about summary refs log tree commit diff
path: root/ops/nixos/whitby (follow)
AgeCommit message (Collapse)AuthorFilesLines
2020-07-06 r/1234 feat(whitby): add apereo-cas/tvl-ssoLuke Granger-Brown1-0/+1
Change-Id: I29f5e762852593f05b9936d5635aadcc7eba283e Reviewed-on: https://cl.tvl.fyi/c/depot/+/935 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2020-07-06 r/1230 feat(ops/nixos/www): create login.tvl.fyi hostLuke Granger-Brown1-0/+6
Change-Id: Ifad80915a61a1a5ac14e598a9d788aec3482693c Reviewed-on: https://cl.tvl.fyi/c/depot/+/936 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2020-07-06 r/1221 feat(ops/nixos): Add generic rebuild-system scriptGriffin Smith1-5/+1
This adds a first crack at one idea for a generic, non-user-specific rebuild-system script to ops.nixos.rebuild-system. The idea here is that we enumerate all the nixos systems stored in the monorepo (similarly to what we do for ci-builds right now) then search through them by hostname to find the one matching the hostname of the current system, which is an attempt at a more generic version of tazjin's rebuilder script which does the same thing but with an explicit case block. As a caveat, it feels like there's a slight possibility that this way of finding systems is going to get slow to evaluate - on my system it feels fine but if it grows out of hand it's probably feasible to just bake this into the built script as a dynamically generated case statement. Change-Id: I2e4c5401913b6f4d936ab48ba2f95f96e0e78eb4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/894 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-05 r/1213 feat(whitby): enable tvl-slapd on whitbyLuke Granger-Brown1-0/+1
Change-Id: I3fac108802671abfb9a508359390b063bce16202 Reviewed-on: https://cl.tvl.fyi/c/depot/+/923 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2020-07-04 r/1210 chore(whitby): add lukegb to trusted-users for remote buildsLuke Granger-Brown1-0/+1
Change-Id: Id1e67bb30bb7f4d329006688f1783b900d16d164 Reviewed-on: https://cl.tvl.fyi/c/depot/+/914 Tested-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi>
2020-07-03 r/1185 feat(whitby): Enable nix.sshServeVincent Ambo1-3/+9
This exposes a binary cache over SSH. Change-Id: Ib934a118cd7315ef76f3dfe795c76a570fbbc47a Reviewed-on: https://cl.tvl.fyi/c/depot/+/895 Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: BuildkiteCI Tested-by: BuildkiteCI
2020-07-02 r/1174 feat(whitby): Allow wheel users to sudo without a passwordGriffin Smith1-0/+7
This *should* translate to the required invocation to make sudo allow nopasswd for users in the wheel group. Change-Id: I3713862b8df9087cfbaa72d7e824bc43469f7c1c Reviewed-on: https://cl.tvl.fyi/c/depot/+/857 Reviewed-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI
2020-07-02 r/1172 feat(whitby): Add grfn as a trusted userGriffin Smith1-0/+4
So I can remote builder Change-Id: I8106244d3d197c010b618e4337a9ccfc13a116f8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/856 Reviewed-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Tested-by: BuildkiteCI
2020-07-02 r/1171 feat(whitby): Run a handful of Buildkite agentsVincent Ambo1-0/+21
This is the point of the machine, afterall. Change-Id: I15c11600c1c18fa8962d57f75f99a72e1553f9c2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/853 Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: BuildkiteCI Tested-by: BuildkiteCI
2020-07-02 r/1170 feat(whitby): Enable Nix signing for the binary cacheVincent Ambo1-0/+3
Change-Id: I9047667cc1a40668c0c7da72c070044b91b53014 Reviewed-on: https://cl.tvl.fyi/c/depot/+/852 Reviewed-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi> Tested-by: BuildkiteCI
2020-07-02 r/1169 fix(whitby): Explicitly set an interface for the v6 default gwVincent Ambo1-1/+5
systemd gets sad otherwise and it is very difficult to console it Change-Id: Ic6405489532c407273e5634474185f2947420b37 Reviewed-on: https://cl.tvl.fyi/c/depot/+/851 Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: BuildkiteCI Tested-by: BuildkiteCI
2020-07-02 r/1168 feat(whitby): Add grfnGriffin Smith1-0/+8
it's not glittershark because grfn is the username I have on my laptop and I want to be able to ssh without an `@`. Change-Id: Ie1fb6f5e12f3ac52a44680704179bd27a00a7768 Reviewed-on: https://cl.tvl.fyi/c/depot/+/850 Reviewed-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Tested-by: BuildkiteCI
2020-07-02 r/1166 feat(whitby): add lukegbLuke Granger-Brown2-0/+7
Change-Id: I26356632b86a64519128bc673178f1cd1b55b99b Reviewed-on: https://cl.tvl.fyi/c/depot/+/848 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: BuildkiteCI
2020-07-02 r/1163 fix(whitby): Set correct IPv6 default gateway for Hetzner envVincent Ambo1-0/+1
Change-Id: Ic3d4c6ebf7c40e27a453e08295bb0f2f999c0d88 Reviewed-on: https://cl.tvl.fyi/c/depot/+/845 Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: BuildkiteCI Tested-by: BuildkiteCI
2020-07-02 r/1160 feat(nixos/whitby): Hello, World!Vincent Ambo1-0/+148
This adds NixOS configuration for the machine whitby.tvl.fyi. No interesting services are configured yet, so this configuration is quite plain. Change-Id: I67b7c75ebd6e298719b52e6b3bd83cc3be3c45d8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/843 Tested-by: BuildkiteCI Reviewed-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi> Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-02 r/1158 chore(nixos/whitby): Bootstrap //ops/nixos/whitby folderVincent Ambo2-0/+10
Change-Id: I7d77c3ea48b181d7b9f754ac4807ed44735a8925 Reviewed-on: https://cl.tvl.fyi/c/depot/+/841 Reviewed-by: BuildkiteCI Reviewed-by: isomer <isomer@tvl.fyi> Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: glittershark <grfn@gws.fyi> Tested-by: BuildkiteCI
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-07-10T18·31+0000