Commit graph

347 commits

Author SHA1 Message Date
b3def9be96 ceph: add /var/lib/ceph mount 2021-03-14 14:35:36 +00:00
22cb1575b4 ceph: set up storage network 10.100.2.0/24 2021-03-14 14:35:32 +00:00
a51b864d0d etheroute-lon01: set more finegrained timeouts 2021-03-14 13:00:37 +00:00
da6c3854bd etheroute-lon01: move to objdump.zxcvbnm.ninja 2021-03-14 11:46:05 +00:00
38e34e2210 etheroute-lon01: add objdump.lukegb.com 2021-03-14 11:44:17 +00:00
f300882cea ixvm-fra01: delete 2021-03-14 02:04:09 +00:00
dc68fb7305 blade: correct IP 2021-03-14 02:01:42 +00:00
74fd32c0b8 ops/nixos/blade: switch mon IPs in config 2021-03-14 01:23:24 +00:00
b51cf06282 totoro: prometheus: remove valveindexinstock, add snmp 2021-03-14 01:13:37 +00:00
a763c85e3d blade: allow tailscale 41641/udp 2021-03-13 20:58:43 +00:00
e979f4e83e blade: move journald storage to volatile 2021-03-13 20:57:04 +00:00
82655bcb8a porcorosso: remove /home/lukegb/mnt 2021-03-13 20:56:57 +00:00
2f183e56dd ops/nixos: fix systemPathJSON by using writeText instead of toFile 2021-03-13 17:05:49 +00:00
b01c15b85f ops/nixos: make systems.json refer to the actual paths 2021-03-13 17:02:13 +00:00
9df7818dc5 ops/nixos: add systemPathJSON
This is a file which contains a mapping of system name to their store path, to
allow for easier retrieval from GCS.
2021-03-13 16:57:28 +00:00
cd29df194a blade-paris: set default gateway for final resting place 2021-03-13 16:41:21 +00:00
b2a085f84c ops/nixos/blade: enable NAT on routers 2021-03-13 16:41:05 +00:00
53b7ca1c8a ops/nixos: revamp blade network config 2021-03-12 14:47:08 +00:00
b014ef780b clouvider-lon01: give minotarproxy more IPs 2021-03-01 17:16:06 +00:00
7cd70420c6 blade-janeway: fix interfaces 2021-02-25 12:29:05 +00:00
a7094217ba blade: tweak networking 2021-02-24 19:58:15 +00:00
e6c0cdc415 totoro: fix up valve index alerting 2021-02-23 01:07:33 +00:00
dc996b324b totoro: add valveindexinstock 2021-02-23 00:16:41 +00:00
7c4334591a kusakabe: disable send-proxy-v2 for openshift 2021-02-17 04:33:08 +00:00
5018ba70cd home-manager/common: add iotop/iftop 2021-02-14 21:40:41 +00:00
caea9c19c4 lib/blade: mount boot drive to /boot 2021-02-13 16:07:33 +00:00
2596579835 lib/blade: add a ceph-osd-lvm-activate to prep the OSDs 2021-02-13 16:29:18 +00:00
0b865c968e porcorosso: add lukegb to video group 2021-02-13 13:55:28 +00:00
6c9b15e908 porcorosso: enable acpilight 2021-02-13 13:50:13 +00:00
93b5d2c288 ops/nixos: enable ceph in libvirtd 2021-02-11 02:21:59 +00:00
a484168097 lib/blade: add ceph support to libvirtd 2021-02-11 00:34:27 +00:00
c94e94284f lib/blade: decrease miimon 2021-02-11 00:27:25 +00:00
fc14641404 lib/blade: enable libvirtd group for lukegb 2021-02-11 00:22:47 +00:00
e81c71b85f lib/blade: enable acpi_power_meter 2021-02-11 00:22:39 +00:00
82503b6192 ops/nixos/lib/blade: enable polkit for libvirtd access 2021-02-11 00:13:32 +00:00
4a53baab51 ops/nixos: fix lib/blade.nix 2021-02-10 23:39:36 +00:00
270b461b97 ops/nixos: create br-ext and put everything on it 2021-02-10 23:38:05 +00:00
5aa39f0693 ops/nixos: add osd daemons 2021-02-09 22:29:11 +00:00
4f043bb45a ops/nixos: disable osd on hosts where I haven't set it up yet 2021-02-09 21:57:49 +00:00
372aed550f ops/nixos: enable osds on blade-janeway 2021-02-09 21:47:04 +00:00
1ed83bd25a ops/nixos/blade: add ceph 2021-02-09 01:17:54 +00:00
3239c4b0b6 blade-kim,blade-paris: add config 2021-02-09 00:00:18 +00:00
d2b95065e0 ops/nixos: populate tailscale IPs for chakotay, torres, tuvok 2021-02-08 22:33:42 +00:00
dad04a0062 ops/nixos: add other blade hosts
blade-paris and blade-kim are TBD
2021-02-08 22:26:22 +00:00
36bb93a80e blade-janeway: add prefixLength (oops) 2021-02-08 20:46:39 +00:00
51a4d4bf36 porcorosso: enable avahi 2021-02-08 20:45:21 +00:00
37be1e38f8 ops/nixos: switch blades to static IPs 2021-02-08 20:45:15 +00:00
f55f861e17 ops/nixos: split most of blade-janeway into lib/blade.nix 2021-02-07 21:23:23 +00:00
b0e58ab198 ops/nixos: rename blade-leader to blade-janeway 2021-02-07 20:21:32 +00:00
e6f4d37982 ops/nixos: add fwupd to common 2021-01-30 18:47:12 +00:00
