Age | Commit message (Collapse) | Author | Files | Lines |
|
Rename my //users directory and all places that refer to glittershark to
grfn, including nix references and documentation.
This may require some extra attention inside of gerrit's database after
it lands to allow me to actually push things.
Change-Id: I4728b7ec2c60024392c1c1fa6e0d4a59b3e266fa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2933
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Add kolide, the endpoint monitoring system / MDM we're using at work, to
the system derivation for my work computer.
I hate MDMs almost universally, and this one is no different, but SOC2
waits for no one.
Change-Id: I99bcb5341182a81512699d50b279efd9e1b2194b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2903
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
hibernate on low battery, and when the power button is pressed
Change-Id: I6560fc770ee5707e59fb2763614de2b8000e156e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2550
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Main motivation for this is to get the openldap update that fixes
10 CVEs: CVE-2020-36221 to including CVE-2020-36230. See also this
issue which lists them all: https://github.com/NixOS/nixpkgs/issues/113490
Someone should also redeploy whitby as soon as this lands in canon and
all build failures have been fixed.
Things done to resolve upstream breakages:
* grpc no longer takes abseil-cpp as an input, it has also been removed
in the override.
* Upgrade glittershark's kernel to 5.11 since the linuxPackages_5_9
attribute has been removed by upstream and the patch used by them is
available for 5.11 as well.
* The fixed output hash for third_patry.apereo-cas changed for some reason.
* Remove the pin of haskellPackages.vector from the haskell overlay. It
broke as the most recent version of vector in nixos-unstable no longer
depends on semigroups. This effectively updates vector from 0.12.1.2
to 0.12.2.0.
* Align two comments in tvix/libstore/worker-protocol.hh because the
updated clang-format now demands that.
Change-Id: I2ecf10a98de935e9222acf1feaea447d4c11ed2d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2538
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Change-Id: Idafb951eb995a92e955e42bee5b563a738ce49c7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2361
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Changes:
* ops/nixos/tvl-slapd: The NixOS module for OpenLDAP has removed the
ability to configure OpenLDAP directly and now forces users to use
some kind of weird Nix->OLC mapping that is mostly undocumented.
This moves the config we need to the new format in a way that may or
may not work and does the other arbitrary dance steps that someone
decided to impose on us. Note that this now throws lots of warnings,
but I can't be bothered to fix them.
* 3p: Random package removals accomodated
* users/glittershark: Pin grfn's kernel to 5.9, because the CK patch
is not yet updated for 5.10
* users/glittershark: Update vendor hash for pg-dump-upsert, I suspect
this changed because of something in the Go build machinery in
nixpkgs. The deleteVendor flag also has no effect anymore and has been
removed.
* users/glittershark: agda build is broken, commenting out development
home-manager environment until it can be fixed
* third_party/haskell_overlay: updating random needs upper boundarles
of a few dependencies relaxed (curse them)
* third_party/gerrit_plugins: for some cursed reason the fixed-output
hash of the gerrit owners plugin fetchgit changed, updated.
Same for the checks plugin.
Change-Id: Ica37995fe8039d3ba80eab643867f98795c56734
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2295
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
|
|
cache.nixos.org is way faster
Change-Id: If6f9a448b5a5ad7dab6d01e19c447e113a8d933a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2256
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Running docker is silly if I can't access it
Change-Id: I476915dacd44fac1ce4c533a84849fa6175d8107
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2215
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
My new work laptop, a dell XPS 13.
Change-Id: Ieab06622c9b280182025edfa63adf649e5fc70d8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2205
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: lukegb <lukegb@tvl.fyi>
|
|
This was locked away in the urbint-specific module, but I use it
elsewhere.
Change-Id: Ifced2196dc22a9dbed74a18d4e1fed9488eb0e26
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2152
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
bye urbint!
Change-Id: I87ded275e6e5298e4e29c38775bae47a8fc07bac
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2149
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Included fixes for random breakage:
* 3p/awscli: pick from the stable channel; it is broken on unstable
* 3p/googletest: bumped version & removed patches that nixpkgs applies
* 3p/lisp/cffi: bumped library version for SBCL compat
* 3p/nix: fix libsystemd attribute
* 3p/nix: reformatted (clang-format handling of ternaries changed)
* glittershark/home: Use home-manager from nixkpgs
* glittershark/kernel: bumped linux-ck patch hash
* glittershark/kernel: removed "patch patch"
* multi/whitby: Use home-manager from nixpkgs
* tazjin/frog: drop Sourcetrail (it doesn't build currently)
Note that in addition to these changes, some previous CLs updated the
versions of git and cgit which was necessary for this channel bump,
but which could not be done in the same commit due to the nature of
the subtree merges.
Change-Id: If2563e8a68e2750c4b913a976ff7b93b42e8b7f3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2110
Tested-by: BuildkiteCI
Reviewed-by: multi <depot@in-addr.xyz>
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Previously changed kernel versions would not cachebust the patch
download, because it would still be using the same SHA hash.
Forcing a different store path (by adding the version to the name)
also forces a redownload of the patch (and in turn cause the hash to
mismatch), avoiding this as a silent cause of failures in channel
updates.
