fixup! feat: Upgrade machines to nixos-24.05

feat: Upgrade machines to nixos-24.05
2024-07-05 10:54:33 +02:00 · 2024-07-05 10:54:33 +02:00 · 2024-07-05 10:54:33 +02:00 · 2024-07-04 21:29:22 +02:00 · 2024-07-03 14:56:46 +02:00 · 2024-07-02 20:54:45 +02:00
26 changed files with 576 additions and 137 deletions
--- a/default.nix
+++ b/default.nix
@ -75,7 +75,10 @@ in
          with pkgs;
          [
            npins
-            nixos-generators
+            (nixos-generators.overrideAttrs (_: {
+              version = "1.8.0-unstable";
+              src = builtins.storePath sources.nixos-generators;
+            }))
            attic-client
          ]
          ++ (builtins.map (p: callPackage p { }) [
--- a/iso/configuration.nix
+++ b/iso/configuration.nix
@ -3,7 +3,7 @@
 let
  dgn-lib = import ../lib { };

-  dgn-members = (import ../meta lib).members.groups.root;
+  dgn-members = (import ../meta lib).organization.groups.root;
 in

 {
--- a/keys/machines/web02.keys
+++ b/keys/machines/web02.keys
@ -1 +1 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE020zqMJTlJ73czVxWVNmRof6il+N9dS4Knm43bJSpm
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+QDE+GgZs6zONHvzRW15BzGJNW69k2BFZgB/Zh/tLX
--- a/machines/web01/castopod-head-proxy.nix
+++ b/machines/web01/castopod-head-proxy.nix
@ -1,33 +0,0 @@
-{ config, lib, ... }:
-let
-  cfg = config.services.castopod;
-  fpm = config.services.phpfpm.pools.castopod;
-in
-{
-  services.nginx = {
-    resolver.addresses = [ "127.0.0.53" ];
-    virtualHosts."${cfg.localDomain}" = {
-
-      locations."@force_get" = {
-        extraConfig = lib.mkForce ''
-          recursive_error_pages on;
-          proxy_method GET;
-          proxy_pass https://podcasts.dgnum.eu/$request_uri;
-        '';
-      };
-
-      locations."~ .php$" = {
-        extraConfig = lib.mkForce ''
-          error_page 550 = @force_get;
-          if ($request_method = HEAD) { return 550; }
-          fastcgi_intercept_errors on;
-          fastcgi_index index.php;
-          fastcgi_pass unix:${fpm.socket};
-          try_files $uri =404;
-          fastcgi_read_timeout 3600;
-          fastcgi_send_timeout 3600;
-        '';
-      };
-    };
-  };
-}
--- a/machines/web01/castopod.nix
+++ b/machines/web01/castopod.nix
@ -8,7 +8,7 @@ in
      enable = true;
      localDomain = host;
      environmentFile = config.age.secrets.castopod-environment_file.path;
-      maxUploadSize = 512;
+      maxUploadSize = "512M";
      settings = {
        "email.fromEmail" = "noreply@infra.dgnum.eu";
        "email.SMTPHost" = "kurisu.lahfa.xyz";
--- a/machines/web01/crabfit/default.nix
+++ b/machines/web01/crabfit/default.nix
@ -1,4 +1,4 @@
-_:
+{ config, ... }:

 {
  imports = [ ./packages ];
@ -8,9 +8,29 @@ _:

    api.host = "api.meet.dgnum.eu";
    frontend.host = "meet.dgnum.eu";
-
-    configureNginx = true;
  };

  dgn-backups.postgresDatabases = [ "crabfit" ];
+
+  services.nginx =
+    let
+      cfg = config.services.crabfit;
+    in
+    {
+      enable = true;
+
+      virtualHosts.${cfg.frontend.host} = {
+        enableACME = true;
+        forceSSL = true;
+
+        locations."/".proxyPass = "http://127.0.0.1:${builtins.toString cfg.frontend.port}";
+      };
+
+      virtualHosts.${cfg.api.host} = {
+        enableACME = true;
+        forceSSL = true;
+
+        locations."/".proxyPass = "http://127.0.0.1:${builtins.toString cfg.api.port}";
+      };
+    };
 }
--- a/machines/web02/_configuration.nix
+++ b/machines/web02/_configuration.nix
@ -1,14 +1,15 @@
-{ lib, ... }:
+{ lib, pkgs, ... }:

 lib.extra.mkConfig {
  enabledModules = [
    # List of modules to enable
    "dgn-fail2ban"
+    "dgn-web"
  ];

  enabledServices = [
    # List of services to enable
-    "monitoring"
+    "cas-eleves"
  ];

  extraConfig = {
@ -17,7 +18,18 @@ lib.extra.mkConfig {
      "sshd-timeout"
    ];

-    services.netbird.enable = true;
+    # Restrict access to this node
+    dgn-access-control.users.root = [ "thubrecht" ];
+
+    # Disable monitoring
+    dgn-node-monitoring.enable = false;
+
+    # Enable Postgres databases
+    services.postgresql = {
+      enable = true;
+
+      package = pkgs.postgresql_16;
+    };
  };

  root = ./.;
--- a/machines/web02/_hardware-configuration.nix
+++ b/machines/web02/_hardware-configuration.nix
@ -17,6 +17,11 @@
        "virtio_blk"
      ];
      kernelModules = [ ];
+
+      luks.devices."main" = {
+        device = "/dev/disk/by-uuid/0092c3d6-97ce-40aa-9773-6b85fa0dfec8";
+        tryEmptyPassphrase = true;
+      };
    };

    kernelModules = [ "kvm-intel" ];
@ -25,13 +30,18 @@

  fileSystems = {
    "/" = {
-      device = "/dev/disk/by-uuid/8725c242-144d-495b-8ce4-6f0cef7c8ee3";
-      fsType = "btrfs";
+      device = "/dev/disk/by-uuid/f7f94fec-cdd3-4e61-b93f-18447a395018";
+      fsType = "ext4";
    };

    "/boot" = {
      device = "/dev/disk/by-uuid/84F6-E7A3";
      fsType = "vfat";
+
+      options = [
+        "fmask=0022"
+        "dmask=0022"
+      ];
    };
  };

