the ecdsa-cert key is not welcomed by many ssh setups ...
Change-Id: Ic1bc583105226324a9c3ff26924eb2faa38f10fd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8912
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
The images displayed by telega are usually not displaying correctly,
this is fixed by simply .. not rendering them, and letting emacs do it
through an emoji-supporting font (which I do have installed).
Change-Id: I429ff2865c60633329437687c1c09a1aaf8ae29d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8884
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
* //3p/sources: switch stable channel from 21.11 (!) to 23.05
* //users: adapt to emacsUnstable to emacs-unstable rename
* //users/grfn: use default Linux kernel version everywhere,
as 5.15 has broken in this version of nixos-unstable.
* //3p/cgit: adapt to git 2.41.0
The committed changes are the same as the [patch1] I've submitted
to cgit-pink which is in turn based on Christian Hesse's [patch2].
patch1: https://causal.agency/list/thread/20230624144033.802270-1-sternenseemann%40systemli.org.html#20230624144033.802270-2-sternenseemann@systemli.org>
patch2: https://lists.zx2c4.com/pipermail/cgit/2023-June/004843.html
Co-authored-by: Christian Hesse <mail@eworm.de>
Change-Id: I549a62e7c85c66d772edda997819a40f2d5835d7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8855
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
Reviewed-by: grfn <grfn@gws.fyi>
This isn't necessary (it's all public!) and actually currently breaks
pulling from our public ECR repo
Change-Id: I32f0b92f5ca352f57a26d0e6c10ebf323aa006df
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8865
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
The issue this was working around has long since been fixed, and having
this disabled was preventing the service from working
Change-Id: I9b69f947b8952df786193f8784d0f5cc6b898440
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8862
Tested-by: BuildkiteCI
Autosubmit: grfn <grfn@gws.fyi>
Reviewed-by: grfn <grfn@gws.fyi>
This runs a headscale server on sanduny which lets users join their
machines to the TVL tailscale network.
This would theoretically let people communicate with each other on the
internal network, but also more notably joined servers can advertise
exit node capability so that we can have our own "VPN network", for
starters with endpoints in Germany, UK and Russia (whitby, sanduny and
koptevo respectively).
This setup isn't fully stable yet, notably:
* The IP range used by tailscale is just the default one right now,
I'm not sure if that should be changed or what.
* The system is stateful (on sanduny), but the state is not (yet)
backed up anywhere. Use with caution.
* Machine joining is a manual process requiring SSH & root access to
sanduny.
The process is to log in to sanduny, then get a headscale shell with
`sudo -u headscale bash`, and to use the `headscale` CLI within
there to administrate access.
I've opted to create a user account `tvl` for TVL-owned machines,
and a personal account for myself and my machines.
Change-Id: I4f1be1fe8062a6c2e77203ff72fe8709f4e4dec8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8837
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
This machine is now being decomissioned.
Change-Id: Ib7f016c7de84dab2cdf3c071445cf830d2eccf5f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8838
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
The main instance is still running on polyanka, but things are moving
in this direction.
Change-Id: Idfa9e508023c05148003ac4621ae01dceb284c66
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8827
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
The GPT backend is cool, but it's also very slow, prone to request
errors and quite expensive.
This switches to Yandex Translate instead which for all posts that I
tested seems to be totally fine.
Change-Id: I5217113995b701508a83e7782eb1325957996719
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8826
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
The entry list is now much more condensed. It's maybe a little *too*
condensed, but already closer to what I'm looking for.
Note: A new "note" post type has snuck in and can now be used for
random musings or comments on previous entries. Notes do not show up
in the Atom feed.
Change-Id: I920c0c7650937474b8a5f30cba78416554d523ce
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8806
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
This is the "new polyanka" (eventually), as I'm decommissioning that
host slowly.
Change-Id: Ia0fe664f3bf64513d8177434c6c0fface857cd99
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8783
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
* //ops/modules/depot-inbox: Adapt to upstream option type declaration.
See nixpkgs commit b6ed3b8f402893df91a8e21ce993520301c2f076.
* //ops/machines/sanduny, //users/tazjin/polyanka:
Remove boot.loader.grub.version options (no longer has any effect).
* //users/sterni/emacs: reflect rename emacsPgtk -> emacs-pgtk
* //3p/overlays: update tdlib to match emacs-overlay
* //3p/overlays: give EXWM from depot a separate name
* //users/grfn/system/home: disable Slack support in ntfy
Change-Id: I03bde088bc70e05b23925f244899807210cb7b20
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8547
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
I don't actually use this, and it might be responsible for some EXWM
bugs in the latest version.
Change-Id: I8817e0cdd9d1b68ed6a9bdd072616f63f9f20d21
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8758
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
reddit is dying now, but the response there was actually quite
interesting, so I'm keeping an archive link to it around.
Change-Id: I419276428ce141fc526124d9746e3ab13df4bbc8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8756
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
A recent upgrade is requiring this now for some reason.
Change-Id: I5908c12d104044897b4969dbd1299a3071d507bd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8716
Tested-by: BuildkiteCI
Autosubmit: grfn <grfn@gws.fyi>
Reviewed-by: grfn <grfn@gws.fyi>
/**/ is a nice way to align if statements which doesn't work with
nixpkgs-fmt, since it'll reflow the comment to the line preceding the
if. Consequently, we can delete these comments now.
Change-Id: Ifa5327f846a903e07607b21f8eedbc32fc36f758
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8689
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
* 3p/buzz: delete package
This is unused, old, and uses an insecure version of OpenSSL which
broke eval.
* 3p/overlays: remove nvd patch
Newer versions of nvd are compatible with Nix 2.3 by default.
* users/grfn/system/home: remove explicit rust-analyser package
This conflicts with `rustup`, causing eval failures, as the wrapper
seems to now be included in `rustup` by default.
* users/grfn/system: temporarily disable ISO builds
They were broken upstream in nixpkgs by a change to stdenv/setup.sh,
being fixed in https://github.com/NixOS/nixpkgs/pull/234883
Change-Id: I0eea99ec98f4e73e615c012ffae1d0e37122e73b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8585
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
this is slow and often overloaded, but it's kind of cool when it
works. this translation method deals much better with the kind of
slang you'd see in telegram posts than any other method.
Change-Id: I7e4c845eb382f0eac627c4237b492c8e40dae574
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8625
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI