lukegb/depot
1
0
Fork 0
Code Issues 1 Pull requests Projects Packages Activity Actions
583 commits 1 branch 0 tags 365 MiB
Commit graph

292 commits

Author SHA1 Message Date
Luke Granger-Brown
413c38e348 kusakabe: rsyncd 2021-01-27 13:48:29 +00:00
Luke Granger-Brown
25774139d1 ops/nixos: enable IPFS filestore on all nodes 2021-01-26 11:40:36 +00:00
Luke Granger-Brown
7ec8e08ff0 totoro: add quotesdb for dev purposes 2021-01-20 17:55:31 +00:00
Luke Granger-Brown
1fe4e04464 ops/nixos: add dev-quotes.bfob.gg to server aliases 2021-01-20 00:22:54 +00:00
Luke Granger-Brown
5ee6a1c3b7 ops/nixos/quotes.bfob.gg: add my.quotesdb.listen option 2021-01-20 00:21:21 +00:00
Luke Granger-Brown
b7574660de web/quotes: prodify 2021-01-19 23:43:43 +00:00
Luke Granger-Brown
ef81a0c080 quotes.bfob.gg: add to clouvider-lon01 2021-01-19 23:41:47 +00:00
Luke Granger-Brown
d12fb60c20 kusakabe: open ipfs ports properly 2021-01-15 03:58:41 +00:00
Luke Granger-Brown
6d3a3de05e totoro: fix 2021-01-15 03:42:38 +00:00
Luke Granger-Brown
b7bd209b5e swann: forward IPFS ports to totoro 2021-01-15 03:41:24 +00:00
Luke Granger-Brown
e4902496a7 totoro: add ipfs ports to firewall 2021-01-15 03:39:36 +00:00
Luke Granger-Brown
2a7b7517a8 totoro: enable ipfs 2021-01-15 03:38:43 +00:00
Luke Granger-Brown
a549f5bec3 clouvider-fra01: add ipfs UDP ports to firewall 2021-01-15 03:36:41 +00:00
Luke Granger-Brown
67d2db0e7a kusakabe: add ipfs 2021-01-15 03:36:34 +00:00
Luke Granger-Brown
44f4e9a023 clouvider-fra01: add ipfs 2021-01-15 00:58:36 +00:00
Luke Granger-Brown
d20dd06aaf clouvider-lon01: disable SSH open-to-all 2021-01-12 00:00:34 +00:00
Luke Granger-Brown
ad516941e8 clouvider-lon01: SSH firewalling changes 2021-01-11 23:45:06 +00:00
Luke Granger-Brown
9dd18e2cdc ops/nixos/lib/common: add nixos_running_system/nixos_booted_system node metrics 2021-01-11 17:44:23 +00:00
Luke Granger-Brown
6b95f54ca7 ops/nixos/lib/common: add systemd collector to all systems 2021-01-07 10:01:36 +00:00
Luke Granger-Brown
aba7285824 totoro: add twitternuke timer 2021-01-06 21:29:33 +00:00
Luke Granger-Brown
d38601fabe etheroute-lon01: allow unifi websockets 2021-01-04 21:15:43 +00:00
Luke Granger-Brown
c92fe8b139 swann: switch to unifiHacked 2021-01-04 20:52:13 +00:00
Luke Granger-Brown
f91109cb50 nixos/lightspeed: init lightspeed-ingest and lightspeed-webrtc NixOS modules 2021-01-04 15:50:42 +00:00
Luke Granger-Brown
045f9f5b22 etheroute-lon01: unifi needs tls_skip_verify 2021-01-03 15:32:00 +00:00
Luke Granger-Brown
596752caa0 etheroute-lon01: add unifi.int 2021-01-03 03:35:24 +00:00
Luke Granger-Brown
6fec69886a clouvider-fra01: add lukegb to deluge group too 2021-01-02 16:18:56 +00:00
Luke Granger-Brown
b2d8acd4b9 swann: swap unifiPackage to pkgs.unifi 
unifiBeta is no more: https://github.com/NixOS/nixpkgs/pull/107797
 2020-12-31 01:31:01 +00:00
Luke Granger-Brown
eb9d9f54a5 nix/pkgs/grafana-plugins: rework a bit 2020-12-30 03:30:24 +00:00
Luke Granger-Brown
405997d312 totoro: teach how to install grafana plugins from nix 2020-12-30 02:56:31 +00:00
Luke Granger-Brown
26e379dfb7 depot-wide: create logged-out.int.lukegb.com 2020-12-30 00:57:53 +00:00
Luke Granger-Brown
33117f2b45 totoro: don't prepend GF_ to grafana extraConfig 2020-12-29 21:23:20 +00:00
Luke Granger-Brown
be3ce89fb4 etheroute-lon01: unset allowed_domains 2020-12-29 20:55:01 +00:00
Luke Granger-Brown
7573280e5b etheroute-lon01: de-redundantify int.lukegb.com cert 2020-12-29 20:37:33 +00:00
