Age | Commit message (Collapse) | Author | Files | Lines |
|
Adds all TVL Emacs packages to the emacsPackages fixpoint unter
`tvlPackages` ... one step closer to native compilation.
Change-Id: I938689ccab057164babfb88cd467a490b3efd39b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3004
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: adisbladis <adisbladis@gmail.com>
|
|
Adds a new internal builder that makes it possible to override the
`emacsPackages` passed to our Emacs packages, which in turn makes it
possible to inject them into the emacsPackages fixpoint and use them
with features like Emacs native compilation.
Change-Id: I80dad57115c83cf5693ae6ba4e4cf3105d103d5e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3003
Tested-by: BuildkiteCI
Reviewed-by: adisbladis <adisbladis@gmail.com>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
This adds adisbladis' Emacs overlay, which makes bleeding-edge
functionality such as native compilation of Elisp available.
Change-Id: I29861cb4da37bf8bf7fdb6fba5f2525c7a024356
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3002
Reviewed-by: adisbladis <adisbladis@gmail.com>
Tested-by: BuildkiteCI
|
|
Since we need to override random to 1.2.0 globally for xanthous
(otherwise propagation causes two versions of random to be propagated
for xanthous) evaluating haskell related stuff using import from
derivation can be very expensive since utilities like hpack and
cabal2nix need to be built for that. This means that for every channel
bump we potentially need to do a world rebuild of haskellPackages first.
To solve this we check in the cabal2nix-generated nix expressions for
owothia and xanthous.
Change-Id: I8fff70b4b6c303d1920f8bcac53520a09999b206
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2921
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
|
|
There's a hard-coded list of Admin usernames for the moment. We should
revisit this and get an actual groups setup in LDAP that's propagated
through...
Change-Id: Ic3601f1a9753573076769f4912038e9f1b60e139
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2982
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
CAS nested attributes produce a key called "attributes", which is
disliked by Grafana, because it expects any key called attributes to be
a map<string, list<string>>, whereas CAS just produces a map<string,
string>.
As part of setting up Grafana SSO we need therefore to fix Gerrit so it
can adapt to the new syntax that we're adopting.
Change-Id: Ia79dae78c0eae6e21135a06cd5850606f82bcdb8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2981
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Enables a Grafana service pointing to whitby's local Prometheus
instance, accessible at status.tvl.su.
I've no idea how to configure Grafana and if it's possible to link it
to CAS, but we'll see about that later.
Notes:
* the explicit fixpoint for whitby config has been removed as we
have the `config` parameter available now
* backups are enabled for the Grafana storage location
Change-Id: If5ffe0c1a3378d1c88529129487c643642705fd2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2948
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Instead of having two ways of accessing the path to the depot (one of
which was stuttering, depot.depotPath) we settle on only one:
depot.path.
This was mostly used for NixOS module imports.
Co-Authored-By: Florian Klink <flokli@flokli.de>
Change-Id: I2c0db23383fc34f6ca76baaad4cc4af2d9dfae15
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2962
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Plumbs an additional internal argument through readTree that indicates
whether the top-level of a tree is being read, and avoids recursing
into itself in that case. This changes the externally visible
behaviour of readTree (it is now expected to be called a level higher
than previously).
This allows us to reduce the amount of boilerplate needed to bootstrap
the TVL repository (by not having to specify the individual folders
that need to be read).
For reasons related to an infinite recursion we could not (be bothered
to) debug, the top-level `config` key (which held the attribute set
passed on by readTree) has been removed. This is not needed, as it is
already passed on by readTree ...
Co-Authored-By: Florian Klink <flokli@flokli.de>
Change-Id: Id6e39b57b2f5b3473c4b695a72dd1d01fcfb7a66
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2961
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
As a complementation to builtins.functionArgs this function checks if
the function has a set pattern that contains an ellipsis
(i. e. `{ [arg, [ arg1, [ … ]]] ... }:`). The implementation of this is
pretty cursed however since there is no clean way to do this in vanilla
nix: We need to match on the output of builtins.toXML which does try to
serialize functions by outputting their argument and information about
it (whether it is a normal argument or a attribute set pattern, in the
latter case it also serialize every component of the pattern).
