tvl-depot

Author	SHA1	Message	Date
Vincent Ambo	cbad0991de	chore(whitby): Move isomer's SSH key to user directory This is inline with how other user keys are managed. Change-Id: Ica0b3b30336aee02a78e019b13e1cf576e4e1943 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1360 Tested-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi>	2020-07-23 19:32:15 +00:00
Vincent Ambo	406e37fde1	feat(whitby): Deploy todo.tvl.fyi page with //web/todolist Note that this is not yet updated automatically, so the page will be stale until somebody rebuilds whitby. Change-Id: I91f4b03c9309aed289df055fac292a214dca7668 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1297 Reviewed-by: Alyssa Ross <hi@alyssa.is> Tested-by: BuildkiteCI	2020-07-19 23:40:42 +00:00
Kane York	3c9ee24929	chore(whitby): add riking Change-Id: I33cc1324eac9a13be56d296d09cfdbe066d90e13 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1256 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in>	2020-07-18 21:21:10 +00:00
Alyssa Ross	effbb277c3	chore(tvl-slapd): add display name for qyliss Not having this set led to gerrit setting the committer to "qyliss <hi@alyssa.is>", which is wrong. Change-Id: I3fe02264e22dd6d739575b34ceb1221d1d6a9d98 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1267 Tested-by: BuildkiteCI Reviewed-by: qyliss <hi@alyssa.is>	2020-07-18 16:50:07 +00:00
Kane York	501d6bdaab	chore(tvl-slapd): change display name to a username-like Change-Id: I289400de6638844586a32a729333cb65a0dca4a0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1254 Tested-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi> Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in>	2020-07-18 01:23:13 +00:00
Alyssa Ross	0f7bdd6711	feat(tvl-slapd): add qyliss Change-Id: Ia95c77be8a9c123f2e52174f76c4b01d44272191 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1260 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>	2020-07-17 22:53:17 +00:00
Vincent Ambo	67f0fbfcea	feat(whitby): Hardcode Google DNS servers The Hetzner DNS servers were unhappy after today's Cloudflare outage, and that broke some of our builds - this wouldn't have happened with Google DNS! Change-Id: Ib74c6de9526e739f55d4a9830d945ece35b72138 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1259 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>	2020-07-17 22:27:49 +00:00
isomer	cbff4fab9e	chore(whitby): += Isomer Change-Id: I446ab16d009dc24340606ab2f411197af24d79c2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1142 Reviewed-by: isomer <isomer@tvl.fyi> Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: glittershark <grfn@gws.fyi> Tested-by: BuildkiteCI	2020-07-17 19:38:51 +00:00
Vincent Ambo	356dde149f	feat(whitby): Configure Gerrit backups on whitby Change-Id: I84245fb809725853a301f217cdb11eacc1984cae Reviewed-on: https://cl.tvl.fyi/c/depot/+/1103 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>	2020-07-12 14:11:24 +00:00
Vincent Ambo	e035c46c6e	chore(whitby): Give the git user a home directory Change-Id: I5e6e13fa8a1656434ca897c83fe7ac48eb869369 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1102 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>	2020-07-12 13:51:20 +00:00
Vincent Ambo	8b6b3df5c4	fix(www/base): Add nginx fix timer Change-Id: Iec66fea0f3991ba74aede3911ea9f6ae5adb0188 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1082 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>	2020-07-12 13:36:45 +00:00
Vincent Ambo	405b7ec95b	feat(whitby): Enable Gerrit & cgit deployments Change-Id: Ic701552e130252cfff005938d9c4e98423a7a96a Reviewed-on: https://cl.tvl.fyi/c/depot/+/1069 Reviewed-by: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI	2020-07-12 13:36:45 +00:00
Vincent Ambo	93575158c6	feat(whitby): Enable SourceGraph server Change-Id: Ia8a20d54a4ac77d64f5e3fd2255ffad78dce0fb0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1067 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>	2020-07-12 13:36:45 +00:00
Vincent Ambo	6ed4e7d4d1	chore(sourcegraph): Bump version to 3.17.3 Change-Id: I6bc25d039cbe497bc9aa8784ac2f95219b5c617c Reviewed-on: https://cl.tvl.fyi/c/depot/+/1066 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>	2020-07-12 13:36:45 +00:00
Vincent Ambo	5abdc16f6f	feat(nixos/sourcegraph): Move cheddar server to module & make ports configurable Change-Id: Iaf0c854b148062e30d426c2e92638932caf2e92e Reviewed-on: https://cl.tvl.fyi/c/depot/+/1065 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>	2020-07-12 13:36:45 +00:00
Vincent Ambo	90b8433828	feat(nixos/www): Add configuration for tvl.fyi homepage ... and enable it on whitby Change-Id: Ife45f15227f9d95823ebd3b97d2a17175b84eaff Reviewed-on: https://cl.tvl.fyi/c/depot/+/1064 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>	2020-07-12 13:36:45 +00:00
Vincent Ambo	31f65f5d2b	feat(whitby): Move over clbot deployment from camden There is only one minor configuration change: CLBot now connects to cl.tvl.fyi, instead of localhost, because Gerrit is still on camden. Change-Id: Ibd8d46ec2c18312a270471a2f0be3e58eaf0cbab Reviewed-on: https://cl.tvl.fyi/c/depot/+/1062 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>	2020-07-11 12:20:17 +00:00
Vincent Ambo	ea428faf99	feat(whitby): Enable smtprelay module This is required for the Gerrit setup. Change-Id: I02e03dafe36e6c47ffabf4d590e0c6f1dea027e6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1061 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>	2020-07-11 11:58:43 +00:00
Vincent Ambo	b53d25ab3f	fix(monorepo-gerrit): Use Google's CDN to serve static assets Change-Id: Ib4ffc1d9b030a5982b9063c1d6322fb87ba7f910 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1022 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>	2020-07-11 01:00:31 +00:00
Vincent Ambo	5de644a597	chore(monorepo-gerrit): Increase Gerrit's heap limit to 4g (this translates to -Xmx) Change-Id: I31bbbd247952fa6a592cb66ad144025af640d2db Reviewed-on: https://cl.tvl.fyi/c/depot/+/1021 Tested-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi>	2020-07-11 01:00:31 +00:00
Vincent Ambo	a8c77b9c2a	fix(monorepo-gerrit): Explicitly set gerrit.docUrl This prevents a request that takes >1s on each page load. Change-Id: Ic91bb602e3059b1f17681aa468739bb0a103f8cf Reviewed-on: https://cl.tvl.fyi/c/depot/+/1003 Tested-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi>	2020-07-11 01:00:31 +00:00
Andreas Rammhold	d06237707b	feat(tvl-slapd): add `andi` Message-Id: <20200710190623.26573-1-andi@notmuch.email> Change-Id: Ibd74f93f589beecbf7fa9090550ecf95caa0a3b0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/982 Reviewed-by: tazjin <mail@tazj.in> Tested-by: BuildkiteCI	2020-07-10 19:10:18 +00:00
Vincent Ambo	449afaa384	feat(ops/nixos): Add module for running a Quassel daemon The upstream module is not flexible enough for my needs, so I made my own. Change-Id: Ie9f786da7eb8c878e0782b07a075c064ad8cd253 Reviewed-on: https://cl.tvl.fyi/c/depot/+/953 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>	2020-07-08 22:10:08 +00:00
Luke Granger-Brown	2c7e9986e2	chore(apereo-cas): fix up configuration - X-Forwarded-Proto support so it knows it's behind TLS - Remove extraneous logs and just log to stdout so it's caught be systemd Change-Id: I650777bbfd24a1922f26967ffff7da06d14b6639 Reviewed-on: https://cl.tvl.fyi/c/depot/+/952 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>	2020-07-08 17:49:25 +00:00
Luke Granger-Brown	cb52c9e41d	chore(ops/nixos/tvl-sso): add secrets Change-Id: I29f5e762852593f05b9936d5635aadcc7eba2840 Reviewed-on: https://cl.tvl.fyi/c/depot/+/951 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>	2020-07-06 23:08:00 +00:00
Luke Granger-Brown	1e8dbd5b1b	fix(ops/nixos/tvl-sso): correct path to executable Change-Id: I29f5e762852593f05b9936d5635aadcc7eba283f Reviewed-on: https://cl.tvl.fyi/c/depot/+/950 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>	2020-07-06 23:08:00 +00:00
Luke Granger-Brown	57ade16b9d	feat(whitby): add apereo-cas/tvl-sso Change-Id: I29f5e762852593f05b9936d5635aadcc7eba283e Reviewed-on: https://cl.tvl.fyi/c/depot/+/935 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>	2020-07-06 22:59:56 +00:00
Luke Granger-Brown	aae3d25234	feat(ops/nixos/www): create login.tvl.fyi host Change-Id: Ifad80915a61a1a5ac14e598a9d788aec3482693c Reviewed-on: https://cl.tvl.fyi/c/depot/+/936 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>	2020-07-06 22:48:40 +00:00
Griffin Smith	a73714a93c	feat(ops/nixos): Add generic rebuild-system script This adds a first crack at one idea for a generic, non-user-specific rebuild-system script to ops.nixos.rebuild-system. The idea here is that we enumerate all the nixos systems stored in the monorepo (similarly to what we do for ci-builds right now) then search through them by hostname to find the one matching the hostname of the current system, which is an attempt at a more generic version of tazjin's rebuilder script which does the same thing but with an explicit case block. As a caveat, it feels like there's a slight possibility that this way of finding systems is going to get slow to evaluate - on my system it feels fine but if it grows out of hand it's probably feasible to just bake this into the built script as a dynamically generated case statement. Change-Id: I2e4c5401913b6f4d936ab48ba2f95f96e0e78eb4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/894 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>	2020-07-06 15:16:36 +00:00
Luke Granger-Brown	25cebc3a62	feat(whitby): enable tvl-slapd on whitby Change-Id: I3fac108802671abfb9a508359390b063bce16202 Reviewed-on: https://cl.tvl.fyi/c/depot/+/923 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>	2020-07-05 16:54:48 +00:00
Luke Granger-Brown	f54a48f831	chore(whitby): add lukegb to trusted-users for remote builds Change-Id: Id1e67bb30bb7f4d329006688f1783b900d16d164 Reviewed-on: https://cl.tvl.fyi/c/depot/+/914 Tested-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi>	2020-07-04 21:27:27 +00:00
Vincent Ambo	3ce41f4fa4	feat(whitby): Enable nix.sshServe This exposes a binary cache over SSH. Change-Id: Ib934a118cd7315ef76f3dfe795c76a570fbbc47a Reviewed-on: https://cl.tvl.fyi/c/depot/+/895 Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: BuildkiteCI Tested-by: BuildkiteCI	2020-07-03 14:25:35 +00:00
Griffin Smith	0d4f709757	feat(whitby): Allow wheel users to sudo without a password This should translate to the required invocation to make sudo allow nopasswd for users in the wheel group. Change-Id: I3713862b8df9087cfbaa72d7e824bc43469f7c1c Reviewed-on: https://cl.tvl.fyi/c/depot/+/857 Reviewed-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI	2020-07-02 22:00:41 +00:00
Griffin Smith	1ecae26afa	feat(whitby): Add grfn as a trusted user So I can remote builder Change-Id: I8106244d3d197c010b618e4337a9ccfc13a116f8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/856 Reviewed-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Tested-by: BuildkiteCI	2020-07-02 21:36:11 +00:00
Vincent Ambo	4d9c6dbbe2	feat(whitby): Run a handful of Buildkite agents This is the point of the machine, afterall. Change-Id: I15c11600c1c18fa8962d57f75f99a72e1553f9c2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/853 Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: BuildkiteCI Tested-by: BuildkiteCI	2020-07-02 20:54:11 +00:00
Vincent Ambo	7114e72d81	feat(whitby): Enable Nix signing for the binary cache Change-Id: I9047667cc1a40668c0c7da72c070044b91b53014 Reviewed-on: https://cl.tvl.fyi/c/depot/+/852 Reviewed-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi> Tested-by: BuildkiteCI	2020-07-02 20:54:11 +00:00
Vincent Ambo	cabdd4aa51	fix(whitby): Explicitly set an interface for the v6 default gw systemd gets sad otherwise and it is very difficult to console it Change-Id: Ic6405489532c407273e5634474185f2947420b37 Reviewed-on: https://cl.tvl.fyi/c/depot/+/851 Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: BuildkiteCI Tested-by: BuildkiteCI	2020-07-02 20:54:11 +00:00
Griffin Smith	298060dba9	feat(whitby): Add grfn it's not glittershark because grfn is the username I have on my laptop and I want to be able to ssh without an `@`. Change-Id: Ie1fb6f5e12f3ac52a44680704179bd27a00a7768 Reviewed-on: https://cl.tvl.fyi/c/depot/+/850 Reviewed-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Tested-by: BuildkiteCI	2020-07-02 20:28:48 +00:00
Luke Granger-Brown	8ad55c9095	feat(whitby): add lukegb Change-Id: I26356632b86a64519128bc673178f1cd1b55b99b Reviewed-on: https://cl.tvl.fyi/c/depot/+/848 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: BuildkiteCI	2020-07-02 19:33:44 +00:00
Vincent Ambo	c18b0a7c57	fix(whitby): Set correct IPv6 default gateway for Hetzner env Change-Id: Ic3d4c6ebf7c40e27a453e08295bb0f2f999c0d88 Reviewed-on: https://cl.tvl.fyi/c/depot/+/845 Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: BuildkiteCI Tested-by: BuildkiteCI	2020-07-02 18:59:01 +00:00
Vincent Ambo	62dd3fdc3c	feat(nixos/whitby): Hello, World! This adds NixOS configuration for the machine whitby.tvl.fyi. No interesting services are configured yet, so this configuration is quite plain. Change-Id: I67b7c75ebd6e298719b52e6b3bd83cc3be3c45d8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/843 Tested-by: BuildkiteCI Reviewed-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi> Reviewed-by: lukegb <lukegb@tvl.fyi>	2020-07-02 18:32:47 +00:00
Vincent Ambo	b1f0de3fde	chore(nixos/whitby): Bootstrap //ops/nixos/whitby folder Change-Id: I7d77c3ea48b181d7b9f754ac4807ed44735a8925 Reviewed-on: https://cl.tvl.fyi/c/depot/+/841 Reviewed-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi> Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: glittershark <grfn@gws.fyi> Tested-by: BuildkiteCI	2020-07-02 18:32:47 +00:00
Kane York	2215ae98b9	chore(tvl-slapd): rotate password for riking Change-Id: I3ec53d5223a4ff0871eed7615f11f534ed74653b Reviewed-on: https://cl.tvl.fyi/c/depot/+/839 Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: BuildkiteCI Tested-by: BuildkiteCI	2020-07-02 06:20:04 +00:00
Vincent Ambo	7dbdd2d13e	chore(tvl-slapd): Remove old password generation script This does not work for ARGON2 hashes. Change-Id: I1e070fa0ff17ef21632e94e6777da637deb6f54f Reviewed-on: https://cl.tvl.fyi/c/depot/+/834 Reviewed-by: Kane York <rikingcoding@gmail.com> Reviewed-by: BuildkiteCI Tested-by: BuildkiteCI	2020-07-01 20:55:48 +00:00
Vincent Ambo	a1556d71e6	chore(tvl-slapd): Rotate my LDAP passwords and use ARGON2 hashes Change-Id: Id1a60121e4254e7ccff77ac17fd39d0955aedc8f Reviewed-on: https://cl.tvl.fyi/c/depot/+/832 Reviewed-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: isomer <isomer@tvl.fyi> Tested-by: BuildkiteCI	2020-07-01 19:10:13 +00:00
Vincent Ambo	5b4ff0c393	feat(tvl-slapd): Load Argon2 password module in OpenLDAP This makes it possible to use {ARGON2} hashes instead of the current salted SHA hashes, which is a much better idea. Unfortunately the nixpkgs module does not have an option for overridding the package used, so it is overlaid into the system package set - this causes widespread rebuilds. This is fine for us for now, but I have opened a PR upstream to add a package option: https://github.com/NixOS/nixpkgs/pull/91963 Change-Id: Ib4be931d88e74b91566639f8656742cf096f6cc3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/831 Reviewed-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi> Tested-by: BuildkiteCI	2020-07-01 19:10:13 +00:00
Vincent Ambo	feb3f1a374	feat(nixos/clbot): Add a module for running clbot Change-Id: I9c10906441c3222b74bcc820a67f11d96462fcfa Reviewed-on: https://cl.tvl.fyi/c/depot/+/821 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: BuildkiteCI	2020-06-30 23:39:48 +00:00
Cameron Kingsbury	7839b7b7a3	feat(tvl-slapd): update camsbury in slapd Change-Id: Idce92352ad01f85bd7fbb102decdd1df26dda5f4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/823 Reviewed-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Tested-by: BuildkiteCI	2020-06-30 23:34:04 +00:00
Vincent Ambo	1eb8067bb0	fix(nixos/smtprelay): Only enable if the user asks for it Change-Id: Ifbdf9bf9e89a1da68e8c823f61a33275183afcb1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/822 Reviewed-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI	2020-06-30 23:32:45 +00:00
Profpatsch	d640027f66	chore(tvl-slapd): sort alphabetically bad ericvolp12 Change-Id: I508c7de48d4c2a7c734c38f79d0efeafec5d1e34 Reviewed-on: https://cl.tvl.fyi/c/depot/+/622 Reviewed-by: Profpatsch <mail@profpatsch.de>	2020-06-27 02:39:15 +00:00

1 2 3 4

200 commits