Luke Granger-Brown
1c550cf508 etheroute-lon01: rejiggle pomerium policy 2020-12-29 20:11:41 +00:00
Luke Granger-Brown
4e20db9fcc totoro: install grafana 2020-12-29 20:08:55 +00:00
Luke Granger-Brown
11c4b77eab etheroute-lon01: send more identity headers 2020-12-29 20:00:52 +00:00
Luke Granger-Brown
6317f7ffba swann: enable Prometheus smokeping_prober 2020-12-29 18:57:18 +00:00
Luke Granger-Brown
8773350ba6 etheroute-lon01: add prometheus and alertmanager 2020-12-29 16:57:26 +00:00
Luke Granger-Brown
7d0493cacd deluge: patch deluge-web to try logging in with a fixed password first 2020-12-28 20:04:27 +00:00
Luke Granger-Brown
aa9c1eb17e etheroute-lon01: hint that it's-a-me, lukegb 2020-12-28 19:26:39 +00:00
Luke Granger-Brown
6f65c77ad3 etheroute-lon01: fix databroker connection string 2020-12-28 19:11:25 +00:00
Luke Granger-Brown
2c0de76c8b etheroute-lon01: use redis for pomerium databroker storage 2020-12-28 19:09:55 +00:00
Luke Granger-Brown
784138746f pomerium: document all known pomerium options as nixos module options 2020-12-28 18:54:00 +00:00
Luke Granger-Brown
d3f6442301 etheroute-lon01: add things on clouvider-fra01 2020-12-28 15:56:54 +00:00
Luke Granger-Brown
3a112b8218 clouvider-fra01: simplify 2020-12-28 15:54:43 +00:00
Luke Granger-Brown
721018520b etheroute-lon01/pomerium: enable http redirect server 2020-12-28 15:40:13 +00:00
Luke Granger-Brown
41bdeda58a pomerium: various fixups to make this work 2020-12-28 15:27:18 +00:00
Luke Granger-Brown
10c6ddc4c9 etheroute-lon01: install pomerium 2020-12-28 14:08:24 +00:00
Luke Granger-Brown
3ee1906b97 ops/nixos: init etheroute-lon01 2020-12-26 23:36:34 +00:00
Luke Granger-Brown
161ed2af50 porcorosso: add lukegb to lxd group 2020-12-26 15:41:02 +00:00
Luke Granger-Brown
8e2670548d porcorosso: enable lxd 2020-12-26 15:39:41 +00:00
Luke Granger-Brown
ee5a7dc6ec porcorosso: intel 2020-12-23 23:35:16 +00:00
Luke Granger-Brown
34d9b4eda5 hm/graphical-client: pull in nm-applet only for i3 2020-12-19 19:39:13 +00:00
Luke Granger-Brown
9a14eadbb6 porcorosso: move intel selection to a nixos specialisation 2020-12-19 19:38:57 +00:00
Luke Granger-Brown
cb4ba45b1b hm/graphical-client: enable nm-applet 
I'm assuming (probably wrongly) that anything using my graphical-client preset
is _also_ using NetworkManager, which is probably true for real client machines
but may not be true on terminal services machines which also end up with this
preset.

Whatever, I'll work it out later.
 2020-12-19 19:25:15 +00:00
Luke Granger-Brown
d13dca3f02 porcorosso: switch to intel again 2020-12-19 19:23:02 +00:00
Luke Granger-Brown
c59b3843c7 porcorosso: enable fwupd 2020-12-19 19:26:36 +00:00
Luke Granger-Brown
2e50ce0489 porcorosso: enable the intermec-cups-driver 2020-12-19 19:26:25 +00:00
Luke Granger-Brown
808b506123 ops/nixos/lib/low-space: fix 2020-12-06 15:22:40 +00:00
Luke Granger-Brown
26de73b0fb marukuru: set journald SystemMaxUse to cap log size 2020-12-06 15:18:14 +00:00
Luke Granger-Brown
9244e44518 ops/nixos/lib/common: add lukegb to 'audio' group 2020-12-03 03:00:40 +00:00
Luke Granger-Brown
7b9191f261 clouvider-lon01: factorio: open firewall 2020-11-30 19:53:57 +00:00
Luke Granger-Brown
23e97ff266 ops/nixos: add whitby-distributed to clouvider-lon01 2020-11-30 23:21:56 +00:00
Luke Granger-Brown
52fc2c36dc clouvider-fra01: bump stateVersion, yolo 
This will cause Deluge to update to Deluge2.