Change-Id: I0f33721811a3180cec205a0c98e6d92e10e92075
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2950
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Dropping the message field will make Buildkite use the commit messages
instead, which makes for much more readable build logs.
Change-Id: I1849f811632526893b700f117c9f6cf64888c329
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2949
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Enables Prometheus with a local node exporter, and nothing else for
now.
Some additional collectors have been enabled for things that might be
relevant on whitby:
* systemd: all our services run in systemd
* processes: might be interesting for build-related stats
* logind: might be interesting for interactive usage stats
Change-Id: I48dacdd9c68b4be9edff7b3cb6256dad562498c4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2930
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: lukegb <lukegb@tvl.fyi>
|
|
--show-trace should make it easier to debug tricky evaluation errors
without running nix-build -A ops.pipelines.depot locally again.
Change-Id: Ice540562c3b389fc2a49ec1fc0adacb17db2a528
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2947
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
I'm not using cloudfront for gws.fyi anymore, so this invalidation step
on deploy is pointless
Change-Id: I153848666dc70acfc456b5dcf276bab2410c4716
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2946
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Change-Id: I26a397dd0d9f288fe43db8178e2f22089771ebc0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2945
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
|
|
Change-Id: I60a60635dfef5c73f758fa6808992aeea3137301
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2944
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
this got renamed apparently
Change-Id: Ic616469eafc4b56eaaccc3df24988b0af73d90e2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2943
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Looks kinda like rebuild-mugwump, only for home
yes, yes, this could gc halfway through, that's so unlikely that I don't
care
Change-Id: Iab3fdac15796e9f8158a9778b897bc3fe88e536e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2942
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Change-Id: I5102abfe8c0d486e22d8dc1c744bf542753cc870
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2941
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Rename my //users directory and all places that refer to glittershark to
grfn, including nix references and documentation.
This may require some extra attention inside of gerrit's database after
it lands to allow me to actually push things.
Change-Id: I4728b7ec2c60024392c1c1fa6e0d4a59b3e266fa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2933
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
sbcl 2.0.9 introduced a new warning:
> minor incompatible change: the compiler signals a warning at
> compile-time when an initform of T, NIL or 0 does not match
> a STANDARD-CLASS slot's declared type.
This broke a few packages, but they all have been fixed upstream in the
meantime and we only need to bump their versions. The culprits are:
* defclass-std which possibly has become unmaintained since the fix
(december 2020).
* cl-prevalence which also needs one symbol from bt now
* lisp-binary which also includes a new file now
Change-Id: I06bb47a129d5ef912a623315c1281aedd1ceac2a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2934
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Change-Id: I9a6eafa7d4bb3d590dfa35d368adfd25aeed7f64
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2936
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
|
|
Splits //ops/nixos into:
* //ops/nixos.nix - utility functions for building systems
* //ops/machines - shared machine definitions (read by readTree)
* //ops/modules - shared NixOS modules (skipped by readTree)
This simplifies working with the configuration fixpoint in whitby, and
is overall a bit more in line with how NixOS systems in user folders
currently work.
Change-Id: I1322ec5cc76c0207c099c05d44828a3df0b3ffc1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2931
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Fixes included:
* exposed gtest in the package set, required for protobuf
* pinned SBCL to version 2.0.8: The channel moved it to >2.1, and a
bunch of warnings seemed to be killing our builds - we should
investigate this later.
* removed kernel patches from //users/tazjin/frog: this machine is
currently out of service anyways, not worth fixing while it's offline
* removed steam & lutris from frog (they're currently broken)
* removed Haskell overrides for hedgehog-classes & hgeometry-combinatorial
* use gRPC sources from upstream and inject Abseil via Nix instead
* fix for renamed grpc import in //third_party/nix
* use libfprint-tod from upstream nixpkgs in glittershark/yeren and
delete glittershark/pkgs/fprintd entirely, since all of the patches used
there are available and working from upstream now (and stopped working
here after the bump)
Change-Id: Ia90e6f774f7b88bc9e60d28351b900ca43ee2695
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2901
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Tested-by: BuildkiteCI
|
|
This change is required to run the :anchor: step on canon builds.
Change-Id: Ib3cebac67c9f5337b27a948f120b0a9ba834ef2a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2932
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
The random_1_2_0 attribute of haskellPackages currently holds random
1.2.0 which is what we want to have. We need to disable tests because
they cause an infinite recursion as basically all testing libraries
depend on random. This has the nice side effect that we no longer need
import from derivation for random 1.2.0 (but owothia and xanthous still
use it).
Re-enable CI for xanthous.
Additinonally we need to deal with the fallout of the haskellPackages
overlay now also being pulled in for some machines since cl/2910 and
let pandoc compile with random 1.2.0.
Change-Id: I78d220e5bd35f3469d80d69e77e712a529f21d33
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2924
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Since we are still using third_party, underscores are kind of common in
issue titles and are probably often forgotten to escape. Let's just
support `*` for emphasized text in titles for now.
Change-Id: I305bcf4d4c59123bba4ce816a6da2ee8b022c34e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2926
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Adds a conditional build step that only runs on the canon branch, and
only if :duck: (the status reporting step) succeeds, which creates a
new Nix GC root for all depot targets named `depot-canon`.
In practice this might be a bit racey, as canon builds are not
guaranteed to succeed in order (though it is likely). This shouldn't
matter much in practice: We only want to prevent rebuilds of the whole
world.
This fixes b/102
Change-Id: Id3d0bf4158bffcb1ed6929888a29d31609b6ece1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2904
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
This ensures files created by the Buildkite agents are always owned by
the same group, without having to manually chgrp afterwards.
Change-Id: Idbaedec43c16b2ee137d1a95719a05d46db8f900
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2929
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
I have two YubiKeys now, and using the older one is more painful. Add the new
one, so I don't have to faff with gpg-agent in order to submit CLs.
Change-Id: I3fcd82cdb53f88dc00025de97666872802e270e2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2928
Reviewed-by: eta <eta@theta.eu.org>
Tested-by: BuildkiteCI
|
|
I've been told that they don't want to be in this any more, so references are
removed in this CL by request.
Change-Id: I80a04b714fc57781e57e8dce977d0aec2da4f009
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2927
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: eta <eta@theta.eu.org>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Tested-by: BuildkiteCI
|
|
This lets the import of the depot root accept an additional argument
called `externalArgs`, which can be used to pass additional arguments
into a depot package set.
This is used in //third_party/nixpkgs for replacing the source of the
nixos-unstable channel with a path. With this we can bisect the
nixpkgs used in third_party easily.
Change-Id: I4f65eb3d6b521ed9f437649b7b068f1e6ab8210f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2925
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
This wasn't working because yerenSystem wasn't actually accessing the
`system` attribute (like the other systems), which meant it was just
an attribute set full of stuff.
Change-Id: I0abe56f0a1f18e4e542cb458dfcdf81e8a0ddc01
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2923
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Change-Id: Ic2b7db4abe636b73b4c71e6a2f1501d3b4b8b90e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2922
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Please read b/108 to make sense of this.
This gets rid of the explicit list of exposed packages from nixpkgs,
and instead makes the entire package set available at
`third_party.nixpkgs`.
To accommodate this, a LOT of things have to be very slightly shuffled
around. Some of this was done in already submitted CLs, but this
change is unfortunately still quite noisy.
Pay extra attention to:
* overlay-like functionality that was partially moved to actual
overlays (partially as in, the minimum required to get a green
build)
* modified uses of the package set path, esp. in NixOS systems
Special notes:
* xanthous has been disabled in CI because of issues with the Haskell
overlay
* //third_party/nix has been disabled because of other unclear
dependency issues
Both of these will be tackled in a followup CL.
Change-Id: I2f9c60a4d275fdb5209264be0addfd7e06c53118
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2910
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
adisbladis fixed the tdlib/telega versioning issues in nixpkgs at some
point, so this isn't required anymore.
Change-Id: Ib98e73d0e4394765f08f5f3741f70adab459c22f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2909
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
This configures accepting requests for b/ and cl/ on plain HTTP ports,
and redirecting to b.tvl.fyi & cl.tvl.fyi appropriately.
Additionally, Panettone request URIs that only contain decimals are
redirected to `/issues/$request_uri` to enable issue short-links.
This fixes b/32.
Change-Id: I56954d8d69a3624267778b467520c509f4daa6c5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2908
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Same as linking to bugs (e.g. b/108).
Change-Id: I447020bc07059c98c53322d745f961d8d471d9a4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2919
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
nixpkgs_exposed is going away, and the haskell overlay is independent
from that.
See also b/108, cl/2910
Change-Id: I3aea6dfc427a914f3f88146fd0b45d60dfd45a1a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2918
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
This is part of paving the way for clearly distinguishing between
packages from nixpkgs and //third_party.
See also: b/108, cl/2910
Change-Id: I28b5abd1f0f9fa3c4478c9f255b2025f4a4139f1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2917
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: tazjin <mail@tazj.in>
|
|
In preparation for the solution of b/108, we need to consistently use
`depot.third_party` for packages that are only packed in the TVL depot
and `pkgs` for things that come from nixpkgs.
This commit cleans up a huge chunk of these uses in //ops
Change-Id: I00faeb969eaa70760a26256274925b07998c2351
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2915
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
In preparation for the solution of b/108, we need to consistently use
`depot.third_party` for packages that are only packed in the TVL depot
and `pkgs` for things that come from nixpkgs.
Change-Id: I49d82726b2f3bd7d4923effdd9a7e3f67ddc0659
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2916
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
In preparation for the solution of b/108, we need to consistently use
`depot.third_party` for packages that are only packed in the TVL depot
and `pkgs` for things that come from nixpkgs.
This commit cleans up a huge chunk of these uses in //fun
Change-Id: I45a7b392a9749fa7859ff5100dcea415bda807c3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2914
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
In preparation for the solution of b/108, we need to consistently use
`depot.third_party` for packages that are only packed in the TVL depot
and `pkgs` for things that come from nixpkgs.
This commit cleans up a huge chunk of these uses in //third_party
Change-Id: Ic382c0cdea7330a84d5f0b7d109c824ddceb94e7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2912
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
This should ease migrating to a distinction between depot.third_party
and pkgs (as in nixpkgs) in the future.
Ref cl/2910, b/108.
Change-Id: I53a854071fddd7c0d0526cc4c5b16998202082c6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2913
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
Emails for (re)opening and closing where send out with the user's DN in
the subject which is probably not what we want.
Using displayname-if-known is probably not necessary as there is not
really a case where (not *user*) wouldn't justify a 500 in this context.
Change-Id: Id12d3d9619f42eb5337c2d3482b7c1646b5d6a81
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2911
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
Change-Id: I33ae590481abae9e20ed1ac7db5de66187f26925
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2907
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
This lets us grant permissions to them, e.g. on local folders.
Change-Id: I823ac414be1cb7d6baa4f17d95003709e5911b04
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2905
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
There will be more Buildkite-agent specific configuration, and it's
already more than just the module setup, so extracting this makes
sense.
Change-Id: I56ce205c0cb4365317ed7ed5f2d525a0b425b861
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2906
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Add kolide, the endpoint monitoring system / MDM we're using at work, to
the system derivation for my work computer.
I hate MDMs almost universally, and this one is no different, but SOC2
waits for no one.
Change-Id: I99bcb5341182a81512699d50b279efd9e1b2194b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2903
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|