--- a/machines/web02/cas-eleves/default.nix
+++ b/machines/web02/cas-eleves/default.nix
@ -0,0 +1,136 @@
+{
+  config,
+  lib,
+  pkgs,
+  sources,
+  ...
+}:
+
+let
+  inherit (lib) mapAttrsToList;
+
+  port = 9889;
+
+  python3 = pkgs.python312;
+  pythonEnv = python3.withPackages (ps: [
+    ps.django
+    ps.ldap3
+    ps.gunicorn
+    ps.psycopg
+
+    # Local packages
+    (ps.callPackage ./packages/django-browser-reload { })
+    (ps.callPackage ./packages/django-bulma-forms { })
+    (ps.callPackage ./packages/django-cas-server { })
+    (ps.callPackage ./packages/loadcredential { })
+  ]);
+
+  staticDrv = pkgs.stdenv.mkDerivation {
+    name = "cas_eleves-static";
+
+    src = sources.cas-eleves;
+
+    nativeBuildInputs = [ pythonEnv ];
+
+    configurePhase = ''
+      export CE_STATIC_ROOT=$out/static
+      export CE_DEBUG=true
+      export CREDENTIALS_DIRECTORY=$(pwd)/.credentials
+    '';
+
+    buildPhase = ''
+      mkdir -p $out/static
+    '';
+
+    installPhase = ''
+      python3 manage.py collectstatic
+    '';
+  };
+in
+
+{
+  systemd.services = {
+    django-cas-eleves = {
+      description = "ENS CAS server";
+      wantedBy = [ "multi-user.target" ];
+      after = [
+        "network.target"
+        "postgresql.service"
+      ];
+
+      serviceConfig = {
+        DynamicUser = true;
+        LoadCredential = mapAttrsToList (name: value: "${name}:${value}") {
+          SECRET_KEY = config.age.secrets."cas_eleves-secret_key_file".path;
+        };
+        StateDirectory = "django-cas-eleves";
+        User = "cas_server";
+        WorkingDirectory = sources.cas-eleves;
+      };
+
+      environment = {
+        CE_ALLOWED_HOSTS = builtins.toJSON [
+          "cas-eleves.dgnum.eu"
+          "cas.eleves.ens.fr"
+        ];
+        CE_STATIC_ROOT = staticDrv;
+      };
+
+      path = [ pythonEnv ];
+
+      script = ''
+        python3 manage.py loaddata patterns
+        python3 manage.py migrate
+        gunicorn app.wsgi --pythonpath ${sources.cas-eleves} -b 127.0.0.1:${builtins.toString port} --workers=2 --threads=4
+      '';
+    };
+
+    cas-eleves-cleanup = {
+      description = "Periodic cleanup of cas_server database";
+
+      startAt = "daily";
+
+      serviceConfig = {
+        Type = "oneshot";
+
+        LoadCredential = mapAttrsToList (name: value: "${name}:${value}") {
+          SECRET_KEY = config.age.secrets."cas_eleves-secret_key_file".path;
+        };
+        StateDirectory = "django-cas-eleves";
+        User = "cas_server";
+        WorkingDirectory = sources.cas-eleves;
+      };
+
+      path = [ pythonEnv ];
+
+      script = ''
+        python3 manage.py clearsessions
+        python3 manage.py cas_clean_sessions
+        python3 manage.py cas_clean_tickets
+      '';
+    };
+  };
+
+  services = {
+    postgresql = {
+      ensureDatabases = [ "cas_server" ];
+      ensureUsers = [
+        {
+          name = "cas_server";
+          ensureDBOwnership = true;
+        }
+      ];
+    };
+
+    nginx.virtualHosts."cas-eleves.dgnum.eu" = {
+      enableACME = true;
+      forceSSL = true;
+
+      locations = {
+        "/".proxyPass = "http://127.0.0.1:${builtins.toString port}";
+        "/static/".root = staticDrv;
+        "= /robots.txt".root = "${staticDrv}/static";
+      };
+    };
+  };
+}
--- a/machines/web02/cas-eleves/packages/django-browser-reload/default.nix
+++ b/machines/web02/cas-eleves/packages/django-browser-reload/default.nix
@ -0,0 +1,42 @@
+{
+  lib,
+  buildPythonPackage,
+  fetchFromGitHub,
+  setuptools,
+  wheel,
+  asgiref,
+  django,
+}:
+
+buildPythonPackage rec {
+  pname = "django-browser-reload";
+  version = "1.12.1";
+  pyproject = true;
+
+  src = fetchFromGitHub {
+    owner = "adamchainz";
+    repo = "django-browser-reload";
+    rev = version;
+    hash = "sha256-IDIkAl6YYI3isDvpzCtAu4fLSr2gbjEvVW+K1WBDPbo=";
+  };
+
+  nativeBuildInputs = [
+    setuptools
+    wheel
+  ];
+
+  propagatedBuildInputs = [
+    asgiref
+    django
+  ];
+
+  pythonImportsCheck = [ "django_browser_reload" ];
+
+  meta = with lib; {
+    description = "Automatically reload your browser in development";
+    homepage = "https://github.com/adamchainz/django-browser-reload";
+    changelog = "https://github.com/adamchainz/django-browser-reload/blob/${src.rev}/CHANGELOG.rst";
+    license = licenses.mit;
+    maintainers = [ ]; # with maintainers; [ thubrecht ];
+  };
+}
--- a/machines/web02/cas-eleves/packages/django-bulma-forms/default.nix
+++ b/machines/web02/cas-eleves/packages/django-bulma-forms/default.nix
@ -0,0 +1,36 @@
+{
+  lib,
+  buildPythonPackage,
+  fetchgit,
+  setuptools,
+  setuptools-scm,
+  wheel,
+  django,
+}:
+
+buildPythonPackage rec {
+  pname = "django-bulma-forms";
+  version = "0.1.4";
+  pyproject = true;
+
+  src = fetchgit {
+    url = "https://git.hubrecht.ovh/hubrecht/django-bulma-forms";
+    rev = "v${version}";
+    hash = "sha256-4KTMXx3YxDxB4/YH14pJnNYtpOGXeDmD+gcbrUHwD/w=";
+  };
+
+  nativeBuildInputs = [
+    setuptools
+    setuptools-scm
+    wheel
+  ];
+
+  propagatedBuildInputs = [ django ];
+
+  meta = with lib; {
+    description = "";
+    homepage = "https://git.hubrecht.ovh/hubrecht/django-bulma-forms";
+    license = licenses.eupl12;
+    maintainers = [ ]; # with maintainers; [ thubrecht ];
