Commit graph

20 commits

Author SHA1 Message Date
Vincent Ambo
7593592241 chore(users/tazjin): move my homepage module into //users
This was in //ops for legacy reasons, but this is really not necessary.

Change-Id: I758b257838993ef0f7d55809c137118826e2ba85
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12483
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2024-09-14 23:47:29 +00:00
Vincent Ambo
7f5956b2be feat(tazjin/koptevo): configure yggdrasil network
I'm looking to replace tailscale with this for some use-cases.

Change-Id: I00f765a403879ef048e635a6fedcfdde3f685159
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12482
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2024-09-14 23:47:29 +00:00
Vincent Ambo
adf8a7da87 feat(tazjin/nixos): issue wildcard cert for yggdrasil services
Issue a wildcard certificate using the Yandex Cloud DNS plugin (which is where
DNS for tazj.in is hosted).

Change-Id: I44fa48add660f4f4324ec4b056a81d78c45ff4f4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12481
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2024-09-14 23:47:29 +00:00
Vincent Ambo
773ddcb209 feat(tazjin/nixos): install radicle-node on all machines
Change-Id: I67ce259d890bd508cd9c9516702d51d5e70f4065
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12470
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2024-09-13 09:48:50 +00:00
sterni
69e4a78818 chore(3p/sources): Bump channels & overlays
- //tvix: address new clippy lints

- //users/tazjin: Satisfy gonic module's new need for a playlist folder.

- //users/aspen/games: adjust for changed location of df's default
  init.txt and d_init.txt.

Change-Id: I00a2adb506ae866206fb6f88c39c9a6af320380f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11509
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: aspen <root@gws.fyi>
2024-04-28 16:39:26 +00:00
Vincent Ambo
db2fbcac0b fix(tazjin/koptevo): add hard dependency from gonic on geesefs
Change-Id: Id4c8346a4bc15e7e7da7188679f54ec1e054cf53
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11028
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2024-02-26 11:52:08 +00:00
Vincent Ambo
9a5a1ddf24 feat(tazjin/koptevo): experimental miniflux setup
Change-Id: I2020a6bf2262966d41d3b47a17b122df121d661d
2024-02-25 12:47:44 +03:00
Vincent Ambo
c63b9d88cd chore(tazjin/nixos): remove monica setup
I never ended up actually using this for anything.

Change-Id: I2bd9a46f6284d8283453d34eab6134efc92ea684
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11023
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
2024-02-25 09:22:13 +00:00
Vincent Ambo
63d3d8cc35 fix(tazjin/koptevo): let gonic access /etc/resolv.conf
Without this line, accessing external APIs from Gonic (e.g. scrobbling
to Listenbrainz) does not work (unless a local resolver exists). This
is because in the pure Go DNS implementation used in gonic, only
/etc/resolv.conf can provide resolvers.

Change-Id: I26dd9a845b0a70c4cfb983c68da2b76b7e57dfec
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9502
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-10-01 22:15:34 +00:00
Vincent Ambo
ac94bf46a6 fix(tazjin/koptevo): minor reliability fixes for music setup
* zramSwap: during reindexing, geesefs can be pushed to the boundaries
  of what the new overaggressive OOM killer accepts, and I don't want
  to bother configuring that thing instead.

* umount: geesefs dying unexpectedly leaves broken mounts around,
  clean these up before proceeding

This bakes in the assumption that there's only ever one geesefs
service, but that assumption is baked in anyways.

Change-Id: Id85c2f5bc2312a7246ea20229eb36d2cc1bd82c0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9500
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-10-01 14:26:41 +00:00
Vincent Ambo
c941ccb42b feat(tazjin/koptevo): deploy airsonic at player.tazj.in
Change-Id: I9f0dec6491906319550c97d4cc15b2cdda4a5ebe
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9499
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
2023-10-01 14:26:40 +00:00
Vincent Ambo
c5cb622d02 feat(tazjin/koptevo): run gonic on music.tazj.in
Change-Id: Id281142e59647d9db02f64a352cba768d4d83237
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9497
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-09-30 21:47:37 +00:00
Vincent Ambo
5df59d2c7f feat(tazjin/nixos): add geesefs mount unit for koptevo ...
... this will make sense soon!

Change-Id: I1f8f32d655afdf868fff4bd09e1fea2943fd7558
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9496
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2023-09-30 21:47:37 +00:00
Vincent Ambo
d356f94ef1 feat(tazjin/nixos): deploy monica on koptevo
Change-Id: Iaa74d995f3b2556673095a32ec2b718dcb2d82a4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8849
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-29 08:54:27 +00:00
Vincent Ambo
8cdad7d45c feat(ops): introduce (head|tail)scale server at net.tvl.fyi
This runs a headscale server on sanduny which lets users join their
machines to the TVL tailscale network.

This would theoretically let people communicate with each other on the
internal network, but also more notably joined servers can advertise
exit node capability so that we can have our own "VPN network", for
starters with endpoints in Germany, UK and Russia (whitby, sanduny and
koptevo respectively).

This setup isn't fully stable yet, notably:

* The IP range used by tailscale is just the default one right now,
  I'm not sure if that should be changed or what.

* The system is stateful (on sanduny), but the state is not (yet)
  backed up anywhere. Use with caution.

* Machine joining is a manual process requiring SSH & root access to
  sanduny.

  The process is to log in to sanduny, then get a headscale shell with
  `sudo -u headscale bash`, and to use the `headscale` CLI within
  there to administrate access.

  I've opted to create a user account `tvl` for TVL-owned machines,
  and a personal account for myself and my machines.

Change-Id: I4f1be1fe8062a6c2e77203ff72fe8709f4e4dec8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8837
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2023-06-22 13:23:14 +00:00
Vincent Ambo
507cd85264 feat(tazjin/koptevo): deploy tgsa
The main instance is still running on polyanka, but things are moving
in this direction.

Change-Id: Idfa9e508023c05148003ac4621ae01dceb284c66
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8827
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-06-18 12:43:15 +00:00
Vincent Ambo
fe3a8e08a4 feat(tazjin/koptevo): move some of my sites here
Change-Id: Ie7c55ee286d2a1ebcc623374fb02775ed8dfbb58
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8789
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
2023-06-15 21:34:36 +00:00
Vincent Ambo
9bec557b33 feat(tazjin/koptevo): provision certificate (for quassel)
With this commit, Quassel becomes operative on koptevo.

Change-Id: Ic877c5bb1525cf5288b0091cb0cd1328b5276264
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8788
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-15 21:34:36 +00:00
Vincent Ambo
e4fee75add chore(tazjin/koptevo): fix some initial growing pains
Change-Id: I614bba9e28ca789d2e641391ccf3bdbc6ff95dd5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8785
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-06-15 21:34:36 +00:00
Vincent Ambo
a5e308587e feat(tazjin/nixos): initialise koptevo system
This is the "new polyanka" (eventually), as I'm decommissioning that
host slowly.

Change-Id: Ia0fe664f3bf64513d8177434c6c0fface857cd99
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8783
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-15 19:16:57 +00:00