about summary refs log tree commit diff
AgeCommit message (Collapse)AuthorFilesLines
2021-12-30 r/3502 feat(grfn/bbbg): Add "RSVP" column to event attendeesGriffin Smith1-1/+11
Also sort, first by rsvp, then by signed in, then by last check, then by name Change-Id: I15d2e4a5693290d9c1cfd09196982e7a6957a138 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4742 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2021-12-29 r/3501 feat(wpcarro/scratch): Upload my solutions to cryptopalsWilliam Carroll6-0/+409
More beginner problems/solutions for CTF-style challenges. Change-Id: Ide229e99e3ccc1ede5a5ca1c2ad039498e49ea4c Reviewed-on: https://cl.tvl.fyi/c/depot/+/4740 Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2021-12-29 r/3500 feat(wpcarro/scratch): Upload my solutions to picoCTF challengesWilliam Carroll9-0/+107
Just getting my feet wet... Change-Id: Ia1db0c69fe7d5ea5cb5585853d0688ef97f2680a Reviewed-on: https://cl.tvl.fyi/c/depot/+/4739 Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2021-12-29 r/3499 feat(wpcarro/terraform): Attach 100GB external disk to VMWilliam Carroll1-0/+11
I'm mimmicking the setup of diogenes-1 until I switch everything over to the terraform-defined diogenes. Change-Id: Ic9b54909696616b5f206bbf982ff556f053c424e Reviewed-on: https://cl.tvl.fyi/c/depot/+/4738 Tested-by: BuildkiteCI Reviewed-by: zseri <zseri.devel@ytrizja.de> Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com>
2021-12-29 r/3498 feat(wpcarro/terraform): Support SSHWilliam Carroll1-5/+8
Supporting SSH turned-out to be a bit of a saga... Thank you @espes and @grfn for the pointers. Problem: When I originally setup my Google VM, I followed this tutorial, https://nixos.wiki/wiki/Install_NixOS_on_GCE, so I ended-up installing `nixos-20-03`: an older version of NixOS, (the newest version in `gsutils ls -l gs://nixos-images`). Critically, I missed this important footnote: > NOTE: Newer images (from 20.09 on) won't be available at the bucket above, and > will instead need to be found at > <nixpkgs/nixos/modules/virtualisation/gce-images.nix>. It turns out that *newer* images include this script... https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/fetch-instance-ssh-keys.bash ...which reads the key, "sshKeys", from the Google metadata server and copies the value into /root/.ssh/authorized_keys. To make matters a bit misleading, the NixOS script expects the key to be "sshKeys", but Google deprecated that in favor of "ssh-keys" (hence why both versions appear in this commit). TL;DR: - upgrading to a newer NixOS image - adding an empty access_config block so Google will assign my VM an external IP - removing oslogin (not necessary to do, and I may add it back later) - adding my public SSH key as metadata Change-Id: If624fe77afd47b31fa7be0a1dd4a55512317eef0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4737 Tested-by: BuildkiteCI Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com>
2021-12-29 r/3497 feat(wpcarro/marcus): Support home-managerWilliam Carroll3-0/+87
For now: - git confg - picom: X compositor - dunst: system notifications (not working for quassel) I still need to port various configs and ensure I support both gLinux and NixOS machines. Change-Id: I31a635eaacac25ef6219e079fc968d2ece026a5f Reviewed-on: https://cl.tvl.fyi/c/depot/+/4736 Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2021-12-29 r/3496 docs(zseri): Add RFC document dbwospof.mdzseri1-0/+112
Title: distributed builds without single points-of-failure Change-Id: I54275ea75d7e29269162f6158743d64d17f79915 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4550 Tested-by: BuildkiteCI Reviewed-by: zseri <zseri.devel@ytrizja.de> Autosubmit: zseri <zseri.devel@ytrizja.de>
2021-12-28 r/3495 fix(ops/keycloak): redefine buildkite client, correctly this timeVincent Ambo1-15/+26
This client definition was previously nonsense. What happened is that I accidentally imported the client as an OIDC client, which Keycloak accepted because apparently those are the same entities on the API level, and that ended up getting mangled into some broken hybrid shape by Terraform. This sets up the Buildkite provider again but with the correct SAML configuration this time. Change-Id: Id7ba318984d2fcc9e2ca91ed45ccbfd227278bbe Reviewed-on: https://cl.tvl.fyi/c/depot/+/4731 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: tazjin <mail@tazj.in>
