Commit graph

658 commits

Author SHA1 Message Date
d29deeae56 feat(ap01): use levitation for mass rebuilds
To deal with mass rebuild disk space requirements, we can just levitate.

In the future, we will use levitation as a general-purpose mechanism for
partition layout migration, etc.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-08 00:50:33 +02:00
4ed0c435ba feat(ap01): write nixpkgs version in /etc
It's useful for debugging.
We should also track our own revisions at some point.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-08 00:50:33 +02:00
c08d6c464f feat(ap01): re-enable 2GHz
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-08 00:50:33 +02:00
46d07da404 fix(hive): misc fixes regarding the nixpkgs usage
Previously, we were using <nixpkgs> actually, we fixed liminix and this
file to ensure that we are instantiating the right nixpkgs.

This helps to deal with unexpected mass rebuilds.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-08 00:50:33 +02:00
99902d2bb8 chore: upgrade liminix
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-08 00:48:12 +02:00
c0ec57ef22 fix(ap01): bridge only once the WLAN is in operational state
It required a lot of technology, but hey, we now have it.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-07 21:14:27 +02:00
337a71a169 feat(scripts): add Android profile building via Nix
Some checks failed
lint / check (push) Successful in 30s
Check meta / check_meta (pull_request) Failing after 48s
build configuration / build_compute01 (pull_request) Failing after 49s
build configuration / build_storage01 (pull_request) Failing after 50s
build configuration / build_vault01 (pull_request) Failing after 50s
Check meta / check_dns (pull_request) Failing after 1m4s
build configuration / build_web01 (pull_request) Failing after 40s
build configuration / build_rescue01 (pull_request) Failing after 34s
build configuration / build_web02 (pull_request) Failing after 35s
build configuration / push_to_cache (pull_request) Has been skipped
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-05 17:06:40 +02:00
9bf83a60fe fix(ap01): fix _one_ race condition when bridging the LAN
Some checks failed
Check meta / check_meta (pull_request) Failing after 17s
lint / check (push) Successful in 28s
build configuration / build_compute01 (pull_request) Failing after 43s
build configuration / build_storage01 (pull_request) Failing after 43s
build configuration / build_vault01 (pull_request) Failing after 45s
build configuration / build_web01 (pull_request) Failing after 34s
Check meta / check_dns (pull_request) Failing after 1m3s
build configuration / build_web02 (pull_request) Failing after 41s
build configuration / build_rescue01 (pull_request) Failing after 41s
build configuration / push_to_cache (pull_request) Has been skipped
The remaining is hostapd notification that the WLAN interface is ready
to bridge.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-05 14:59:16 +02:00
994e593d3b chore(ap01): cleanup
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-05 14:58:44 +02:00
adb843dd8b feat(ap01): add ubus
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-05 14:58:38 +02:00
45b106190f feat(ap01): disable IPv6
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-01 18:08:41 +02:00
0b94fb5ba7 feat(ap01): external RADIUS + DHCPv4 + jitterRNGd + stable bridge + default route
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-01 18:08:41 +02:00
4fb39070bb fix(sources): update to the latest version of Liminix
With bridge fixes and many other things.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-01 18:08:41 +02:00
47231417cc feat(liminix-rebuild): support hive names directly
Some checks failed
Check meta / check_meta (pull_request) Failing after 20s
build configuration / build_vault01 (pull_request) Failing after 22s
build configuration / build_compute01 (pull_request) Failing after 22s
lint / check (push) Successful in 28s
build configuration / build_storage01 (pull_request) Failing after 26s
build configuration / build_web01 (pull_request) Failing after 19s
build configuration / build_rescue01 (pull_request) Failing after 21s
build configuration / build_web02 (pull_request) Failing after 21s
build configuration / push_to_cache (pull_request) Has been skipped
Check meta / check_dns (pull_request) Failing after 1m0s
Thanks @catvayor, I'm so dumb.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-01 17:20:37 +02:00
afd92ab203 feat(devshell): add kanidm & freeradius
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-31 22:38:07 +02:00
270eb4b106 chore(ap01): cleanup
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-31 22:37:46 +02:00
04cb0a9f04 feat(scripts): add liminix-oriented scripts
Some checks failed
lint / check (push) Successful in 24s
Check meta / check_meta (pull_request) Failing after 20s
build configuration / build_storage01 (pull_request) Failing after 42s
build configuration / build_compute01 (pull_request) Failing after 43s
build configuration / build_vault01 (pull_request) Failing after 42s
Check meta / check_dns (pull_request) Failing after 1m3s
build configuration / build_web01 (pull_request) Failing after 38s
build configuration / build_web02 (pull_request) Failing after 39s
build configuration / build_rescue01 (pull_request) Failing after 38s
build configuration / push_to_cache (pull_request) Has been skipped
- extraction for manual recovery via nandwrite
- liminix rebuild to interactively develop the AP

