about summary refs log tree commit diff
path: root/ops
AgeCommit message (Collapse)AuthorFilesLines
2020-04-04 r/626 chore(ops/nixos/camden): Enable HSTS headers on *.tazj.inVincent Ambo1-0/+2
2020-04-04 r/623 chore(ops/nixos/camden): Use upstream tailscale moduleVincent Ambo1-18/+1
2020-04-04 r/622 chore(ops/nixos/nugget): Use upstream tailscale moduleVincent Ambo1-8/+1
2020-04-04 r/621 chore(third_party): Remove Tailscale derivationVincent Ambo1-77/+0
This is now part of nixpkgs itself.
2020-04-04 r/618 feat(ops/nixos/camden): Enable RTMP support in nginxVincent Ambo1-1/+25
This makes it possible to live-stream various things at rtmp://tazj.in/tvl
2020-04-04 r/617 fix(ops/nixos/nugget): Point camden host at new internal IPVincent Ambo1-4/+1
This changed due to the router replacement.
2020-04-04 r/616 chore(ops/nixos/nugget): Install ffmpeg (including libnpp support)Vincent Ambo1-0/+1
2020-04-04 r/615 feat(ops/nixos/nugget): Add module for v4l2loopback supportVincent Ambo2-0/+13
This kernel module creates a fake video input device to which I can stream various things, such as screen grabs or qyliss' video stream for TVL.
2020-04-04 r/611 feat(ops/nixos/nugget): Install clang & friends system-wideVincent Ambo1-0/+3
2020-03-12 r/602 fix(ops/nixos/nugget): Ensure that 'nuggetEmacs' is used for EXWMVincent Ambo1-7/+8
2020-03-12 r/601 chore(ops/nixos/nugget): Disable DHCP for Remarkable USB connVincent Ambo1-1/+0
This otherwise holds up the boot process if the device is not connected, which is annoying.
2020-03-12 r/600 feat(ops/nixos/nugget): Install google-c-style in EmacsVincent Ambo1-1/+6
2020-03-01 r/589 fix(ops/nixos/camden): Add required options for ACME updatesVincent Ambo1-12/+17
The implementation for provisioning ACME certificates has changed in nixos-unstable[0] and now requires a few extra options to be set. [0]: https://github.com/NixOS/nixpkgs/pull/77578
2020-03-01 r/588 chore(third_party): Remove guile 3.0 overrideVincent Ambo1-1/+1
I don't actually use guile at all, this was just for experimentation.
2020-03-01 r/586 chore(ops/nixos/nugget): Use DHCP for Remarkable USB connectionVincent Ambo1-0/+1
2020-02-21 r/574 fix(ops/besadii): Remove branch tag after checking for itVincent Ambo1-1/+2
... oops. The problem with working on besadii is that testing it always lags one commit behind.
2020-02-21 r/572 fix(ops/besadii): Do not trigger builds for deleted branchesVincent Ambo1-7/+12
2020-02-21 r/571 fix(ops/besadii): Include branch name in build noteVincent Ambo1-1/+1
2020-02-21 r/570 fix(ops/besadii): Clone from git.tazj.in, not git.camden.*Vincent Ambo1-1/+1
2020-02-21 fix(ops/besadii): Only trigger builds for branchesVincent Ambo1-1/+5
2020-02-21 chore(ops/besadii): Pin git version used in besadiiVincent Ambo1-0/+4
2020-02-21 fix(ops/besadii): Replace slashes in branch namesVincent Ambo1-5/+7
Submitting a build with a branch containing a slash (which is common for my branches) returns this error: Invalid tag name, tags must use lowercase alphanumeric characters, underscores, dashes, or dots This commit replaces all slashes with underscores to work around that.
2020-02-21 feat(ops/besadii): Run 'git update-server-info' at startupVincent Ambo1-1/+13
Since besadii is effectively the entire post-receive hook, it also needs to do the entire job of the hook.
2020-02-21 fix(ops/besadii): Send auth token in correct formatVincent Ambo1-1/+1
2020-02-21 refactor(ops/besadii): Log to syslog instead of stdoutVincent Ambo1-10/+19
2020-02-21 feat(ops/besadii): Use post-receive hook input to trigger buildsVincent Ambo1-2/+48
Parses the input passed to besadii from git to extract ref updates and trigger builds.
2020-02-21 feat(ops/besadii): Read sourcehut token from secrets file on diskVincent Ambo1-7/+7
2020-02-21 chore(ops/besadii): Fail if sourcehut token is unsetVincent Ambo1-2/+7
2020-02-21 feat(ops/besadii): Refactored tool to trigger sourcehut buildsVincent Ambo5-239/+127
Refactors //ops/sync-gcsr which was previously responsible for synchronising the git repository between GCSR and the git.tazj.in cgit instance to simply be responsible for triggering builds on sourcehut. This program is intended to run as a git post-update hook. Note: Not yet feature complete, as interpolation of concrete git values and also sourcehut secrets is missing.
2020-02-21 r/567 fix(ops/nixos/camden): Add missing quote in nginx configVincent Ambo1-1/+1
2020-02-21 r/566 feat(ops/nixos/camden): Modify nginx log formatVincent Ambo1-8/+8
This log format contains more structured and correctly typed information, which I can now use for dashboards and stuff in Stackdriver.
2020-02-21 r/565 fix(ops/nixos/camden): Configure nginx to not log hostnamesVincent Ambo1-1/+1
Hostname prefixes break JSON serialisation, leading to useless Stackdriver Logging entries.
2020-02-21 r/564 feat(ops/nixos/camden): Install jqVincent Ambo1-0/+1
2020-02-21 r/563 feat(ops/nixos/camden): Forward logs to Stackdriver LoggingVincent Ambo1-0/+8
Enables the journaldriver service to forward logs into a "home" log-stream in the "tazjins-infrastructure" project. The service account key for camden has been placed on the machine manually.
2020-02-21 r/562 chore(ops/nixos/nugget): Remove input-fonts packageVincent Ambo1-1/+0
My default font is now Jetbrains Mono everywhere.
2020-02-21 r/559 chore: Rename pkgs->depot in all Nix file headersVincent Ambo9-46/+44
2020-02-17 r/557 Merge branch 'fix/camden-trusted-users'Vincent Ambo1-0/+2
2020-02-17 fix(ops/nixos/camden): Add myself to trusted Nix usersVincent Ambo1-0/+2
2020-02-17 r/556 fix(ops/nixos/camden): Use pounce from //third_partyVincent Ambo1-1/+1
2020-02-17 r/553 feat(ops/nixos/camden): Install pounce on camdenVincent Ambo1-1/+8
2020-02-17 r/552 feat(ops/nixos/camden): Enable support for moshVincent Ambo1-0/+2
2020-02-17 r/551 Merge branch 'feat/camden-migration'Vincent Ambo1-1/+1
2020-02-17 chore(ops/nixos/nugget): Add /etc/hosts entries for camden hostnamesVincent Ambo1-1/+1
2020-02-14 r/550 refactor(ops/nixos/camden): Merge ACME certificate blocksVincent Ambo1-11/+7
2020-02-14 r/549 feat(camden): Move to actual tazj.in hostnamesVincent Ambo1-4/+15
2020-02-12 r/548 feat(ops/nixos/nugget): Add camden to /etc/hostsVincent Ambo1-0/+7
At the moment there is no other way for requests from nugget to camden to resolve correctly, as the Hyperoptic router is eating this traffic on the LAN.
2020-02-12 r/547 feat(ops/nixos/camden): Add nginx vhost for cgit at git.camdenVincent Ambo1-0/+21
2020-02-12 r/546 feat(ops/nixos/camden): Move ACME configuration out of nginxVincent Ambo1-4/+13
This makes it possible to re-use the same provisioning mechanism for multiple related domains.
2020-02-12 r/545 feat(ops/nixos/camden): Set up cgit serviceVincent Ambo1-5/+27
Adds a user & group which are configured to own the local depot copy, and a cgit service to serve it. The depot checkout was configured as: mkdir -p /var/git && chown git: /var/git # now, as the git user, in /var/git git clone --bare ... depot chmod -R g+rw /var/git chmod g+s (find /var/git -type d) git init --bare --shared=all depot My personal user is a member of the git group, which means that after the above configuration I can push to the bare repo as my user and things work. Also, crucially, the `post-update` hook must be enabled as cgit uses the dumb HTTP transport.
2020-02-11 r/543 fix(nix/tailscale): Fix incorrect Tailscale ACL config typeVincent Ambo1-8/+10
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-11-02T13·12+0000