to VRRP notify script
2021-03-30 00:01:19 +00:00
f05a063fce
blade-router: add keepalived notify script for announcing/withdrawing routes
2021-03-29 23:54:26 +00:00
1071202e7f
coredns: update DNS to match swapped IPs
2021-03-29 23:13:01 +00:00
bff07335b5
blade-router: switch router VIP
2021-03-29 23:09:26 +00:00
cae0c4eb94
blade-router: we need config attribute...
2021-03-29 23:29:26 +01:00
a5ffe43e14
blade-paris: fix imports
2021-03-29 23:28:30 +01:00
7de4d2690e
blade-router: put radvd config in correct place
2021-03-29 23:27:40 +01:00
c5fc727f7a
blade-router: fix
2021-03-29 23:26:50 +01:00
b09773e945
blade-paris: fix import
2021-03-29 23:25:50 +01:00
ac63880ed7
ops/nixos: abstract into blade-router
2021-03-29 23:24:57 +01:00
8236c7f698
blade-{paris,tuvok}: add radvd
2021-03-29 23:04:26 +01:00
878a457c83
blade-{paris,tuvok}: allow IPv6 VRRP as well...
2021-03-29 22:53:19 +01:00
c8b482c67a
blade-{paris,tuvok}: add IPv6 link-local address as first
...
Mar 29 21:38:36 blade-tuvok Keepalived_vrrp[29221]: (mgmtGateway6) the first IPv6 VIP address should be link local
2021-03-29 22:43:53 +01:00
b0198cfa3d
blade-{paris,tuvok}: split IPv4/IPv6 VRRP
2021-03-29 22:36:03 +01:00
0d46b6d4fe
blade-{paris,tuvok}: add IPv6 gateway to keepalived
2021-03-29 21:03:06 +00:00
e1e3a24f36
ops/nixos/lib/coredns: add DNS records
2021-03-29 20:45:39 +00:00
b360944686
blade-{paris,tuvok}: add some IP addresses
2021-03-29 20:39:42 +00:00
d84075b124
clouvider-lon01: drop 92.118.28.0/24
2021-03-29 12:15:27 +00:00
3c7f759773
blade-paris/blade-tuvok: change v4/v6 announcements
2021-03-29 12:06:39 +00:00
b559512200
blade-paris/blade-tuvok: add BGP config
2021-03-29 11:47:44 +00:00
3ea210e884
marukuru: tweak GitLab Puma settings for low-mem
...
Per the GitLab docs
(https://docs.gitlab.com/ee/install/requirements.html#puma-settings ):
> If the operating system has a maximum 2 GB of memory, the recommended number
> of threads is 1. A higher value will result in excess swapping, and decrease
> performance.
and
> In a memory-constrained environment with less than 4GB of RAM available,
> consider disabling Puma Clustered mode.
>
> Configuring Puma by setting the amount of workers to 0 could reduce memory
> usage by hundreds of MB. For details on Puma worker and thread settings, see
> Puma settings.
2021-03-28 23:25:14 +00:00
a3ed8a6da3
hm: add ntfy everywhere
2021-03-28 23:08:02 +00:00
0b1ccae353
bvm-prosody: actually name depot...
2021-03-28 22:52:04 +00:00
a44b09fb46
bvm-twitterchiver: create twitterchiver user
2021-03-28 22:48:43 +00:00
5a3a55e302
bvm-prosody: add coturn
2021-03-28 22:46:55 +00:00
efe1aa51db
bvm-twitterchiver: add postgresql
2021-03-28 22:46:44 +00:00
d32585bff6
bvm-ipfs: enable ipfs
2021-03-28 15:34:54 +00:00
2b8dce0920
depot-wide: overhaul GitLab CI configuration
...
We now use a stub configuration to kick off the pipeline, which is dynamically
generated using Nix config.
2021-03-28 15:27:46 +00:00
f8b4903286
bvm-prosody: add tailscale IP
2021-03-28 14:33:54 +00:00
2eeba92d9e
bvm-twitterchiver: add tailscale IP
2021-03-28 14:32:16 +00:00
e6c56c9a74
bvm-ipfs: add tailscale IP
2021-03-28 14:00:25 +00:00
7979d936a4
ops/nixos: init bvm-{twitterchiver,prosody,ipfs}
2021-03-28 13:10:27 +00:00
f27a8f8f1a
ops/nixos: mkBefore needs lib. in bvm.nix/blade.nix
2021-03-28 12:32:01 +00:00
f34d539462
bvm-nixosmgmt: condense down and abstract out
2021-03-28 12:26:11 +00:00
c1f450eb33
ops/nixos: flesh out DNS for internal blade IPs
2021-03-28 12:18:06 +00:00
0b60a516b4
bvm-nixosmgmt: actually change the hostname
2021-03-28 02:04:41 +00:00
701ab955af
coredns: update serial for as205479.net
2021-03-28 01:16:10 +00:00
b2e2f965c5
ops/nixos: rename various machines to comply with naming convention
...