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-31 22:23:04 +02:00
c4d9d6d000 feat(ap01): enable fully RADIUS via internal RADIUS server
This adds two public keys.

For the private keys, heh…

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-31 22:23:04 +02:00
be1673c6aa feat(devshell): add liminix-related tools
serial console, deployment tools and TFTP tool

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-31 22:20:24 +02:00
8b66b2b7c3 feat: add access control for APs via our custom modules
Some checks failed
Check meta / check_meta (push) Failing after 17s
Check meta / check_meta (pull_request) Failing after 18s
lint / check (push) Successful in 24s
build configuration / build_compute01 (pull_request) Failing after 38s
build configuration / build_storage01 (pull_request) Failing after 35s
Check meta / check_dns (push) Failing after 1m9s
Check meta / check_dns (pull_request) Failing after 59s
build configuration / build_vault01 (pull_request) Failing after 36s
build configuration / build_web01 (pull_request) Failing after 35s
build configuration / build_web02 (pull_request) Failing after 40s
build configuration / build_rescue01 (pull_request) Failing after 33s
build configuration / push_to_cache (pull_request) Has been skipped
It works!

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-22 18:45:40 +02:00
3ed6ecba31 feat: ensure that colmena repl can evaluate nodes.ap01
Some checks failed
lint / check (push) Successful in 49s
Check meta / check_meta (pull_request) Failing after 16s
Check meta / check_dns (pull_request) Failing after 58s
build configuration / build_vault01 (pull_request) Failing after 1m2s
build configuration / build_storage01 (pull_request) Failing after 1m5s
build configuration / build_compute01 (pull_request) Failing after 1m16s
build configuration / build_web02 (pull_request) Failing after 36s
build configuration / build_rescue01 (pull_request) Failing after 36s
build configuration / build_web01 (pull_request) Failing after 36s
build configuration / push_to_cache (pull_request) Has been skipped
Bump to latest Liminix and use the new `defaults` function.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-22 15:28:34 +02:00
5a8fe24dce feat: achieve custom evaluation in the framework
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-05-24 18:46:13 +02:00
0a948e6148 feat: Specialize nixpkgs as a function of the system 2024-05-24 18:46:13 +02:00
41ca207b41 feat: wip! wip! wip! 2024-05-24 18:46:01 +02:00
aa6b082b81 feat: enable liminix-rebuild
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-05-24 18:46:01 +02:00
17b2345a02 feat: add liminix-rebuild in the shell
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-05-24 18:46:01 +02:00
fde8f66ea7 feat: init Liminix evaluation system
Very rudimentary; undocumented, untested in production. This is for testing purposes.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-05-24 18:46:01 +02:00
2329799c87 feat(monitoring): Add adminGroup emails
Some checks failed
Check meta / check_meta (pull_request) Successful in 25s
Check meta / check_dns (pull_request) Successful in 44s
build configuration / build_storage01 (pull_request) Successful in 1m10s
build configuration / build_compute01 (pull_request) Successful in 1m13s
build configuration / build_vault01 (pull_request) Successful in 1m1s
build configuration / build_web02 (pull_request) Successful in 58s
build configuration / build_web01 (pull_request) Successful in 1m31s
build configuration / build_rescue01 (pull_request) Successful in 55s
build configuration / push_to_cache (pull_request) Failing after 2m15s
build configuration / build_vault01 (push) Successful in 1m11s
build configuration / build_rescue01 (push) Successful in 1m12s
build configuration / build_storage01 (push) Successful in 1m14s
build configuration / build_compute01 (push) Successful in 1m17s
build configuration / build_web02 (push) Successful in 1m22s
lint / check (push) Successful in 24s
build configuration / build_web01 (push) Successful in 1m36s
build configuration / push_to_cache (push) Successful in 2m16s
2024-05-22 19:05:03 +02:00
sinavir
bfeaa18530 feat(signal-irc-bridge): init
All checks were successful
build configuration / build_web02 (push) Successful in 1m5s
build configuration / build_vault01 (push) Successful in 1m7s
build configuration / build_storage01 (push) Successful in 1m10s
build configuration / build_web01 (push) Successful in 1m38s
lint / check (push) Successful in 31s
build configuration / build_rescue01 (push) Successful in 58s
build configuration / build_compute01 (push) Successful in 3m44s
build configuration / push_to_cache (push) Successful in 2m33s
2024-05-22 18:26:06 +02:00
d3b7481188 fix(atticd): Don't chunk NARs as garage does it automatically
All checks were successful
build configuration / build_web02 (push) Successful in 1m10s
build configuration / build_vault01 (push) Successful in 1m13s
build configuration / build_rescue01 (push) Successful in 1m14s
build configuration / build_compute01 (push) Successful in 1m20s
build configuration / build_storage01 (push) Successful in 1m24s
lint / check (push) Successful in 24s
build configuration / build_web01 (push) Successful in 1m37s
build configuration / push_to_cache (push) Successful in 2m15s
2024-05-21 09:24:01 +02:00
e2de21ed18 feat(cineclub): Add redirections
All checks were successful
build configuration / build_web02 (push) Successful in 1m12s
build configuration / build_vault01 (push) Successful in 1m14s
build configuration / build_rescue01 (push) Successful in 1m15s
build configuration / build_storage01 (push) Successful in 1m17s
build configuration / build_compute01 (push) Successful in 1m21s
lint / check (push) Successful in 24s
build configuration / build_web01 (push) Successful in 2m53s
build configuration / push_to_cache (push) Successful in 2m14s
2024-05-18 19:14:24 +02:00
9a1f49d0ce fix(README): Use correct link
All checks were successful
build configuration / build_vault01 (push) Successful in 1m8s
build configuration / build_web02 (push) Successful in 1m10s
build configuration / build_storage01 (push) Successful in 1m15s
build configuration / build_compute01 (push) Successful in 1m20s
build configuration / build_rescue01 (push) Successful in 1m18s
lint / check (push) Successful in 24s
build configuration / build_web01 (push) Successful in 1m59s
build configuration / push_to_cache (push) Successful in 2m14s
2024-05-18 16:48:05 +02:00
9a8c182a95 feat(wp): Update cineclub address 2024-05-18 16:47:54 +02:00
1d686b740b feat(verify): Tweak error message
All checks were successful
Check meta / check_meta (push) Successful in 28s
Check meta / check_dns (push) Successful in 52s
build configuration / build_vault01 (push) Successful in 1m13s
build configuration / build_storage01 (push) Successful in 1m18s
build configuration / build_compute01 (push) Successful in 1m22s
build configuration / build_web02 (push) Successful in 56s
lint / check (push) Successful in 23s
build configuration / build_web01 (push) Successful in 1m40s
build configuration / build_rescue01 (push) Successful in 1m9s
build configuration / push_to_cache (push) Successful in 2m17s
2024-05-15 09:58:50 +02:00
e4e44dfd00 feat(meta): Add Elias
All checks were successful
Check meta / check_meta (push) Successful in 23s
Check meta / check_dns (push) Successful in 43s
build configuration / build_storage01 (push) Successful in 1m11s
build configuration / build_compute01 (push) Successful in 1m14s
build configuration / build_vault01 (push) Successful in 1m14s
build configuration / build_web02 (push) Successful in 54s
lint / check (push) Successful in 24s
build configuration / build_rescue01 (push) Successful in 52s
build configuration / build_web01 (push) Successful in 1m31s
build configuration / push_to_cache (push) Successful in 2m16s
2024-05-14 23:50:20 +02:00
947e29aa57 feat(vault01): Make the fai group admin 2024-05-14 23:48:40 +02:00
a559d2e0c0 feat(meta): Add more assertions
Some checks failed
Check meta / check_meta (push) Successful in 26s
Check meta / check_dns (push) Successful in 47s
build configuration / build_vault01 (push) Successful in 1m12s
build configuration / build_storage01 (push) Successful in 1m14s
build configuration / build_web02 (push) Successful in 53s
build configuration / build_compute01 (push) Successful in 1m19s
lint / check (push) Successful in 23s
build configuration / build_web01 (push) Successful in 1m36s
build configuration / build_rescue01 (push) Successful in 53s
build configuration / push_to_cache (push) Has been cancelled
2024-05-14 23:47:20 +02:00
e49ab86364 fix(iso): Correctly import meta
All checks were successful
build configuration / build_web02 (push) Successful in 1m6s
build configuration / build_compute01 (push) Successful in 1m18s
build configuration / build_vault01 (push) Successful in 1m9s
build configuration / build_storage01 (push) Successful in 1m12s
build configuration / build_rescue01 (push) Successful in 57s
lint / check (push) Successful in 23s
build configuration / build_web01 (push) Successful in 1m33s
build configuration / push_to_cache (push) Successful in 2m13s
2024-05-14 23:32:08 +02:00
aad6490bd5 feat(meta): Add assertions
Some checks failed
build configuration / build_web02 (push) Waiting to run
build configuration / build_rescue01 (push) Waiting to run
build configuration / push_to_cache (push) Blocked by required conditions
lint / check (push) Waiting to run
build configuration / build_storage01 (push) Has been cancelled
build configuration / build_compute01 (push) Has been cancelled
build configuration / build_web01 (push) Has been cancelled
build configuration / build_vault01 (push) Has been cancelled
Check meta / check_meta (push) Successful in 28s
Check meta / check_dns (push) Successful in 1m0s
2024-05-14 23:31:49 +02:00
0e7dd1ea70 feat(organization): Add external and internal services
All checks were successful
Check meta / check_meta (push) Successful in 26s
Check meta / check_dns (push) Successful in 46s
build configuration / build_vault01 (push) Successful in 1m11s
build configuration / build_storage01 (push) Successful in 1m13s
build configuration / build_web02 (push) Successful in 52s
build configuration / build_compute01 (push) Successful in 1m19s
build configuration / build_web01 (push) Successful in 1m35s
lint / check (push) Successful in 23s
build configuration / build_rescue01 (push) Successful in 56s
build configuration / push_to_cache (push) Successful in 2m11s
2024-05-14 17:32:54 +02:00
01b967fff0 feat(organization): Add FAI group 2024-05-14 17:23:02 +02:00
8d2a46e538 feat(meta): Remove the ISO group 2024-05-14 17:15:55 +02:00
a63f682aeb feat(monitoring): Add admin emails
All checks were successful
build configuration / build_web02 (push) Successful in 1m16s
build configuration / build_rescue01 (push) Successful in 1m21s
build configuration / build_vault01 (push) Successful in 1m21s
build configuration / build_storage01 (push) Successful in 1m22s
build configuration / build_compute01 (push) Successful in 1m28s
lint / check (push) Successful in 23s
build configuration / build_web01 (push) Successful in 1m45s
build configuration / push_to_cache (push) Successful in 2m13s
2024-05-13 23:33:36 +02:00
b732c5e9fb chore(npins): Update
All checks were successful
Check meta / check_dns (pull_request) Successful in 54s
Check meta / check_meta (pull_request) Successful in 1m10s
build configuration / build_web02 (pull_request) Successful in 2m31s
build configuration / build_vault01 (pull_request) Successful in 3m32s
build configuration / build_rescue01 (pull_request) Successful in 8m46s