Change-Id: I81a136ee2401126795cf042b0aadf2a1e7a707b4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2114
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Don't enable whitby+nixbuild as remote builders on every machine (eg not
mugwump), only chupacabra
Change-Id: I8aa8f20d76da4ec0d8caa64ef04697b7e76cbc03
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2058
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Install some packages and enable the necessary services + udev stuff to
make yubikeys usable
Change-Id: I8aee8a8b06895880c8195f02fb57b1216a5fdffc
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2049
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
In this case mostly so I can have it on mugwump
Change-Id: Ifa24caf607b30c1d034f4a9e7044ece88fcee38e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2048
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Change-Id: I577b42abe76c7be3434e7ca4f34bcf84a4a6e6bc
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2023
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Init the config for mugwump, a NUC that I bought from ncl and which I'm
going to use as a simple home server and ssh bastion box. Since this is
the first time I've set up a server using my nixos config, this also
moves a bunch of desktop (xserver, audio, etc.) related config out of
modules/common.nix and into a new modules/desktop.nix.
Coming soon: nixos-rebuild switch --target, but in the depot!
Change-Id: I67bd5ba6e3c26f80f77058af186fd41cc245d5d2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2016
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Also move fcitx to system, since it's a nixos thing not a home-manager
thing.
Change-Id: I3e047494a478520e939d48fc72cc91a2d797bf74
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1969
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Change-Id: I3b071cc91af5ee896e88c10d6594333ff4eddf77
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1922
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
This bumps the channel to a commit that includes fixes for an nginx
issue we have been seeing:
https://github.com/NixOS/nixpkgs/pull/95264
Includes the following compatibility fixes:
- tests disabled in third_party.bufbuild: These were enabled
unexpectedly by the update, but don't run in the sandbox because
they want to download things from github
Change-Id: I98a3b5de57f62f1fd3a37701fa1896eddeedff85
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1759
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
|
|
Welcome to the future, baby!
Change-Id: I23124d27df1f7597dbd2b28afd5882e62085665e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1763
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Change-Id: Ida25ae018bcd48adf27b0a5b8d524980c66dc3fa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1747
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
I have an encrypted drive, so this extra layer of security is pointless
Change-Id: Ifa523ee5ea545b5ee17536d34f60d7235e47f25c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1741
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Bumps both nixos-unstable and nixos-20.03 to today's versions, as per
status.nixos.org
Contains minor fixes to things that broke because of the update:
* tazjin/frog: hardware.u2f is a deprecated setting
* glittershark/system: modSha256 in Go modules is now vendorSha256
* glittershark/owothia: removed version constraint on relude
Change-Id: Ib3e9612b1b06ed547b90e4f8b0ffe5ed7fe0a5c4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1642
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Change-Id: Id61bf6bed41773e398cb6173c33f378937785d94
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1354
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
big cores wow
Change-Id: I0fa14834365202f1c9a8ff69243f129c8acfe13d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1168
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Change-Id: Icc2f953450956a01b32872e6575976e49f1be0b4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1167
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Essentially the same as for nixos, so I can get whitby to compile stuff
for me. Eventually I'll generalize this so things aren't as hardcoded to
my particular setup, but for now I'm the only one in the depot who's
using home-manager so this should be fine.
Change-Id: I1cb0344f5a11eea68bddc98976999c0928dfa84e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/937
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
|
|
This is needed as well to use it as a substituter it seems
Change-Id: I6cefbccef2a61d665209131084bc58d7b56645f9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/899
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Right now it looks like the time to copy data between local and whitby
essentially eliminates any benefit to using it as a remote builder.
Which is a shame, but ah well.
Change-Id: I71dc4782992a28b196e262d40acc1bbc0b883529
Reviewed-on: https://cl.tvl.fyi/c/depot/+/898
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
|
|
Change-Id: I138ccbd7da9849025f1f59dfe948cfb7a5684b6d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/896
Reviewed-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
This appears to be working! which is nice.
Change-Id: I06f8d2ff4e9b313073cb76c77a8a9bed0cb52516
Reviewed-on: https://cl.tvl.fyi/c/depot/+/887
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
|
|
gonna use this instead of nixos-rebuild switch, in part to get away from
global nixpkgs pins.
Change-Id: I46e2951660465790adfdf75e6e3413b5c2dfd7c7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/886
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
|
|
If I want to build this on TVL's CI I can't reference ~/code/urb/urbos,
obviously, so I'll just vendor it here which is fine
Change-Id: I40feb4b29fafae1d3bb0119b7cca1613a4582fdc
Reviewed-on: https://cl.tvl.fyi/c/depot/+/885
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: BuildkiteCI
|
|
This isn't working, but someday it might
Change-Id: Iac20c05b033df3484a7c6908473601bb17c9fcfe
Reviewed-on: https://cl.tvl.fyi/c/depot/+/883
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: BuildkiteCI
|
|
'3b174300ae60f63f50427cde3bfd680fd3043c3a'
git-subtree-dir: users/glittershark/system
git-subtree-mainline: 85d82a9dc262bffa87423f595f7e957c42713798
git-subtree-split: 3b174300ae60f63f50427cde3bfd680fd3043c3a
|