2021-12-28 r/3494 feat(sterni/aoc/2021): day 10 solutionsterni1-0/+45
Change-Id: I5feb7187bd9aee45478aa5759e94df49e92565bf Reviewed-on: https://cl.tvl.fyi/c/depot/+/4734 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-12-28 r/3493 feat(sterni/aoc/2021): day 11 solutionsterni1-0/+46
Change-Id: I59087cd855953d0ebdcaaea2374788e9e015e1ea Reviewed-on: https://cl.tvl.fyi/c/depot/+/4733 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-12-28 r/3492 refactor(tools/depotfmt): Move depotfmt check into a real build stepVincent Ambo2-7/+14
Produces more useful output and also makes for a good target for the upcoming extraSteps logic. Change-Id: Ifd389d433d9e27f97940a48999f4fba35646e37a Reviewed-on: https://cl.tvl.fyi/c/depot/+/4727 Tested-by: BuildkiteCI Autosubmit: tazjin <mail@tazj.in> Reviewed-by: sterni <sternenseemann@systemli.org>
2021-12-28 r/3491 refactor: Generalise pipeline generation in //nix/buildkiteVincent Ambo2-115/+172
Extracts the logic for generating our Buildkite pipeline (which has been copy&pasted and slightly modified in some places outside of depot) into a generic //nix/buildkite library. This should cause no change in functionality. Change-Id: Iad3201713945de41279b39e4f1b847f697c179f7 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4726 Autosubmit: tazjin <mail@tazj.in> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-12-28 r/3490 fix(ops/users): change my email to the @tvl.su oneVincent Ambo1-1/+1
Change-Id: Id608fe66b203c1d08958c85be44506a86eec56d5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4730 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Autosubmit: tazjin <mail@tazj.in>
2021-12-28 r/3489 style(wpcarro/terraform): Apply terraform fmt to filesVincent Ambo1-9/+9
This is going to be enforced in CI very shortly (it already kind of was, but not really). Change-Id: I8569d030e31230f077371bd1644b75f048271a0e Reviewed-on: https://cl.tvl.fyi/c/depot/+/4728 Tested-by: BuildkiteCI Autosubmit: tazjin <mail@tazj.in> Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: wpcarro <wpcarro@gmail.com>
2021-12-28 r/3488 chore(3p/overlays/haskell): nix-diff patch has been upstreamedsterni1-8/+0
https: //hackage.haskell.org/package/nix-diff-1.0.17/changelog Change-Id: Ied02395151ec62619721ad5e78d0841fa87d1b3c Reviewed-on: https://cl.tvl.fyi/c/depot/+/4729 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-12-28 r/3487 feat(3p/nixpkgs): allow injecting user nixpkgs configzseri2-3/+9
use case: system-wide 'testing' usage of content-addressed derivations Change-Id: I1f63ddf679da7d53ff0d8a851642dd081a70fe55 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4551 Tested-by: BuildkiteCI Reviewed-by: zseri <zseri.devel@ytrizja.de> Reviewed-by: tazjin <mail@tazj.in> Autosubmit: zseri <zseri.devel@ytrizja.de>
2021-12-28 r/3486 feat(wpcarro/terraform): Configure firewallWilliam Carroll1-2/+20
When I include "80" and "443" in the allowed TCP ports, the ports don't appear to be open, but when I add the tags "http-server" and "https-server", which I don't control, they do. I'm not sure what's going on, but I don't want to let perfect be the enemy of good... Change-Id: I46097a9d80708d14261b0af34c16ab1129aa8107 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4725 Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2021-12-28 r/3485 feat(wpcarro/terraform): Encode diogenes as terraform configurationWilliam Carroll2-0/+51
Some reference commands for my future self (blog post forthcoming?): ```shell $ nix-shell -p google-cloud-sdk terraform $ gcloud auth application-default login # stateful $ terraform init $ terraform apply ``` What's left for feature parity? - Encode 100GB external disk as resource - Encode firewall as resource - Ensure marcus can SSH to instance Stretch goals: - Spin-up fully NixOS-configured instances Change-Id: If156a5b0a2a0f8bfdf2548a4b5f592a77409fcb5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4724 Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2021-12-28 r/3484 fix(wpcarro/blog): Fix broken post linksWilliam Carroll2-10/+7