build configuration / build_web01 (pull_request) Successful in 25m58s
build configuration / build_storage01 (pull_request) Successful in 12m58s
build configuration / build_compute01 (pull_request) Successful in 29m25s
build configuration / build_web02 (push) Successful in 1m13s
build configuration / build_vault01 (push) Successful in 1m17s
build configuration / build_storage01 (push) Successful in 1m20s
build configuration / build_compute01 (push) Successful in 1m25s
build configuration / build_rescue01 (push) Successful in 1m18s
lint / check (push) Successful in 23s
build configuration / build_web01 (push) Successful in 1m42s
build configuration / push_to_cache (push) Successful in 2m13s
build configuration / push_to_cache (pull_request) Successful in 2m16s
2024-05-07 13:27:24 +00:00
2c88c2bad7 fix(netbox-agent): batch requests filtering on interfaces
All checks were successful
build configuration / build_web02 (push) Successful in 1m16s
build configuration / build_storage01 (push) Successful in 1m18s
build configuration / build_compute01 (push) Successful in 1m21s
build configuration / build_vault01 (push) Successful in 1m22s
build configuration / build_web01 (push) Successful in 1m38s
lint / check (push) Successful in 25s
build configuration / build_rescue01 (push) Successful in 56s
build configuration / push_to_cache (push) Successful in 2m13s
Re-enable the service on vault01 now that it works
2024-05-07 13:29:43 +02:00
sinavir
3494f609bb fix(netbox-agent): really disable on vault01
All checks were successful
build configuration / build_compute01 (push) Successful in 2m4s
build configuration / build_vault01 (push) Successful in 2m8s
build configuration / build_storage01 (push) Successful in 2m17s
build configuration / build_web02 (push) Successful in 2m25s
lint / check (push) Successful in 24s
build configuration / build_rescue01 (push) Successful in 2m30s
build configuration / build_web01 (push) Successful in 2m40s
build configuration / push_to_cache (push) Successful in 2m33s
2024-05-07 09:07:22 +02:00
sinavir
bf4bdf70df fix(netbox-agent): disable on vault01
All checks were successful
build configuration / build_web02 (push) Successful in 2m26s
build configuration / build_rescue01 (push) Successful in 2m26s
build configuration / build_vault01 (push) Successful in 2m29s
build configuration / build_compute01 (push) Successful in 2m32s
build configuration / build_storage01 (push) Successful in 2m38s
build configuration / build_web01 (push) Successful in 2m49s
lint / check (push) Successful in 24s
build configuration / push_to_cache (push) Successful in 2m22s
2024-05-07 08:45:19 +02:00
sinavir
ac67107c6d fix(patches): use again netbox-agent PR 2024-05-07 08:44:46 +02:00
efee0dd7b7 feat(patches): Vendor patches and rename
All checks were successful
build configuration / build_rescue01 (push) Successful in 3m10s
build configuration / build_compute01 (push) Successful in 3m17s
build configuration / build_storage01 (push) Successful in 3m17s
build configuration / build_web02 (push) Successful in 3m18s
build configuration / build_vault01 (push) Successful in 3m19s
build configuration / build_web01 (push) Successful in 3m21s
lint / check (push) Successful in 23s
build configuration / push_to_cache (push) Successful in 2m52s
2024-05-07 08:17:49 +02:00
0eb813c8bf feat(compute01): Upgrade postgres to 16.2
All checks were successful
build configuration / build_vault01 (push) Successful in 1m15s
build configuration / build_rescue01 (push) Successful in 1m15s
build configuration / build_storage01 (push) Successful in 1m18s
build configuration / build_web02 (push) Successful in 1m24s
lint / check (push) Successful in 25s
build configuration / build_web01 (push) Successful in 1m51s
build configuration / build_compute01 (push) Successful in 1m58s
build configuration / push_to_cache (push) Successful in 2m14s
2024-05-01 16:01:44 +02:00