about summary refs log tree commit diff
path: root/ops/machines
AgeCommit message (Collapse)AuthorFilesLines
2023-10-06 r/6717 chore(ops): remove images.tvl.fyiVincent Ambo1-1/+0
I don't even know what this is/was. Change-Id: I743efa88258bbc13b7a3d4b8de8df222325b00ed Reviewed-on: https://cl.tvl.fyi/c/depot/+/9553 Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: flokli <flokli@flokli.de> Reviewed-by: tazjin <tazjin@tvl.su>
2023-09-22 r/6635 feat(ops): add nixery-01 instance for hosting nixery.devVincent Ambo1-0/+31
Change-Id: Ida21ac7240a532bb6063b362155f2b14b2859aae Reviewed-on: https://cl.tvl.fyi/c/depot/+/9426 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2023-09-05 r/6552 feat(ops/modules): deploy //web/pwcrypt to signup.tvl.fyiVincent Ambo1-0/+1
I verified on whitby that the password hashes generated by //web/pwcrypt are compatible with our OpenLDAP, so it's time to make this thing public. Change-Id: Icc2f095ca7ce4acff6de91a1642dea6461177423 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9266 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de> Autosubmit: tazjin <tazjin@tvl.su>
2023-07-10 r/6401 fix(ops/whitby): remove tazj.in moduleVincent Ambo1-1/+0
this moved out of whitby some time ago (to koptevo.tazj.in), but is now causing failures because of ACME cert renewal Change-Id: I4da5512db0d85d416511a1d10f784e978c5ccc93 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8948 Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-06-30 r/6374 chore(ops/whitby): remove broken oauth2_proxy serviceVincent Ambo1-5/+0
this never worked and was never used, but for now the module itself is still around in case somebody wants it for something Change-Id: Id8e449e08c8012786bca0ea57d9c7b97056a1f3d Reviewed-on: https://cl.tvl.fyi/c/depot/+/8905 Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-23 r/6350 chore(ops/whitby): drop obsolete grub version optionsterni1-1/+0
Change-Id: I8f89f00d3eca5cef23dc7698208b08e0b6826393 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8854 Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-22 r/6343 feat(ops): introduce (head|tail)scale server at net.tvl.fyiVincent Ambo2-0/+14
This runs a headscale server on sanduny which lets users join their machines to the TVL tailscale network. This would theoretically let people communicate with each other on the internal network, but also more notably joined servers can advertise exit node capability so that we can have our own "VPN network", for starters with endpoints in Germany, UK and Russia (whitby, sanduny and koptevo respectively). This setup isn't fully stable yet, notably: * The IP range used by tailscale is just the default one right now, I'm not sure if that should be changed or what. * The system is stateful (on sanduny), but the state is not (yet) backed up anywhere. Use with caution. * Machine joining is a manual process requiring SSH & root access to sanduny. The process is to log in to sanduny, then get a headscale shell with `sudo -u headscale bash`, and to use the `headscale` CLI within there to administrate access. I've opted to create a user account `tvl` for TVL-owned machines, and a personal account for myself and my machines. Change-Id: I4f1be1fe8062a6c2e77203ff72fe8709f4e4dec8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8837 Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-06-15 r/6311 chore(3p/sources): Bump channels & overlayssterni1-1/+0
* //ops/modules/depot-inbox: Adapt to upstream option type declaration. See nixpkgs commit b6ed3b8f402893df91a8e21ce993520301c2f076. * //ops/machines/sanduny, //users/tazjin/polyanka: Remove boot.loader.grub.version options (no longer has any effect). * //users/sterni/emacs: reflect rename emacsPgtk -> emacs-pgtk * //3p/overlays: update tdlib to match emacs-overlay * //3p/overlays: give EXWM from depot a separate name * //users/grfn/system/home: disable Slack support in ntfy Change-Id: I03bde088bc70e05b23925f244899807210cb7b20 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8547 Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-05-11 r/6132 chore: address renames of boot & tmp related optionssterni1-1/+1
Change-Id: I78f2116a63675fff5a36826b3e5390798ab9db9f Reviewed-on: https://cl.tvl.fyi/c/depot/+/8526 Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <tazjin@tvl.su> Reviewed-by: grfn <grfn@gws.fyi> Reviewed-by: flokli
2023-04-11 r/6094 chore: adapt to ssh option renamessterni1-2/+4
Change-Id: I6fc2aaefe40e449bd1937bb68f3a2ab4abaa5cd0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8372 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2023-03-14 r/6005 feat(ops): serve Tvix website & docs on (docs.)tvix.devVincent Ambo1-0/+1
Change-Id: I198ea197867f9b9a48e51665d0665f722202e02e Reviewed-on: https://cl.tvl.fyi/c/depot/+/8299 Reviewed-by: flokli <flokli@flokli.de> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-02-11 r/5846 chore(whitby): enable zram swapAlyssa Ross1-0/+2
Whitby has a lot of memory, but I've still been fighting with the OOM Killer trying to build a few big packages at the same time. Besides, it's generally a good idea to always have swap available even if there's lots of memory for caching optimisation reasons[1], and zram swap is efficient enough to basically provide bonus memory for free. [1]: https://haydenjames.io/linux-performance-almost-always-add-swap-space/ Change-Id: I1fbe60f7975ebfa38e341e0de76848ec79b6fcf0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8065 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2022-12-27 r/5503 feat(ops/modules): set up public-inbox at inbox.tvl.suVincent Ambo1-0/+5
Initial setup which does not yet include fetching mails at all, this is for now only going to display a manually populated view of the existing mailing list while the rest of this stuff is set up. Change-Id: Ie1235bd257c9056fe37d0740dfca771ebdd880eb Reviewed-on: https://cl.tvl.fyi/c/depot/+/7628 Reviewed-by: flokli <flokli@flokli.de> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2022-12-12 r/5410 feat(wpcarro/nixos): Support kyokoWilliam Carroll1-0/+1
Yet Another NixOS System Change-Id: I29590c5e7c2a651f3ef56642018649dddd9f06b6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7297 Reviewed-by: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: wpcarro <wpcarro@gmail.com>
2022-11-07 r/5260 fix(ops/machines/whitby): serve grafana at status.tvl.su againsterni1-1/+1
This is a follow up to cl/7191 which neglected to adjust the status.tvl.su.nix module and re-enable it. Change-Id: Icc1917004cd50e5eab61a29bc68b393ba9bd6325 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7226 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: tazjin <tazjin@tvl.su> Reviewed-by: grfn <grfn@gws.fyi>
2022-11-05 r/5249 chore(whitby): Update grafana configGriffin Smith1-63/+44
Uncomment and update the grafana config for whitby based on the new config format that nixos accepts. I've validated this locally by visually inspecting the resulting `ini` file, but not actually run it yet. Change-Id: I12d78ae48146e1b01bd2a4152276d4c6b16c1a3d Reviewed-on: https://cl.tvl.fyi/c/depot/+/7191 Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <tazjin@tvl.su>
2022-11-03 r/5232 chore(3p/sources): Bump channels & overlays (OpenSSL edition)sterni1-58/+59
* //ops/machines/whitby: Disable grafana, since the grafana module was changed upstream in a way that our configuration no longer works. Since the OpenSSL security update is relatively pressing, adapting the grafana configuration beforehand is not a hard requirement. See https://github.com/NixOS/nixpkgs/pull/191768. * //tools/depotfmt: keep Go at version 1.18 to forgo a reformat of the tree. * //nix/buildGo: keep Go at version 1.18, as 1.19 changed the CLI interface (?) in a way that breaks buildGo. * //3p/overlays/tvl: drop upstreamed tdlib upgrade. * //3p/overlays/tvl: patch buf to work around breakage due to git 2.38.1 TODO items for Go are tracked in b/215. Change-Id: Ie08fef49cf3db12e6b5225a8b992a990ddc5b642 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7141 Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi> Reviewed-by: tazjin <tazjin@tvl.su>
