Commit graph

139 commits

Author SHA1 Message Date
accf643294
chore(meta): Remove nodes.nix 2024-12-16 09:40:38 +01:00
09e55d4a80
chore(reuse): Add copyright and license information 2024-12-16 09:34:15 +01:00
3c9bf80f24
feat(netconf): use meta for access control 2024-12-16 09:26:52 +01:00
99ef0b76de
feat(netconf)!: wip! broken! netconf-eval 2024-12-16 09:26:52 +01:00
c5e3da3ac9
chore(meta): Split nodes into systems 2024-12-16 09:26:52 +01:00
12f19506fc
feat(compute01): Update nixos, but keep kanidm_1_3 2024-12-15 23:08:42 +01:00
a2d397de70
feat(nodes): Update to nixos 24.11 2024-12-15 23:08:42 +01:00
a1f17d1850
feat(meta/options): Add the system type to the default tags 2024-12-15 12:49:13 +01:00
88d9b8c3e3
chore: Add license and copyright information
Signed-off-by: Tom Hubrecht <tom.hubrecht@dgnum.eu>
Acked-by: Ryan Lahfa <ryan.lahfa@dgnum.eu>
Acked-by: Maurice Debray <maurice.debray@dgnum.eu>
Acked-by: Lubin Bailly <lubin.bailly@dgnum.eu>
Acked-by: Jean-Marc Gailis <jean-marc.gailis@dgnum.eu> as the legal authority, at the time of writing, in DGNum.
Acked-by: Elias Coppens <elias.coppens@dgnum.eu> as a member, at the time of writing, of the DGNum executive counsel.
2024-12-13 12:41:38 +01:00
f16d8ce68f fix(ap01): switch Liminix nodes to 24.05
There's a bug in 24.11 regarding GCC bootstrap for mipsel which makes it
impossible to use that NixOS version.

We will need to pin 24.05 and bisect until we find the root cause…

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-12-08 21:14:28 +01:00
65b188a7cd
fix(meta): Use correct optional 2024-12-08 17:15:45 +01:00
a2295953da
fix(meta): Add required stuff for ap01 2024-12-08 17:15:45 +01:00
cdd8b9cc12
feat(machines): add ap01 initial configuration
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-12-08 15:24:40 +01:00
ecbad0a638
chore: Abstract machines and modules
This adds subdirectories for the different types of systems, for the
modules and the machines
2024-12-08 13:39:10 +01:00
c3f4e7ade6
fix(meta): Only define targetHost when the network config is defined 2024-12-08 12:49:46 +01:00
e1586b4873
fix(dns): Only generate infra records for nixos machines 2024-12-08 12:19:31 +01:00
eb5b8740a8
feat(meta): Remove default values for nixpkgs version
They are considered harmful, and it simplifies the code.
2024-12-08 11:52:26 +01:00
1821104e8e
feat(meta): Add system to the nodes meta 2024-12-08 11:40:01 +01:00
12c8870f6d
chore(meta): Sort nodes 2024-12-08 11:02:04 +01:00
344cc26d8e feat(meta/*): support generalized deployments
Our colmena knows how to deal with families of system types, e.g. NixOS
systems or Liminix-based systems.

This is a step 1 towards supporting our APs in our infrastructure.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-12-07 15:26:13 +01:00
f909853119
feat(dns): Add autoritative DNS for lab subdomain 2024-12-07 11:05:45 +01:00
96e8bfff5b
feat(django-apps): Internalize 2024-11-25 23:29:39 +01:00
32d28ed351
feat(organization): Added Antoine Groudiev and Matthieu Boyer to organization 2024-11-09 22:55:24 +01:00
sinavir
2cee8006d3
feat(access-control): Remove luj from admins 2024-11-08 00:18:14 +01:00
06bbe99769
feat(meta/dns): Add private subdomain linking to the netbird ips 2024-10-31 10:58:07 +01:00
ae7aaabf29
feat(meta/network): Add web03 netbirdIp 2024-10-23 11:04:28 +02:00
2b858bbae4
feat(web03): Switch to nixos-unstable 2024-10-22 14:09:54 +02:00
4f18e8d387
feat(meta/dns): Add apps-webhook domain, to separate from the apps 2024-10-22 13:55:30 +02:00
7875007a4f
feat(meta/dns): Add victoria-metrics 2024-10-21 11:15:31 +02:00
51133e6e5f
feat(netbird): Update 2024-10-20 23:01:14 +02:00
5f0c7d4e22
feat(meta/nodes): Sort nodes 2024-10-20 22:35:35 +02:00
63c9f02b16
fix(meta): Use correct username
(Sorry @jemagius)
2024-10-18 18:46:33 +02:00
f0b3d4b490
feat(kanidm): Use kanidm-provision to setup active members 2024-10-18 14:36:38 +02:00
sinavir
1a05ea3a9a feat(krz01): Move to lab-infra repo 2024-10-18 11:53:32 +02:00
05edf3f295
feat(meta/dns): Update web02 2024-10-17 23:03:37 +02:00
sinavir
3c445ab4c7 feat(networking): Add a bridge to connect VMs to the world 2024-10-17 17:56:09 +02:00
db5859e472
feat(web03): Initial deployment of django-apps 2024-10-17 15:11:43 +02:00
ad8ddb1f4d
feat(dns): Redirect webapps subdomain to web03 2024-10-16 11:24:10 +02:00
b6cbf6e918
feat(infra): Deploy web03 2024-10-16 11:08:24 +02:00
bb4a24f9e9 feat: add cst1's member info 2024-10-11 14:53:13 +02:00
cafaa15ef3 fix(rights): add cst1 to lab adminGroup 2024-10-11 14:53:13 +02:00
e37f56f85b
fix(dns): cachix.dgnum.eu is no longer in service 2024-10-11 01:45:41 +02:00
a4de5f4d31 feat(krz01): move ollama to compute01 via a reverse proxy
krz01 has no public web IP.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-10 17:40:56 +02:00
de6742aa0d feat(storage01): add s3-admin.dgnum.eu
This is the administration endpoint of the S3, you can create new
buckets and more, from there.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-10 17:13:11 +02:00
d76e655174 feat(krz01): add a NGINX in front of ollama protected by password
This way, you can do direct requests to ollama from other places.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-10 16:43:33 +02:00
sinavir
7d70beb1f0 feat(krz01): create and add the lab admin group to krz01 2024-10-10 13:35:34 +02:00
1e71ef3636
feat(users): Add root passwords and deactivate mutableUsers 2024-10-10 09:23:19 +02:00
6c4099d369 feat(infra): Internalize nix-lib, and make keys management simpler 2024-10-09 18:58:46 +02:00
8441992408 feat(krz01): move to unstable
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-09 12:51:14 +02:00
sinavir
c6588da802 fix(krz01): Use default target 2024-10-08 12:57:57 +02:00