Ryan Lahfa
ed285ba79d
feat(scripts/liminix): fail HARD and support root prefixes
...
Check meta / check_meta (pull_request) Failing after 17s
lint / check (push) Successful in 31s
build configuration / build_compute01 (pull_request) Failing after 52s
build configuration / build_storage01 (pull_request) Failing after 52s
build configuration / build_vault01 (pull_request) Failing after 53s
Check meta / check_dns (pull_request) Failing after 1m6s
build configuration / build_web01 (pull_request) Failing after 53s
build configuration / build_web02 (pull_request) Failing after 41s
build configuration / build_rescue01 (pull_request) Failing after 30s
build configuration / push_to_cache (pull_request) Has been skipped
Now that we possess the levitation technology, it's necessary to support
root prefixes for rebuild otherwise we will just overwrite our RAM disk
configuration.
Also, to avoid any issue, let's fail hard and avoid rebooting while
being in levitation for nothing.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-08 00:50:33 +02:00
Ryan Lahfa
d29deeae56
feat(ap01): use levitation for mass rebuilds
...
To deal with mass rebuild disk space requirements, we can just levitate.
In the future, we will use levitation as a general-purpose mechanism for
partition layout migration, etc.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-08 00:50:33 +02:00
Ryan Lahfa
4ed0c435ba
feat(ap01): write nixpkgs version in /etc
...
It's useful for debugging.
We should also track our own revisions at some point.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-08 00:50:33 +02:00
Ryan Lahfa
c08d6c464f
feat(ap01): re-enable 2GHz
...
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-08 00:50:33 +02:00
Ryan Lahfa
46d07da404
fix(hive): misc fixes regarding the nixpkgs usage
...
Previously, we were using <nixpkgs> actually, we fixed liminix and this
file to ensure that we are instantiating the right nixpkgs.
This helps to deal with unexpected mass rebuilds.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-08 00:50:33 +02:00
Ryan Lahfa
99902d2bb8
chore: upgrade liminix
...
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-08 00:48:12 +02:00
Ryan Lahfa
c0ec57ef22
fix(ap01): bridge only once the WLAN is in operational state
...
It required a lot of technology, but hey, we now have it.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-07 21:14:27 +02:00
Ryan Lahfa
337a71a169
feat(scripts): add Android profile building via Nix
...
lint / check (push) Successful in 30s
Check meta / check_meta (pull_request) Failing after 48s
build configuration / build_compute01 (pull_request) Failing after 49s
build configuration / build_storage01 (pull_request) Failing after 50s
build configuration / build_vault01 (pull_request) Failing after 50s
Check meta / check_dns (pull_request) Failing after 1m4s
build configuration / build_web01 (pull_request) Failing after 40s
build configuration / build_rescue01 (pull_request) Failing after 34s
build configuration / build_web02 (pull_request) Failing after 35s
build configuration / push_to_cache (pull_request) Has been skipped
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-05 17:06:40 +02:00
Ryan Lahfa
9bf83a60fe
fix(ap01): fix _one_ race condition when bridging the LAN
...
Check meta / check_meta (pull_request) Failing after 17s
lint / check (push) Successful in 28s
build configuration / build_compute01 (pull_request) Failing after 43s
build configuration / build_storage01 (pull_request) Failing after 43s
build configuration / build_vault01 (pull_request) Failing after 45s
build configuration / build_web01 (pull_request) Failing after 34s
Check meta / check_dns (pull_request) Failing after 1m3s
build configuration / build_web02 (pull_request) Failing after 41s
build configuration / build_rescue01 (pull_request) Failing after 41s
build configuration / push_to_cache (pull_request) Has been skipped
The remaining is hostapd notification that the WLAN interface is ready
to bridge.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-05 14:59:16 +02:00
Ryan Lahfa
994e593d3b
chore(ap01): cleanup
...
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-05 14:58:44 +02:00
Ryan Lahfa
adb843dd8b
feat(ap01): add ubus
...
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-05 14:58:38 +02:00
Ryan Lahfa
45b106190f
feat(ap01): disable IPv6
...
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-01 18:08:41 +02:00
Ryan Lahfa
0b94fb5ba7
feat(ap01): external RADIUS + DHCPv4 + jitterRNGd + stable bridge + default route
...
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-01 18:08:41 +02:00
Ryan Lahfa
4fb39070bb
fix(sources): update to the latest version of Liminix
...
With bridge fixes and many other things.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-01 18:08:41 +02:00
Ryan Lahfa
47231417cc
feat(liminix-rebuild): support hive names directly
...
Check meta / check_meta (pull_request) Failing after 20s
build configuration / build_vault01 (pull_request) Failing after 22s
build configuration / build_compute01 (pull_request) Failing after 22s
lint / check (push) Successful in 28s
build configuration / build_storage01 (pull_request) Failing after 26s
build configuration / build_web01 (pull_request) Failing after 19s
build configuration / build_rescue01 (pull_request) Failing after 21s
build configuration / build_web02 (pull_request) Failing after 21s
build configuration / push_to_cache (pull_request) Has been skipped
Check meta / check_dns (pull_request) Failing after 1m0s
Thanks @catvayor, I'm so dumb.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-01 17:20:37 +02:00
Ryan Lahfa
afd92ab203
feat(devshell): add kanidm & freeradius
...
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-31 22:38:07 +02:00
Ryan Lahfa
270eb4b106
chore(ap01): cleanup
...
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-31 22:37:46 +02:00
Ryan Lahfa
04cb0a9f04
feat(scripts): add liminix-oriented scripts
...
lint / check (push) Successful in 24s
Check meta / check_meta (pull_request) Failing after 20s
build configuration / build_storage01 (pull_request) Failing after 42s
build configuration / build_compute01 (pull_request) Failing after 43s
build configuration / build_vault01 (pull_request) Failing after 42s
Check meta / check_dns (pull_request) Failing after 1m3s
build configuration / build_web01 (pull_request) Failing after 38s
build configuration / build_web02 (pull_request) Failing after 39s
build configuration / build_rescue01 (pull_request) Failing after 38s
build configuration / push_to_cache (pull_request) Has been skipped
- extraction for manual recovery via nandwrite
- liminix rebuild to interactively develop the AP
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-31 22:23:04 +02:00
Ryan Lahfa
c4d9d6d000
feat(ap01): enable fully RADIUS via internal RADIUS server
...
This adds two public keys.
For the private keys, heh…
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-31 22:23:04 +02:00
Ryan Lahfa
be1673c6aa
feat(devshell): add liminix-related tools
...
serial console, deployment tools and TFTP tool
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-31 22:20:24 +02:00
Ryan Lahfa
8b66b2b7c3
feat: add access control for APs via our custom modules
...
Check meta / check_meta (push) Failing after 17s
Check meta / check_meta (pull_request) Failing after 18s
lint / check (push) Successful in 24s
build configuration / build_compute01 (pull_request) Failing after 38s
build configuration / build_storage01 (pull_request) Failing after 35s
Check meta / check_dns (push) Failing after 1m9s
Check meta / check_dns (pull_request) Failing after 59s
build configuration / build_vault01 (pull_request) Failing after 36s
build configuration / build_web01 (pull_request) Failing after 35s
build configuration / build_web02 (pull_request) Failing after 40s
build configuration / build_rescue01 (pull_request) Failing after 33s
build configuration / push_to_cache (pull_request) Has been skipped
It works!
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-22 18:45:40 +02:00
Ryan Lahfa
3ed6ecba31
feat: ensure that colmena repl can evaluate nodes.ap01
...
lint / check (push) Successful in 49s
Check meta / check_meta (pull_request) Failing after 16s
Check meta / check_dns (pull_request) Failing after 58s
build configuration / build_vault01 (pull_request) Failing after 1m2s
build configuration / build_storage01 (pull_request) Failing after 1m5s
build configuration / build_compute01 (pull_request) Failing after 1m16s
build configuration / build_web02 (pull_request) Failing after 36s
build configuration / build_rescue01 (pull_request) Failing after 36s
build configuration / build_web01 (pull_request) Failing after 36s
build configuration / push_to_cache (pull_request) Has been skipped
Bump to latest Liminix and use the new `defaults` function.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-22 15:28:34 +02:00
Ryan Lahfa
5a8fe24dce
feat: achieve custom evaluation in the framework
...
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-05-24 18:46:13 +02:00
Tom Hubrecht
0a948e6148
feat: Specialize nixpkgs as a function of the system
2024-05-24 18:46:13 +02:00
Ryan Lahfa
41ca207b41
feat: wip! wip! wip!