2022-10-02 r/5017 chore(ops/whitby): use renamed 'kbdInteractiveAuthentication' optionVincent Ambo1-1/+1
Relates to b/200 Change-Id: Ica7a32e3d2392aba22c2de93cc9be49c4a57eeb9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/6838 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-10-02 r/5016 chore(ops/whitby): use new keycloak HTTP port optionVincent Ambo1-1/+1
Relates to b/200 Change-Id: Id8f415d5c4a8947b56031e1671f4f84ac5f2665d Reviewed-on: https://cl.tvl.fyi/c/depot/+/6837 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-09-19 r/4922 chore(gerrit): migrate OWNERS files to code-owners styleLuke Granger-Brown1-4/+3
Change-Id: Iacc521dfdd4b4a2d5cef3920cf8189bcce35a488
2022-09-13 r/4829 feat(ops/modules): deploy tvixbolt to tvixbolt.tvl.suVincent Ambo1-0/+1
Change-Id: I534cf918fc3e03ce8c14cf15f6d3280b6a657c8d Reviewed-on: https://cl.tvl.fyi/c/depot/+/6536 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2022-08-25 r/4490 fix: reflect renames of Nix configuration optionssterni1-11/+11
Change-Id: I7e28ac3d71acd7d99a1d3ef97bef9422097e4abf Reviewed-on: https://cl.tvl.fyi/c/depot/+/6154 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2022-07-20 r/4307 feat(grfn/system): Add ogopogoGriffin Smith1-0/+1
This is my new work desktop https://en.wikipedia.org/wiki/Ogopogo Change-Id: I198d8757ff85eec00a303b990efdd2658cbc3e6a Reviewed-on: https://cl.tvl.fyi/c/depot/+/5963 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2022-07-12 r/4295 refactor(ops/cgit): make user configurableVincent Ambo1-1/+5
on whitby, cgit runs as the gerrit user to get access to serving gerrit's repositories directly. on other machines (e.g. sanduny) this isn't necessary, as we have a world-readable depot replica. Change-Id: Ibf7e7cc08e5909e0fa182e561ab0cb472188edcb Reviewed-on: https://cl.tvl.fyi/c/depot/+/5932 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-07-12 r/4293 feat(ops/sanduny): run cgit instanceVincent Ambo1-0/+7
Change-Id: Id869fa46d74f215a9034e86f795a4cd9e93acb16 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5930 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-07-03 r/4274 feat(ops): configure depot replication to sandunyVincent Ambo1-0/+8
this configures gerrit's built-in replication plugin to push every change in depot to sanduny. this allows us to serve a replica of depot from sanduny. manual config that was needed which needs to be automated: * system-wide known_hosts does not work, needed one in /var/lib/git * .ssh/config MUST be present and configured for sanduny.tvl.su Change-Id: Iba399f2328abb5acb65dae19a36e265eea0952ac Reviewed-on: https://cl.tvl.fyi/c/depot/+/5915 Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: sterni <sternenseemann@systemli.org>
2022-07-03 r/4272 feat(ops/modules): add module for receiving a depot replicaVincent Ambo1-0/+4
This module sets up a user with an SSH key and permissions to receive a (pushed) replica of depot from Gerrit. This still needs appropriate configuration in Gerrit's replication plugin on the other end. This module has been enabled for sanduny. For now it does not (yet) configure git serving. Change-Id: I0fb6f7e696609e71008308e855bdf305dcbcd4f7 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5913 Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: sterni <sternenseemann@systemli.org>
2022-06-27 r/4261 fix(ops/sanduny): Enable our binary cacheVincent Ambo1-0/+3
Change-Id: I53f4c5b667018c0d3b01b307411200b66f6a7de3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5901 Tested-by: BuildkiteCI Reviewed-by: wpcarro <wpcarro@gmail.com> Autosubmit: tazjin <tazjin@tvl.su>
2022-06-27 r/4254 refactor(web/cgit-tvl): Move cgit config back out of moduleVincent Ambo1-1/+1