+  };
+}
--- a/machines/web02/cas-eleves/packages/django-cas-server/01-pytest.patch
+++ b/machines/web02/cas-eleves/packages/django-cas-server/01-pytest.patch
@ -0,0 +1,20 @@
+diff --git a/cas_server/tests/test_utils.py b/cas_server/tests/test_utils.py
+index d690724..73ee761 100644
+--- a/cas_server/tests/test_utils.py
+++ b/cas_server/tests/test_utils.py
+@@ -17,6 +17,7 @@ from django.db import connection
+ import six
+ import warnings
+ import datetime
+import pytest
+ 
+ from cas_server import utils
+ 
+@@ -61,6 +62,7 @@ class CheckPasswordCase(TestCase):
+             )
+         )
+ 
+    @pytest.mark.skip(reason="crypt is broken somehow")
+     def test_crypt(self):
+         """test the crypt auth method"""
+         salts = ["$6$UVVAQvrMyXMF3FF3", "aa"]
--- a/machines/web02/cas-eleves/packages/django-cas-server/default.nix
+++ b/machines/web02/cas-eleves/packages/django-cas-server/default.nix
@ -0,0 +1,64 @@
+{
+  lib,
+  buildPythonPackage,
+  pytestCheckHook,
+  fetchFromGitHub,
+  setuptools,
+  wheel,
+  django,
+  lxml,
+  requests,
+  requests-futures,
+  six,
+  pytest-django,
+  pytest-env,
+  pytest-runner,
+  mock,
+}:
+
+buildPythonPackage rec {
+  pname = "django-cas-server";
+  version = "unstable-2024-04-13";
+  format = "pyproject";
+
+  src = fetchFromGitHub {
+    owner = "nitmir";
+    repo = "django-cas-server";
+    rev = "a04477d34eedba4fcc91f00a22689defd3f22a7f";
+    hash = "sha256-K6SKnYBiA1TrSdDSodYJoz1Bk20PsNo2g0dvs4XdmY0=";
+  };
+
+  patches = [ ./01-pytest.patch ];
+
+  nativeBuildInputs = [
+    setuptools
+    wheel
+  ];
+
+  propagatedBuildInputs = [
+    django
+    lxml
+    requests
+    requests-futures
+    setuptools
+    six
+  ];
+
+  nativeCheckInputs = [
+    mock
+    pytestCheckHook
+    pytest-django
+    pytest-env
+    pytest-runner
+  ];
+
+  pythonImportsCheck = [ "cas_server" ];
+
+  meta = with lib; {
+    description = "A Django Central Authentication Service server implementing the CAS Protocol 3.0 Specification";
+    homepage = "https://github.com/nitmir/django-cas-server";
+    changelog = "https://github.com/nitmir/django-cas-server/blob/${src.rev}/CHANGELOG.rst";
+    license = licenses.gpl3Only;
+    maintainers = [ ];
+  };
+}
--- a/machines/web02/cas-eleves/packages/loadcredential/default.nix
+++ b/machines/web02/cas-eleves/packages/loadcredential/default.nix
@ -0,0 +1,34 @@
+{
+  lib,
+  buildPythonPackage,
+  fetchFromGitHub,
+  setuptools,
+  wheel,
+}:
+
+buildPythonPackage rec {
+  pname = "loadcredential";
+  version = "1.1";
+  pyproject = true;
+
+  src = fetchFromGitHub {
+    owner = "Tom-Hubrecht";
+    repo = "loadcredential";
+    rev = "v${version}";
+    hash = "sha256-GXpMqGLDmDnTGa9cBYe0CP3Evm5sQ3AK9u6k3mLAW34=";
+  };
+
+  build-system = [
+    setuptools
+    wheel
+  ];
+
+  pythonImportsCheck = [ "loadcredential" ];
+
+  meta = {
+    description = "A simple python package to read credentials passed through systemd's LoadCredential, with a fallback on env variables ";
+    homepage = "https://github.com/Tom-Hubrecht/loadcredential";
+    license = lib.licenses.mit;
+    maintainers = [ ]; # with lib.maintainers; [ thubrecht ];
+  };
+}
--- a/machines/web02/monitoring.nix
+++ b/machines/web02/monitoring.nix
@ -1 +0,0 @@
-{ dgn-node-monitoring.enable = false; }
--- a/machines/web02/secrets/cas_eleves-secret_key_file
+++ b/machines/web02/secrets/cas_eleves-secret_key_file
@ -0,0 +1,29 @@
+age-encryption.org/v1
+-> ssh-ed25519 jIXfPA IgVUoMVMiwd1D/DozApR4frFKdikH9an7c9RgA3Z7jU
+HPy8NxwXH/4SBRrm+IBCpUF9fbfRvkZ0OU1XlHQkTHw
+-> ssh-ed25519 QlRB9Q 2+9r3Np2QeAP8AyngkwBfpFzyGKROVV2f5ndYzNkEyc
+RNqx1X4828mIIGMZP03ONpqccbcUq3ewRYQQ+RrVJhU
+-> ssh-ed25519 r+nK/Q 495UQFnwATORjh4kQYbRwaMhOk2jTOxQSn0NAOVqjhI
+NtBmalEkV7B5W6Z6Yh+RoLbm+cvePhcZsUwo1+cBbPM
+-> ssh-rsa krWCLQ
+dfbJ2yyFSi9xWMsxfQOYrCByCPHjKfYbGx8UxtVS0NRAtTl288MUkgs0XDiDZFzj
+khjk5bMjoFEGEgzHQuw96jhnL8MWEhfRe0hGQ8xisdLS/HCjZmbhsdx13tKaNKDb
+Wc7IM1pnoC+HqfVodH/DfV7IDHHZAideiCMGf00gkEdwgzYh5Ce+ZddbnnL/PgoY
+fwUsulBJ4U/3kFwzQjpHKspWgigZqTfIu3KgwLnlTUFUN68oNe4WtwKpzMGcdmCz
+9FP5ZlVEqMQdOQ8KbIbEAZfgRINDurtmTzv/UJ0HLGLB3zBIpVtMNE9OQjU+bDK3
+QDI0IhHqakQIrGkinQMvWA
+-> ssh-ed25519 /vwQcQ VjDT3QquajzEqC2pSaZAFf5QpoVHz2jYO6RoeaaMdDo
+c0hmNVbQZ+P5q49giVvR2jjD09GtbRg/8kbdyTrPCa0
+-> ssh-ed25519 0R97PA JbBVHq9ec8pCvGpoAMMXnk/61crUPDAeLj/c70wLDAM
+vMfLW7PapJomKy7UK2ciWj65gNN2QceXz0NQ7pniYLM
+-> ssh-ed25519 JGx7Ng OREWPSG2jfjrn1iBZKQqzEFgMBgp2MpJuO6sbWlO0DU
+UWhQ8a+RcStTc+bw5sH3CxXvJJvwqBoGG3B/y68W+hA
+-> ssh-ed25519 5SY7Kg snSFu4/7qEdPFui7n5QAwXtiABxt7KGxhaFKk8IDZxw
+mYT8pEvMl7BTH9CFYlk1cobj+C0sZZwT1nAnDxuWN8
+-> ssh-ed25519 p/Mg4Q zCnGwjID8wlbRvxqyZ75Bdq2/ayKTMrsUsdM2EWLhjI
+rGFLoX4R02Dym30U4wwgRcF0iZ92siDuvlqu2NEmaaA
+-> ssh-ed25519 IY5FSQ EbXHvG1ArgA8p8yirhJW+hFwZNrvfTVJYy91F8cjxSE
+Qirf2rDLCMBMJf/O/ANN19/lnmWr6tJ894bBRxNQ78s
+--- gfdWQjkVEeqZH4rZWpFDMjEv9f/P4MMRw0jVfyduxYY
+9ï:Ç
+áøÂtaÉŸ™ßIP'‰g‰K¬¡fKysûÉ§<C389>i„Ú[¬ˆzÄ+bTû™³×¢PB¡>q7cr]÷¬ózÍ§yðžOôòþ8
--- a/machines/web02/secrets/secrets.nix
+++ b/machines/web02/secrets/secrets.nix
@ -2,4 +2,4 @@ let
  lib = import ../../../lib { };
  publicKeys = lib.getNodeKeys "web02";
 in
-lib.setDefault { inherit publicKeys; } [ ]
+lib.setDefault { inherit publicKeys; } [ "cas_eleves-secret_key_file" ]
--- a/meta/README.md
+++ b/meta/README.md
@ -34,6 +34,21 @@ TODO.

 Machines can use different versions of NixOS, the supported and default ones are specified here.

+## How to add a new version
+
+- Switch to a new branch `nixos-$VERSION`
+- Run the following command
+
+```bash
+npins add channel nixos-$VERSION
+```
+
+- Edit `meta/nixpkgs.nix` and add `$VERSION` to the supported version.
+- Read the release notes and check for changes.
+- Update the nodes versions
+- Create a PR so that the CI check that it builds
+
+
 # Nodes

 The nodes are declared statically, several options can be configured:
--- a/meta/dns.nix
+++ b/meta/dns.nix
@ -80,6 +80,10 @@ let
          "status" # Uptime Kuma
        ];

+        vault01.dual = [
+          "radius" # FreeRADIUS
+        ];
+
        web01.dual = [
          "*.wp" # Wordpress
          "calendrier" # Metis
@ -104,6 +108,8 @@ let
          "meet"
          "rdv" # C.f. loi Toubon
        ];
+
+        web02.dual = [ "cas-eleves" ];
      }
    )
  );
--- a/meta/nixpkgs.nix
+++ b/meta/nixpkgs.nix
@ -6,5 +6,6 @@
  supported = [
    "unstable"
    "23.11"
+    "24.05"
  ];
 }
--- a/meta/nodes.nix
+++ b/meta/nodes.nix
@ -27,7 +27,7 @@
    stateVersion = "23.05";
    vm-cluster = "Hyperviseur NPS";

-    nix-modules = [ "services/crabfit" ];
+    nixpkgs = "24.05";
  };

  compute01 = {
@ -35,6 +35,7 @@

    stateVersion = "23.05";
    nix-modules = [ "services/stirling-pdf" ];
+    nixpkgs = "24.05";
  };

  geo01 = {
@ -42,7 +43,7 @@
    deployment.tags = [ "geo" ];

    stateVersion = "24.05";
-    nixpkgs = "unstable";
+    nixpkgs = "24.05";
  };

  geo02 = {
@ -50,22 +51,23 @@
    deployment.tags = [ "geo" ];

    stateVersion = "24.05";
-    nixpkgs = "unstable";
+    nixpkgs = "24.05";
  };

  storage01 = {
    site = "pav01";
    stateVersion = "23.11";
+    nixpkgs = "24.05";

    nix-modules = [ "services/forgejo-nix-runners" ];
  };

  vault01 = {
    site = "hyp01";
-    deployment.targetHost = "vault01.dgnum";
+    deployment.targetHost = "vault01.hyp01.infra.dgnum.eu";

    stateVersion = "23.11";
-    nixpkgs = "unstable";
+    nixpkgs = "24.05";

    adminGroups = [ "fai" ];
  };
--- a/modules/dgn-netbox-agent/netbox-agent
+++ b/modules/dgn-netbox-agent/netbox-agent
@ -1,43 +1,42 @@
 age-encryption.org/v1
-> ssh-ed25519 jIXfPA 7gTIVQPNYztJT+qoF84OnMxPeap+NsLzh6bASMHG9As
-k4ojDFQTJEgxELiAFZ3ZfIFYIHMgxLOb4/tNYUsEpOU
-> ssh-ed25519 QlRB9Q X6m3M+he0IvK14coQpOQoE9fhLCrIwsj1yVkdAO6BTY
-odBZdJHLB+Gou6ZsyaQ8W7gbK9RKPm6dxy0XAZmkadg
-> ssh-ed25519 r+nK/Q o55S/i2wyaWzFSH97AYrza9bUBvlt82oMmbwQfIhh10
-eNZWfTVdm6TDbxTNFB8sI9vIKpDv2K+eG2WjO99Z1UM
+-> ssh-ed25519 jIXfPA VoDy0JAiTE2oJervwdgnA07Nxb3nj63pQdbWRk5X914
+nKWCeehTU7/JEUErb5C8zyO/ecSUAuoMoAy4+NZ0ors
+-> ssh-ed25519 QlRB9Q RrJeuiV4PWMLS5oOX/PacCqXBk57s89/JbT4QSJlO10
+yhJtIrtdvok+18f095Hye8ZumCEk6xMnPMef7VclUjo
+-> ssh-ed25519 r+nK/Q MlmVhgkMVvKWVHs/03a/5UiScWsmdyPG67Q5B/xFg2o
+t265PedyxwcgQU7D3Wvj+cVEnbOcHo5lsZvhMWy/WqA
 -> ssh-rsa krWCLQ
-Fq1SPGGq4x1HRLKO11taw4/JBkoVERx+kFEhJ1i9CDfFveZlE0GNGUPoHOEz2ofd
-+cvdeLvj+dd/kwPLi1dEXRtD1Fi3LKpeoRgFJXiQXVUR78layx+kNAVV6tWmSX0v
-xdnKmAiLBz3JXkD6xl8Uenz3xVMXbUNQqqhJwNv3e1eNFaWaShaKYqCB5uJUxHB/
-1gXmtyuJfzIzV8V35dYPOAaGhAc6z6tqJv1vZs1Cd4ynFeDKue2Hx+vnfljf1RVC
-/myae5OXdJU7ROATd4+Gl7GEt+Vqy8VrJXe5Dcl9vdnhjMU/JCCr/6Tk+u4254GW
-Sitp80V7MXldLwLxDgXgrA
-> ssh-ed25519 /vwQcQ py7z6m7mIBlNMOmXPAef/NZ8zFa84VHY5OnH0xWe630
-BzDYVzkYflzh0bCsAykfcJhLWs7Xfj/DJpLUUjznug8
-> ssh-ed25519 0R97PA XKN1c2DF1gndn7m9ayJnxN6HyMdOSHdWpIXkjP44+yw
-Qo2oloI/LpwkEzNjRAKNQPVYG1zm601KZ2Z+sRZ8hB0
-> ssh-ed25519 JGx7Ng QKaSYE0pO6VxWvr6RpRZXQf5CGv0w6NJYThyTqigMAY
-Tt7UkHLoGW88iNh0eu0UkGoU2ms4Ui7MCqRu3KggxoY
-> ssh-ed25519 5SY7Kg aLdVxQgVwt3JPDUSJYXt/OUljR2/8Izb5FAluaV3Nk0
-0X/zLgsHN5N3yxUCetRiuwEp7rGrg7YnGQjwy1ZvsD0
-> ssh-ed25519 p/Mg4Q wSje5R0PF31xLIkwi3FzHDwaW/NMA5VLVtbAAa7mzFc
-wfOL3Dc9wDcidBv7GGmkSNwKLSAjRcvn0cXtHslbFSM
-> ssh-ed25519 tDqJRg kfJgtWRLeHnGNDxq3MW45URbQz1Gh2hhR59E5UWKQ2E
-KPnLwjPPtmCclbHz/aN4ATNxshqo7YbnDOXQN19aSGo
-> ssh-ed25519 9pVK7Q jmYiL9ImKqZ5n2SCs+RNFi44ge99e7agOBFZHakQqAk
-j8WG/QuoYETnyPvOuOpIyvPBm0W2CQYLqSMw2AH2OaU
-> ssh-ed25519 /BRpBQ Myx966lE1Cy1GEjlHczKsj4h/LgKuNyQI8f47rAKsGY
-d+XUuPJrjzJbkenl3sjJKScBNPLaGFyUu25zYuleGyU
-> ssh-ed25519 +MNHsw GT736xXXFYrMX5nLiUhlab+iPaKZ/7lBZiSitNkMwWk
-4zygmNGD1arO5dWN43IxXc9Yk09rvvH6L27VwdunG/4
-> ssh-ed25519 rHotTw 7nZ8PTnHh5zgUq8VBA07xsBLiNmuIXVgL5RXmpQprQA
-Oue9kpki0BjeMdgPQkIyQDxspD0yiVFhap1YnFSJPf4
-> ssh-ed25519 +mFdtQ mZ1ZlXrLzg1jJCpCRnX4Gp+ifHOy86k3BDMJZ8Bx9Qc
-JhI3SmE1UpvKEUu6LvSVEiQZnhCjKRwBrF7zJ9L4ANM
-> ssh-ed25519 0IVRbA 0XPF4deOErbp3EwMBmOpd3JIcwLv4wGIIrIHISC3mDU
-sBP09UtJ/0vga2mMLqnvR7tQAdX+BtOctDb8jl0OkQQ
-> ssh-ed25519 8V9fnQ Ug56Iiw3mixnOL/Ky8/p+tpj89AWCbHwHuD6R7htgmQ
-trXKH540NOZAzt7f197A8aL2zX3jlx+/K4JAEQWaSbo
--- iqcgcJMxU1/rYicqdLL9AD9UrC5okQmnsnAa1vkkB9g
-pï ª¹3CÈÆc<EFBFBD>O·*‰ÿœ‹.)öh$,Ê£²¿ñjåqq6Xt)-kä>÷Çýd¿3y$ëÝG‘Î£ÂMžLO®ÛêGà*oòsç[½ß¤f{-ù©áÛM]–
-òo¢.ÂË
+nFUx5BUr11AEMBcdU3GOdwQ4cQ4sc5gULNfR60Lt4/kIRSBQNZT8ukMJFVjzBzDU
+pFCydUkYMe7mSULyRqnLnpV6+N0ZhXiJ6kSmOBSMx5PyRPTYdt1U7/OoFeq0B7F3
+4qqQ4mUdMMVkSslbAQHOjHjClNdR63zPJzq00HXyh77J64kFnJAGkpThVi4p8xTT
+LTD5+WC/tKZonwQcONArFhxWZQzrOBLy/ZbqUYvs1TpuFev7AesMz+Bt5MoAKagR
+DXj7AyERxduCE0uUsPA3f7uT+2UJlbZ245kouwhR3U7a/uXcycA46vzSVShu//K3
+fIoFlaHFqQlZqHQKdOoJbA
+-> ssh-ed25519 /vwQcQ vqv8amG2vuI7zL++p/x/xBgJTlTv+u6A/kHv3v894Fw
+lQ23WDSwvREZQGMl3JP2jFH+3TPIG9I6MQPdzf8x+/E
+-> ssh-ed25519 0R97PA ZuAg84PwlGEUsQn/Sq37i3y6MJoTdJHg0gJ5F03M+QU
+uzbMgvJB8PzCjO0m3gHpayS8MMEnF5/vaAju/9qNRgc
+-> ssh-ed25519 JGx7Ng JwYJSoyhZ4U/ZBsiMKk0nhqfG0rAz1315JBHqV2fiEE
+PwRlnjGgbjBQbxDRw/NOq87vyYSgPPRnqoB+BlWkEi4
+-> ssh-ed25519 5SY7Kg /WRW7myBz18WFPOJgwH8+J/yioKEqMuM3tMb0kc5Nm4
+38yAugrHhA09nHSDFwQSxg4RfwrQ9FQtmGZ9hLmi0FA
+-> ssh-ed25519 p/Mg4Q 1Hod0s9dgzt7q9Fj7V98zSPoMIm0cG7spkYhOIOVhzM
+ANdswybclHCBF9uYhqiYGzeuVLrM87aenxXcadSsOaw
+-> ssh-ed25519 tDqJRg qW85IaP1+z3XV28vhWZikX53y8uKjORPLwi1DcHsGhc
+jUQ+U87I87Q+9+N281RZMjM0roBlvU36zj81jlU3gPw
+-> ssh-ed25519 9pVK7Q cvag3pYIWxP1Abdq3xYrZ7wuI1+MXJztqEngb8L7nAg
+Hz8g/OToARPpOYXWkSaFu871GbIw2iVNVHHqIPeeqGA