78040f6c94 nix/pkgs: init hp-rom; add to netboot 2021-01-30 18:47:01 +00:00
5d1284a26c netboot: add mprime 2021-01-30 17:56:46 +00:00
8c4c8b3ccc ops/nixos: add netboot for netbooting a basic system with my defaults 2021-01-30 15:40:33 +00:00
ba65db5865 ops/nixos: init blade-leader 2021-01-30 04:30:05 +00:00
c7df81d6a1 clouvider-fra01: add ts3spotifybot 2021-01-27 18:39:58 +00:00
413c38e348 kusakabe: rsyncd 2021-01-27 13:48:29 +00:00
25774139d1 ops/nixos: enable IPFS filestore on all nodes 2021-01-26 11:40:36 +00:00
7ec8e08ff0 totoro: add quotesdb for dev purposes 2021-01-20 17:55:31 +00:00
1fe4e04464 ops/nixos: add dev-quotes.bfob.gg to server aliases 2021-01-20 00:22:54 +00:00
5ee6a1c3b7 ops/nixos/quotes.bfob.gg: add my.quotesdb.listen option 2021-01-20 00:21:21 +00:00
b7574660de web/quotes: prodify 2021-01-19 23:43:43 +00:00
ef81a0c080 quotes.bfob.gg: add to clouvider-lon01 2021-01-19 23:41:47 +00:00
d12fb60c20 kusakabe: open ipfs ports properly 2021-01-15 03:58:41 +00:00
6d3a3de05e totoro: fix 2021-01-15 03:42:38 +00:00
b7bd209b5e swann: forward IPFS ports to totoro 2021-01-15 03:41:24 +00:00
e4902496a7 totoro: add ipfs ports to firewall 2021-01-15 03:39:36 +00:00
2a7b7517a8 totoro: enable ipfs 2021-01-15 03:38:43 +00:00
a549f5bec3 clouvider-fra01: add ipfs UDP ports to firewall 2021-01-15 03:36:41 +00:00
67d2db0e7a kusakabe: add ipfs 2021-01-15 03:36:34 +00:00
44f4e9a023 clouvider-fra01: add ipfs 2021-01-15 00:58:36 +00:00
d20dd06aaf clouvider-lon01: disable SSH open-to-all 2021-01-12 00:00:34 +00:00
ad516941e8 clouvider-lon01: SSH firewalling changes 2021-01-11 23:45:06 +00:00
9dd18e2cdc ops/nixos/lib/common: add nixos_running_system/nixos_booted_system node metrics 2021-01-11 17:44:23 +00:00
6b95f54ca7 ops/nixos/lib/common: add systemd collector to all systems 2021-01-07 10:01:36 +00:00
aba7285824 totoro: add twitternuke timer 2021-01-06 21:29:33 +00:00
d38601fabe etheroute-lon01: allow unifi websockets 2021-01-04 21:15:43 +00:00
c92fe8b139 swann: switch to unifiHacked 2021-01-04 20:52:13 +00:00
f91109cb50 nixos/lightspeed: init lightspeed-ingest and lightspeed-webrtc NixOS modules 2021-01-04 15:50:42 +00:00
045f9f5b22 etheroute-lon01: unifi needs tls_skip_verify 2021-01-03 15:32:00 +00:00
596752caa0 etheroute-lon01: add unifi.int 2021-01-03 03:35:24 +00:00
6fec69886a clouvider-fra01: add lukegb to deluge group too 2021-01-02 16:18:56 +00:00
b2d8acd4b9 swann: swap unifiPackage to pkgs.unifi
unifiBeta is no more: https://github.com/NixOS/nixpkgs/pull/107797
2020-12-31 01:31:01 +00:00
eb9d9f54a5 nix/pkgs/grafana-plugins: rework a bit 2020-12-30 03:30:24 +00:00
405997d312 totoro: teach how to install grafana plugins from nix 2020-12-30 02:56:31 +00:00
26e379dfb7 depot-wide: create logged-out.int.lukegb.com 2020-12-30 00:57:53 +00:00
33117f2b45 totoro: don't prepend GF_ to grafana extraConfig 2020-12-29 21:23:20 +00:00
be3ce89fb4 etheroute-lon01: unset allowed_domains 2020-12-29 20:55:01 +00:00
7573280e5b etheroute-lon01: de-redundantify int.lukegb.com cert 2020-12-29 20:37:33 +00:00
1c550cf508 etheroute-lon01: rejiggle pomerium policy 2020-12-29 20:11:41 +00:00
4e20db9fcc totoro: install grafana 2020-12-29 20:08:55 +00:00
11c4b77eab etheroute-lon01: send more identity headers 2020-12-29 20:00:52 +00:00
6317f7ffba swann: enable Prometheus smokeping_prober 2020-12-29 18:57:18 +00:00
8773350ba6 etheroute-lon01: add prometheus and alertmanager 2020-12-29 16:57:26 +00:00
7d0493cacd deluge: patch deluge-web to try logging in with a fixed password first 2020-12-28 20:04:27 +00:00
aa9c1eb17e etheroute-lon01: hint that it's-a-me, lukegb 2020-12-28 19:26:39 +00:00
6f65c77ad3 etheroute-lon01: fix databroker connection string 2020-12-28 19:11:25 +00:00
2c0de76c8b etheroute-lon01: use redis for pomerium databroker storage 2020-12-28 19:09:55 +00:00
784138746f pomerium: document all known pomerium options as nixos module options 2020-12-28 18:54:00 +00:00
d3f6442301 etheroute-lon01: add things on clouvider-fra01 2020-12-28 15:56:54 +00:00
3a112b8218 clouvider-fra01: simplify 2020-12-28 15:54:43 +00:00