It occured to me yesterday that with the config inside of the module it is kind of difficult to test cgit locally. This moves it back to a separate location (//web/cgit-tvl) and makes the most important things configurable via overrides. Change-Id: I9b0f4c60b75c31441e1718e63b5b55aba3100aae Reviewed-on: https://cl.tvl.fyi/c/depot/+/5893 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-05-27 r/4154 feat(wpcarro/tarasco): Support tarasco 🇲🇽William Carroll1-0/+1
Named after the Mexican restaurant, El Tarasco, in El Porto, which I live 3m walking distance from. Change-Id: I2cd4b68eaa974ad6c8fec73e0566bc0b831c57a8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5743 Reviewed-by: wpcarro <wpcarro@gmail.com> Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2022-05-26 r/4136 refactor(sanduny): Prepare for restricted-evalVincent Ambo1-1/+1
Change-Id: I83a404dc7dbaf5ca53659d03df4e4de461a9d046 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5688 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: tazjin <tazjin@tvl.su>
2022-05-26 r/4134 refactor(whitby): Prepare for restricted-evalVincent Ambo1-40/+42
Change-Id: I7604ca29310d759b0ffee2ffb0048b6365a2894c Reviewed-on: https://cl.tvl.fyi/c/depot/+/5683 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: tazjin <tazjin@tvl.su>
2022-05-25 r/4118 feat(whitby): Deploy private SSH key for build agentsVincent Ambo1-0/+6
Change-Id: I5b1dfaaf28e835cac5b897e18b015d90ac3b2857 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5665 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi>
2022-05-25 r/4112 feat(3p/agenix): update to 2022-05-16 and add to nivsterni1-4/+4
The new version brings the new secretsDir setting which means we no longer have to hardcode /run/agenix everywhere. Change-Id: I4b579d7233d315a780d7671869d5d06722d769fa Reviewed-on: https://cl.tvl.fyi/c/depot/+/5646 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su> Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: sterni <sternenseemann@systemli.org>
2022-05-10 r/4048 feat(tazjin/nixos): Add system configuration for zamalekVincent Ambo1-0/+1
This is my new Huawei MateBook X. Change-Id: I32a8b77dd8f53b3c89bf63f448cd2880f9a457b7 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5554 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su>
2022-04-21 r/3986 chore(3p/sources): Bump channels and overlaysVincent Ambo1-13/+6
Changes: * updated keycloak configuration for new version * migrate to emacs28 outside of //users, re-add emacs27 but with a warning attached urging people to migrate Change-Id: I3e5765a63934541f72f6c4a8673d3b4671850c93 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5501 Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: wpcarro <wpcarro@gmail.com>
2022-04-15 r/3953 feat(wpcarro/ava): Support new machineWilliam Carroll1-0/+1
ava is my new (NixOS!) work machine :) Change-Id: I1f089f00c02519d5d1d93d011f29075d53500e74 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5450 Reviewed-by: wpcarro <wpcarro@gmail.com> Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: wpcarro <wpcarro@gmail.com> Tested-by: BuildkiteCI
2022-04-11 r/3941 feat(whitby): Increase prometheus retention time to 90dVincent Ambo1-0/+1
Change-Id: I67287d7b1d8ee2c3004d381b5bc684bf4fc7d42c Reviewed-on: https://cl.tvl.fyi/c/depot/+/5429 Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: sterni <sternenseemann@systemli.org>
2022-02-18 r/3849 fix(ops/modules/www): Make self-redirect to config a generic moduleVincent Ambo2-2/+2
As suggested by sterni, this makes the self-redirect of a machine to its configuration a generic module working by convention. In the process of moving this two small fixes have been applied: * redirect is only applied if the URI is `/`, this is required for ACME to work * addSSL = true is added, otherwise we have a certificate but no TLS listener Change-Id: Icaef041ff681253a61e36926417bdb2844e3f93d Reviewed-on: https://cl.tvl.fyi/c/depot/+/5313 Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2022-02-18 r/3848 feat(sanduny): Enable journaldriver moduleVincent Ambo1-0/+1
Change-Id: I9026386664000448642ff635bd71a7af5ed546c3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5303 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-02-18 r/3847 refactor(ops/modules): Move journaldriver configuration into moduleVincent Ambo1-7/+1
This makes the journaldriver configuration machine-independent. The secret is loaded from agenix instead of being persisted on disk. Change-Id: I592ae7f5726fcb7f37a406f69dcf5ac498eeb1b7 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5302 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-02-18 r/3846 feat(sanduny): Configure Bitfolk nameserversVincent Ambo1-0/+8
Change-Id: I81b252aedbf1ce3543a167b6c1942c404d4f1f1e Reviewed-on: https://cl.tvl.fyi/c/depot/+/5312 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-02-18 r/3844 feat(ops/machines): Add a module for known SSH keysVincent Ambo2-0/+2
Change-Id: I443e479f3edf9c6540de7b5a33bc6f7e2a9c5183 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5305 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: tazjin <tazjin@tvl.su>
2022-02-18 r/3843 feat(ops/modules): Redirect machine base names to their configVincent Ambo2-0/+2
With this change, entering just "whitby.tvl.fyi" or "sanduny.tvl.su" in a browser will redirect users to their machine configurations. Change-Id: Ibf076a469bcce073e1b1970aa568d6fe16a5c75a Reviewed-on: https://cl.tvl.fyi/c/depot/+/5304 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: tazjin <tazjin@tvl.su>
2022-02-18 r/3842 refactor(ops/modules): Move ACME base configuration into base.nixVincent Ambo1-5/+0
This needs to be present on all machines that run ACME stuff. I've switched the address for a .su one because I have a catchall for these. Change-Id: I7af8e1f1cb2fcfbcba4b7d1930ed0edef0106d72 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5306 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-02-17 r/3840 feat(ops/machines): Add tvl-users to sanduny.tvl.suVincent Ambo1-7/+7
Change-Id: I20f54f4ab298cfee91062f7bf4cdc8b0b3ccb37c Reviewed-on: https://cl.tvl.fyi/c/depot/+/5299 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: tazjin <tazjin@tvl.su>
2022-02-17 r/3839 feat(ops/machines): add configuration for sanduny.tvl.suVincent Ambo2-0/+101
This will be an additional web host / fallback git server for whitby incidents. Change-Id: Icd6f7ce574ffd520b5783a50ff317feed7b71fc6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5297 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su>
2022-02-17 r/3838 refactor(ops/modules): Move user configuration into moduleVincent Ambo1-80/+1
Rather than defining all system users inline on whitby, move them into a module that can be imported on multiple machines. Configuration for terminfos that we've added follows along. Note that while doing this I've disabled logins for riking and isomer since they are currently inactive in TVL. Change-Id: Id18031d355afc34079c5e6e49dc6943e61809a8f Reviewed-on: https://cl.tvl.fyi/c/depot/+/5298 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: tazjin <tazjin@tvl.su>
2022-02-16 r/3837 refactor(ops/modules): Rename git-serving -> joshVincent Ambo1-2/+2
cgit has its own module now Change-Id: I9b4cc322374517b8bd3db43345831e2bf43c4bb1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5295 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-02-16 r/3836 refactor(ops/modules): Move cgit configuration into a moduleVincent Ambo1-0/+2
The ancient `//web/cgit-taz` path stems from the time I had code.tazj.in serving my initial version of the depot. I've been meaning to clean this up for forever, so here we go. Note that this leaves the git-serving module in a strange state where it only deals with josh. I'll rename it accordingly. Change-Id: I47ed1e9d90958299b5440a18a1b9075274754e33 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5294 Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: sterni <sternenseemann@systemli.org>