about summary refs log tree commit diff
AgeCommit message (Collapse)AuthorFilesLines
2022-06-22 r/4253 chore(3p/sources): Bump channels & overlayssterni3-30/+18
* //3p/overlays/tvl: nixpkgs-fmt 1.3.0 contains the fix we care about, so we can drop the override. * //3p/nixpkgs: use awscli2 from stable nixpkgs as it's broken in unstable at the moment. Waiting on: https://nixpk.gs/pr-tracker.html?pr=178313 Change-Id: I9bb605d7940e53ebac80e3357799a3827a9415be Reviewed-on: https://cl.tvl.fyi/c/depot/+/5890 Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <tazjin@tvl.su>
2022-06-22 r/4252 style(3p/cgit): move commit decorations left of subjectVincent Ambo1-1/+2
the commit decoration layout is designed for situations where very few commits have decorations, but every depot commit has a revision. putting these on the left of the commit subject looks a lot more reasonable. ideally we would actually put them in the table as a column, but that'd be a much larger change. Change-Id: I0b44dbef36b64b183d66278d7ab7e4ff17554684 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5892 Tested-by: BuildkiteCI Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-06-22 r/4251 feat(3p/cgit): Display depot revisions in log viewsVincent Ambo2-0/+18
depot revisions are not recognised by git as a specific type of "decoration" (i.e. fall into `DECORATION_NONE`), which means that cgit skips them by default. Displaying them on code.tvl.fyi would be quite nice, so to work around this we check for the `refs/r/` prefix on skipped decorations and display them (without the `refs/` prefix) on commits. Change-Id: Ia9cece3876db471f93ab787258be527739af046b Reviewed-on: https://cl.tvl.fyi/c/depot/+/5891 Tested-by: BuildkiteCI Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-06-21 r/4250 feat(ava): Set firewall.checkReversePath to "loose"William Carroll1-0/+2
I was being warned while running `sudo rebuild-system`. Change-Id: Ie8b730760e069086c2ef88f8edf00887cbbb5c93 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5627 Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2022-06-21 r/4249 feat(ava): Install ec2-api-toolsWilliam Carroll1-0/+1
For AWS things (I'm finding the web UI pretty irritating). Change-Id: Ic144a71eb6a6ca46f808f33b5d468eb5efe52355 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5626 Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2022-06-19 r/4248 feat(users/Profpatsch/sync-abfall): caldav vdirsyncer config genProfpatsch2-1/+157
Gonna have to generate some vdirsyncer config, reusing the toIni stuff, nice. Change-Id: I036ce9990f70d3b035e47151f336d0d3971f2c91 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5888 Reviewed-by: Profpatsch <mail@profpatsch.de> Tested-by: BuildkiteCI
2022-06-19 r/4247 refactor(users/Profpatsch/aerc): move ini stuff outProfpatsch5-145/+256
First shot at generating a dhall FFI standard. Change-Id: I1cdf7eeaa6b2668a49282315f308a8e51abd0cf6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5887 Reviewed-by: Profpatsch <mail@profpatsch.de> Tested-by: BuildkiteCI
2022-06-19 r/4246 chore(third_party/overlays/dhall): bump dhall to bugfix PRProfpatsch1-3/+4
Change-Id: I5f745d3c968bf23275320834f614892a80de426c Reviewed-on: https://cl.tvl.fyi/c/depot/+/5886 Reviewed-by: Profpatsch <mail@profpatsch.de> Tested-by: BuildkiteCI
2022-06-19 r/4245 chore(third_party/overlays/dhall): revert fix dhall-nix attr key ge…Profpatsch1-4/+20
Okay, we do need the bugfix again lol This reverts commit b8c300f939f3b998fb5984eb2e62e7c97e4b5d03. Change-Id: If85cf61f32e31f7f6041a1ae76b38eeb2c93a368 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5885 Reviewed-by: Profpatsch <mail@profpatsch.de> Tested-by: BuildkiteCI
2022-06-19 r/4244 chore(overlays/dhall): bump dhall to 1.41.1Profpatsch1-2/+2
Change-Id: Id1d5550ecd27c311446aa7ec140fb98865ad19d5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5336 Tested-by: BuildkiteCI Reviewed-by: Profpatsch <mail@profpatsch.de> Autosubmit: Profpatsch <mail@profpatsch.de>
2022-06-19 r/4243 feat(users/Profpatsch/sync-abfall-ics-aichach-friedberg): initProfpatsch3-4/+161
A small script that fetches calendar files for our local trash provider. First step towards integrating ics files into my calendar setup. Change-Id: I0e8915a00c19349104cb6256e9dc87c17620fcae Reviewed-on: https://cl.tvl.fyi/c/depot/+/5883 Tested-by: BuildkiteCI Reviewed-by: Profpatsch <mail@profpatsch.de> Autosubmit: Profpatsch <mail@profpatsch.de>
