Commit graph

20479 commits

Author SHA1 Message Date
Aspen Smith
b7b993b288 feat(grfn/web): Some more contact stuff
Change-Id: I856285d8950d213977b918a1ec7defbf09512037
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10033
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
2023-12-05 17:05:48 +00:00
Aspen Smith
d54cc89b4f feat(grfn/web): Link to my own version of my pubkey
the keys.gnupg.net keyserver has been down for some time now, let's not
link to that in favor of linking to a self-hosted version of my GPG
public key

Change-Id: I9f645c562c2b04e9fb755f21d1ec8a89f89c2230
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10032
Tested-by: BuildkiteCI
Autosubmit: grfn <grfn@gws.fyi>
Reviewed-by: grfn <grfn@gws.fyi>
2023-12-05 17:05:48 +00:00
Aspen Smith
2db3cc920b feat(grfn/web): Link to resume from homepage
Change-Id: Id31a3f744e53c6dc82235bf11e01a3fc500b6fa4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10031
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
2023-12-05 17:05:48 +00:00
Florian Klink
d32baeff6c chore(ops/terraform): add license information
This is the result of a `"reuse annotate --copyright "The TVL Authors"
--license MIT"` in that directory, making it conformant with the REUSE
Specification:

https://reuse.software/spec

Change-Id: I13e069b4621e8d5ccb7a09c12f772d70dea40a11
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10170
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2023-12-05 12:31:25 +00:00
Vincent Ambo
7637e92b8c feat(tazjin/aoc2023): invalid solution for day3
This passes all tests I could find so far, but doesn't work on the
website. I wrote an interactive debugger for looking at the input, and
haven't found anything incorrect, so not sure what it wants from me.

Change-Id: I506001735e15b2d02eaaebc6d1da8c26e92acde0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10188
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-12-03 12:33:04 +00:00
Vincent Ambo
696d02ab16 chore(tazjin/emacs): minor configuration cleanups
Deletes some stuff that I think isn't necessary anymore, and
consolidates the modes.el content into settings.el.

Change-Id: Ib682dbdb4eb89b3a7ee2eca89da4151af806a508
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10187
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-12-02 20:58:26 +00:00
Vincent Ambo
3d618cdfdc feat(tazjin/emacs): experimentally install eat terminal emulator
Change-Id: Ia9cea718631d3a9b5bf06e6bb0a9ed430e83f019
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10186
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-12-02 20:58:26 +00:00
Manuel Giraud
3d2d5837ad fix(3p/exwm): Fix frame focus for Emacs 29
See https://debbugs.gnu.org/cgi/bugreport.cgi?bug=58438 for more
details

Depot note: Commit is from
4096d18eea

Change-Id: I4e101533209c35c6f55f14512cc420f007b9da53
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10185
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-12-02 20:58:26 +00:00
Steven Allen
3a6da21189 refactor(3p/exwm): Simplify and improve focus handling
- No need for two different timers, roll them into one.
- Debounce focus updates.
- Handle "no focus" frames.

Depot note: This patch was taken from Sibalien's fork of EXWM, and I'm
experimentally adding it here to see if it has any effect on wonkiness
around focusing.

Change-Id: Ifabfccc80817daabedd31e51532aef3c4277e2ed
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10046
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-12-02 20:58:26 +00:00
Vincent Ambo
9a4cc27bb6 feat(tazjin/aoc2023): day 1 solution
String splits all the way!

Change-Id: I7e7f64fb082ee2e04d895f3b7e52210610d06d39
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10184
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
2023-12-02 13:54:16 +00:00
Vincent Ambo
240e457bf4 feat(tazjin/aoc2023): day 1 solution
The second task was very annoying because you had to guess the actual
rules (overlapping words), as they're not explained correctly in the
task. My solution hardcodes those cases.

Change-Id: Idf24579a78a1b8ede368504d3ff0c58c9978f069
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10183
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
2023-12-01 16:23:08 +00:00
Vincent Ambo
5ec564ca6c feat(tazjin/emacs): experimentally install orderless & corfu
Change-Id: Iabf2ad7562e5a9008cbf7aa701716b204e7239f5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10182
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
2023-12-01 16:23:08 +00:00
Vincent Ambo
ba4c66b3c6 feat(tazjin/nixos): annual attempt to use Firefox
Lets see if it's good now. Chrom(e|ium) (and by extension (pun
intended) derivatives) are getting rid of ad blockers, so need to
do *something*.

Change-Id: Id7c69d38ddb0ad929aed9e6fbae4d9919ed0731f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10177
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2023-12-01 16:22:35 +00:00
Vincent Ambo
3f60140402 chore(tazjin/emacs): remove company-mode
I have a suspicion that some strange behaviour I occasionally get is
related to company mode.

Change-Id: I26f25c31967ae092d15248a806acdf4f28cb4c10
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10176
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-12-01 16:22:35 +00:00
Vincent Ambo
dfd93efee0 refactor(tazjin/emacs): remove telephone-line
I don't really like this package, it's kinda wonky, and now that part
of my mode line logic is in the tab-bar, it's no longer needed.

Change-Id: I4791a75e5ce2f0c49ef0d239cadf6a4f81c73636
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10171
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-12-01 16:22:35 +00:00
Aspen Smith
dbc17e8c4b fix(grfn/xanthous): Fix build
Bunch of miscellaneous stuff due to breakages in dependencies

Change-Id: I807cfa875148e7e5b691f2be0b58dc0a08f3c3ad
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9003
Autosubmit: grfn <grfn@gws.fyi>
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
2023-12-01 11:34:29 +00:00
Aspen Smith
e40908d4aa chore(grfn/wigglydonke.rs): Add cf 2fa verify token
I lost a yubikey :(
this is the way to recover my cloudflare account

Change-Id: Iaffb567ec4a072baa93e78073b47e99a1dc2bb36
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10181
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
2023-12-01 11:33:58 +00:00
sterni
275bf10ab5 chore(sterni/machines): move minecraft from edwin to ingeborg
Change-Id: I6917a9633c998148d6e5d23b17d949ee007898e5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10180
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2023-11-30 21:27:08 +00:00
sterni
77b990b0b2 feat(sterni/machines): prevent deploy if hostname doesn't match
Change-Id: I5a850e0d98069483e89d90022b624feba60ceebc
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10179
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2023-11-30 21:27:08 +00:00
sterni
6a5faac11d feat(sterni/ingeborg): make secrets available
Change-Id: I2a39a6e5125e95c4ea10836694b594d068ceda73
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10178
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-30 21:27:08 +00:00
sterni
60ca9ba437 feat(sterni/ingeborg): set up monitoring via netdata
Main objective was to get SMART/md monitoring working, alerts go (via
some awful glue code) to #sterni.lv on hackint. Bot nick should also be
registered in the future.

Change-Id: Ia73c5a64ee9f6df62f5fbe21fc1606477e3d6e73
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10174
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-30 21:21:14 +00:00
sterni
c6c1c9f8fc chore(sterni/edwin): disable creative minecraft server
We currently don't need it actively and it is easy to re-enable if
needed. Due to spawn chunks simulation it is not really idling either.

Change-Id: I2e4e5ff2271fd61ee1affec27a614244d4a87fcf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10173
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2023-11-30 17:19:50 +00:00
sterni
62416bd3ab fix(sterni/mod/minecraft-fabric): correctly set service enable opt
This actually allows disabling a service for the first time, since the
configuration structure for the service is created irrespective of the
enable option.

Change-Id: I08e5e67565d6fe210fb0f65600b8750433ce4712
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10175
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-30 17:19:50 +00:00
sterni
1470ff1be1 fix(sterni/edwin): launch mirror jobs after network-online.target
This will hopefully prevent failures on system deploys where DNS is
briefly not available, so git(1) fails to resolve github.com. Thanks
flokli for the tip.

Change-Id: I6096e9f3655cbe28ca2a71142de22337814e0be1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10172
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-30 17:19:50 +00:00
Aspen Smith
1481066cb7 fix(nix/readTree): Fix typo in docs
Change-Id: I65d6d1d99813d849a02369a0693893ced4681e7e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10169
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2023-11-30 14:40:44 +00:00
Aspen Smith
f9727b6e93 chore(grfn/system): Death to kolide
Change-Id: Ie0433ad182ff2292968572d45822a4137c3066eb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10168
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
2023-11-30 13:33:30 +00:00
Vincent Ambo
f9eddf6f29 fix(3p/nixpkgs): pin tpm2-pkcs11 to version from stable channel
This doesn't work correctly in unstable (there's a few suspicious
commits, but I haven't debugged it further yet). However, this tool is
critical for me, hence the rollback.

Change-Id: I1f1e18775324b4aa60a4f3c65abdd51dea596cad
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10167
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
2023-11-29 09:44:26 +00:00
Florian Klink
dfb48dcade fix(tvix/nar-bridge): drop pathinfoservice
This now exists in tvix-store directly, as NixHTTPPathInfoService, and
contrary to this version, also validates signatures.

Change-Id: Ib6ca161e40d627b7d9741839fc849f2392f422da
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10155
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: Connor Brewster <cbrewster@hey.com>
2023-11-28 16:08:59 +00:00
Florian Klink
563886c3de feat(tvix/store/pathinfosvc/nix_http): allow configuring pubkeys
This allows setitng the trusted-public-keys URL parameter to a
(whitespace-separated) list of public keys.

NARInfo files retrieved need to contain a valid signature.

Change-Id: Ifd6580b723cbae3182e9cadfa54f1ca2b41d6599
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10153
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-28 16:08:59 +00:00
Florian Klink
4297e33d94 feat(tvix/store/pathinfosvc): add signature verification
Introduce an Option<Vec<narinfo::PubKey>>, configurable with a
`set_public_keys` method.

If set, this configures NixHTTPPathInfoService to validate signatures.

Change-Id: I157c5e13c41fc9bfd40b0655381fb4cf33900868
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10152
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2023-11-28 16:08:59 +00:00
Florian Klink
5fc737b02e feat(nix-compat/narinfo): add PubKey::verify(fp, sig)
This makes it easy for each PubKey to check if a given Signature is
correct for a given fingerprint.

Change-Id: I56e6211d133f74f390fd1ae3ae799eef12221904
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10151
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2023-11-28 16:08:59 +00:00
Florian Klink
6af67af76e feat(nix-compat/narinfo): add PubKey
This represents a ed25519 public key and "name".
These are normally passed in the `trusted-public-keys` Nix config option,
and consist of a name and base64-encoded ed25519 pubkey, separated by a `:`.

Change-Id: I9ab4b3e0e5821805ea6faf2499626630fc5a3f0a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10150
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-28 16:08:59 +00:00
Florian Klink
e7a86273b1 refactor(nix-compat/narinfo/signature): rename Error type
Just call this Error, we can infer from the package what error this is.

Change-Id: I5df25d2873ec739c49c08804f35562c84c222e06
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10149
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-28 16:08:59 +00:00
Florian Klink
7e8719be91 feat(tvix/store/pathinfosvc/nix_http): check Nar{Size,Hash} matches
Ensure the initially communicated NarHash/NarSize from the NarInfo
matches what we read, and don't return a PathInfo message if there's
a mismatch.

Also move the buffering layer around a bit.

Change-Id: I68c60ecfaf0f9cd5edacea648437ecb0c9729251
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10148
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-28 16:08:59 +00:00
Florian Klink
fce9c0e99e fix(tvix/store/fs): don't panic on PathInfoService error
An error in the PathInfoService request can appear in case the
underlying request returns an error.

We shouldn't panic and bork the fuse mount, but instead return an IO
error.

Change-Id: I2daeae629e1627d06adcd7b82ddb76c50c602212
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10154
Tested-by: BuildkiteCI
Reviewed-by: Connor Brewster <cbrewster@hey.com>
2023-11-28 14:54:56 +00:00
Vincent Ambo
84a846a3a2 refactor(tazjin/emacs): move global-mode-line info into tab-bar
This removes the wonky hack with detecting the bottom right window,
and gives me saner, unified handling of this display in the tab
bar (of which there is only one!)

Change-Id: Id21c6b2472d0c89fc4d000a10a9e90d2ddba86b6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10165
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-28 12:34:48 +00:00
Vincent Ambo
a554531e28 chore(ops): move from gerrit-queue to gerrit-autosubmit
Enables the new autosubmit bot, albeit without rebase
functionality (this will be a separate change).

Change-Id: Ia42a4f08c0edca5e6cc8bf4770ec24dbf16a5db7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10132
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
2023-11-27 21:51:08 +00:00
Vincent Ambo
623805cecd feat(ops/gerrit-autosubmit): init simple gerrit autosubmitter
Adds a small Rust program that connects to the Gerrit API and uses a
simple algorithm to figure out which changes should be submitted, and
submits them:

* it fetches all changes the Gerrit query API considers
  submittable (i.e. all requirements fulfilled), and that have the
  `Autosubmit` label set

* it filters these changes down to those that are _actually_
  submittable (in Gerrit API terms: that have an active Submit button)

* it filters out those that would submit ancestors that are *not*
  marked with the `Autosubmit` label

* it submits the longest chain

After that it just loops.

There is no rebasing logic yet for when it "runs out" of submittable
changes, but it will not be difficult to add.

Relates to b/333.

Change-Id: Ib91ecf2c45b178e8c64ff7b2174d617d4c45efe2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10131
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
Autosubmit: tazjin <tazjin@tvl.su>
2023-11-27 21:50:37 +00:00
Vincent Ambo
360c98ce38 chore(3p/sources): bump channels & overlays (2023-11-27)
* picked avrdude from stable channel
* removed override for texlive, as the upstream fix is merged
* picked awscli2 from stable channel
* bump tdlib to 1.8.21 (new minimum for telega.el)
* tvix/turbofetch: switch to nixpkgs-native mechanism for
  CARGO_MANIFEST_LINKS (whatever that is)

Change-Id: Ic695721b5ca750b89d21cab7a257e1db682b23c0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10083
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
2023-11-27 21:16:46 +00:00
Florian Klink
0415bc6fd2 fix(nix-compat/narinfo/signature): validate name field
We should restrict this to alphanumeric mostly, and we definitely don't
want newlines.

Not entirely sure about the exact additionally allowed characters
outside of alphanumeric, but this can always be extended further.

Change-Id: I1357e79e553f2df2fa97792889f63f0f35d50ed5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10147
Reviewed-by: edef <edef@edef.eu>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
2023-11-27 15:12:13 +00:00
Florian Klink
b7de931cc6 fix(nix-compat/narinfo): don't panic trying to parse signatures
BASE64.decode_mut panics if we're passing data that has the wrong size.
Do the size check first and error out there.

Also update the error, and talk about b64-encoded sizes.

Change-Id: I290f80a37d48526a30bf1df9d1d9fe34865008eb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10146
Tested-by: BuildkiteCI
Reviewed-by: edef <edef@edef.eu>
Autosubmit: flokli <flokli@flokli.de>
2023-11-27 15:12:13 +00:00
Florian Klink
dfaaf41cef refactor(nix-compat): use ed25519_dalek::SIGNATURE_LENGTH
No need to hardcode magic numbers here, we have a constant for that.

Change-Id: I67b671c0c4bb7c3bfb001e9c36499f31873ee717
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10145
Reviewed-by: edef <edef@edef.eu>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2023-11-27 15:11:41 +00:00
Vincent Ambo
5730742bdf feat(tazjin/emacs): i3-style jumping back&forth for tab-bar-mode
Change-Id: I19cab91646241edc38a58bf5546c9dd8161abeb0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10130
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-26 22:16:19 +00:00
sterni
79c38dbf2a fix(ops/modules/irccat): recursively merge config attribute set
`lib.types.attrs` is deprecated in favor of `lib.types.attrsOf
lib.types.anything` because it doesn't merge attribute sets
/recursively/. `attrsOf` and `anything` do, the former is used to ensure
that the top value is an attribute set as expected by irccat.

Change-Id: I2a9d943a06c8f99f7d6d20c9944288e854924bff
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10129
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-26 22:16:16 +00:00
sterni
03d5ffd2de feat(sterni/ingeborg): enable btrfs auto scrub
While we are at it, rename disk-checkup.nix to btrfs-auto-scrub.nix and
move it into //ops/modules. I originally wanted to have additionally
disk health related services in that module, but the btrfs scrub
functionality is nicely self-contained and reusable, so I think it makes
sense to have this in a more central location.

Change-Id: Iabdd62838eef009540ca71abafd921afda2a9b47
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10128
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-26 22:16:16 +00:00
sterni
825b6ac65f feat(sterni/machines/ingeborg): boot-strap
Network configuration and initrd setup is basically the same as with
edwin, but we are using md for Software RAID this time as well as LVM
over two partitions with LUKS:

- sda2 <-- RAID1 --> sdb2 (boot-raid)
  └ boot partition, ext4 (encrypted-container-raid)
- sda3 <-- RAID1 --> sdb3
  └ LUKS container
    └ Volume Group vgmain
      ├ Logical Volume vgmain/swap
      │ └ swap
      └ Logical Volume vgmain/root
        └ btrfs

So we no longer rely on btrfs raid1 due to question marks over its
reliability (I personally did not have any problems though). This also
means that we have less LUKS containers we need to unlock when
booting (kind of neglible improvement). The biggest improvement is that
we have redundancy for the swap, so a disk failure shouldn't cause
memory corruption/loss.

Change-Id: I14f065b659857415917d9a60a7ec019e687f8d1c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10127
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
2023-11-25 22:55:32 +00:00
sterni
b91f4e89ab chore(sterni/edwin): allow 10G of logs (there's enough space)
Change-Id: I576107047d8213e718e720d3a7a1dcc1dff39122
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10126
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-25 22:55:32 +00:00
sterni
897ee4ad26 refactor(sterni/edwin): move generic settings into module
These settings would also be applied to a machine that'd replace edwin,
so it's useful to have them outside edwin's default.nix.

Change-Id: I4e8f464118a103645e53909a87c6ee4446022fa3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10125
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-25 22:55:32 +00:00
Florian Klink
5161c3c072 feat(users/flokli/archivist): init
This introduces a new structure, as activities are moved to a separate
AWS Account for reasons (tm).

Change-Id: Ic310eca2dc0d4ee81bae8944238b26910067336a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10124
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2023-11-25 16:17:46 +00:00
Vincent Ambo
e65fa82d74 refactor(tvix/eval): use or_default helper in entry API
This fixes a future clippy lint.

Change-Id: Ic830e94ef23595580c1037f10878c76bbb546dd9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10110
Tested-by: BuildkiteCI
Reviewed-by: Adam Joseph <adam@westernsemico.com>
2023-11-25 15:48:46 +00:00