This adds a first crack at one idea for a generic, non-user-specific
rebuild-system script to ops.nixos.rebuild-system. The idea here is that
we enumerate all the nixos systems stored in the monorepo (similarly to
what we do for ci-builds right now) then search through them by hostname
to find the one matching the hostname of the current system, which is an
attempt at a more generic version of tazjin's rebuilder script which
does the same thing but with an explicit case block.
As a caveat, it feels like there's a slight possibility that this way of
finding systems is going to get slow to evaluate - on my system it feels
fine but if it grows out of hand it's probably feasible to just bake
this into the built script as a dynamically generated case statement.
Change-Id: I2e4c5401913b6f4d936ab48ba2f95f96e0e78eb4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/894
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
gRPC 1.29.0 can not be built with our precompiled libs because it
accidentally overrides the C++ standard specified by the users.
This was fixed in 1.30.0.
Change-Id: I9a0390b3f5ec8dae6c295562f3a94b3dfa681dd1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/925
Tested-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Add expression for building haskell-language-server, based on a vendored
version of https://github.com/korayal/hls-nix with hashes updated to
work with our nixpkgs version and ghc 8.8.3. Also add that to CI
builds, so whitby will build it for me (thanks whitby).
Change-Id: I373f8a7cb67974b8aa043b116436c074591b8d57
Reviewed-on: https://cl.tvl.fyi/c/depot/+/897
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: BuildkiteCI
This reverts commit 2249be39ed4d869ca602b353372f8d9066f0be28.
Build should pass now that it's all been properly integrated into the
nix tree.
Change-Id: If2bfa642302368ac24d06ff7d853c0eda76811a7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/742
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: Kane York <rikingcoding@gmail.com>
Tested-by: BuildkiteCI
My laptop, so I can recompile linux-ck not on my machine
Change-Id: Ib42e0440628be6a4d03999220ab2c69b19d6e391
Reviewed-on: https://cl.tvl.fyi/c/depot/+/884
Reviewed-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
Tested-by: BuildkiteCI
This adds NixOS configuration for the machine whitby.tvl.fyi.
No interesting services are configured yet, so this configuration is
quite plain.
Change-Id: I67b7c75ebd6e298719b52e6b3bd83cc3be3c45d8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/843
Tested-by: BuildkiteCI
Reviewed-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Reviewed-by: lukegb <lukegb@tvl.fyi>
This enables support for the Argon2 password hashing mechanism in
OpenLDAP. Note that we also need to configure the LDAP module to load
this, so this change is not yet sufficient for actually using Argon2
hashes.
Change-Id: I151b854b777daa924b22224a43851432a88a2760
Reviewed-on: https://cl.tvl.fyi/c/depot/+/830
Reviewed-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Tested-by: BuildkiteCI
... and remove a package that doesn't exist anymore (at this location)
from the nixpkgs allowlist.
Change-Id: I663c84c387fb04bb3b47448132ad768ed5352474
Reviewed-on: https://cl.tvl.fyi/c/depot/+/829
Reviewed-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Tested-by: BuildkiteCI
runExecline is a primitive that just does not care.
It’s similar to `runCommand`, but instead of concatenating bash
scripts left and right, it actually *uses* the features of
`derivation`, passing things to `args` and making it possible to
overwrite the `builder` in a sensible manner.
Additionally, it provides a way to pass a nix string to `stdin` of the
build script.
Similar to `writeExecline`, the passed script is not a string, but a
nested list of nix lists representing execline blocks. Escaping is
done by the implementation, the user can just use normal nix strings.
Change-Id: I890d9e5d921207751cdc8cc4309381395d92742f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/701
Reviewed-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
This removes almost all of the GCP-infrastructure leftovers from my
previous setup.
The DNS configuration is retained, but moves to my user folder
instead.
