Commit graph

277 commits

Author SHA1 Message Date
Griffin Smith
69f402563a feat(whitby): Create a Postgres database for Panettone
Create a running Postgres database server along with a user and database
for Panettone, and pass configuration for it to the panettone module

Change-Id: I333994288131be328e62069382d6d40f8034c400
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1466
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-27 21:04:50 +00:00
Luke Granger-Brown
c7cd12eb25 chore(monorepo-gerrit): add Checks plugin to Gerrit module
This adds the Gerrit checks plugin. Hooray.

Change-Id: I784e9728256d1665b85b666d58bc0308bd6614ed
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1463
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-27 00:00:48 +00:00
Luke Granger-Brown
3542e1f62b chore(whitby): add rxvt-unicode's terminfo
Otherwise I have to set TERM to something else so that I can actually use the
machine when I'm booted into Linux and it's incredibly tedious and I hate it.

Change-Id: Icfb5aacfea8cd6227743d29d9b07dc1b745d22c5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1435
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-25 20:27:47 +00:00
Luke Granger-Brown
b8fa8ff4a4 chore(monorepo-gerrit): enable attention set, disable assignee, disable polygerrit CDN
Change-Id: I66c09afc0813e032a1b5a04cbdbe4b95db2e97d7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1438
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
2020-07-25 20:27:13 +00:00
Bartosz Stebel
32c3f7731b feat(tvl-slapd): add implr
Change-Id: I7d22bf61ac72e86a17035d6125055da8aa53d762
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1387
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-07-23 22:19:23 +00:00
Griffin Smith
7101cc5375 feat(ops/nixos): Deploy Panettone to Whitby
Deploy Panettone to whitby as a systemd service, proxied to from an
nginx virtual host listening at b.tvl.fyi

Change-Id: I69755566151a45120e6b3453751af0e9291fa241
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1339
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-23 22:09:15 +00:00
Vincent Ambo
37cc98d078 fix(whitby): Use fish shell as my default shell
I don't have time for bash's history.

Change-Id: I741107d33f09999ef43a7609079ad926e8127e69
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1362
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-23 19:39:07 +00:00
Vincent Ambo
b422688da1 feat(whitby): Add SSH key for qyliss
... also bootstraps her user directory to store the key in.

Change-Id: Iecd341c655adc7d81be5ce9eb765c531b7512e80
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1361
Tested-by: BuildkiteCI
Reviewed-by: Alyssa Ross <hi@alyssa.is>
2020-07-23 19:37:09 +00:00
Vincent Ambo
cbad0991de chore(whitby): Move isomer's SSH key to user directory
This is inline with how other user keys are managed.

Change-Id: Ica0b3b30336aee02a78e019b13e1cf576e4e1943
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1360
Tested-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
2020-07-23 19:32:15 +00:00
Vincent Ambo
406e37fde1 feat(whitby): Deploy todo.tvl.fyi page with //web/todolist
Note that this is not yet updated automatically, so the page will be
stale until somebody rebuilds whitby.

Change-Id: I91f4b03c9309aed289df055fac292a214dca7668
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1297
Reviewed-by: Alyssa Ross <hi@alyssa.is>
Tested-by: BuildkiteCI
2020-07-19 23:40:42 +00:00
Kane York
3c9ee24929 chore(whitby): add riking
Change-Id: I33cc1324eac9a13be56d296d09cfdbe066d90e13
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1256
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
2020-07-18 21:21:10 +00:00
Alyssa Ross
effbb277c3 chore(tvl-slapd): add display name for qyliss
Not having this set led to gerrit setting the committer to
"qyliss <hi@alyssa.is>", which is wrong.

Change-Id: I3fe02264e22dd6d739575b34ceb1221d1d6a9d98
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1267
Tested-by: BuildkiteCI
Reviewed-by: qyliss <hi@alyssa.is>
2020-07-18 16:50:07 +00:00
Kane York
501d6bdaab chore(tvl-slapd): change display name to a username-like
Change-Id: I289400de6638844586a32a729333cb65a0dca4a0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1254
Tested-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
2020-07-18 01:23:13 +00:00
Kane York
4dd236be53 feat(ci): run buf check lint in CI
Breaking change detection will run but not enforce.

Emoji of water buffalo was chosen by @pedge fiat in the bufbuild slack.

Change-Id: Ie292f2bfddc0e3bc512e4a138c0b5d0fa2603bad
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1247
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-17 22:55:13 +00:00
Alyssa Ross
0f7bdd6711 feat(tvl-slapd): add qyliss
Change-Id: Ia95c77be8a9c123f2e52174f76c4b01d44272191
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1260
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-17 22:53:17 +00:00
Vincent Ambo
67f0fbfcea feat(whitby): Hardcode Google DNS servers
The Hetzner DNS servers were unhappy after today's Cloudflare outage,
and that broke some of our builds - this wouldn't have happened with
Google DNS!

Change-Id: Ib74c6de9526e739f55d4a9830d945ece35b72138
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1259
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-17 22:27:49 +00:00
isomer
cbff4fab9e chore(whitby): += Isomer
Change-Id: I446ab16d009dc24340606ab2f411197af24d79c2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1142
Reviewed-by: isomer <isomer@tvl.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-07-17 19:38:51 +00:00
Vincent Ambo
356dde149f feat(whitby): Configure Gerrit backups on whitby
Change-Id: I84245fb809725853a301f217cdb11eacc1984cae
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1103
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-12 14:11:24 +00:00
Vincent Ambo
e035c46c6e chore(whitby): Give the git user a home directory
Change-Id: I5e6e13fa8a1656434ca897c83fe7ac48eb869369
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1102
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-12 13:51:20 +00:00
Vincent Ambo
8b6b3df5c4 fix(www/base): Add nginx fix timer
Change-Id: Iec66fea0f3991ba74aede3911ea9f6ae5adb0188
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1082
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-12 13:36:45 +00:00
Vincent Ambo
405b7ec95b feat(whitby): Enable Gerrit & cgit deployments
Change-Id: Ic701552e130252cfff005938d9c4e98423a7a96a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1069
Reviewed-by: lukegb <lukegb@tvl.fyi>
Tested-by: BuildkiteCI
2020-07-12 13:36:45 +00:00
Vincent Ambo
93575158c6 feat(whitby): Enable SourceGraph server
Change-Id: Ia8a20d54a4ac77d64f5e3fd2255ffad78dce0fb0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1067
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-12 13:36:45 +00:00
Vincent Ambo
6ed4e7d4d1 chore(sourcegraph): Bump version to 3.17.3
Change-Id: I6bc25d039cbe497bc9aa8784ac2f95219b5c617c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1066
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-12 13:36:45 +00:00
Vincent Ambo
5abdc16f6f feat(nixos/sourcegraph): Move cheddar server to module & make ports configurable
Change-Id: Iaf0c854b148062e30d426c2e92638932caf2e92e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1065
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-12 13:36:45 +00:00
Vincent Ambo
90b8433828 feat(nixos/www): Add configuration for tvl.fyi homepage
... and enable it on whitby

Change-Id: Ife45f15227f9d95823ebd3b97d2a17175b84eaff
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1064
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-12 13:36:45 +00:00
Vincent Ambo
31f65f5d2b feat(whitby): Move over clbot deployment from camden
There is only one minor configuration change: CLBot now connects to
cl.tvl.fyi, instead of localhost, because Gerrit is still on camden.

Change-Id: Ibd8d46ec2c18312a270471a2f0be3e58eaf0cbab
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1062
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-11 12:20:17 +00:00
Vincent Ambo
ea428faf99 feat(whitby): Enable smtprelay module
This is required for the Gerrit setup.

Change-Id: I02e03dafe36e6c47ffabf4d590e0c6f1dea027e6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1061
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-11 11:58:43 +00:00
Vincent Ambo
b53d25ab3f fix(monorepo-gerrit): Use Google's CDN to serve static assets
Change-Id: Ib4ffc1d9b030a5982b9063c1d6322fb87ba7f910
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1022
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-11 01:00:31 +00:00
Vincent Ambo
5de644a597 chore(monorepo-gerrit): Increase Gerrit's heap limit to 4g
(this translates to -Xmx)

Change-Id: I31bbbd247952fa6a592cb66ad144025af640d2db
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1021
Tested-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
2020-07-11 01:00:31 +00:00
Vincent Ambo
a8c77b9c2a fix(monorepo-gerrit): Explicitly set gerrit.docUrl
This prevents a request that takes >1s on each page load.

Change-Id: Ic91bb602e3059b1f17681aa468739bb0a103f8cf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1003
Tested-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
2020-07-11 01:00:31 +00:00
Andreas Rammhold
d06237707b feat(tvl-slapd): add andi
Message-Id: <20200710190623.26573-1-andi@notmuch.email>
Change-Id: Ibd74f93f589beecbf7fa9090550ecf95caa0a3b0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/982
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2020-07-10 19:10:18 +00:00
Vincent Ambo
449afaa384 feat(ops/nixos): Add module for running a Quassel daemon
The upstream module is not flexible enough for my needs, so I made my
own.

Change-Id: Ie9f786da7eb8c878e0782b07a075c064ad8cd253
Reviewed-on: https://cl.tvl.fyi/c/depot/+/953
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-08 22:10:08 +00:00
Luke Granger-Brown
2c7e9986e2 chore(apereo-cas): fix up configuration
- X-Forwarded-Proto support so it knows it's behind TLS
- Remove extraneous logs and just log to stdout so it's caught be systemd

Change-Id: I650777bbfd24a1922f26967ffff7da06d14b6639
Reviewed-on: https://cl.tvl.fyi/c/depot/+/952
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-08 17:49:25 +00:00
Luke Granger-Brown
cb52c9e41d chore(ops/nixos/tvl-sso): add secrets
Change-Id: I29f5e762852593f05b9936d5635aadcc7eba2840
Reviewed-on: https://cl.tvl.fyi/c/depot/+/951
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-06 23:08:00 +00:00
Luke Granger-Brown
1e8dbd5b1b fix(ops/nixos/tvl-sso): correct path to executable
Change-Id: I29f5e762852593f05b9936d5635aadcc7eba283f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/950
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-06 23:08:00 +00:00
Luke Granger-Brown
57ade16b9d feat(whitby): add apereo-cas/tvl-sso
Change-Id: I29f5e762852593f05b9936d5635aadcc7eba283e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/935
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-06 22:59:56 +00:00
Luke Granger-Brown
aae3d25234 feat(ops/nixos/www): create login.tvl.fyi host
Change-Id: Ifad80915a61a1a5ac14e598a9d788aec3482693c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/936
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-06 22:48:40 +00:00
Griffin Smith
a73714a93c feat(ops/nixos): Add generic rebuild-system script
This adds a first crack at one idea for a generic, non-user-specific
rebuild-system script to ops.nixos.rebuild-system. The idea here is that
we enumerate all the nixos systems stored in the monorepo (similarly to
what we do for ci-builds right now) then search through them by hostname
to find the one matching the hostname of the current system, which is an
attempt at a more generic version of tazjin's rebuilder script which
does the same thing but with an explicit case block.

As a caveat, it feels like there's a slight possibility that this way of
finding systems is going to get slow to evaluate - on my system it feels
fine but if it grows out of hand it's probably feasible to just bake
this into the built script as a dynamically generated case statement.

Change-Id: I2e4c5401913b6f4d936ab48ba2f95f96e0e78eb4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/894
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-06 15:16:36 +00:00
Luke Granger-Brown
25cebc3a62 feat(whitby): enable tvl-slapd on whitby
Change-Id: I3fac108802671abfb9a508359390b063bce16202
Reviewed-on: https://cl.tvl.fyi/c/depot/+/923
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-05 16:54:48 +00:00
Luke Granger-Brown
f54a48f831 chore(whitby): add lukegb to trusted-users for remote builds
Change-Id: Id1e67bb30bb7f4d329006688f1783b900d16d164
Reviewed-on: https://cl.tvl.fyi/c/depot/+/914
Tested-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
2020-07-04 21:27:27 +00:00
Vincent Ambo
10180e70ec chore(besadii): Stop adding Code-Review label on CLs
We now use the actual 'Verified' label instead of Code-Review from
Buildkite, this workaround is no longer required.

This reverts commit d3f9cb0ec3.

Change-Id: Ib8c1680eae844cb7b45bf8837acf2af03d4ed344
Reviewed-on: https://cl.tvl.fyi/c/depot/+/909
Reviewed-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-07-03 23:17:46 +00:00
Vincent Ambo
3ce41f4fa4 feat(whitby): Enable nix.sshServe
This exposes a binary cache over SSH.

Change-Id: Ib934a118cd7315ef76f3dfe795c76a570fbbc47a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/895
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
2020-07-03 14:25:35 +00:00
Griffin Smith
0d4f709757 feat(whitby): Allow wheel users to sudo without a password
This *should* translate to the required invocation to make sudo allow
nopasswd for users in the wheel group.

Change-Id: I3713862b8df9087cfbaa72d7e824bc43469f7c1c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/857
Reviewed-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Tested-by: BuildkiteCI
2020-07-02 22:00:41 +00:00
Griffin Smith
1ecae26afa feat(whitby): Add grfn as a trusted user
So I can remote builder

Change-Id: I8106244d3d197c010b618e4337a9ccfc13a116f8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/856
Reviewed-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2020-07-02 21:36:11 +00:00
Vincent Ambo
4d9c6dbbe2 feat(whitby): Run a handful of Buildkite agents
This is the point of the machine, afterall.

Change-Id: I15c11600c1c18fa8962d57f75f99a72e1553f9c2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/853
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
2020-07-02 20:54:11 +00:00
Vincent Ambo
7114e72d81 feat(whitby): Enable Nix signing for the binary cache
Change-Id: I9047667cc1a40668c0c7da72c070044b91b53014
Reviewed-on: https://cl.tvl.fyi/c/depot/+/852
Reviewed-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-07-02 20:54:11 +00:00
Vincent Ambo
cabdd4aa51 fix(whitby): Explicitly set an interface for the v6 default gw
systemd gets sad otherwise and it is very difficult to console it

Change-Id: Ic6405489532c407273e5634474185f2947420b37
Reviewed-on: https://cl.tvl.fyi/c/depot/+/851
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
2020-07-02 20:54:11 +00:00
Griffin Smith
298060dba9 feat(whitby): Add grfn
it's not glittershark because grfn is the username I have on my laptop
and I want to be able to ssh without an `@`.

Change-Id: Ie1fb6f5e12f3ac52a44680704179bd27a00a7768
Reviewed-on: https://cl.tvl.fyi/c/depot/+/850
Reviewed-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2020-07-02 20:28:48 +00:00
Luke Granger-Brown
8ad55c9095 feat(whitby): add lukegb
Change-Id: I26356632b86a64519128bc673178f1cd1b55b99b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/848
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: BuildkiteCI
2020-07-02 19:33:44 +00:00
Vincent Ambo
c18b0a7c57 fix(whitby): Set correct IPv6 default gateway for Hetzner env
Change-Id: Ic3d4c6ebf7c40e27a453e08295bb0f2f999c0d88
Reviewed-on: https://cl.tvl.fyi/c/depot/+/845
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
2020-07-02 18:59:01 +00:00