The gopher server has been disabled for a while and I'm probably not
going to revive it any time soon (though I should fix some stuff on
spacecookie soon-ish…).
Change-Id: I6ef6bbfc013f9924e2d2b7ba116285a32406e5a7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12901
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
All repositories under code.sterni.lv are mirrors, so there's no value
in AI startups endlessly crawling the nixpkgs git history on
code.sterni.lv…
Change-Id: Iaac296315f325ced3cfd0852ae1d8d3f3815ea5b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12803
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
I want to add a warpper script to the mdmonitor program anyways, so
there's not really a point in this.
Change-Id: I92166bd44b54507b782a8d19b9676d91d8fa0f99
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12802
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
1.21.1 fixes an exploit in 1.21 without any other changes, so we can
safely skip it.
Change-Id: I72503c9f3869d7bafdfc78842b61804627a1d452
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12798
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
`requires` is not recommended in this context. I think I tried it out of
desperation trying to combat the issue that these units would be started
before they were able to resolve names in switch-to-configuration.
Unfortunately, network access during switch-to-configuration can't be
detected using network-online.target, it seems.
Change-Id: Ia98a0a3b505ffa56eb37fb58a5375a1215d6cb1b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12794
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Mostly it's important (which I did this time at least) to remember that
with how things work at the moment, the initrd sshd is only reachable
via IPv4.
Change-Id: Ie9a87b6a38b2e128a8a2141d2221bbe7cfe24cdb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12792
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
A recent change in nixpkgs introduced evaluation warnings if a systemd
service is configured to start after network-online.target, but does
not directly depend on it.
This is done because the existing dependency from multi-user.target to
network-online.target is being removed, leaving these services without
an actual dependency on the service.
This affected autosubmit (I added a weak dependency here, for now the
service is actually on the same host as Gerrit), and sterni's mirror
setup (I added a strong dependency here).
Change-Id: I88a4aa69f6788c489f59533d34be3c9cea681326
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11026
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
We skip 1.20.3 which had a somewhat nasty bug that was immediately fixed
in 1.20.4 with no other changes.
Change-Id: Ib7ef12912b3ed7a7ed2e00fea654d5d7532a92f7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10863
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
1.20.1 doesn't seem to have any substantial changes except bug fixes, so
let's jump to it right away.
Change-Id: If41f06352f5e5351e37af1969fa8152693a227e8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10861
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
* Make sterni.lv declarative
* Disable gopher server
* Disable likely-music.sterni.lv for now
* Don't give systemd too much leeway with scheduling git syncs
Change-Id: Ie8507d96f2df76ad8e393b2181ed7378c37829d0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10480
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
This is just intended as a local backup in case things go wrong
horribly, so you can revert to a recent state.
Change-Id: I1d666bad77045a1c807204df144422ba69d1d99f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10417
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Main objective was to get SMART/md monitoring working, alerts go (via
some awful glue code) to #sterni.lv on hackint. Bot nick should also be
registered in the future.
Change-Id: Ia73c5a64ee9f6df62f5fbe21fc1606477e3d6e73
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10174
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
While we are at it, rename disk-checkup.nix to btrfs-auto-scrub.nix and
move it into //ops/modules. I originally wanted to have additionally
disk health related services in that module, but the btrfs scrub
functionality is nicely self-contained and reusable, so I think it makes
sense to have this in a more central location.
Change-Id: Iabdd62838eef009540ca71abafd921afda2a9b47
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10128
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Network configuration and initrd setup is basically the same as with
edwin, but we are using md for Software RAID this time as well as LVM
over two partitions with LUKS:
- sda2 <-- RAID1 --> sdb2 (boot-raid)
└ boot partition, ext4 (encrypted-container-raid)
- sda3 <-- RAID1 --> sdb3
└ LUKS container
└ Volume Group vgmain
├ Logical Volume vgmain/swap
│ └ swap
└ Logical Volume vgmain/root
└ btrfs
So we no longer rely on btrfs raid1 due to question marks over its
reliability (I personally did not have any problems though). This also
means that we have less LUKS containers we need to unlock when
booting (kind of neglible improvement). The biggest improvement is that
we have redundancy for the swap, so a disk failure shouldn't cause
memory corruption/loss.
Change-Id: I14f065b659857415917d9a60a7ec019e687f8d1c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10127
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