2022-06-16 r/4242 chore(nixery): use nix-1p from within the depotVincent Ambo3-11/+9
Since the source of nix-1p is checked in under //nix/nix-1p, we should use it from there if Nixery is being built inside of depot. Change-Id: Iddd54f7b93b398b2f909db6ee105366a9914a2ac Reviewed-on: https://cl.tvl.fyi/c/depot/+/5882 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su>
2022-06-16 r/4241 docs(nixery): dynamically display current nixpkgs commitVincent Ambo3-13/+25
People occasionally ask what the current nixpkgs commit is on nixery.dev (see e.g. https://github.com/tazjin/nixery/issues/153). With this change, the commit is displayed on nixery.dev if Nixery is built for the TVL deployment. Change-Id: I795220214db5a367a126c9b4bd03754e9f144940 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5881 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su>
2022-06-16 r/4240 chore(tazjin/emacs): keep only one workspace on tverskoy's screenVincent Ambo1-2/+2
this machine is now sort of permanently stationed in the office, and thus permanently connected to the big screen. with this setup, it's comfortable to have it available for a single workspace (e.g. for videos playing there), but it's too confusing and unergonomic to use that screen for anything else. Change-Id: I03556b777c79f68d65d4d8bf1ba1f18982650a8b Reviewed-on: https://cl.tvl.fyi/c/depot/+/5872 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2022-06-16 r/4239 chore(3p/sources): Bump channels & overlayssterni1-9/+9
Change-Id: I4425c21c31f40a3eb1d93d8b222bf2eb3592acb3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5871 Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2022-06-14 r/4238 refactor(3p): fetch impermanence via nivVincent Ambo5-15/+14
Change-Id: Ic6bc463304643a7f983a5f7c182f95a7706ca35b Reviewed-on: https://cl.tvl.fyi/c/depot/+/5868 Reviewed-by: tazjin <tazjin@tvl.su> Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2022-06-14 r/4237 fix(tazjin/nixos): Disable localtimedVincent Ambo2-2/+5
It only sometimes works and that's not enough times. Change-Id: I11c1bc6e5c2eec4706bd935352188ffa83057c8f Reviewed-on: https://cl.tvl.fyi/c/depot/+/5869 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2022-06-14 r/4236 chore(tazjin/tverskoy): Put / on ZFS instead of tmpfsVincent Ambo1-3/+2
Maybe this will lead to me being able to log in to this machine again eventually. Change-Id: I348d6ea3b8d4cc6b8083766669ba1371b3d1216b Reviewed-on: https://cl.tvl.fyi/c/depot/+/5866 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2022-06-14 r/4235 chore(3p/sources): Bump channels & overlaysVincent Ambo1-15/+15
Change-Id: I5cf9367401ea6ab6acd0bc6cfa76e3840861a528 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5867 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-06-13 r/4234 chore(tazjin/nixos): update initial hashed passwordVincent Ambo1-1/+1
I still have the issue where after reboots I can't log in to my machines without going through a horrible dance with booting a NixOS installer and so on. I suspect this has somethign to do with this initial hashed password set here, but I was unable to verify what password I've actually set up there, so I'm resetting it to a known string to verify my theory. Change-Id: Ic9d495255ca48110920cf2df371946ac146dcd72 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5865 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2022-06-11 r/4233 fix(tazjin/zamalek): Stop NetworkManager meddling with DNS settingsVincent Ambo1-0/+1
Change-Id: I3a00d23a604aa56f7a566a1caac0314cad90deff Reviewed-on: https://cl.tvl.fyi/c/depot/+/5863 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2022-06-09 r/4232 fix(ops/besadii) test trigger.ref against configured branchÅsmund Østvold1-1/+1
Before this commit besadii only worked for repos having 'refs/heads/canon' as main branch. Change-Id: Ia2ceb8a720c675be84bc3d81b89338522cea6ebd Reviewed-on: https://cl.tvl.fyi/c/depot/+/5862 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: asmundo <asmundo@gmail.com>
2022-06-09 r/4231 feat(tazjin/nixos): install volumeiconVincent Ambo1-0/+1
Change-Id: I28977356c5a051addb1bb98e3c2aa2c81494fd74 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5861 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2022-06-08 r/4230 chore(3p/sources): Bump channels & overlayssterni3-11/+11