TL;DR: - copy rendered posts to $out/posts - update postUrl attr - remove unused attrs Change-Id: I027c20d6244e4626128788ad9aa1f1aad7855f32 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4723 Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2021-12-28 r/3483 refactor(wpcarro/website): Prefer substituteAllWilliam Carroll8-82/+91
`substituteAll` supports templating with @variables@, which I think really cleans things up. Change-Id: Icfad15ac9e174495ba02260d817f7330f1616c6f Reviewed-on: https://cl.tvl.fyi/c/depot/+/4722 Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2021-12-27 r/3482 refactor(ops/secrets): optimize + typecheck mkSecretszseri1-11/+19
Change-Id: I592c8f2f82cef8fe4509e90a8c48504a0c74d133 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4688 Reviewed-by: zseri <zseri.devel@ytrizja.de> Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: grfn <grfn@gws.fyi> Reviewed-by: lukegb <lukegb@tvl.fyi> Autosubmit: zseri <zseri.devel@ytrizja.de> Tested-by: BuildkiteCI
2021-12-27 r/3481 feat(ops/glesys): Import DNS records for tvl.suVincent Ambo1-0/+120
These records were previously configured manually in the GleSYS web UI during our DNS outage (b/155). Note that I could not find a way to `terraform import` these records and have instead recreated the set and then cleaned up in the UI. Change-Id: If7de9a7e6dad20953ba8b610589a62dce400e87b Reviewed-on: https://cl.tvl.fyi/c/depot/+/4716 Tested-by: BuildkiteCI Autosubmit: tazjin <mail@tazj.in> Reviewed-by: grfn <grfn@gws.fyi>
2021-12-27 r/3480 feat(ops/glesys): Import DNS records for tvl.fyiVincent Ambo3-2/+111
These records were previously configured manually in the GleSYS web UI during our DNS outage (b/155). Note that I could not find a way to `terraform import` these records and have instead recreated the set and then cleaned up in the UI. Since we often point things at whitby, I have extracted variables for its IPs in this change. Change-Id: I09fda94d3734e8aaa278fa858e160d046740da1e Reviewed-on: https://cl.tvl.fyi/c/depot/+/4714 Tested-by: BuildkiteCI Autosubmit: tazjin <mail@tazj.in> Reviewed-by: grfn <grfn@gws.fyi>
2021-12-27 r/3479 feat(ops/glesys): Import DNS records for nixery.devVincent Ambo1-0/+44
These records were previously configured manually in the GleSYS web UI during our DNS outage (b/155). Note that I could not find a way to `terraform import` these records and have instead recreated the set and then cleaned up in the UI. Change-Id: I2b7e0ed0931f50e7fa49c1f6e3400dfe958def04 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4713 Tested-by: BuildkiteCI Autosubmit: tazjin <mail@tazj.in> Reviewed-by: grfn <grfn@gws.fyi>
2021-12-27 r/3478 chore(wpcarro/website): Archive dusty, old websitesWilliam Carroll17-6033/+0
Change-Id: I07b6e70ec4026644733e58a2c5f2aa6696a038f3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4719 Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2021-12-27 r/3477 fix(wpcarro/blog): Fix broken hrefs to blog postsWilliam Carroll3-124/+2
Remove remaining references to blog.wpcarro.dev Change-Id: I364763459b195fc17753da4a7c5918ce5136e891 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4718 Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2021-12-27 r/3476 feat(wpcarro/blog): Add a blog index pageWilliam Carroll8-18/+174
TL;DR: - Create an index page to list blog posts - Drop blog.wpcarro.dev -> wpcarro.dev/blog - Create fragments directory to host reusable static website components - Consume fragments in wpcarro.dev and wpcarro.dev/blog for brand consistency Change-Id: Ib8440300c008c3c0c5e5a6f207e4ea207dd41b47 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4717 Tested-by: BuildkiteCI Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com>
2021-12-27 r/3475 fix(grfn/bbbg): Allow importing empty attendee listsGriffin Smith2-19/+21
Change-Id: I278c586db7a8641a9e254f05075ee4e8bdf78d67 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4715 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi>
2021-12-27 r/3474 feat(ops/secrets): Import secrets for tf-glesysVincent Ambo3-0/+21