 2020-11-29 02:31:29 +00:00
Luke Granger-Brown
a589ca3e1f ops/nixos: remove propagatedBuildInputs from mercurial override 2020-11-25 13:12:36 +00:00
Luke Granger-Brown
b82fbfb9f8 porcorosso: add obs-studio 2020-11-25 02:13:14 +00:00
Luke Granger-Brown
8c36ae940b clouvider-lon01: add factorio server 2020-11-24 04:50:31 +00:00
Luke Granger-Brown
311fc015f4 porcorosso: install Factorio 2020-11-24 02:56:18 +00:00
Luke Granger-Brown
094f2334f8 ops/nixos/lib/home-manager: swap isDarwin for 'is external' check 2020-11-23 16:47:17 +00:00
Luke Granger-Brown
80e85feede home-manager-ext: init 
To allow using my home-manager config on Darwin (and other non-NixOS
machines), I introduce the concept of home-manager-ext, which gives
me a much easier hook to import my config elsewhere.
 2020-11-23 07:22:00 -08:00
Luke Granger-Brown
0f86867d05 porcorosso: swap /root for a bindmount instead 2020-11-23 15:19:23 +00:00
Luke Granger-Brown
2043572a2b porcorosso: make /root a /persist/root symlink 2020-11-22 14:44:49 +00:00
Luke Granger-Brown
5de4937d6d Add a GITHUB_TOKEN to my environment everywhere. 2020-11-21 00:51:24 +00:00
Luke Granger-Brown
26352c7065 ops/nixos: add ability to define additional things to be scraped, use this for coredns 2020-11-18 02:02:23 +00:00
Luke Granger-Brown
588a47e97f swann: set swann as DNS server for DHCP 2020-11-18 01:50:16 +00:00
Luke Granger-Brown
68deb62b38 swann: enable coredns and use google public DNS over TLS 2020-11-18 01:49:44 +00:00
Luke Granger-Brown
c0a6e48970 ops/nixos: add dnsutils to common for dig 2020-11-18 01:27:50 +00:00
Luke Granger-Brown
087d774b56 swann: forward port 80 and 443 to totoro 2020-11-18 01:31:57 +00:00
Luke Granger-Brown
2df9344303 totoro: set up pancake 2020-11-17 03:14:04 +00:00
Luke Granger-Brown
4cb36fffbb totoro: add /srv and /srv/pancake 2020-11-17 02:39:01 +00:00
Luke Granger-Brown
a31599ad1b ops/nixos: add restic everywhere 2020-11-17 02:21:46 +00:00
Luke Granger-Brown
4a0897b0cb ops/nixos: add new packages, move other packages around 2020-11-17 02:10:23 +00:00
Luke Granger-Brown
492d57ef29 hm/graphical-client: enable vaapi on chromium 2020-11-15 21:29:15 +00:00
Luke Granger-Brown
8a9c00c7f0 porcorosso: add some vdpau/vaapi packages 2020-11-15 21:23:47 +00:00
Luke Granger-Brown
6c91bbe714 hm: set up ssh 2020-11-09 00:21:32 +00:00
Luke Granger-Brown
f2c8e2d3bf hm/graphical-client: set up session vars 2020-11-08 15:49:12 +00:00
Luke Granger-Brown
07b76f5cf9 clouvider-lon01: only listen on specified IPs 2020-11-07 14:20:46 +00:00
Luke Granger-Brown
b2384d844d clouvider-lon01: disable automatic nix-gc 
It's used as a Nix build cache machine - since we don't have gcroot
generation, it's better to just not collect garbage for the moment.
 2020-11-06 05:21:37 +00:00
Luke Granger-Brown
65c2fce8a7 swann: add unifi-poller 2020-11-06 05:02:05 +00:00
Luke Granger-Brown
17ac1212dd ops/nixos: add totoro as prometheus box; enable node-exporter everywhere 2020-11-06 04:52:54 +00:00
Luke Granger-Brown
eba4f33a63 totoro: remove openshift cruft 2020-11-06 04:11:16 +00:00
Luke Granger-Brown
b58f13a145 ops/nixos: globally enable zramSwap 2020-11-05 02:03:20 +00:00
Luke Granger-Brown
57d4f7f05e nixos/home-manager: do ssh-add when making a login shell 2020-11-05 01:57:55 +00:00
Luke Granger-Brown
bad3be7574 ops: tweak SSH auth; add red solo SK-resident key 2020-11-05 01:50:16 +00:00
Luke Granger-Brown
2c0b4e3bb6 porcorosso: add libvirtd 2020-11-03 16:03:22 +00:00
Luke Granger-Brown
cc5152300c marukuru/deployer: expose tailscale IPs 2020-11-04 21:58:49 +00:00
Luke Granger-Brown
82c751a6e4 swann: install Unifi controller 2020-11-04 21:53:14 +00:00
Luke Granger-Brown
a507a5380d ops/nixos: allow all traffic in on tailscale0 2020-11-04 21:53:02 +00:00
Luke Granger-Brown
8d4b7f8c47 bgp: add default to satisfy ixvm-fra01 2020-11-04 17:41:28 +00:00
Luke Granger-Brown
855feececa clouvider-lon01: set up as cache builder 2020-11-04 17:30:28 +00:00