* //users/tazjin: the services.localtime module was renamed https://github.com/NixOS/nixpkgs/pull/175831#issuecomment-1146590790 * //3p/nixpkgs: glimpse is broken, pick it from stable channel Change-Id: I4ea3f243e4575d3d7992ee6377fa9890c46db1ed Reviewed-on: https://cl.tvl.fyi/c/depot/+/5848 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi> Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: sterni <sternenseemann@systemli.org>
2022-06-07 r/4229 fix(tools/checks): Minor typo fixVincent Ambo1-1/+1
Change-Id: I5cfd6223a3bd0bb4cc650b53af36193185354062 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5859 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2022-06-07 r/4228 feat(tvl-kit): Expose //tools/checks in tvl-kitVincent Ambo3-0/+3
This makes CI utility functions available in TVL kit. For now this is only the Terraform check, but said check has come up in other repos before so it's useful to centralise here (and we might add more!) Change-Id: I18acb19fc3407650ab9bad53dfba022dda498c07 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5858 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: asmundo <asmundo@gmail.com>
2022-06-07 r/4227 refactor(ops/keycloak): Use tools.checks.validateTerraformVincent Ambo1-5/+5
Remove some ~commit message~ ... uh, code duplication. Change-Id: Id6e8f2132999e153d3984848f95ccabd52e4f45f Reviewed-on: https://cl.tvl.fyi/c/depot/+/5853 Tested-by: BuildkiteCI Reviewed-by: asmundo <asmundo@gmail.com>
2022-06-07 r/4226 refactor(ops/glesys): Use tools.checks.validateTerraformVincent Ambo1-8/+6
Remove some code duplication. Change-Id: Ia9e0b3b22926eb9e72f302e2c1ebcee68eaa1db9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5852 Tested-by: BuildkiteCI Reviewed-by: asmundo <asmundo@gmail.com>
2022-06-07 r/4225 refactor(ops/buildkite): Use tools.checks.validateTerraformVincent Ambo1-8/+6
Remove some code duplication. Change-Id: I7ff49e728e1bd584bca3b84cdc033d93e60aefc2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5851 Tested-by: BuildkiteCI Reviewed-by: asmundo <asmundo@gmail.com>
2022-06-07 r/4224 feat(tools/checks): Add factored-out Terraform config checkVincent Ambo1-0/+38
This can be re-used across Terraform environments. Change-Id: I3d964a17d1cda1aff1df12bd4c0c3ee84b7f7748 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5850 Tested-by: BuildkiteCI Reviewed-by: asmundo <asmundo@gmail.com>
2022-06-06 r/4223 fix(tools/releases): Explicitly set release phase in filteredGitPushVincent Ambo1-1/+1
Change-Id: I70fe0eb168064795f704baf1a24556365cfdf8c9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5831 Tested-by: BuildkiteCI Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
2022-06-06 r/4222 refactor(nix/buildkite): Optimise steps if builds are not enabledVincent Ambo1-1/+2
Generating a release-only pipeline skips a bigger chunk of eval this way (the step itself is never actually evaluated, which means we never actually compute the drv), which can be quite beneficial in terms of evaluation time. Change-Id: I2739026ddd1c6a86f82627ac26a046c5fe7359ea Reviewed-on: https://cl.tvl.fyi/c/depot/+/5830 Tested-by: BuildkiteCI Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
2022-06-06 r/4221 fix(nix/buildkite): Disable `depends_on` if build phase is not runVincent Ambo1-4/+15
Extra steps that use `depends_on` (e.g. if they need output from their parent) should not actually depend on their parents build step if the build phase is not active. This is required to actually decouple the phases. Change-Id: I398da9a8a53e97ca3c635342259fc722d54b8e4a Reviewed-on: https://cl.tvl.fyi/c/depot/+/5829 Tested-by: BuildkiteCI Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
2022-06-06 r/4220 feat(nix/buildkite): Allow toggling of individual phasesVincent Ambo1-6/+18
Using the `activePhases` attribute, the set of phases included in an evaluation can be modified. This lets users generate e.g. ONLY the release steps of a pipeline. Change-Id: Ib0c38826dd69666094d619f5f324d1baafce8134 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5828 Tested-by: BuildkiteCI Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
2022-06-06 r/4219 fix(ops/glesys): Remove now unnecessary workaroundVincent Ambo1-4/+0
Remove a workaround for a GleSYS provider bug that was fixed in the last release. Change-Id: Ibd25de0b4dcccd781518d5d0ae1c75d296f6b05f Reviewed-on: https://cl.tvl.fyi/c/depot/+/5845 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2022-06-06 r/4218 test(ops/keycloak): Validate Terraform configuration in CIVincent Ambo1-2/+8