Change-Id: I1867acd379443882f11a3c645846c9902eadd5b0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/782
Tested-by: BuildkiteCI
Reviewed-by: eta <eta@theta.eu.org>
Reviewed-by: isomer <isomer@tvl.fyi>
`nix-build -A` expects a list of derivations, otherwise it will
silently skip some targets. We can use yants to ensure we don’t
accidentally put test targets that do not run on CI.
`depot.users.tazjin.blog` was one such target, the only real drv is
in the `rendered` field.
`getBins` is not a derivation, rather the `runTestsuite` prints `{}`
if it succeeds and aborts the evaluation otherwise. We make it into a
derivation, using the `emptyDerivation` primitive we added earlier.
We could actually improve that still, see the TODO.
Change-Id: I3e7658b21aa4ef84192ac43c11b986bd8570a115
Reviewed-on: https://cl.tvl.fyi/c/depot/+/666
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: tazjin <mail@tazj.in>
Add all the haskell packages we've overridden to the ci targets, so we
can check that they build successfully.
Change-Id: I3c2f2d61f542cc06ac2266881e182e755fcb3774
Reviewed-on: https://cl.tvl.fyi/c/depot/+/743
Reviewed-by: Kane York <rikingcoding@gmail.com>
Reviewed-by: tazjin <mail@tazj.in>
This reverts commit 35600236ee.
While I fix the build, fix CI for now
Change-Id: I6edf741f511fe137fd4b9b4379177996aa1a7b5d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/738
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Add a ci-builds group for glittershark, with Xanthous.
Change-Id: I6b0cbaa158e7e0a5e74e17de8758ce1684a86b52
Reviewed-on: https://cl.tvl.fyi/c/depot/+/732
This is a simple-stupid “unix import system” for nix, for referencing
binaries in `/bin/` by their name and lifting them to a Nix attrset.
Allows for simple aliasing of executable names.
Change-Id: Ifa23cb377201c3b08050c5026e9751e736afaf56
Reviewed-on: https://cl.tvl.fyi/c/depot/+/664
Reviewed-by: tazjin <mail@tazj.in>
These categories separate CI targets, which hopefully avoids the
out-of-space errors we have been seeing on Sourcehut.
The sets of CI build targets are made available in the depot itself so
that besadii can be updated to create a new build for each target
group.
For convenience, 'ciBuilds' contains an '__allTargets' attribute which
combines the contents of each target batch - this makes it possible to
still invoke a build for everything by using:
nix-build -A ciBuilds.__allTargets
Note: Some targets that were previously built in CI aren't anymore,
most importantly my NixOS systems which don't fit on Sourcehut.
Change-Id: Ia15ed7b743c8add51ae08ce0827a0ddfacd637e2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/570
Reviewed-by: lukegb <lukegb@tvl.fyi>
NixOS modules move one level up because it's unlikely that //ops/nixos
will contain actual systems at this point (they're user-specific).
This is the first users folder, so it is also added to the root
readTree invocation for the repository.
Change-Id: I546c701145fa204b7ba7518a8a56a783588629e0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/244
Reviewed-by: tazjin <mail@tazj.in>
Deleting this code feels strange. This project has been around for a
decade, and despite occasionally needing a bunch of tweaks it had aged
well and worked fine for a very long time.
I've reached a strange point where I don't really feel like using
Haskell anymore, and every interaction with this project in recent
years has been fighting dependency management tooling for Haskell, or
dealing with strange build problems.
The simple fact is that the service never really did anything other
than render Markdown dynamically, and at this point I can do that much
better with //tools/cheddar instead.
So, tazblog-hs, it's time to say goodbye. Rest in peace!
This introduces a derivation which builds an instance of nginx
statically serving my blog posts, though as of now no indexes are
being generated and no XML feed is available.
This is just the initial draft of this setup and not yet what shall be
yielded in the end.
Instead of polluting the repository namespace with the list of CI
projects, move that to a separate file.
Currently the list of projects to be built by CI is still hardcoded,
but this will be fixed soon.