| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2019-10-25 | r/91 Merge pull request #7 from tazjin/chore/bump-19.09 | Vincent Ambo | 4 | -5/+8 | |
| Update nixpkgs set to NixOS 19.09 | |||||
| 2019-10-25 | chore: Bump Nixery version & package set configuration | Vincent Ambo | 3 | -2/+5 | |
| 2019-10-25 | chore: Bump nixpkgs and use Terraform from stable | Vincent Ambo | 1 | -3/+3 | |
| 2019-09-22 | r/90 refactor(build): Only build projects explicitly set as CI projects | Vincent Ambo | 1 | -1/+1 | |
| 2019-09-22 | r/89 chore(gemma): Mark gemma as broken (again) | Vincent Ambo | 1 | -1/+3 | |
| Something broke in one of the Lisp dependencies (again). | |||||
| 2019-09-22 | r/88 refactor(build): Add ciProjects attribute for CI builds | Vincent Ambo | 1 | -0/+8 | |
| This attribute contains a list of all derivations that should be built by the CI for this repository. This includes all of my own packages that are not marked as broken, as well as select third-party packages. | |||||
| 2019-09-22 | r/87 chore(tazblog): Remove more unneeded dependencies | Vincent Ambo | 1 | -4/+4 | |
| 2019-09-21 | r/86 chore(k8s): Bump deployed Nixery version | Vincent Ambo | 1 | -1/+1 | |
| 2019-09-21 | r/85 chore: Bump Nix channel to a more recent version | Vincent Ambo | 1 | -2/+2 | |
| This version has Nixery popularity data available. | |||||
| 2019-09-21 | r/84 chore(third_party): Bump Nixery version | Vincent Ambo | 1 | -2/+2 | |
| 2019-09-21 | r/83 refactor(k8s): Parameterise the nginx version | Vincent Ambo | 2 | -1/+3 | |
| 2019-09-04 | r/82 fix(k8s): Reinsert passLookup newline after kontemplate trims it | Vincent Ambo | 2 | -1/+2 | |
| SSH can not read the key without the trailing newline. Ideally kontemplate would expose a toggle for this. | |||||
| 2019-09-04 | r/81 Merge pull request #6 from tazjin/fix/nixery-secrets-namespace | Vincent Ambo | 2 | -10/+18 | |
| Fix Nixery resources namespace & bump kontemplate | |||||
| 2019-09-04 | chore: Update kontemplate to v1.8.0 | Vincent Ambo | 1 | -4/+13 | |
| This version is agnostic of the working directory even if insertFile/insertTemplate are used, which makes it a lot nicer to work with in this repository structure. | |||||
| 2019-09-04 | fix(k8s): Move nixery-secrets to the correct namespace | Vincent Ambo | 1 | -6/+5 | |
| 2019-09-03 | r/80 Merge pull request #5 from tazjin/feat/cloud-kms-secrets | Vincent Ambo | 14 | -15/+129 | |
| Introduce secrets management via Google Cloud KMS | |||||
| 2019-09-03 | feat(k8s): Insert Nixery's secrets via kontemplate | Vincent Ambo | 5 | -4/+25 | |
| Instead of having a manually prepared secret, use Cloud KMS (as per the previous commits) to decrypt the in-repo secrets and template them into the Secret resource in Kubernetes. Not all of the values are actually secret, it has thus become a bit easier to edit the known hosts, SSH config and such now. | |||||
| 2019-09-03 | feat(secrets): Check in secrets required by Nixery | Vincent Ambo | 3 | -0/+0 | |
| 2019-09-03 | feat(tools): Introduce pass-compatible wrapper using Cloud KMS | Vincent Ambo | 5 | -0/+78 | |
| Adds a shell script that supports a subset of the 'pass' interface for compatibility with kontemplate, and wraps kontemplate in a script that places this version on the PATH. This makes it possible to use Cloud KMS encrypted secrets with kontemplate. | |||||
| 2019-09-03 | feat(gcp): Create Cloud KMS resources for encrypting secrets | Vincent Ambo | 1 | -8/+28 | |
| The idea here is to use Cloud KMS and a shell script that mimics 'pass' to trick kontemplate into using Cloud KMS to decrypt secrets. | |||||
| 2019-09-03 | chore(gcp): Remove monorepo repository | Vincent Ambo | 1 | -5/+0 | |
| The repository is now public on Github. | |||||
| 2019-09-03 | r/79 Merge pull request #4 from tazjin/fix/blog-substitutes | Vincent Ambo | 1 | -6/+10 | |
| fix(tazblog): Explicitly allow substitutes for the blog | |||||
| 2019-09-03 | fix(tazblog): Explicitly allow substitutes for the blog | Vincent Ambo | 1 | -6/+10 | |