Change-Id: I5602cf722b9fe9502c9d7610eefc7ba0ab647362 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5844 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2022-06-06 r/4217 test(ops/glesys): Validate Terraform configuration in CIVincent Ambo1-2/+11
Change-Id: I8d251d3ee1de77feca865d0a677041c9c485d211 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5843 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2022-06-06 r/4216 test(ops/buildkite): Validate Terraform configuration in CIVincent Ambo1-2/+11
Change-Id: Ieef4d7d0a717107ee67432474683f3344b6561f8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5842 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-06-06 r/4215 feat(ops/buildkite): Import tvl-kit pipelineVincent Ambo2-0/+11
Change-Id: I21f6e0adba3dca3be741761a226ab6810d8bcf8d Reviewed-on: https://cl.tvl.fyi/c/depot/+/5841 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-06-06 r/4214 feat(ops/buildkite): Import main depot pipelineVincent Ambo2-0/+13
Change-Id: Id470750aa90505002c6a7e4f840e56c4939ed391 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5840 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-06-06 r/4213 docs(ops/buildkite): Add documentation about this configVincent Ambo2-1/+25
Change-Id: Ia61b15127c67cdd9dddcab9f3540f1aee949cd6b Reviewed-on: https://cl.tvl.fyi/c/depot/+/5839 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-06-06 r/4212 feat(ops/buildkite): Bootstrap Buildkite Terraform configurationVincent Ambo4-0/+38
In order to run this the secrets needs to be sourced, e.g.: eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-buildkite.age) Change-Id: I9f6a02c0dac22f584181635861ddbb06cf849f14 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5838 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <tazjin@tvl.su>
2022-06-06 r/4211 feat(ops/secrets): Add Buildkite API token for TerraformVincent Ambo2-0/+17
Change-Id: I0930f4fb34015ddcaa791b07e4d5d87d069d2b0a Reviewed-on: https://cl.tvl.fyi/c/depot/+/5837 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2022-06-03 r/4210 fix(3p/nixpkgs): pass the same args to stable as to unstable nixpkgssterni1-13/+17
Of course we can't pass the overlays without causing an infinite recursion, but they are also intended purely for unstable nixpkgs, so it doesn't matter. Change-Id: I0e1b42e37ad12872f9420cf59dff6d944b2bc5d3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5847 Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2022-06-03 r/4209 fix(3p/nixpkgs): pass localSystem from depot to nixpkgssterni1-1/+8
Change-Id: I75d2ad14ebc81a76cfa7c8d83e77b4a124b03466 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5846 Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2022-06-03 r/4208 fix(nix/emptyDerivation): Use system from readTree parametersVincent Ambo2-5/+4
Change-Id: Ia7f9f4d0e7c06fa5433213a315c3354a83e94545 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5833 Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-06-03 r/4207 feat: Add top-level system parameterVincent Ambo1-0/+2
This has come up a couple of times. This way system is passed to all derivations. Maybe we can do something useful with it. Change-Id: Ia7dfcffbc82abbd3128342a8971a3861865be713 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5832 Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: sterni <sternenseemann@systemli.org>
2022-06-03 r/4206 fix(grfn/achilles): use parent envrc in direnvVincent Ambo1-0/+1
this way the tooling provided by //.envrc will not disappear Change-Id: Icba1fe85d65316fde939ed3451e0cf80d9064382 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5836 Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2022-06-03 r/4205 feat(nix/buildkite): Validate available phases in extra stepsVincent Ambo1-5/+13
This will avoid things like extra steps being accidentally ignored because of typos. Change-Id: Ic4fa5925e42a7a449f89b4cde1510e216e91da6a Reviewed-on: https://cl.tvl.fyi/c/depot/+/5827 Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com> Tested-by: BuildkiteCI
2022-06-03 r/4204 fix(nix/buildkite): Forbid 'prompt' in build phase stepsVincent Ambo1-5/+11
This would block CI on human-approval if people were allowed to do it, so they're just not. Change-Id: I8a9b657d5c91636a7b4de249b977e24fc0941a1c Reviewed-on: https://cl.tvl.fyi/c/depot/+/5826 Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI