mdebray/tvl-depot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1085 commits 5 branches 0 tags 172 MiB
Commit graph

41 commits

Author SHA1 Message Date
Vincent Ambo
43ceaa17e3 feat(infra/k8s): Add git cookie secret for repository sync 2019-12-20 13:15:58 +00:00
Vincent Ambo
e4fe192e57 feat(infra/k8s): Add deployment configuration for cgit 
This is not yet done because repository cloning doesn't work at all,
in any way whatsoever.
 2019-12-19 17:01:59 +00:00
Vincent Ambo
ce55786ffe chore(infra/gcp): Allow k8s nodes to access GCSR 2019-12-18 21:37:31 +00:00
Vincent Ambo
7b4e893a36 chore(infra/k8s): Bump Nixery popularity URL 2019-12-18 19:01:59 +00:00
Vincent Ambo
0538b1f500 chore(infra/k8s): Point Nixery at the depot on GCSR 2019-12-18 17:54:44 +00:00
Vincent Ambo
3359ce12cf feat(infra/k8s): Provision certificate for git.tazj.in 2019-12-18 17:27:30 +00:00
Vincent Ambo
c3d31e0ba6 feat(infra/gcp): Configure source repository for the depot 2019-12-18 17:24:28 +00:00
Vincent Ambo
1584607fb9 chore: Remove some configuration from a previous life 2019-12-14 14:56:13 +00:00
Vincent Ambo
863f5b146d chore(emacs): Move Nix derivation for building Emacs over from infra 2019-12-14 11:57:11 +00:00
Vincent Ambo
b4f835e21c chore(infra/nixos): Remove deprecated local packages 2019-12-14 11:56:48 +00:00
Vincent Ambo
0a8aa95c73 chore(infra/nixos): Mark folder as "not to be evaluated" 2019-12-14 11:55:31 +00:00
Vincent Ambo
74b5054a43 merge(nixos): Merge (unrelated) NixOS config history into infra/ 2019-12-14 11:45:21 +00:00
Vincent Ambo
3f199f9650 chore(nixos): Move NixOS config to infra/nixos 2019-12-14 11:44:01 +00:00
Vincent Ambo
ecd54d58b1 fix(k8s): Adjust blog image name to match new repo layout 2019-11-15 23:37:22 +00:00
Vincent Ambo
374d55d190 chore(k8s): Bump deployed Nixery version 2019-10-26 12:02:55 +02:00
Vincent Ambo
d35debf882 chore: Bump Nixery version & package set configuration 2019-10-25 15:52:23 +02:00
Vincent Ambo
2fceba1618 chore(k8s): Bump deployed Nixery version 2019-09-21 15:46:58 +01:00
Vincent Ambo
4c3f27b9a7 refactor(k8s): Parameterise the nginx version 2019-09-21 15:37:44 +01:00
Vincent Ambo
52fabe4423 fix(k8s): Reinsert passLookup newline after kontemplate trims it 
SSH can not read the key without the trailing newline. Ideally
kontemplate would expose a toggle for this.
 2019-09-04 16:59:38 +01:00
Vincent Ambo
56f9e37755 fix(k8s): Move nixery-secrets to the correct namespace 2019-09-04 10:34:20 +01:00
Vincent Ambo
283951388c feat(k8s): Insert Nixery's secrets via kontemplate 
Instead of having a manually prepared secret, use Cloud KMS (as per
the previous commits) to decrypt the in-repo secrets and template them
into the Secret resource in Kubernetes.

Not all of the values are actually secret, it has thus become a bit
easier to edit the known hosts, SSH config and such now.
 2019-09-03 16:12:30 +01:00
Vincent Ambo
abd5d7538c feat(gcp): Create Cloud KMS resources for encrypting secrets 
The idea here is to use Cloud KMS and a shell script that mimics
'pass' to trick kontemplate into using Cloud KMS to decrypt secrets.
 2019-09-03 16:12:30 +01:00
Vincent Ambo
eb43ba75d2 chore(gcp): Remove monorepo repository 
The repository is now public on Github.
 2019-09-03 16:12:30 +01:00
Vincent Ambo
5e4157e4a2 chore(k8s): Update deployed Nixery version 2019-09-03 00:31:09 +01:00
Vincent Ambo
d577629b5b fix(k8s): Add nginx route for load-balancer health checks 2019-09-02 20:16:49 +01:00
Vincent Ambo
e2feae3387 fix(k8s): nginx does not need to be pinned to gitHEAD 2019-09-02 18:42:18 +01:00
Vincent Ambo
07a17501cc chore(k8s): Point Nixery at public depot URL 2019-09-02 18:38:24 +01:00
Vincent Ambo
a0089892dd feat(k8s): Route oslo.pub to nginx in ingress 2019-09-02 18:28:39 +01:00
Vincent Ambo
785a5a2997 feat(k8s): Add nginx instance for oslo.pub redirect 
The redirect is currently all that this instance does. It is required
because HTTP load balancers in GCP don't support URL rewriting.
 2019-09-02 18:19:35 +01:00
Vincent Ambo
e6cb12ebfb chore(k8s): Provision certificate for oslo.pub 2019-09-02 18:19:06 +01:00
Vincent Ambo
4881a84eaa chore(infra): Remove NixOS configuration for servers 
This configuration is no longer in use. The Gemma configuration file
has been moved over to the k8s folder from where it will be templated
into the actual configuration.
 2019-09-02 17:19:07 +01:00
Vincent Ambo
a58af3e371 feat(k8s): Configure HTTPS ingress for the blog 
Uses Google-managed certificates and an Ingress resource to set up an
HTTPS load-balancer.

This probably won't be the final version as the GKE Ingress is very
limited and can not do things like redirect URLs, which I need to
decommission the old setup.
 2019-08-27 12:44:37 +01:00
Vincent Ambo
cae99692de feat(k8s): Add Google managed TLS certificates 
Introduces certificates for tazj.in & www.tazj.in.
 2019-08-27 12:43:55 +01:00
Vincent Ambo
155f17173b chore(gcp): Enable Cloud DNS service 2019-08-25 17:47:34 +01:00
Vincent Ambo
31e83b33cc chore(k8s): More tazblog replicas 2019-08-23 14:13:13 +01:00
Vincent Ambo
28a9c01d36 feat(infra/k8s): Add in-cluster tazblog deployment via Nixery 
First deployment actually using a Nixery image and `gitHEAD`.

This does not actually serve a working blog for various reasons. The
current storage mechanism (acid-state) isn't really appropriate
anymore and I'll need to change that soon.
 2019-08-19 03:10:53 +01:00
Vincent Ambo
a4ef595fef chore(infra/k8s): Bump Nixery image to Cachix-enabled one 2019-08-19 02:43:42 +01:00
Vincent Ambo
cb810687d5 fix(infra/k8s): Always pull a Nixery image 2019-08-16 19:57:10 +01:00
Vincent Ambo
dd35be7add feat(infra/k8s): Deploy Nixery instance to cluster 2019-08-16 18:20:20 +01:00
Vincent Ambo
ba06317836 feat(infra/gcp): Add Terraform configuration for GKE & friends 
Sets up Terraform itself, a GKE cluster, a storage bucket and all the
other little things required to get the basics running.
 2019-08-16 16:52:06 +01:00
Vincent Ambo
a131b30514 refactor(infra): Move infrastructure into monorepo structure 2019-07-02 12:48:05 +01:00