Adds the secrets and some instructions for deploying the GleSYS Terraform infrastructure. Change-Id: I1a10f9cee7648d406b3d27ef45fc74b6923cbc30 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4712 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-12-27 r/3473 feat(ops/keycloak): Import Buildkite OIDC clientVincent Ambo1-0/+21
This was previously configured in the UI. Change-Id: I68361b1489093b76736adab2e38ed7b474b10881 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4711 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-12-27 r/3472 feat(ops/keycloak): Import Gerrit OIDC clientVincent Ambo1-0/+21
This was previously configured in the UI. Change-Id: Ib15b8ecca96d7814dc85d62199865b22bdb63f95 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4710 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-12-27 r/3471 fix(ops/keycloak): Move Terraform state to GleSYS bucketVincent Ambo2-12/+24
This should never sit around locally the way it does now. Change-Id: Icfbdaf1949d6d948a796a0759282ea6144af3621 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4709 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-12-27 r/3470 feat(ops/secrets): Add tf-keycloak secrets fileVincent Ambo4-1/+33
This file can be sourced (somehow, depending on the user) while working with //ops/keycloak to get the relevant secrets. Change-Id: Ibb3051c4b019f64824964475451c1c3996db6421 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4708 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-12-27 r/3469 feat(ops/keycloak): Add OIDC client for GrafanaVincent Ambo1-0/+14
Completely forgot about Grafana, so it's currently broken. Oops! Change-Id: Ia4e6405428ad8e514d6e61635f9692c57f61defe Reviewed-on: https://cl.tvl.fyi/c/depot/+/4705 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: tazjin <mail@tazj.in>
2021-12-27 r/3468 fix(whitby): Point grafana at new auth providerVincent Ambo2-18/+18
Grafana was still pointing at the (now non-existent) CAS setup. This changes the endpoints to use Keycloak instead and updates the client secret. Change-Id: Ib25d38330aba2ef6d894e8c33d86852c884ab5be Reviewed-on: https://cl.tvl.fyi/c/depot/+/4706 Tested-by: BuildkiteCI Autosubmit: tazjin <mail@tazj.in> Reviewed-by: grfn <grfn@gws.fyi>
2021-12-27 r/3467 fix(bin): Add missing tf-keycloak symlinkVincent Ambo1-0/+1
Change-Id: I98e79a7c9d57a4c6085f31a382d0b1ad335f07d2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4703 Tested-by: BuildkiteCI Autosubmit: tazjin <mail@tazj.in> Reviewed-by: tazjin <mail@tazj.in>
2021-12-27 r/3466 fix(grfn/bbbg): Fix organizer role IDGriffin Smith1-1/+1
Figured this out by opening web inspector for the discord web app and looking at the responses for role memeber counts. Change-Id: I0fa6418c4d1781a65ef50c9ed14665e2b142ae32 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4707 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2021-12-27 r/3465 refactor(wpcarro/blog): Prefer depot.web.blogWilliam Carroll41-1119/+77
Hugo is a bit too heavyweight for my taste. Change-Id: I331bc5898bd40f1a03bbde8ad69fe3cc9f72c18b Reviewed-on: https://cl.tvl.fyi/c/depot/+/4704 Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2021-12-27 r/3464 chore(3p/nixery): Bump Nixery to latest versionVincent Ambo1-2/+2
This includes a bunch of fixes by @jpetazzo on Github: - https://github.com/tazjin/nixery/pull/145 - https://github.com/tazjin/nixery/pull/146 - https://github.com/tazjin/nixery/pull/147 - https://github.com/tazjin/nixery/pull/148 Especially the last two have some impact on the Nixery UX and it's good to get them out. Change-Id: I8a2b429281f58bd32364448190a380f8e68775f9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4702 Tested-by: BuildkiteCI Autosubmit: tazjin <mail@tazj.in> Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-12-27 r/3463 feat(nix/yants): improve error message for errornous predicatezseri1-4/+9
