about summary refs log tree commit diff
AgeCommit message (Collapse)AuthorFilesLines
2019-09-21 r/86 chore(k8s): Bump deployed Nixery versionVincent Ambo1-1/+1
2019-09-21 r/85 chore: Bump Nix channel to a more recent versionVincent Ambo1-2/+2
This version has Nixery popularity data available.
2019-09-21 r/84 chore(third_party): Bump Nixery versionVincent Ambo1-2/+2
2019-09-21 r/83 refactor(k8s): Parameterise the nginx versionVincent Ambo2-1/+3
2019-09-04 r/82 fix(k8s): Reinsert passLookup newline after kontemplate trims itVincent Ambo2-1/+2
SSH can not read the key without the trailing newline. Ideally kontemplate would expose a toggle for this.
2019-09-04 r/81 Merge pull request #6 from tazjin/fix/nixery-secrets-namespaceVincent Ambo2-10/+18
Fix Nixery resources namespace & bump kontemplate
2019-09-04 chore: Update kontemplate to v1.8.0Vincent Ambo1-4/+13
This version is agnostic of the working directory even if insertFile/insertTemplate are used, which makes it a lot nicer to work with in this repository structure.
2019-09-04 fix(k8s): Move nixery-secrets to the correct namespaceVincent Ambo1-6/+5
2019-09-03 r/80 Merge pull request #5 from tazjin/feat/cloud-kms-secretsVincent Ambo14-15/+129
Introduce secrets management via Google Cloud KMS
2019-09-03 feat(k8s): Insert Nixery's secrets via kontemplateVincent Ambo5-4/+25
Instead of having a manually prepared secret, use Cloud KMS (as per the previous commits) to decrypt the in-repo secrets and template them into the Secret resource in Kubernetes. Not all of the values are actually secret, it has thus become a bit easier to edit the known hosts, SSH config and such now.
2019-09-03 feat(secrets): Check in secrets required by NixeryVincent Ambo3-0/+0
2019-09-03 feat(tools): Introduce pass-compatible wrapper using Cloud KMSVincent Ambo5-0/+78
Adds a shell script that supports a subset of the 'pass' interface for compatibility with kontemplate, and wraps kontemplate in a script that places this version on the PATH. This makes it possible to use Cloud KMS encrypted secrets with kontemplate.
2019-09-03 feat(gcp): Create Cloud KMS resources for encrypting secretsVincent Ambo1-8/+28
The idea here is to use Cloud KMS and a shell script that mimics 'pass' to trick kontemplate into using Cloud KMS to decrypt secrets.
2019-09-03 chore(gcp): Remove monorepo repositoryVincent Ambo1-5/+0
The repository is now public on Github.
2019-09-03 r/79 Merge pull request #4 from tazjin/fix/blog-substitutesVincent Ambo1-6/+10
fix(tazblog): Explicitly allow substitutes for the blog
2019-09-03 fix(tazblog): Explicitly allow substitutes for the blogVincent Ambo1-6/+10
Not entirely sure which part of the setup set this to 'false', but this is potentially the key for why tazblog ends up being rebuilt all the time.
2019-09-03 r/78 chore(k8s): Update deployed Nixery versionVincent Ambo1-1/+1
2019-09-03 r/77 chore(third_party): Bump Nixery versionVincent Ambo1-3/+3
2019-09-02 r/76 Merge pull request #3 from tazjin/chore/pin-travis-nixVincent Ambo7-95/+1
Pin Nix version in Travis builds
2019-09-02 chore(tazblog): Clean up unneeded filesVincent Ambo5-76/+0
2019-09-02 chore(gemma): Delete old image build configurationVincent Ambo1-19/+0
2019-09-02 chore: Pin Nix version in Travis buildsVincent Ambo1-0/+1
There are some unexpected cache misses in the Travis builds and I suspect this might be due to mismatching Nix versions.
2019-09-02 r/75 fix(k8s): Add nginx route for load-balancer health checksVincent Ambo3-3/+11
2019-09-02 r/74 chore(third_party): Remove git-appraiseVincent Ambo43-7327/+0
Not actually in use here ...
2019-09-02 r/73 Merge pull request #2 from tazjin/refactor/nixos-nginx-cleanupVincent Ambo14-3793/+110
Remove old NixOS config and move oslo.pub
2019-09-02 fix(k8s): nginx does not need to be pinned to gitHEADVincent Ambo1-1/+1
2019-09-02 chore(k8s): Point Nixery at public depot URLVincent Ambo1-2/+1
2019-09-02 feat(k8s): Route oslo.pub to nginx in ingressVincent Ambo1-1/+9
2019-09-02 feat(k8s): Add nginx instance for oslo.pub redirectVincent Ambo3-0/+92
The redirect is currently all that this instance does. It is required because HTTP load balancers in GCP don't support URL rewriting.
2019-09-02 chore(k8s): Provision certificate for oslo.pubVincent Ambo1-0/+5
2019-09-02 feat(tools): Add stern, a k8s log watcherVincent Ambo2-0/+4
2019-09-02 chore(infra): Remove NixOS configuration for serversVincent Ambo8-3791/+0
This configuration is no longer in use. The Gemma configuration file has been moved over to the k8s folder from where it will be templated into the actual configuration.
2019-09-02 r/72 Merge pull request #1 from tazjin/feat/travis-ciVincent Ambo5-4/+30
Add Travis CI configuration
2019-09-02 chore: Catch all Nix results in gitignoreVincent Ambo1-0/+1
2019-09-02 docs: Add crude top-level READMEVincent Ambo1-0/+15
2019-09-02 refactor(blog): Use callPackage to import derivationVincent Ambo2-4/+4
2019-09-02 feat: Add Travis CI configurationVincent Ambo1-0/+10
Adds a configuration that builds all of my own services and pushes the resulting closures to Cachix.
2019-09-02 r/71 chore: Remove leftover Bazel filesVincent Ambo1-2/+0
2019-09-02 r/70 fix(gemma): Fix build process in NixVincent Ambo2-51/+28
2019-09-02 r/69 feat(third_party): Add missing Quicklisp packages for GemmaVincent Ambo5-0/+115
Gemma depends on cl-prevalence, which isn't in the nixpkgs Quicklisp snapshot. This adds the package and its dependencies to the overlay.
2019-09-02 r/68 fix: Correct naming of variables in overlay functionVincent Ambo1-9/+9
2019-08-27 r/67 feat(k8s): Configure HTTPS ingress for the blogVincent Ambo3-0/+29
Uses Google-managed certificates and an Ingress resource to set up an HTTPS load-balancer. This probably won't be the final version as the GKE Ingress is very limited and can not do things like redirect URLs, which I need to decommission the old setup.
2019-08-27 r/66 feat(k8s): Add Google managed TLS certificatesVincent Ambo2-0/+19
Introduces certificates for tazj.in & www.tazj.in.
2019-08-25 r/65 chore(tazblog): Clean up unused dependenciesVincent Ambo2-28/+17
2019-08-25 r/64 refactor(tazblog): Implement HLint lints in all filesVincent Ambo5-15/+13
2019-08-25 r/63 chore(tazblog): Remove i18n featuresVincent Ambo7-164/+77
The blog has been English only for a few years. Old entries that survived the migration to DNS will still be accessible.
2019-08-25 r/62 chore(tazblog): Remove 'read more' featureVincent Ambo3-15/+7
2019-08-25 r/61 chore(tools): Remove ormolu from toolsVincent Ambo2-4/+0
The Ormolu derivation is too large to be instantiated on-demand. I've resorted to installing this tool into my profile instead.
2019-08-25 r/60 chore(tazblog): Format source files with ormoluVincent Ambo5-151/+187
Ormolu's formatting is quite annoying (it uses a lot of unnecessary vertical space and doesn't align elements), but I can't be bothered to do manual formatting - especially because whatever formatting haskell-mode in Emacs produces seems to depend on an opaque state machine or something.
2019-08-25 r/59 feat(build): Add Terraform from unstable channelVincent Ambo1-7/+18
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-11-11T15·28+0000