The new one is causing breakage for me, but I have no time to debug
this, so I'm backporting the old one.
AFAICT the simp_le included in this channel should be new enough to
have ACMEv2 compat, we'll see if it works.
Change-Id: Ib8b869a5af8a0418a66017a0cf3b9336df5f2d05
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2017
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Create the pipeline by outputting a file that contains nix-build
invocations for each target's *derivation path*.
Each invocation has a generated Nix expression passed to it with `-E`
which fetches the correct target from the tree while correctly
handling targets with strange characters (such as in Go-packages).
This makes it possible to run target-level granular pipelines. We're
getting somewhere!
Change-Id: Ia6946e389dafd1d4926130bb8891446d6e17133b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1855
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: lukegb <lukegb@tvl.fyi>
This is a temporary state (TODO added) to be picked up by the new CI
logic.
Change-Id: Id4702740ffd18325088e2a8a0c6157a8cee7ccf7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1852
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Bumps both nixos-unstable and nixos-20.03 to today's versions, as per
status.nixos.org
Contains minor fixes to things that broke because of the update:
* tazjin/frog: hardware.u2f is a deprecated setting
* glittershark/system: modSha256 in Go modules is now vendorSha256
* glittershark/owothia: removed version constraint on relude
Change-Id: Ib3e9612b1b06ed547b90e4f8b0ffe5ed7fe0a5c4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1642
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
rather than using nix-shell each time ...
Change-Id: If84a84bca4ed892d0d38c5dcfc23a073cbb89e64
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1512
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
This allows access to profiling events by (almost?) all users.
Change-Id: I10e31ea9978f0b552a3973c29e98b43a6db45d1d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1183
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
Frog has a ThreadRipper, and rr won't run at all without this patch.
Change-Id: Ie7e7c3567fb395ef8e7cd23061f099f91c7882ed
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1130
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
These are now on whitby.
Change-Id: I25b1cdedf4ce9cdb377a40edbbbce123938b6828
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1068
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
There is only one minor configuration change: CLBot now connects to
cl.tvl.fyi, instead of localhost, because Gerrit is still on camden.
Change-Id: Ibd8d46ec2c18312a270471a2f0be3e58eaf0cbab
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1062
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
I'm not actually sure if this will apply cleanly, because the new
NixOS ACME module is kind of broken.
Change-Id: I39584333dbea0a5f7b72e68d5e9f752a4c31bfe6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/957
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This hook is invoked by Buildkite (on the runner) after every build
stage. This change adds support in Besadii to run as this hook and
update the build status on a Gerrit CL.
Change-Id: Ie07a94d9b41645a77681cf42f6969d218abf93c1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/761
Tested-by: BuildkiteCI
Reviewed-by: Kane York <rikingcoding@gmail.com>
While we get our actual CI system up-and-running (i.e. while we're
waiting for Hetzner to provision a machine), Frog can serve as a build
host (whenever it's online, anyways).
Change-Id: I917a8dbe92c499c607ead179a58bc59c105abd3d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/626
Reviewed-by: tazjin <mail@tazj.in>
My personal pages have moved out of //web, and various changes were
necessary to keep everything working.
Change-Id: I2f81fdd8ba2ce2ce6fea7e329bbdcda6092cc8a6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/604
Reviewed-by: tazjin <mail@tazj.in>
This ends up using the same driver, but generates saner display names
somehow. Who knows what's going on there.
FWIW, it didn't help with the font weight issue.
Change-Id: Ib6161088b23109f4f0e24b8a87c478ad274df4d6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/566
Reviewed-by: tazjin <mail@tazj.in>
These are all things I constantly nix-shell into my environment. Maybe
they should just be part of it.
Change-Id: Ic0b738d12fae70900629c79764c7d8c323e71bb1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/560
Reviewed-by: tazjin <mail@tazj.in>
Without this patch, this board is not included in the pin map
overrides and audio basically doesn't work.
With this patch, the audio still doesn't work, but it can at least
correctly detect what is and isn't plugged in - so that's progress.
Change-Id: I66ca7d7a1e0e25a0212b9659381875ad4c590ffc
Reviewed-on: https://cl.tvl.fyi/c/depot/+/542
Reviewed-by: lukegb <lukegb@tvl.fyi>
We can always revert this if we want it back.
Change-Id: I1332b6dd541199584b7b5b94a8651172d79e53a9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/442
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: lukegb <lukegb@tvl.fyi>
This module spins up the Sourcegraph container.
Builds:
Note that this is contrary to how our other deployments work, but
packaging Sourcegraph is quite difficult (it's a Gitlab style
deployment with a lot of moving parts and third-party things that it
bundles).
If we decide to keep it around, we will want to look at packaging it
in Nix in the future.
Deployment:
The deployment is a hack. Sourcegraph does not support public
instances, but we want it to be public. To work around this we have
configured HTTP-proxy based authentication (i.e. auth via a header)
and hardcoded a static header.
This works, but lets anonymous users change the "Anonymous" user's
settings. We can expect this to get defaced (profile picture, name
etc), until we figure out how to write some nginx configuration to
drop those requests. See git-bug for details.
The Sourcegraph configuration is also not checked in to the
repository. It's unclear where in the data directory it is stored.
Change-Id: I414ff11c3b49989b6792d697bffc8a0edf96c9cb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/425
Reviewed-by: lukegb <lukegb@tvl.fyi>
This configures a timer that will push hourly, incremental backups of
Gerrit's state (including repositories) to GCS.
The GCS bucket tvl-fyi-backups is an Archive-class bucket in the
tazjins-infrastructure project.
Change-Id: I3bb5b084d8dd929bc4c3e51ddfb524b78d9445cb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/397
Reviewed-by: glittershark <grfn@gws.fyi>
NixOS modules move one level up because it's unlikely that //ops/nixos
will contain actual systems at this point (they're user-specific).
This is the first users folder, so it is also added to the root
readTree invocation for the repository.
Change-Id: I546c701145fa204b7ba7518a8a56a783588629e0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/244
Reviewed-by: tazjin <mail@tazj.in>