Commit graph

662 commits

Author SHA1 Message Date
Vincent Ambo
2e95822712 fix(ops/nixos/camden): Use package set from depot pin 2020-02-11 16:46:15 +00:00
Vincent Ambo
df1a4fef2b feat(nix/tailscale): Add function for generating tailscale ACLs
... and use it on Camden!
2020-02-11 16:36:28 +00:00
Vincent Ambo
44b57d095b feat(ops/nixos/camden): Join camden.tazj.in into Tailscale mesh 2020-02-11 16:27:34 +00:00
Vincent Ambo
aaa0119a37 fix(ops/nixos): Add camden to rebuilder script
This should probably be templated instead.
2020-02-11 15:49:29 +00:00
Vincent Ambo
3b88611336 feat(ops/nixos): Add initial configuration for host camden 2020-02-11 15:41:00 +00:00
Vincent Ambo
a8792f8372 feat(ops/nixos/nugget): Enable tailscale-relay 2020-02-11 00:55:46 +00:00
Vincent Ambo
b586a04a0a feat(ops/nixos): Add NixOS module for running tailscale
This uses the "legacy" tailscale Linux client, but built from source
as per the previous commits.
2020-02-11 00:53:09 +00:00
Vincent Ambo
77085f5876 chore(ops/nixos/nugget): Install tailscale on nugget 2020-02-11 00:09:34 +00:00
Vincent Ambo
21e0279e08 chore(ops/infra/k8s): Bump website replicas to 3
There are typically 3 machines in the cluster, might as well have 3
website instances!
2020-02-09 02:21:09 +00:00
Vincent Ambo
4a18b3971a fix(ops/infra/k8s): Send www.* to nginx for redirections 2020-02-09 01:54:13 +00:00
Vincent Ambo
d0800197c4 feat(ops/infra/k8s): Add website deployment configuration 2020-02-09 01:30:56 +00:00
Vincent Ambo
87967d5be3 docs: Update README with new website setup 2020-02-09 01:30:34 +00:00
Vincent Ambo
eb6e64ad47 chore(ops/infra/k8s): Delete tazblog deployment 2020-02-09 01:27:46 +00:00
Vincent Ambo
1d7b1334fd feat(ops/nixos/nugget): Install i3lock 2020-02-08 13:32:25 +00:00
Vincent Ambo
ba20ee65f6 feat(ops/nixos/nugget): Enable pcscd & install Yubikey tools 2020-02-07 12:14:37 +00:00
Vincent Ambo
76f7ace273 feat(ops/nixos/nugget): Enable U2F hardware support 2020-02-04 23:41:52 +00:00
Vincent Ambo
264a55e2e0 feat(ops/nixos/nugget): Install unzip 2020-01-25 20:39:54 +00:00
Vincent Ambo
e50c669310 feat(ops/nixos/nugget): Enable Keybase "service" 2020-01-20 22:31:29 +00:00
Vincent Ambo
e93913d6cd feat(ops/mq_cli): Bump dependencies & add derivation 2020-01-20 13:50:29 +00:00
Vincent Ambo
336937814c feat(ops/posix_mq.rs): Set up Nix build 2020-01-20 11:59:21 +00:00
Vincent Ambo
0d4c93878d chore(ops): Remove deprecated .travis.yml files 2020-01-20 11:51:24 +00:00
Vincent Ambo
0b146dc079 chore(ops/posix_mq.rs): Update crate dependencies to recent versions
First bump since 2017! This changes the code to be compatible with
newer versions of the `nix` crate, which has shuffled things around a
bit.
2020-01-20 11:51:24 +00:00
Vincent Ambo
4bc3196c9a Add 'ops/mq_cli/' from commit 'df29b08bffc90cfd4f2d963a8e48d89f7a86308d'
git-subtree-dir: ops/mq_cli
git-subtree-mainline: b59c7e693c
git-subtree-split: df29b08bff
2020-01-20 11:32:26 +00:00
Vincent Ambo
b59c7e693c Add 'ops/posix_mq.rs/' from commit 'f7d1a38da67e92e0e87dbb988d288f0be2714f5c'
git-subtree-dir: ops/posix_mq.rs
git-subtree-mainline: 8f68497269
git-subtree-split: f7d1a38da6
2020-01-20 11:32:02 +00:00
Vincent Ambo
1f68644dc9 feat(third_party/guile): Override guile to version 3.0.0
Lets try this thing out!
2020-01-19 19:34:39 +00:00
Vincent Ambo
0a3613996f feat(ops/nixos/nugget): Install miller 2020-01-19 18:56:44 +00:00
Vincent Ambo
7b011de1b8 chore(ops/nixos/nugget): Aimlessly tweak font configuration
These settings seem to be very mildly better than what I had before,
but I'm not entirely sure.
2020-01-19 16:38:32 +00:00
Vincent Ambo
ee34920a98 fix(infra/k8s/nixery): Add GCSR hosts to SSH known_hosts for Nixery
Unsure how this worked at all previously?
2020-01-19 02:17:52 +00:00
Vincent Ambo
89b0a43786 feat(ops/nixos/nugget): Connect to wifi & install Google Chrome
This adds configuration which, sometimes, when the stars align just
right, makes it possible to cast to the Chromecast from nugget.
2020-01-19 01:44:40 +00:00
Vincent Ambo
d05489adaa chore(build): Rename tazjins-depot -> depot
Sourcehut namespaces this under ~tazjin/ anyways.
2020-01-19 01:44:26 +00:00
Vincent Ambo
028559610f chore(ops/sync-gcsr): Rotate Cachix secret in sourcehut 2020-01-19 01:08:00 +00:00
Vincent Ambo
6a0b37a196 fix(ops/sync-gcsr): Ensure cachix is installed 2020-01-18 17:33:21 +00:00
Vincent Ambo
7aa8f32065 docs(ops/kontemplate): Update installation notes
Removed the AUR package (which has not been updated since 2017) and
made Nix the recommended installation method.
2020-01-18 17:31:28 +00:00
Vincent Ambo
48d31b7770 fix(ops/sync-gcsr): Avoid echoing the Cachix secret
sourcehut does not censor secret strings in build logs, but this
workaround should avoid the issue.
2020-01-18 16:34:54 +00:00
Vincent Ambo
526b9c4572 feat(ops/sync-gcsr): Log successful build triggers 2020-01-18 15:49:12 +00:00
Vincent Ambo
61830ebc5b feat(ops/infra/k8s): Add sourcehut configuration to sync-gcsr 2020-01-18 15:48:52 +00:00
Vincent Ambo
af63d2604e feat(sync-gcsr): Add builds.sr.ht build manifest
Adds a simple build manifest that builds everything in ci-builds.nix
and pushes results to Cachix on success.
2020-01-18 15:37:05 +00:00
Vincent Ambo
b8355066e8 feat(sync-gcsr): Trigger sourcehut builds on master branch changes
Calls the sourcehut API at builds.sr.ht to trigger a build if the
master branch changes.

The build manifest is going to be stored in the depot too, coming up
next ...
2020-01-18 15:36:15 +00:00
Vincent Ambo
44116522dd feat(ops/sync-gcsr): Skip unneccessary branch updates
Checks whether branches are already up-to-date before setting
references.

This also makes it possible to hook additional logic on the update
flow.
2020-01-18 14:49:34 +00:00
Vincent Ambo
a21be17719 chore(ops/infra/gcp): Update enabled GCP APIs 2020-01-18 12:43:53 +00:00
Vincent Ambo
a52c0c4198 feat(nixos/nugget): Install cachix binary 2020-01-18 11:29:18 +00:00
Vincent Ambo
31f66491a9 feat(ops/nixos/nugget): Install SBCL in system packages 2020-01-07 22:26:01 +00:00
Vincent Ambo
33a9dccba1 chore(ops/secrets): Add Google Maps API key 2020-01-05 21:12:08 +00:00
Vincent Ambo
d66c7a8942 feat(ops/nixos/nugget): Install msmtp & lieer timers 2020-01-05 16:59:52 +00:00
Vincent Ambo
e5608cf079 chore(ops/nixos/nugget): Install various needed packages 2020-01-05 16:59:52 +00:00
Vincent Ambo
85ee07457c feat(ops/nixos): Add 'rebuilder' helper script
This script rebuilds & activates system configuration based on the
hostname.

Currently since there is only one host this isn't particularly
interesting.
2020-01-04 22:50:34 +00:00
Vincent Ambo
63dc41bcf3 feat(ops/nixos): Check in updated system configuration for 'nugget'
This is the rebrand of the desktop machine, now running a config
straight out of the depot.
2020-01-04 22:50:34 +00:00
Vincent Ambo
496648f237 chore(ops/nixos): Remove deprecated NixOS config files 2020-01-04 22:50:34 +00:00
Vincent Ambo
1d687c5303 chore(ops/nixos): Move NixOS configuration one level up 2020-01-04 22:50:19 +00:00
Vincent Ambo
fd5fd57cc1 docs(kontemplate): Update documentation for depot changes 2019-12-30 17:01:22 +01:00
Vincent Ambo
36beb6d43c feat(sync-gcsr): Synchronise all remote branches
Explicitly sets all local branches to all equivalent remote branches
after each update.

Branches deleted on the remote will eventually disappear when the
container is restarted.
2019-12-30 05:06:46 +01:00
Vincent Ambo
7c52a205ee refactor(sync-gcsr): Split clone into separate function
This is in preparation for adding more complex branch-related logic to
both functions.
2019-12-29 04:50:31 +01:00
Vincent Ambo
3c94625a5f chore(lieer): Remove OAuth client patch
This is now done in my work-specific configuration, which is
elsewhere.
2019-12-25 14:09:09 +01:00
Vincent Ambo
41eea96e63 feat(third_party/lieer): Overwrite included client secret 2019-12-23 13:26:30 +01:00
Vincent Ambo
a260eba3cf refactor(ops/kms_pass): Pin encrypted secrets into Nix store 2019-12-23 13:26:09 +01:00
Landon Spear
98f8b660e2 docs(cluster-config): Correct term in cluster config doc
Including external variables does not work. You must import them. This
change corrects the External Variables section of the cluster-config
README.

Signed-off-by: Vincent Ambo <tazjin@google.com>
2019-12-20 22:32:06 +00:00
Vincent Ambo
db30770101 fix(kontemplate): Make build compatible with readTree
The kontemplate build will keep using `buildGoPackage` for now until
I've had the time to add tests to //nix/buildGo
2019-12-20 22:19:52 +00:00
Vincent Ambo
a9f5c63707 merge(kontemplate): Integrate kontemplate at //depot/ops/kontemplate 2019-12-20 22:14:40 +00:00
Vincent Ambo
795a974665 chore(kontemplate): Prepare kontemplate for depot-merge
This merge will not yet include moving over to buildGo.nix, as support
for testing and such is not present in that library yet.
2019-12-20 22:13:07 +00:00
Vincent Ambo
61c8ac4338 fix(infra/k8s): Fix Nixery image URLs for moved local projects 2019-12-20 20:39:27 +00:00
Vincent Ambo
8de5d093d8 refactor: Fix a variety of filepaths for repo relayouting
This fixes readTree and the various project builds, as well
as (hopefully) most documentation links inside of the projects.
2019-12-20 20:37:02 +00:00
Vincent Ambo
03bfe08e1d chore: Significantly restructure folder layout
This moves the various projects from "type-based" folders (such as
"services" or "tools") into more appropriate semantic folders (such as
"nix", "ops" or "web").

Deprecated projects (nixcon-demo & gotest) which only existed for
testing/demonstration purposes have been removed.

(Note: *all* builds are broken with this commit)
2019-12-20 20:18:41 +00:00