cst1/infrastructure
1
0
Fork 0
forked from DGNum/infrastructure
Code Pull requests Activity
659 commits 16 branches 0 tags 1.6 MiB
Commit graph

659 commits

This branch
This branch
All branches
Author SHA1 Message Date
Ryan Lahfa
ed285ba79d feat(scripts/liminix): fail HARD and support root prefixes 
Now that we possess the levitation technology, it's necessary to support
root prefixes for rebuild otherwise we will just overwrite our RAM disk
configuration.

Also, to avoid any issue, let's fail hard and avoid rebooting while
being in levitation for nothing.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-08 00:50:33 +02:00
Ryan Lahfa
d29deeae56 feat(ap01): use levitation for mass rebuilds 
To deal with mass rebuild disk space requirements, we can just levitate.

In the future, we will use levitation as a general-purpose mechanism for
partition layout migration, etc.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-08 00:50:33 +02:00
Ryan Lahfa
4ed0c435ba feat(ap01): write nixpkgs version in /etc 
It's useful for debugging.
We should also track our own revisions at some point.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-08 00:50:33 +02:00
Ryan Lahfa
c08d6c464f feat(ap01): re-enable 2GHz 
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-08 00:50:33 +02:00
Ryan Lahfa
46d07da404 fix(hive): misc fixes regarding the nixpkgs usage 
Previously, we were using <nixpkgs> actually, we fixed liminix and this
file to ensure that we are instantiating the right nixpkgs.

This helps to deal with unexpected mass rebuilds.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-08 00:50:33 +02:00
Ryan Lahfa
99902d2bb8 chore: upgrade liminix 
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-08 00:48:12 +02:00
Ryan Lahfa
c0ec57ef22 fix(ap01): bridge only once the WLAN is in operational state 
It required a lot of technology, but hey, we now have it.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-07 21:14:27 +02:00
Ryan Lahfa
337a71a169 feat(scripts): add Android profile building via Nix 
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-05 17:06:40 +02:00
Ryan Lahfa
9bf83a60fe fix(ap01): fix _one_ race condition when bridging the LAN 
The remaining is hostapd notification that the WLAN interface is ready
to bridge.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-05 14:59:16 +02:00
Ryan Lahfa
994e593d3b chore(ap01): cleanup 
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-05 14:58:44 +02:00
Ryan Lahfa
adb843dd8b feat(ap01): add ubus 
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-05 14:58:38 +02:00
Ryan Lahfa
45b106190f feat(ap01): disable IPv6 
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-01 18:08:41 +02:00
Ryan Lahfa
0b94fb5ba7 feat(ap01): external RADIUS + DHCPv4 + jitterRNGd + stable bridge + default route 
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-01 18:08:41 +02:00
Ryan Lahfa
4fb39070bb fix(sources): update to the latest version of Liminix 
With bridge fixes and many other things.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-01 18:08:41 +02:00
Ryan Lahfa
47231417cc feat(liminix-rebuild): support hive names directly 
Thanks @catvayor, I'm so dumb.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-09-01 17:20:37 +02:00
Ryan Lahfa
afd92ab203 feat(devshell): add kanidm & freeradius 
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-08-31 22:38:07 +02:00
Ryan Lahfa
270eb4b106 chore(ap01): cleanup 
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-08-31 22:37:46 +02:00
Ryan Lahfa
04cb0a9f04 feat(scripts): add liminix-oriented scripts 
- extraction for manual recovery via nandwrite
- liminix rebuild to interactively develop the AP

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-08-31 22:23:04 +02:00
Ryan Lahfa
c4d9d6d000 feat(ap01): enable fully RADIUS via internal RADIUS server 
This adds two public keys.

For the private keys, heh…

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-08-31 22:23:04 +02:00
Ryan Lahfa
be1673c6aa feat(devshell): add liminix-related tools 
serial console, deployment tools and TFTP tool

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-08-31 22:20:24 +02:00
Ryan Lahfa
8b66b2b7c3 feat: add access control for APs via our custom modules 
It works!

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-08-22 18:45:40 +02:00
Ryan Lahfa
3ed6ecba31 feat: ensure that colmena repl can evaluate nodes.ap01 
Bump to latest Liminix and use the new `defaults` function.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-08-22 15:28:34 +02:00
Ryan Lahfa
5a8fe24dce feat: achieve custom evaluation in the framework 
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-05-24 18:46:13 +02:00
Tom Hubrecht
0a948e6148 feat: Specialize nixpkgs as a function of the system 2024-05-24 18:46:13 +02:00
Ryan Lahfa
41ca207b41 feat: wip! wip! wip! 2024-05-24 18:46:01 +02:00
Ryan Lahfa
aa6b082b81 feat: enable liminix-rebuild 
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-05-24 18:46:01 +02:00
Ryan Lahfa
17b2345a02 feat: add liminix-rebuild in the shell 
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-05-24 18:46:01 +02:00
Ryan Lahfa
fde8f66ea7 feat: init Liminix evaluation system 
Very rudimentary; undocumented, untested in production. This is for testing purposes.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
 2024-05-24 18:46:01 +02:00
catvayor
2329799c87 feat(monitoring): Add adminGroup emails 2024-05-22 19:05:03 +02:00
sinavir
bfeaa18530 feat(signal-irc-bridge): init 2024-05-22 18:26:06 +02:00
Tom Hubrecht
d3b7481188 fix(atticd): Don't chunk NARs as garage does it automatically 2024-05-21 09:24:01 +02:00
Tom Hubrecht
e2de21ed18 feat(cineclub): Add redirections 2024-05-18 19:14:24 +02:00
Tom Hubrecht
9a1f49d0ce fix(README): Use correct link 2024-05-18 16:48:05 +02:00
Tom Hubrecht
9a8c182a95 feat(wp): Update cineclub address 2024-05-18 16:47:54 +02:00
Tom Hubrecht
1d686b740b feat(verify): Tweak error message 2024-05-15 09:58:50 +02:00
Tom Hubrecht
e4e44dfd00 feat(meta): Add Elias 2024-05-14 23:50:20 +02:00
Tom Hubrecht
947e29aa57 feat(vault01): Make the fai group admin 2024-05-14 23:48:40 +02:00
Tom Hubrecht
a559d2e0c0 feat(meta): Add more assertions 2024-05-14 23:47:20 +02:00
Tom Hubrecht
e49ab86364 fix(iso): Correctly import meta 2024-05-14 23:32:08 +02:00
Tom Hubrecht
aad6490bd5 feat(meta): Add assertions 2024-05-14 23:31:49 +02:00
Tom Hubrecht
0e7dd1ea70 feat(organization): Add external and internal services 2024-05-14 17:32:54 +02:00
Tom Hubrecht
01b967fff0 feat(organization): Add FAI group 2024-05-14 17:23:02 +02:00
Tom Hubrecht
8d2a46e538 feat(meta): Remove the ISO group 2024-05-14 17:15:55 +02:00
Tom Hubrecht
a63f682aeb feat(monitoring): Add admin emails 2024-05-13 23:33:36 +02:00
DGNum Chores
b732c5e9fb chore(npins): Update 2024-05-07 13:27:24 +00:00
Tom Hubrecht
2c88c2bad7 fix(netbox-agent): batch requests filtering on interfaces 
Re-enable the service on vault01 now that it works
 2024-05-07 13:29:43 +02:00
sinavir
3494f609bb fix(netbox-agent): really disable on vault01 2024-05-07 09:07:22 +02:00
sinavir
bf4bdf70df fix(netbox-agent): disable on vault01 2024-05-07 08:45:19 +02:00
sinavir
ac67107c6d fix(patches): use again netbox-agent PR 2024-05-07 08:44:46 +02:00
Tom Hubrecht
efee0dd7b7 feat(patches): Vendor patches and rename 2024-05-07 08:17:49 +02:00