+-> ssh-ed25519 /BRpBQ A4BxjhnyQN4ID+9+JPfywxFuCyA+32sTv6AXsahmIUI
+OH1FWFfaZsIKtKFpbz748m2zVWhD63FJFY21IWs9NnU
+-> ssh-ed25519 +MNHsw l5E4L+cE7Po13xRGfbu3/dt1TQgnSdg142ZrkRPtlQY
+7U83vosOPcnNmOqrpL32HV15t10fBggK4iVzLo6Avw0
+-> ssh-ed25519 rHotTw +bYrOK/7CRJmHpyEHOZvZ0yo4qqMoVO17VoflgvQxDk
+TA6zx7WTn4em5ndde3Muplp0ZzTNIxF7Sx5wxlBemIw
+-> ssh-ed25519 +mFdtQ iwNE1C/ApUgm0p8mQ0nhM24MvQG+CbgmLFrSoj1Gpjo
+wXnCThCPyJTq+or7KHJmiUNBCZciak8+K7sR0+2/BL4
+-> ssh-ed25519 0IVRbA EsSZ/TNt9VyQX0ZF43p2ZbqU5hZY/KQHARtPrg3EXw8
+pE/qyWUJ9asjHuHFM1P3COZpEIB2WDbf6A041LhCDEQ
+-> ssh-ed25519 IY5FSQ 1S79IZGBJkIBe8s5xb9T1UvDBDyQ8NFLC7jKV+iUhEA
+wYR2eCWUjG3dWYtmQxO63kEopXjp2C8jHyFNPQ88TmE
+--- XH8Kj2Jc68Bx3f6TOG8XKnHU1wwTm+BfvjYNNst2Dhk
+8»aH&FK¿m	ý'	Ôñ3tn<74>‰3d÷[—ó<E28094>…õ_£í~ˆ•¯dè\ÖL?…ŒÿJ‘mÐhíª‘ã„c.Šž¡«Ÿ\+åî™`/°7@*‡	ØÑ†Á+ˆ<>ðiÝ!Åô
--- a/modules/dgn-notify/mail
+++ b/modules/dgn-notify/mail
--- a/modules/dgn-records/__arkheon-token_file
+++ b/modules/dgn-records/__arkheon-token_file
@ -1,42 +1,42 @@
 age-encryption.org/v1
-> ssh-ed25519 jIXfPA tUYFIHRHhzoovCj2787gimUlzImJoDMJ+tjeyKbTaWM
-4v3uHBMWy7bW42R3QuMcasrZjuCGMAlvtLZc+7Lw/JE
-> ssh-ed25519 QlRB9Q kCvthexHuAgXFERWq2TSt5B2NlgIT8+mrf9YYn19llo
-aGr7qXX0SMMu6CERsrRUVlNi67XvI8B8M5mDW7TFDJI
-> ssh-ed25519 r+nK/Q ob+ELcG6qX8fcQWH7diMgezHEYwqazMck8cSBXVvjXc
-LPvtCVIdX3UDWGdg9O+uDGunpl/J6FeuLVJvD2m4S7I
+-> ssh-ed25519 jIXfPA K2855nHVjrWY+Do/Iz8whCnQYMYl6QCMlBClpTRf4TI
+LTRqDw9oukc2JA8DKqJSMfXeOJZCITpV6Gkh0tC4RC8
+-> ssh-ed25519 QlRB9Q xeLR2Pt8t5kC10g2aMIxTNbrNJN4j4mBlC6cidqy4BQ
+HSrxWUWxRCmLVrXy9C9zYP8jc7rRMKvN4YgKp82rAgQ
+-> ssh-ed25519 r+nK/Q Q2YybcpErKl8IfT3hoewrAOLJnC/rRgnZPa3RBampSE
+enGIkp9ZAz/J/KdiKg0ZVCvsHKi2f8+THb6wpJ9MVm8
 -> ssh-rsa krWCLQ
-m7Dt57o6Oc0Bfp1goSaxo950nRr1kcsMZv2uQJ9E06oD9g1PjEnAyqW/AECCE5Si
-2Do7zBXYJ+cZeFdPU/W0ZPSrdFZCuF3Q4S/BgjUG7BQabnH8EgQbKJN6TJ+mUYxM
-AhCPwtEKEQwEI1J6TkCq8f1cw2VAcZkBdoWZGrtZx54ZqLXmFvxYWZoRbP+1MFsH
-xmQHTE6Ihkmx6Q33PnvHkdD5MprxkIkhk/QQ0TmNgPr/Hw0PLvb9J64C1l+BpuDq
-NelCAymS2p55QmwZLWGafiB/1hkJJY9vgIINzTT2p8z8hD0ADnBNU5BkN6PDHD8i
-orH+z13/tqYXuGiPKUXSWQ
-> ssh-ed25519 /vwQcQ GZFfbjS7SxHv4ZViDN+KIXBrpX+i721yJd9ePS5OhzQ
-HBbHTWXun/Ehk9yYHqWX+Rrw3y5qfRfe4pKCGlRvwdU
-> ssh-ed25519 0R97PA rhHVQ0ANLsmpsHnxKhOVJxRyPFnxy7zFnda9B/6oj28
-1UOkeN3At/AJoD8rO3WSHtIm62JpO1uTZfFw5okMg/4
-> ssh-ed25519 JGx7Ng BXg2NNukqSm5q3oAYzk3Du4osxjIonX0Qks0gWGlYz4
-QbhcXti1Ql1037+IBkJdMQJ2g82u7N7uu4W1ojQJFXk
-> ssh-ed25519 5SY7Kg ubt2DTgzwjr9jFsHsESiKaq8cPBRP1hCfIIQG1mjhzE
-05sIp5Pj3nj1UIgaui9a0onU8qP32GHhlMMMNGtSxa4
-> ssh-ed25519 p/Mg4Q 7NRJtGVrvvhI96FFH0B15zmoiQ4mRHiKT+9neMhRkBQ
-OPXyboQRVDGjoLc2/87rhNB44p+Dj6yrH0ux3Q0368k
-> ssh-ed25519 tDqJRg xX53lCPHRDVDpOYpas9ftBrrxsdRBUTJjwjI2fnFqT4
-jChHvbDJtheO0FTH0chTIdEXKE4kBHDENm5BEli4JZc
-> ssh-ed25519 9pVK7Q tdiuNARpFCpdU9W+3/YsVZZK8Xt/NdYjqt8kxtVFLTo
-pPKF2IlFzObEu5UtZ7deSOcxh9OTSK87scsgTNop1fQ
-> ssh-ed25519 /BRpBQ YsJ5p4xcU35+q0EVsERg/vh2Z4uVzFJVm6BgipH4CVs
-Yz7m7pfbj6+DHT1Pa/mhcroZG4qQaV24krBaPP9JsHY
-> ssh-ed25519 +MNHsw v4XqeQR30iMCc9EzGA8IdGLoENsXx7Mfvvx4JGVV0GA
-GTR9j6nMikwUuOn4Bj2PAiqxiVDw+D7dtrrJVCsEf0Y
-> ssh-ed25519 rHotTw 0CNrOIAlpnNtQEtlm0RyOrz+0ondvqY+oqM0QtwNYU0
-J2lHzfBPueh2LKt5d7QjaiPQdh/ih5lrngUGng3qWVY
-> ssh-ed25519 +mFdtQ 365dIp+r+Yhj2o0V4YhgUgMNf3AonjzQ55nnKN1g6l8
-C0wurXGyS0aVcsCJwVSkDVN0cHGFVxdHgvfP0y/AwQQ
-> ssh-ed25519 0IVRbA GGL4OdqkjGP5eoVhWtUwQSfV2f+qmoUZo+U6uaYLr00
-loMKTjt1UDgtkEsfyooqh0tfUYsyx2VlOKWmWAwzoAU
-> ssh-ed25519 8V9fnQ dMzN/gaZxUnpSCVd4vDAWd5+0Q7y67zOpEtk6Dx7dl8
-P3FsjOmuc8E0AoAbd36vfHtd61yAvCSR0qyfLhhm+kY
--- oVEtjzZ4tPxxTCrvBBbFXC0XYp08devKq78Y7evtdak
-0ÅeÅ¡-ìc´µô¢P®F¦ .þùê<C3B9>	=Où6x^M×Æ×ô¦•ò4Ã@9ÅàhÒÈM™´9ç
+nQAoYm+rR20EFbXEE/F0Dks6kQP2JdA904j2e7FfQEd1i6pA6mPcbuy1IslgRd1R
+UjJzHamUGO91bNSqQI/+6l2883JJVwazNxgY8pZaWC7BzGYlfDITTTQm9ITPd7Eg
+7W4DAcrf1h5EU7GZfsGXgFtcnLPCBGRsPoAIbeS2hN6JcQP8c66Ubizt7eIOqFab
+880k+cjjJXespuMODavBzFJCshQJwezYcH0S26vyVAF1UJk3H2Yuj1lI+ofT69ef
+0k+bhG/dC0axlQaym3N7CvAZ8XibjydXCdJjk8u3z54p5Sv89MZMJHaNb5rvcbzY
+CBQRMjHWLFfVhTKvBt1OwA
+-> ssh-ed25519 /vwQcQ SXuM/Ssc11v/IGgZbSRiNvtAQvVcLa7PB3xm9mcOX0Q
+xH+65+t3XbnXxPk8ha+i4PuIKvevJ0yHPZofFX/yw60
+-> ssh-ed25519 0R97PA UQK8FggCF5e0ePV5TsctCzdzDh+xIleJkhRRNMn/8EE
+wpRiZFeUhUyV7nVKNu71X5jPmzMNDSVp1IWDw5aeOs
+-> ssh-ed25519 JGx7Ng HE1LAFeYk2HmuYoYrHtO1zhTKjPhfyNF0h4JjRgGwzA
+6VS4Oa70W6ZCKmbBWQ9vSHdy6W8RpFfX7mqQ53anfO8
+-> ssh-ed25519 5SY7Kg dXmbbDbI859IYD0jf3PAVPFmMq0zV6Lwvte4jUBkSBs
+UfV7hAYLtTSeyLskbwh9Jj9vjJpvwydsdsKmgtiK+hw
+-> ssh-ed25519 p/Mg4Q /3jLavRHKgo5Oz+kKVwKHOmJVV7JbxxE3Y1DstD1OHI
+tvhr/65+l7X9R8GmXNPB9Dwu0dtbQNcs+MUXgDRC+Xk
+-> ssh-ed25519 tDqJRg xYM5dqCmh53artXhIfUvsmjwRzLxZQO+/tampI2RbSY
+LSRsicMA7S8xdPYzh3lIEneazrGrRhjuQdN1I27YbV0
+-> ssh-ed25519 9pVK7Q 7dQilI3mmyb6F+gMp+z1i9Os6Prff5CLLbPUFvawTHk
+GtlUtsE2sB/jr7H52qTQcRRKgqJ/f2bDNetYPF4oBPw
+-> ssh-ed25519 /BRpBQ 9dcoKWc+bTkmVkTxgwzJ6bhuUq39JWajYhD5vd+XAjU
+ti+oXuQkM4QX7LFLjTyL52gsi8D1efU3sqC23jqTNrk
+-> ssh-ed25519 +MNHsw VCfgC5V+1u3iaO0JqC6hnvngUJsg77wfsvoIiawcECc
+9HCtIUt3vBccTkW6tub0GNU0gJ6Oxou5QgRly7kO370
+-> ssh-ed25519 rHotTw 5e5Q+cjsNFq4KbqOA0KczyJEclHO5dyTJxsRvVZRvkc
+uavyfil+elUz3AQjIJ/UTaCpod2f4V7JWbYso3j+ePs
+-> ssh-ed25519 +mFdtQ 07KoGFU7pAivpypZZ7g3o/l+jhi7aDyVO7qg4qJo1CQ
+Zthd7uchFTYNb7c9/+isX8BbnN0m6G1eFuohxJrX0KQ
+-> ssh-ed25519 0IVRbA B1AUTNW9N30rr3MVFBfT/H9eivnjh6p6585/gxu+7SY
+VZ0IqaGWSeqA7j3XP+B2HWXf2UYB5SpHImreAA7uqA8
+-> ssh-ed25519 IY5FSQ c0v+PlVESbYTq87dAeYaZNnjY6eCUBIcvHM2ymwoX0g
+0i6eaJVVtljUQZvdd7y2tcKX6cObCxTE4OO0MEqHriQ
+--- gSYlbAC2ojK59TsNxtU9sAww3kpFfgOngL9+kdzx/to
+#äÄ‰Ì/áÉîÃÔL'€ÀMÌ¨|H<>²ö(ðzpÝe0¶ê)¥ËÈ<>öŽèJÌ<4A>&©•¤<E280A2>@
--- a/npins/sources.json
+++ b/npins/sources.json
@ -22,9 +22,9 @@
        "repo": "arkheon"
      },
      "branch": "main",
-      "revision": "0ae53026716c21e1cfb09c27cc7e6e4a20f4a385",
-      "url": "https://github.com/RaitoBezarius/arkheon/archive/0ae53026716c21e1cfb09c27cc7e6e4a20f4a385.tar.gz",
-      "hash": "1461vdqjzhhvincq70ismgz936q4sizqh10jm2jxwhq1xw1wsdz7"
+      "revision": "113724a1a206905e68319676f73d095fcc043a42",
+      "url": "https://github.com/RaitoBezarius/arkheon/archive/113724a1a206905e68319676f73d095fcc043a42.tar.gz",
+      "hash": "0yh8g020d7z67iqpg7xywk4dxxa64dxa1igd45nb8w653c82w6gq"
    },
    "attic": {
      "type": "Git",
@ -38,6 +38,17 @@
      "url": "https://github.com/zhaofengli/attic/archive/4dbdbee45728d8ce5788db6461aaaa89d98081f0.tar.gz",
      "hash": "1iri77pbf0gvas93zra29qy1c3l61n97z84xblqxmmhsxvljzvnh"
    },
+    "cas-eleves": {
+      "type": "Git",
+      "repository": {
+        "type": "Git",
+        "url": "https://git.dgnum.eu/DGNum/cas-eleves.git"
+      },
+      "branch": "main",
+      "revision": "eba2e68677353e8d173ee1fd5c1d491b2dadff0b",
+      "url": null,
+      "hash": "0shdbqggzxsj9rg4g6k1addj9p68yvfvyxq6q97cfhknxdgq3mw2"
+    },
    "disko": {
      "type": "GitRelease",
      "repository": {
@ -143,6 +154,24 @@
      "url": "https://releases.nixos.org/nixos/23.11/nixos-23.11.6981.27c13997bf45/nixexprs.tar.xz",
      "hash": "1s4wn0m6bdzxl4rcxzmyy2fdschrdj3nqy6zl85xynaxkb0n1gpj"
    },
+    "nixos-24.05": {
+      "type": "Channel",
+      "name": "nixos-24.05",
+      "url": "https://releases.nixos.org/nixos/24.05/nixos-24.05.1135.9b5328b7f761/nixexprs.tar.xz",
+      "hash": "0k8d0xvygkxzvs5ikcw8j0pnksvzdmxdl03i69mni3nxylszyxvl"
+    },
+    "nixos-generators": {
+      "type": "Git",
+      "repository": {
+        "type": "GitHub",
+        "owner": "nix-community",
+        "repo": "nixos-generators"
+      },
+      "branch": "master",
+      "revision": "35c20ba421dfa5059e20e0ef2343c875372bdcf3",
+      "url": "https://github.com/nix-community/nixos-generators/archive/35c20ba421dfa5059e20e0ef2343c875372bdcf3.tar.gz",
+      "hash": "17mc5q7rnnldals517b8m6qv9rcv0gdvh5zsnd6yvxmzm9s617ar"
+    },
    "nixos-unstable": {
      "type": "Channel",
      "name": "nixos-unstable",
@ -203,4 +232,4 @@
    }
  },
  "version": 3
-}
+}
--- a/patches/default.nix
+++ b/patches/default.nix
@ -6,6 +6,21 @@ let
 in