| Not entirely sure which part of the setup set this to 'false', but this is potentially the key for why tazblog ends up being rebuilt all the time. | |||||
| 2019-09-03 | r/78 chore(k8s): Update deployed Nixery version | Vincent Ambo | 1 | -1/+1 | |
| 2019-09-03 | r/77 chore(third_party): Bump Nixery version | Vincent Ambo | 1 | -3/+3 | |
| 2019-09-02 | r/76 Merge pull request #3 from tazjin/chore/pin-travis-nix | Vincent Ambo | 7 | -95/+1 | |
| Pin Nix version in Travis builds | |||||
| 2019-09-02 | chore(tazblog): Clean up unneeded files | Vincent Ambo | 5 | -76/+0 | |
| 2019-09-02 | chore(gemma): Delete old image build configuration | Vincent Ambo | 1 | -19/+0 | |
| 2019-09-02 | chore: Pin Nix version in Travis builds | Vincent Ambo | 1 | -0/+1 | |
| There are some unexpected cache misses in the Travis builds and I suspect this might be due to mismatching Nix versions. | |||||
| 2019-09-02 | r/75 fix(k8s): Add nginx route for load-balancer health checks | Vincent Ambo | 3 | -3/+11 | |
| 2019-09-02 | r/74 chore(third_party): Remove git-appraise | Vincent Ambo | 43 | -7327/+0 | |
| Not actually in use here ... | |||||
| 2019-09-02 | r/73 Merge pull request #2 from tazjin/refactor/nixos-nginx-cleanup | Vincent Ambo | 14 | -3793/+110 | |
| Remove old NixOS config and move oslo.pub | |||||
| 2019-09-02 | fix(k8s): nginx does not need to be pinned to gitHEAD | Vincent Ambo | 1 | -1/+1 | |
| 2019-09-02 | chore(k8s): Point Nixery at public depot URL | Vincent Ambo | 1 | -2/+1 | |
| 2019-09-02 | feat(k8s): Route oslo.pub to nginx in ingress | Vincent Ambo | 1 | -1/+9 | |
| 2019-09-02 | feat(k8s): Add nginx instance for oslo.pub redirect | Vincent Ambo | 3 | -0/+92 | |
| The redirect is currently all that this instance does. It is required because HTTP load balancers in GCP don't support URL rewriting. | |||||
| 2019-09-02 | chore(k8s): Provision certificate for oslo.pub | Vincent Ambo | 1 | -0/+5 | |
| 2019-09-02 | feat(tools): Add stern, a k8s log watcher | Vincent Ambo | 2 | -0/+4 | |
| 2019-09-02 | chore(infra): Remove NixOS configuration for servers | Vincent Ambo | 8 | -3791/+0 | |
| This configuration is no longer in use. The Gemma configuration file has been moved over to the k8s folder from where it will be templated into the actual configuration. | |||||
| 2019-09-02 | r/72 Merge pull request #1 from tazjin/feat/travis-ci | Vincent Ambo | 5 | -4/+30 | |
| Add Travis CI configuration | |||||
| 2019-09-02 | chore: Catch all Nix results in gitignore | Vincent Ambo | 1 | -0/+1 | |
| 2019-09-02 | docs: Add crude top-level README | Vincent Ambo | 1 | -0/+15 | |
| 2019-09-02 | refactor(blog): Use callPackage to import derivation | Vincent Ambo | 2 | -4/+4 | |
| 2019-09-02 | feat: Add Travis CI configuration | Vincent Ambo | 1 | -0/+10 | |
| Adds a configuration that builds all of my own services and pushes the resulting closures to Cachix. | |||||
| 2019-09-02 | r/71 chore: Remove leftover Bazel files | Vincent Ambo | 1 | -2/+0 | |
| 2019-09-02 | r/70 fix(gemma): Fix build process in Nix | Vincent Ambo | 2 | -51/+28 | |
| 2019-09-02 | r/69 feat(third_party): Add missing Quicklisp packages for Gemma | Vincent Ambo | 5 | -0/+115 | |
| Gemma depends on cl-prevalence, which isn't in the nixpkgs Quicklisp snapshot. This adds the package and its dependencies to the overlay. | |||||
| 2019-09-02 | r/68 fix: Correct naming of variables in overlay function | Vincent Ambo | 1 | -9/+9 | |
| 2019-08-27 | r/67 feat(k8s): Configure HTTPS ingress for the blog | Vincent Ambo | 3 | -0/+29 | |
| Uses Google-managed certificates and an Ingress resource to set up an HTTPS load-balancer. This probably won't be the final version as the GKE Ingress is very limited and can not do things like redirect URLs, which I need to decommission the old setup. | |||||
| 2019-08-27 | r/66 feat(k8s): Add Google managed TLS certificates | Vincent Ambo | 2 | -0/+19 | |
| Introduces certificates for tazj.in & www.tazj.in. | |||||
 |
depot | |
| monorepo for the virus lounge | The Virus Lounge |
| about summary refs log tree commit diff |