Commit graph

455 commits

Author SHA1 Message Date
13f2f79e6d graphical-client: add wallpapers
If I find more I like, I'll add them here, I guess. For the moment, there's
just the one.
2021-04-06 09:53:56 +01:00
f5622acaf7 nix/pkgs/flameshot: bump to my patched version 2021-04-05 14:57:59 +01:00
48bdb3559c lib/hm/graphical-client: add flameshot to environment 2021-04-05 13:00:02 +01:00
21fe79c904 ops/nixos: enable flameshot on graphical-client hosts 2021-04-05 12:42:35 +01:00
549b4f1ccc porcorosso: switch to pipewire 2021-04-05 12:40:41 +01:00
d582d3f352 ops/nixos/lib: inline latest_system_closure.sh
I can't be bothered to make it a proper script, and I also don't really want to
rely on invoking nix-shell at runtime (I'd rather have all the needed tools in
the system closure).
2021-04-04 19:35:38 +01:00
8dab1a04fe ops/nixos/lib: fix latest_system_closure for machines with - in hostname 2021-04-04 19:25:02 +01:00
33cfba2e2f ops/nixos/lib: enable 'switch-prebuilt latest' for getting latest closure 2021-04-04 18:25:01 +01:00
09a6c8cafe marukuru: switch heptapod image to being built with dockerTools
Fixes #1
2021-04-02 01:39:01 +00:00
fe3f343ef9 bvm-prosody: configure prosody 2021-04-02 00:52:45 +00:00
fbc3b47854 bvm-prosody: fix :/ 2021-04-01 15:55:54 +00:00
bcf1266bfe bvm-prosody: configure IP addresses 2021-04-01 15:50:27 +00:00
bab069b286 bvm-twitterchiver: add twitterchiver-{relatedfetcher,archiver} 2021-04-01 00:22:57 +00:00
0961a68532 twitterchiver: add secrets 2021-03-31 23:52:38 +00:00
8d4e26d3cf bvm-twitterchiver: use correct twitterchiver-viewer name 2021-03-31 23:44:52 +00:00
3073f290b0 bvm-twitterchiver: fix 2021-03-31 23:38:39 +00:00
69aba17ba4 bvm-twitterchiver: add twitterchiver-viewer 2021-03-31 23:33:44 +00:00
66bfd9a458 etheroute-lon01: add twitterchiver 2021-03-31 22:37:01 +00:00
bea33016f6 nixos/blade: oops, forgot }; 2021-03-31 21:20:56 +00:00
5b63d1555a nixos/blade: use tmpfs for /var/log and /var/cache 2021-03-31 21:20:08 +00:00
c972f3ae12 as205479.net: add bvm-win10 2021-03-31 19:39:56 +00:00
4ab9e1b19e marukuru: tweak gitlab settings 2021-03-30 20:49:42 +01:00
e2dffeceb5 marukuru: need to enable experimental mode 2021-03-30 20:23:26 +01:00
357a9ca041 marukuru: set random collection of IPv6 Docker options 2021-03-30 20:11:19 +01:00
f71179cbd6 coredns: add bvm-korobi 2021-03-30 12:51:17 +01:00
62dce112db blade-router: fix radvd prefix to actually be onlink 2021-03-30 11:59:27 +01:00
4c013cb2bc blade-router: use absolute path to birdc 2021-03-30 00:18:08 +00:00
e80a1750b8 blade-router: tweak notify script config 2021-03-30 00:09:02 +00:00
8b2238cf1e blade-router: add shebang to VRRP notify script 2021-03-30 00:01:19 +00:00
f05a063fce blade-router: add keepalived notify script for announcing/withdrawing routes 2021-03-29 23:54:26 +00:00
1071202e7f coredns: update DNS to match swapped IPs 2021-03-29 23:13:01 +00:00
bff07335b5 blade-router: switch router VIP 2021-03-29 23:09:26 +00:00
cae0c4eb94 blade-router: we need config attribute... 2021-03-29 23:29:26 +01:00
a5ffe43e14 blade-paris: fix imports 2021-03-29 23:28:30 +01:00
7de4d2690e blade-router: put radvd config in correct place 2021-03-29 23:27:40 +01:00
c5fc727f7a blade-router: fix 2021-03-29 23:26:50 +01:00
b09773e945 blade-paris: fix import 2021-03-29 23:25:50 +01:00
ac63880ed7 ops/nixos: abstract into blade-router 2021-03-29 23:24:57 +01:00
8236c7f698 blade-{paris,tuvok}: add radvd 2021-03-29 23:04:26 +01:00
878a457c83 blade-{paris,tuvok}: allow IPv6 VRRP as well... 2021-03-29 22:53:19 +01:00
c8b482c67a blade-{paris,tuvok}: add IPv6 link-local address as first
Mar 29 21:38:36 blade-tuvok Keepalived_vrrp[29221]: (mgmtGateway6) the first IPv6 VIP address should be link local
2021-03-29 22:43:53 +01:00
b0198cfa3d blade-{paris,tuvok}: split IPv4/IPv6 VRRP 2021-03-29 22:36:03 +01:00
0d46b6d4fe blade-{paris,tuvok}: add IPv6 gateway to keepalived 2021-03-29 21:03:06 +00:00
e1e3a24f36 ops/nixos/lib/coredns: add DNS records 2021-03-29 20:45:39 +00:00
b360944686 blade-{paris,tuvok}: add some IP addresses 2021-03-29 20:39:42 +00:00
d84075b124 clouvider-lon01: drop 92.118.28.0/24 2021-03-29 12:15:27 +00:00
3c7f759773 blade-paris/blade-tuvok: change v4/v6 announcements 2021-03-29 12:06:39 +00:00
b559512200 blade-paris/blade-tuvok: add BGP config 2021-03-29 11:47:44 +00:00
3ea210e884 marukuru: tweak GitLab Puma settings for low-mem
Per the GitLab docs
(https://docs.gitlab.com/ee/install/requirements.html#puma-settings):

> If the operating system has a maximum 2 GB of memory, the recommended number
> of threads is 1. A higher value will result in excess swapping, and decrease
> performance.

and

> In a memory-constrained environment with less than 4GB of RAM available,
> consider disabling Puma Clustered mode.
>
> Configuring Puma by setting the amount of workers to 0 could reduce memory
> usage by hundreds of MB. For details on Puma worker and thread settings, see
> Puma settings.
2021-03-28 23:25:14 +00:00
a3ed8a6da3 hm: add ntfy everywhere 2021-03-28 23:08:02 +00:00
0b1ccae353 bvm-prosody: actually name depot... 2021-03-28 22:52:04 +00:00
a44b09fb46 bvm-twitterchiver: create twitterchiver user 2021-03-28 22:48:43 +00:00
5a3a55e302 bvm-prosody: add coturn 2021-03-28 22:46:55 +00:00
efe1aa51db bvm-twitterchiver: add postgresql 2021-03-28 22:46:44 +00:00
d32585bff6 bvm-ipfs: enable ipfs 2021-03-28 15:34:54 +00:00
2b8dce0920 depot-wide: overhaul GitLab CI configuration
We now use a stub configuration to kick off the pipeline, which is dynamically
generated using Nix config.
2021-03-28 15:27:46 +00:00
f8b4903286 bvm-prosody: add tailscale IP 2021-03-28 14:33:54 +00:00
2eeba92d9e bvm-twitterchiver: add tailscale IP 2021-03-28 14:32:16 +00:00
e6c56c9a74 bvm-ipfs: add tailscale IP 2021-03-28 14:00:25 +00:00
7979d936a4 ops/nixos: init bvm-{twitterchiver,prosody,ipfs} 2021-03-28 13:10:27 +00:00
f27a8f8f1a ops/nixos: mkBefore needs lib. in bvm.nix/blade.nix 2021-03-28 12:32:01 +00:00
f34d539462 bvm-nixosmgmt: condense down and abstract out 2021-03-28 12:26:11 +00:00
c1f450eb33 ops/nixos: flesh out DNS for internal blade IPs 2021-03-28 12:18:06 +00:00
0b60a516b4 bvm-nixosmgmt: actually change the hostname 2021-03-28 02:04:41 +00:00
701ab955af coredns: update serial for as205479.net 2021-03-28 01:16:10 +00:00
b2e2f965c5 ops/nixos: rename various machines to comply with naming convention
* *-frantech should be frantech-*, it's provider first
* blade VMs now all begin bvm-
2021-03-28 00:34:36 +00:00
1883186bb8 hm/graphical-client: switch to google-chrome-beta from chromium 2021-03-25 10:54:01 +00:00
a99e0309c5 ops/nixos/fup: switch to using config file 2021-03-23 00:58:18 +00:00
11ed74003a nixos/fup: allow large file uploads 2021-03-22 13:56:16 +00:00
86d9292cd1 blade-tuvok: change fup to listen on wildcard
It's broken otherwise, since the default server is based on the incoming IP,
and the precise listed IPs are more tightly binding.
2021-03-22 13:46:28 +00:00
ff5ea120e5 blade-tuvok/fup: override listen IPs 2021-03-22 02:50:27 +00:00
ca642bfa5e blade-tuvok: add fup 2021-03-22 02:43:17 +00:00
787b04737e treewide: add some SPDX headers 2021-03-20 20:46:56 +00:00
35cc195717 common: remove everything from hosts files 2021-03-20 16:42:08 +00:00
99dce2de2a as205479.net: add totoro.int 2021-03-20 16:41:26 +00:00
33fd1da091 dns: add blades to zone 2021-03-20 15:22:09 +00:00
4c78164384 ops/nixos/common: set search domains 2021-03-20 15:01:28 +00:00
5cf89fbc2f switch-prebuilt: check for existence before nix copy 2021-03-20 13:37:08 +00:00
422c47c3e0 switch-prebuilt: run stuff assuming we're a trusted-user 2021-03-20 13:22:17 +00:00
be5eee48b3 switch-prebuilt: init 2021-03-20 12:39:23 +00:00
154db9706a lib/common: add deployer to trustedUsers 2021-03-20 12:34:01 +00:00
7737f962a9 marukuru/deployer: add jq somewhere more sensible 2021-03-20 12:17:41 +00:00
d8086e7042 ops/nixos: add jq everywhere 2021-03-20 12:11:45 +00:00
705bcd9446 marukuru/deployer: add jq 2021-03-20 11:57:21 +00:00
627c8bf17c lib/coredns: fix firewall 2021-03-20 02:06:08 +00:00
b0a6ebe52d ops/nixos: add coredns 2021-03-20 02:03:23 +00:00
7f27f9fb79 tuvok/paris: enable keepalived 2021-03-20 01:08:33 +00:00
c51e5d478d lib/common: add --delete-older-than 2021-03-19 21:29:54 +00:00
9036f02fd0 blade-tuvok: allow 80/443 2021-03-19 21:27:42 +00:00
9ddb5d75f2 blade: restrict ceph firewall rules to storage network 2021-03-19 21:27:15 +00:00
4f5f2a780a nixos-mgmt: init 2021-03-19 20:28:24 +00:00
3f3c92addc blade-tuvok: serve objdump directly 2021-03-19 19:45:03 +00:00
10c7ee76b3 {las,lux,nyc}01-frantech: add tailscale IPs 2021-03-19 16:16:06 +00:00
0f0f61f2df installcd: add to ci-root; tweak store 2021-03-19 01:19:14 +00:00
db1b568d63 {lux,las,nyc}01-frantech: init 2021-03-19 01:11:37 +00:00
c26a321f5f home-manager: drop enableVaapi 2021-03-18 23:56:25 +00:00
4a381f03d3 ops/nixos: create installcd 2021-03-18 23:51:38 +00:00
665dc16239 etheroute-lon01: bump timeout, which is just 'timeout' 2021-03-18 23:50:54 +00:00
04a7792ad1 totoro: add NodeExporterDown alerts 2021-03-15 01:25:19 +00:00
dc2fb8e2b1 totoro: add power use alerts for blade system 2021-03-15 01:20:26 +00:00