* *-frantech should be frantech-*, it's provider first
* blade VMs now all begin bvm-
2021-03-28 00:34:36 +00:00
1883186bb8
hm/graphical-client: switch to google-chrome-beta from chromium
2021-03-25 10:54:01 +00:00
a99e0309c5
ops/nixos/fup: switch to using config file
2021-03-23 00:58:18 +00:00
11ed74003a
nixos/fup: allow large file uploads
2021-03-22 13:56:16 +00:00
86d9292cd1
blade-tuvok: change fup to listen on wildcard
...
It's broken otherwise, since the default server is based on the incoming IP,
and the precise listed IPs are more tightly binding.
2021-03-22 13:46:28 +00:00
ff5ea120e5
blade-tuvok/fup: override listen IPs
2021-03-22 02:50:27 +00:00
ca642bfa5e
blade-tuvok: add fup
2021-03-22 02:43:17 +00:00
787b04737e
treewide: add some SPDX headers
2021-03-20 20:46:56 +00:00
35cc195717
common: remove everything from hosts files
2021-03-20 16:42:08 +00:00
99dce2de2a
as205479.net: add totoro.int
2021-03-20 16:41:26 +00:00
33fd1da091
dns: add blades to zone
2021-03-20 15:22:09 +00:00
4c78164384
ops/nixos/common: set search domains
2021-03-20 15:01:28 +00:00
5cf89fbc2f
switch-prebuilt: check for existence before nix copy
2021-03-20 13:37:08 +00:00
422c47c3e0
switch-prebuilt: run stuff assuming we're a trusted-user
2021-03-20 13:22:17 +00:00
be5eee48b3
switch-prebuilt: init
2021-03-20 12:39:23 +00:00
154db9706a
lib/common: add deployer to trustedUsers
2021-03-20 12:34:01 +00:00
7737f962a9
marukuru/deployer: add jq somewhere more sensible
2021-03-20 12:17:41 +00:00
d8086e7042
ops/nixos: add jq everywhere
2021-03-20 12:11:45 +00:00
705bcd9446
marukuru/deployer: add jq
2021-03-20 11:57:21 +00:00
627c8bf17c
lib/coredns: fix firewall
2021-03-20 02:06:08 +00:00
b0a6ebe52d
ops/nixos: add coredns
2021-03-20 02:03:23 +00:00
7f27f9fb79
tuvok/paris: enable keepalived
2021-03-20 01:08:33 +00:00
c51e5d478d
lib/common: add --delete-older-than
2021-03-19 21:29:54 +00:00
9036f02fd0
blade-tuvok: allow 80/443
2021-03-19 21:27:42 +00:00
9ddb5d75f2
blade: restrict ceph firewall rules to storage network
2021-03-19 21:27:15 +00:00
4f5f2a780a
nixos-mgmt: init
2021-03-19 20:28:24 +00:00
3f3c92addc
blade-tuvok: serve objdump directly
2021-03-19 19:45:03 +00:00
10c7ee76b3
{las,lux,nyc}01-frantech: add tailscale IPs
2021-03-19 16:16:06 +00:00
0f0f61f2df
installcd: add to ci-root; tweak store
2021-03-19 01:19:14 +00:00
db1b568d63
{lux,las,nyc}01-frantech: init
2021-03-19 01:11:37 +00:00
c26a321f5f
home-manager: drop enableVaapi
2021-03-18 23:56:25 +00:00
4a381f03d3
ops/nixos: create installcd
2021-03-18 23:51:38 +00:00
665dc16239
etheroute-lon01: bump timeout, which is just 'timeout'
2021-03-18 23:50:54 +00:00
04a7792ad1
totoro: add NodeExporterDown alerts
2021-03-15 01:25:19 +00:00
dc2fb8e2b1
totoro: add power use alerts for blade system
2021-03-15 01:20:26 +00:00