fe09e44c5c
porcorosso: block i2c-nvidia-gpu, causes X11 to fail to init
2022-01-07 12:51:18 +00:00
bac7e1fb69
porcorosso: remove blast config
2022-01-07 12:42:55 +00:00
5b7f6eb880
3p/nixpkgs: add patches to mercurial package
2022-01-08 17:05:28 +00:00
Default email
3a47dd4636
Project import generated by Copybara.
...
GitOrigin-RevId: ff377a78794d412a35245e05428c8f95fef3951f
2022-01-07 12:07:37 +08:00
Default email
391e4a2fe6
Project import generated by Copybara.
...
GitOrigin-RevId: ff377a78794d412a35245e05428c8f95fef3951f
2022-01-07 12:07:37 +08:00
05be94e4d7
ops/nixos/common: disable DNSSEC in systemd-resolved
...
It's super broken.
At the moment, resolving foss.heptapod.net breaks, because clever-cloud.com has
DNSKEY records but there's no matching DS record at .com for it.
There are also other reports: https://github.com/systemd/systemd/issues/12388
tl;dr: it just doesn't work, let's not use that.
2022-01-08 12:09:26 +00:00
506a584dea
totoro: set up podman socket support
2022-01-08 12:08:04 +00:00
Default email
3e7541c14f
Project import generated by Copybara.
...
GitOrigin-RevId: ff377a78794d412a35245e05428c8f95fef3951f
2022-01-07 12:07:37 +08:00
9e79ad0cfa
bvm-radius: add new roaming2.ja.net IPs
2022-01-07 11:49:24 +00:00
5001971b87
totoro: add bvm-.* alerts
2022-01-06 17:51:39 +00:00
6ab12dcad5
ops/nixos: rm marukuru
2022-01-06 15:55:21 +00:00
Default email
2495e3f88b
Project import generated by Copybara.
...
GitOrigin-RevId: 78cd22c1b8604de423546cd49bfe264b786eca13
2022-01-03 17:56:52 +01:00
d79265ddad
ops/nixos: tidy up security.acme
2022-01-04 14:00:45 +00:00
de71fd5c9a
ops/nixos/lib/common: add global DNS servers
2022-01-04 13:32:56 +00:00
8cc6e2001a
ops/nixos: create permanent quotesdb user
...
Stop relying on DynamicUser because it messes a bit with postgres' auth.
2022-01-01 21:49:23 +00:00
3318874168
marukuru: remove heptapod{,-runner}
2022-01-01 21:31:01 +00:00
67b038c2bc
ops/nixos/common: turn off logRefusedConnections - it's super noisy
2022-01-01 20:56:41 +00:00
37e36418a1
bvm-logger: add custom clickhouse config
...
Just make it less spammy into the journal, sheesh.
2022-01-01 16:31:05 +00:00
086f5fe597
journal2clickhouse: coerce things that look like strings back to strings
...
There's binary data sometimes, but on the whole I don't care about preserving
it properly (sorry), so let's just coerce it to a string if it is supposed to
go into a "proper" field.
2022-01-01 16:30:38 +00:00
7e848a2622
go/journal2clickhouse: fix the Classic Bug
2022-01-01 15:31:47 +00:00
730d057e18
bvm-logger: enable journal2clickhouse for real
2022-01-01 15:24:32 +00:00
7b4e6c0e1b
ops/nixos: oops, try to fix my.scrapeJournal.addr
2022-01-01 15:14:02 +00:00
c91a42948d
journal2clickhouse: init
2022-01-01 15:08:52 +00:00
c5119b4882
ops/nixos: enable HTTP gateway if Tailscale is configured
2022-01-01 12:40:13 +00:00
1f13fd811d
coredns: bind to specific interfaces/IPs
2022-01-01 09:03:25 +00:00
8e28b5bbfe
ops/nixos: drop Google/AS15169 routes from Veloxserv to prefer RouteServer
2022-01-01 03:02:55 +00:00
bfd08b08cf
ops/nixos: add fastly passive peer
2022-01-01 02:39:01 +00:00
6cfcd10e06
swann: use the router's public IP when making connections
...
For v6, the link is on an unrouted subnet so there's no way to address it from
outside. We don't want Linux to use the v6 subnet for connections it makes, so
we ask politely that the source on the route is actually an IP address that we
Like.
2022-01-01 02:11:59 +00:00
3458c7766e
swann: switch from prod.euw1.riotgames.com to euw1.api.riotgames.com
...
The former appears to resolve, but no longer respond to ICMP ping (even from a
different network). Switch to the documented API endpoint, which still
responds to ICMP ping.
2022-01-01 01:31:56 +00:00
3e98fae657
bvm-heptapod: autoStart deployer container
2022-01-01 00:43:15 +00:00
e182171916
ops/nixos: disable LLMNR
2022-01-01 00:41:37 +00:00
297e9c97e7
bvm-heptapod: add deployer container
2022-01-01 00:22:35 +00:00
8b3e77de1e
swann: coredns shouldn't bind to 127.0.0.53 because systemd-resolved wants it
2021-12-31 23:52:57 +00:00
afc4834723
porcorosso: enable TLP for battery saving in laptop mode
2021-12-31 23:52:40 +00:00
a35a702e7d
ops/nixos: disable avahi
...
We're using systemd-resolved, so just disable Avahi now.
2021-12-31 23:51:35 +00:00
f35a79444c
ops/nixos: add better support for specialisations
2021-12-31 23:51:09 +00:00
060f2cf96b
nhsenglandtests: init
2021-12-31 07:00:32 +00:00
66d1ae3939
lib/hm/graphical-client-wayland: add mako
2021-12-31 04:48:51 +00:00
2d77689ed9
howl: enable bluetooth
2021-12-31 04:47:53 +00:00
Default email
a425ba4985
Project import generated by Copybara.
...
GitOrigin-RevId: 5b091d4fbe3b7b7493c3b46fe0842e4b30ea24b3
2021-12-30 14:39:12 +01:00
6cb1af2f35
ops/nixos: start using systemd-resolved
2021-12-28 18:42:42 +00:00
Default email
a6d62be0d1
Project import generated by Copybara.
...
GitOrigin-RevId: ac169ec6371f0d835542db654a65e0f2feb07838
2021-12-26 18:43:05 +01:00
837f7074ac
ops/nixos: fix MAC address for vl-linx
2021-12-27 06:50:12 +00:00
a41abf3d6e
ops/nixos/lib/hm: add element-desktop/element-desktop-wayland
2021-12-27 02:58:53 +00:00
Default email
74492c8629
Project import generated by Copybara.
...
GitOrigin-RevId: cb372c3b8880e504b06946e8fb2ca9777c685505
2021-12-25 13:07:40 +08:00
47d3c07b8f
nix/pkgs/heptapod-runner: fix
2021-12-25 20:31:34 +00:00
0f550e736e
3p/nixpkgs: remove pr138359 patch
2021-12-24 22:13:42 +00:00
Default email
893b09d324
Project import generated by Copybara.
...
GitOrigin-RevId: eac07edbd20ed4908b98790ba299250b5527ecdf
2021-12-24 12:21:11 +08:00
ab9dd5d35a
common: remove nhs.uk IPv6 mapping
2021-12-24 02:27:15 +00:00
ca6de1910d
swann: services.unifi.openPorts -> openFirewall
2021-12-24 02:03:36 +00:00