2024-05-24 18:46:01 +02:00
Ryan Lahfa
aa6b082b81
feat: enable liminix-rebuild
...
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-05-24 18:46:01 +02:00
Ryan Lahfa
17b2345a02
feat: add liminix-rebuild in the shell
...
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-05-24 18:46:01 +02:00
Ryan Lahfa
fde8f66ea7
feat: init Liminix evaluation system
...
Very rudimentary; undocumented, untested in production. This is for testing purposes.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-05-24 18:46:01 +02:00
catvayor
2329799c87
feat(monitoring): Add adminGroup emails
Check meta / check_meta (pull_request) Successful in 25s
Check meta / check_dns (pull_request) Successful in 44s
build configuration / build_storage01 (pull_request) Successful in 1m10s
build configuration / build_compute01 (pull_request) Successful in 1m13s
build configuration / build_vault01 (pull_request) Successful in 1m1s
build configuration / build_web02 (pull_request) Successful in 58s
build configuration / build_web01 (pull_request) Successful in 1m31s
build configuration / build_rescue01 (pull_request) Successful in 55s
build configuration / push_to_cache (pull_request) Failing after 2m15s
build configuration / build_vault01 (push) Successful in 1m11s
build configuration / build_rescue01 (push) Successful in 1m12s
build configuration / build_storage01 (push) Successful in 1m14s
build configuration / build_compute01 (push) Successful in 1m17s
build configuration / build_web02 (push) Successful in 1m22s
lint / check (push) Successful in 24s
build configuration / build_web01 (push) Successful in 1m36s
build configuration / push_to_cache (push) Successful in 2m16s
2024-05-22 19:05:03 +02:00
sinavir
bfeaa18530
feat(signal-irc-bridge): init
build configuration / build_web02 (push) Successful in 1m5s
build configuration / build_vault01 (push) Successful in 1m7s
build configuration / build_storage01 (push) Successful in 1m10s
build configuration / build_web01 (push) Successful in 1m38s
lint / check (push) Successful in 31s
build configuration / build_rescue01 (push) Successful in 58s
build configuration / build_compute01 (push) Successful in 3m44s
build configuration / push_to_cache (push) Successful in 2m33s
2024-05-22 18:26:06 +02:00
Tom Hubrecht
d3b7481188
fix(atticd): Don't chunk NARs as garage does it automatically
build configuration / build_web02 (push) Successful in 1m10s
build configuration / build_vault01 (push) Successful in 1m13s
build configuration / build_rescue01 (push) Successful in 1m14s
build configuration / build_compute01 (push) Successful in 1m20s
build configuration / build_storage01 (push) Successful in 1m24s
lint / check (push) Successful in 24s
build configuration / build_web01 (push) Successful in 1m37s
build configuration / push_to_cache (push) Successful in 2m15s
2024-05-21 09:24:01 +02:00
Tom Hubrecht
e2de21ed18
feat(cineclub): Add redirections
build configuration / build_web02 (push) Successful in 1m12s
build configuration / build_vault01 (push) Successful in 1m14s
build configuration / build_rescue01 (push) Successful in 1m15s
build configuration / build_storage01 (push) Successful in 1m17s
build configuration / build_compute01 (push) Successful in 1m21s
lint / check (push) Successful in 24s
build configuration / build_web01 (push) Successful in 2m53s
build configuration / push_to_cache (push) Successful in 2m14s
2024-05-18 19:14:24 +02:00
Tom Hubrecht
9a1f49d0ce
fix(README): Use correct link
build configuration / build_vault01 (push) Successful in 1m8s
build configuration / build_web02 (push) Successful in 1m10s
build configuration / build_storage01 (push) Successful in 1m15s
build configuration / build_compute01 (push) Successful in 1m20s
build configuration / build_rescue01 (push) Successful in 1m18s
lint / check (push) Successful in 24s
build configuration / build_web01 (push) Successful in 1m59s
build configuration / push_to_cache (push) Successful in 2m14s
2024-05-18 16:48:05 +02:00
Tom Hubrecht
9a8c182a95
feat(wp): Update cineclub address
2024-05-18 16:47:54 +02:00
Tom Hubrecht
1d686b740b
feat(verify): Tweak error message
build configuration / push_to_cache (push) Successful in 2m17s
Check meta / check_meta (push) Successful in 28s
Check meta / check_dns (push) Successful in 52s
build configuration / build_vault01 (push) Successful in 1m13s
build configuration / build_storage01 (push) Successful in 1m18s
build configuration / build_compute01 (push) Successful in 1m22s
build configuration / build_web02 (push) Successful in 56s
lint / check (push) Successful in 23s
build configuration / build_web01 (push) Successful in 1m40s
build configuration / build_rescue01 (push) Successful in 1m9s
2024-05-15 09:58:50 +02:00
Tom Hubrecht
e4e44dfd00
feat(meta): Add Elias
Check meta / check_dns (push) Successful in 43s
build configuration / build_vault01 (push) Successful in 1m14s
build configuration / build_web02 (push) Successful in 54s
lint / check (push) Successful in 24s
build configuration / build_rescue01 (push) Successful in 52s
build configuration / build_web01 (push) Successful in 1m31s
build configuration / push_to_cache (push) Successful in 2m16s
Check meta / check_meta (push) Successful in 23s
build configuration / build_storage01 (push) Successful in 1m11s
build configuration / build_compute01 (push) Successful in 1m14s
2024-05-14 23:50:20 +02:00
Tom Hubrecht
947e29aa57
feat(vault01): Make the fai group admin
2024-05-14 23:48:40 +02:00
Tom Hubrecht
a559d2e0c0
feat(meta): Add more assertions
build configuration / push_to_cache (push) Has been cancelled
Check meta / check_meta (push) Successful in 26s
Check meta / check_dns (push) Successful in 47s
build configuration / build_vault01 (push) Successful in 1m12s
build configuration / build_storage01 (push) Successful in 1m14s
build configuration / build_web02 (push) Successful in 53s
lint / check (push) Successful in 23s
build configuration / build_compute01 (push) Successful in 1m19s
build configuration / build_web01 (push) Successful in 1m36s
build configuration / build_rescue01 (push) Successful in 53s
2024-05-14 23:47:20 +02:00
Tom Hubrecht
e49ab86364
fix(iso): Correctly import meta
build configuration / build_web02 (push) Successful in 1m6s
build configuration / build_compute01 (push) Successful in 1m18s
build configuration / build_vault01 (push) Successful in 1m9s
build configuration / build_storage01 (push) Successful in 1m12s
build configuration / build_rescue01 (push) Successful in 57s
lint / check (push) Successful in 23s
build configuration / build_web01 (push) Successful in 1m33s
build configuration / push_to_cache (push) Successful in 2m13s
2024-05-14 23:32:08 +02:00
Tom Hubrecht
aad6490bd5
feat(meta): Add assertions
build configuration / build_storage01 (push) Has been cancelled
build configuration / build_compute01 (push) Has been cancelled
build configuration / build_web01 (push) Has been cancelled
Check meta / check_dns (push) Successful in 1m0s
build configuration / build_web02 (push) Waiting to run
build configuration / build_rescue01 (push) Waiting to run
build configuration / push_to_cache (push) Blocked by required conditions
lint / check (push) Waiting to run
build configuration / build_vault01 (push) Has been cancelled
Check meta / check_meta (push) Successful in 28s
2024-05-14 23:31:49 +02:00
Tom Hubrecht
0e7dd1ea70
feat(organization): Add external and internal services
Check meta / check_meta (push) Successful in 26s
Check meta / check_dns (push) Successful in 46s
build configuration / build_web02 (push) Successful in 52s
build configuration / build_compute01 (push) Successful in 1m19s
build configuration / push_to_cache (push) Successful in 2m11s
build configuration / build_vault01 (push) Successful in 1m11s
build configuration / build_storage01 (push) Successful in 1m13s
build configuration / build_web01 (push) Successful in 1m35s
lint / check (push) Successful in 23s
build configuration / build_rescue01 (push) Successful in 56s
2024-05-14 17:32:54 +02:00
Tom Hubrecht
01b967fff0
feat(organization): Add FAI group
2024-05-14 17:23:02 +02:00
Tom Hubrecht
8d2a46e538
feat(meta): Remove the ISO group
2024-05-14 17:15:55 +02:00
Tom Hubrecht
a63f682aeb
feat(monitoring): Add admin emails
build configuration / build_web02 (push) Successful in 1m16s
build configuration / build_rescue01 (push) Successful in 1m21s
build configuration / build_vault01 (push) Successful in 1m21s
build configuration / build_storage01 (push) Successful in 1m22s
build configuration / build_compute01 (push) Successful in 1m28s
lint / check (push) Successful in 23s
build configuration / build_web01 (push) Successful in 1m45s
build configuration / push_to_cache (push) Successful in 2m13s
2024-05-13 23:33:36 +02:00
DGNum Chores
b732c5e9fb
chore(npins): Update
Check meta / check_dns (pull_request) Successful in 54s
Check meta / check_meta (pull_request) Successful in 1m10s
build configuration / build_web02 (pull_request) Successful in 2m31s
build configuration / build_vault01 (pull_request) Successful in 3m32s
build configuration / build_rescue01 (pull_request) Successful in 8m46s
build configuration / build_web01 (pull_request) Successful in 25m58s
build configuration / build_storage01 (pull_request) Successful in 12m58s
build configuration / build_compute01 (pull_request) Successful in 29m25s
build configuration / build_web02 (push) Successful in 1m13s
build configuration / build_vault01 (push) Successful in 1m17s
build configuration / build_storage01 (push) Successful in 1m20s
build configuration / build_compute01 (push) Successful in 1m25s
build configuration / build_rescue01 (push) Successful in 1m18s
lint / check (push) Successful in 23s
build configuration / build_web01 (push) Successful in 1m42s
build configuration / push_to_cache (push) Successful in 2m13s
build configuration / push_to_cache (pull_request) Successful in 2m16s
2024-05-07 13:27:24 +00:00
Tom Hubrecht
2c88c2bad7
fix(netbox-agent): batch requests filtering on interfaces
...
build configuration / build_web02 (push) Successful in 1m16s
build configuration / build_storage01 (push) Successful in 1m18s
build configuration / build_compute01 (push) Successful in 1m21s
build configuration / build_vault01 (push) Successful in 1m22s
build configuration / build_web01 (push) Successful in 1m38s
lint / check (push) Successful in 25s
build configuration / build_rescue01 (push) Successful in 56s
build configuration / push_to_cache (push) Successful in 2m13s
Re-enable the service on vault01 now that it works
2024-05-07 13:29:43 +02:00
sinavir
3494f609bb
fix(netbox-agent): really disable on vault01
build configuration / build_compute01 (push) Successful in 2m4s
build configuration / build_vault01 (push) Successful in 2m8s
build configuration / build_storage01 (push) Successful in 2m17s
build configuration / build_web02 (push) Successful in 2m25s
lint / check (push) Successful in 24s
build configuration / build_rescue01 (push) Successful in 2m30s
build configuration / build_web01 (push) Successful in 2m40s
build configuration / push_to_cache (push) Successful in 2m33s
2024-05-07 09:07:22 +02:00
sinavir
bf4bdf70df
fix(netbox-agent): disable on vault01
build configuration / build_web02 (push) Successful in 2m26s
build configuration / build_rescue01 (push) Successful in 2m26s
build configuration / build_vault01 (push) Successful in 2m29s
build configuration / build_compute01 (push) Successful in 2m32s
build configuration / build_storage01 (push) Successful in 2m38s
build configuration / build_web01 (push) Successful in 2m49s
lint / check (push) Successful in 24s
build configuration / push_to_cache (push) Successful in 2m22s
2024-05-07 08:45:19 +02:00
sinavir
ac67107c6d
fix(patches): use again netbox-agent PR
2024-05-07 08:44:46 +02:00
Tom Hubrecht
efee0dd7b7
feat(patches): Vendor patches and rename
build configuration / build_rescue01 (push) Successful in 3m10s
build configuration / build_compute01 (push) Successful in 3m17s
build configuration / build_storage01 (push) Successful in 3m17s
build configuration / build_web02 (push) Successful in 3m18s
build configuration / build_vault01 (push) Successful in 3m19s
build configuration / build_web01 (push) Successful in 3m21s
lint / check (push) Successful in 23s
build configuration / push_to_cache (push) Successful in 2m52s
2024-05-07 08:17:49 +02:00
Ryan Lahfa
Tom Hubrecht
catvayor
DGNum Chores