 {
+  "nixos-24.05" = [
+    # netbox qrcode plugin
+    {
+      _type = "commit";
+      sha = "ae4bf4c110378ebacb3989c9533726859cfebbfa";
+      hash = "sha256-SgHhW9HCkDQsxT3eG4P9q68c43e3sbDHRY9qs7oSt8o=";
+    }
+
+    netboxAgent
+
+    {
+      id = "275165";
+      hash = "sha256-9a26V3Pi8yLD3N9+mC1kvJoruxRTp/qOHapnt6VX7pw=";
+    }
+  ];
  "nixos-23.11" = [
    # netbox module
    {
Author	SHA1	Message	Date
sinavir	2b52c9997a	fixup! feat: Upgrade machines to nixos-24.05 Some checks failed Check meta / check_meta (pull_request) Successful in 18s Details Check meta / check_dns (pull_request) Successful in 43s Details build configuration / build_storage01 (pull_request) Successful in 1m36s Details build configuration / build_vault01 (pull_request) Successful in 1m18s Details build configuration / build_web01 (pull_request) Successful in 1m39s Details build configuration / build_compute01 (pull_request) Successful in 2m27s Details build configuration / build_rescue01 (pull_request) Successful in 1m2s Details build configuration / build_web02 (pull_request) Failing after 1m6s Details build configuration / push_to_cache (pull_request) Has been skipped Details Check meta / check_meta (push) Successful in 25s Details Check meta / check_dns (push) Successful in 47s Details build configuration / build_storage01 (push) Successful in 1m14s Details build configuration / build_vault01 (push) Successful in 1m14s Details build configuration / build_compute01 (push) Successful in 1m16s Details build configuration / build_web02 (push) Failing after 1m10s Details lint / check (push) Successful in 25s Details build configuration / build_web01 (push) Successful in 1m39s Details build configuration / build_rescue01 (push) Successful in 57s Details build configuration / push_to_cache (push) Has been skipped Details	2024-07-05 10:54:33 +02:00
sinavir	f637ae9ea8	fixup! feat: Upgrade machines to nixos-24.05	2024-07-05 10:54:33 +02:00
Tom Hubrecht	ac09d221ad	feat: Upgrade machines to nixos-24.05	2024-07-05 10:54:33 +02:00
Tom Hubrecht	7c5ed7b65a	feat(cas-eleves): Update and load fixture Some checks failed build configuration / build_rescue01 (push) Successful in 1m10s Details build configuration / build_storage01 (push) Successful in 1m12s Details build configuration / build_vault01 (push) Successful in 1m15s Details build configuration / build_compute01 (push) Successful in 1m18s Details build configuration / build_web02 (push) Failing after 1m21s Details build configuration / build_web01 (push) Successful in 1m33s Details build configuration / push_to_cache (push) Has been skipped Details lint / check (push) Successful in 24s Details	2024-07-04 21:29:22 +02:00
Tom Hubrecht	325e24f5f6	feat(cas-eleves): Update to latest version Some checks failed build configuration / build_storage01 (push) Successful in 1m12s Details build configuration / build_compute01 (push) Successful in 1m18s Details build configuration / build_vault01 (push) Successful in 1m17s Details build configuration / build_web02 (push) Failing after 1m22s Details build configuration / build_web01 (push) Successful in 1m33s Details lint / check (push) Successful in 26s Details build configuration / build_rescue01 (push) Successful in 54s Details build configuration / push_to_cache (push) Has been skipped Details	2024-07-03 14:56:46 +02:00
Tom Hubrecht	5668b6bbfd	feat(web02): Deploy a CAS server on cas-eleves.dgnum.eu Some checks failed build configuration / build_storage01 (push) Successful in 1m14s Details build configuration / build_vault01 (push) Successful in 1m15s Details build configuration / build_compute01 (push) Successful in 1m17s Details build configuration / build_rescue01 (push) Successful in 1m18s Details build configuration / build_web01 (push) Successful in 1m30s Details lint / check (push) Successful in 24s Details build configuration / build_web02 (push) Failing after 2m13s Details build configuration / push_to_cache (push) Has been skipped Details	2024-07-02 20:54:45 +02:00
Tom Hubrecht	250a4b6c87	feat(meta): Add dns for cas-eleves All checks were successful Check meta / check_meta (push) Successful in 25s Details Check meta / check_dns (push) Successful in 46s Details build configuration / build_vault01 (push) Successful in 1m11s Details build configuration / build_compute01 (push) Successful in 1m14s Details build configuration / build_web02 (push) Successful in 54s Details build configuration / build_storage01 (push) Successful in 1m25s Details build configuration / build_web01 (push) Successful in 1m29s Details lint / check (push) Successful in 25s Details build configuration / build_rescue01 (push) Successful in 55s Details build configuration / push_to_cache (push) Successful in 2m16s Details	2024-07-02 18:04:46 +02:00
Tom Hubrecht	807415ae93	feat(arkheon): Update All checks were successful build configuration / build_rescue01 (push) Successful in 1m18s Details build configuration / build_storage01 (push) Successful in 1m20s Details build configuration / build_vault01 (push) Successful in 1m21s Details build configuration / build_web01 (push) Successful in 1m43s Details lint / check (push) Successful in 25s Details build configuration / build_web02 (push) Successful in 1m46s Details build configuration / build_compute01 (push) Successful in 1m52s Details build configuration / push_to_cache (push) Successful in 2m21s Details	2024-06-26 22:54:15 +02:00
Tom Hubrecht	0be91e4803	fix(web02): Use the correct fs configuration	2024-06-26 22:25:40 +02:00
Tom Hubrecht	83d8ff264d	feat(web02): Reimage the node	2024-06-17 17:06:37 +02:00
Tom Hubrecht	1266091123	fix(iso): Use correct attribute	2024-06-17 15:33:49 +02:00
Tom Hubrecht	bf1eab1c5e	fix(shell): Use an up to date version of nixos-generators	2024-06-17 15:33:49 +02:00
Ryan Lahfa	6a44aa3504	fix(meta/nodes): use the full FQDN for vault01 All checks were successful Check meta / check_meta (push) Successful in 30s Details Check meta / check_dns (push) Successful in 52s Details build configuration / build_storage01 (push) Successful in 1m19s Details build configuration / build_vault01 (push) Successful in 1m20s Details build configuration / build_web02 (push) Successful in 53s Details build configuration / build_compute01 (push) Successful in 1m23s Details build configuration / build_web01 (push) Successful in 1m38s Details lint / check (push) Successful in 23s Details build configuration / build_rescue01 (push) Successful in 54s Details build configuration / push_to_cache (push) Successful in 2m10s Details Otherwise, I cannot really hit it… :D Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>	2024-06-14 22:15:46 +02:00
Tom Hubrecht	450d862b41	feat(dns): Add a redirection for the radius service All checks were successful Check meta / check_meta (push) Successful in 28s Details Check meta / check_dns (push) Successful in 50s Details build configuration / build_storage01 (push) Successful in 1m15s Details build configuration / build_vault01 (push) Successful in 1m16s Details build configuration / build_compute01 (push) Successful in 1m19s Details build configuration / build_web02 (push) Successful in 52s Details build configuration / build_web01 (push) Successful in 1m33s Details lint / check (push) Successful in 24s Details build configuration / build_rescue01 (push) Successful in 54s Details build configuration / push_to_cache (push) Successful in 2m15s Details	2024-06-14 21:03:10 +02:00