while trying to yantsify `mkSecrets` in https://cl.tvl.fyi/c/depot/+/4688, I(zseri) needed to debug a failing evaluation which boiled down to a result.ok containing something which wasn't boolean, but the error message didn't indicate where that value came from. I debugged yants and found that the only place which didn't simply combine boolean values or use functions which always return booleans, I managed to isolate the error to the `pred v` expression. To avoid the necessity to debug yants to find this, I improve the error message for this case to mention that - a restriction predicate is invalid - what's the name of the failing restriction - the unexpected predicate return value Change-Id: I6c570a33ccc5afc445f208e2e8855c49fb37abaf Reviewed-on: https://cl.tvl.fyi/c/depot/+/4698 Tested-by: BuildkiteCI Reviewed-by: zseri <zseri.devel@ytrizja.de> Reviewed-by: tazjin <mail@tazj.in> Autosubmit: zseri <zseri.devel@ytrizja.de>
2021-12-27 r/3462 refactor(tvl.el): use flags of gerrit-ref for WIPzseri1-1/+1
Change-Id: I858070ff8e48ca7e556f33d276e89b6ae940519c Reviewed-on: https://cl.tvl.fyi/c/depot/+/4630 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-12-27 r/3461 feat(3p/tvix): run formatting check in parallel to restzseri1-4/+35
Change-Id: Ia5b3a5e76672143df361fec375903e3582694112 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4632 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi> Reviewed-by: zseri <zseri.devel@ytrizja.de> Autosubmit: zseri <zseri.devel@ytrizja.de>
2021-12-27 r/3460 refactor(grfn/system): Don't set autoOptimiseStoreGriffin Smith1-1/+0
I have a (unconfirmed) suspicion that this is paying more in CPU time than it's saving in disk space - regardless, I have a bounty of the latter and a deficit of the former. Change-Id: I3375b8d904e0878fd47c1845e3c3b9b6c6359189 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4700 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2021-12-27 r/3459 feat(grfn/bbbg): Update (almost) all depsGriffin Smith2-72/+59
Change-Id: I316af01af87ed6f75d57e4400c95d83d274370a4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4699 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2021-12-27 r/3458 fix(grfn/bbbg): Configure web base urlGriffin Smith3-5/+15
This was originally intended to work around the issue caused by me accidentally ending up proxy_set_header'ing the Host header twice (which nginx *concatenates with slashes*, rather than overwriting!), but seems sensible regardless to make that whole thing (hopefully) a bit less brittle Change-Id: I877fa594b46e88d1ba05e793832beab3d0aaccdd Reviewed-on: https://cl.tvl.fyi/c/depot/+/4697 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2021-12-27 r/3457 feat(grfn/bbbg): Add a request loggerGriffin Smith3-37/+72
Also update log deps so things actually log, using a new :outdated alias based on antq Change-Id: I6f87f474bea101fa1b396c519b234eb3aac1c4f1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4696 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2021-12-27 r/3456 feat(grfn/bbbg): Production deploymentGriffin Smith9-19/+458
Start of a production deployment of the app with nixos+terraform, using provisioners and null-resources to provision nixos machines a'la espes. Change-Id: I2ddaed76d0037dadbf9fc9e2ee27e9e67a852228 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4695 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2021-12-27 r/3455 feat(grfn/bbbg): Add NixOS module, deploy to mugwumpGriffin Smith6-2/+156
Change-Id: I0299242982c183fa9fc1f26b1bacb14f8fc14b28 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4684 Reviewed-by: grfn <grfn@gws.fyi> Reviewed-by: zseri <zseri.devel@ytrizja.de> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2021-12-27 r/3454 feat(grfn/mugwump): Set up agenixGriffin Smith6-2/+37
Start setting up agenix with secrets in //users/grfn/secrets for mugwump, starting with my cloudflare API key which I use for the ddns from my home apartment Change-Id: Ida66cb91da3415357a512039d6c23402f0ae9388 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4683 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2021-12-27 r/3453 refactor(ops/secrets): generalize out a mkSecrets functionGriffin Smith2-21/+22
Generalize out a reusable mkSecrets function from the secrets-tree-building that's happening in //ops/secrets, so the same thing can happen in other places in the depot (I want to use it for my personal infrastructure). Change-Id: I059295c8c257d78ad7fa0802859f57c2c105f29b Reviewed-on: https://cl.tvl.fyi/c/depot/+/4679 Reviewed-by: grfn <grfn@gws.fyi> Reviewed-by: zseri <zseri.devel@ytrizja.de> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI