| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Change-Id: I672ad0898b2ef6a11f8bc9233da0ded4a296fe0e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5686
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
The new version brings the new secretsDir setting which means we no
longer have to hardcode /run/agenix everywhere.
Change-Id: I4b579d7233d315a780d7671869d5d06722d769fa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5646
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: sterni <sternenseemann@systemli.org>
|
|
This tends to step on my toes way more often than I actually want it to
work
Change-Id: Ifd5e38ca307d7882392b2399194aca1231b68db6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5440
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Apparently grafana needs this now
Change-Id: I197837d831bd7bfde17cbb5dd253e9758578ff6d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5434
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Change-Id: Ie1d30363887f7ed999116f11ea30bb53ea5ef24c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5433
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Change-Id: I5dd328a955446a4417b7ceb015c924ca2ebae654
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5145
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
This CL can be used to compare the style of nixpkgs-fmt against other
formatters (nixpkgs, alejandra).
Change-Id: I87c6abff6bcb546b02ead15ad0405f81e01b6d9e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4397
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: wpcarro <wpcarro@gmail.com>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: cynthia <cynthia@tvl.fyi>
Reviewed-by: edef <edef@edef.eu>
Reviewed-by: eta <tvl@eta.st>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Use agenix for the buildkite ssh key and agent token on mugwump, instead
of storing stuff in /etc/secrets
Change-Id: I56951587b949fc0854e56f5c4e33b601e9cd964e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5027
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
There's a passwordFile option now!
Change-Id: I7aa21891c3502ceddcb0bb08a83a5a3a8a6bcdc9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5025
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Can no longer be null and has been renamed to security.acme.defaults.email:
https://github.com/nixos/nixpkgs/commit/377c6bcefce8e8ccd471892a1b24621d5a909457
Change-Id: Icac9506185da176365369ed3c7db3c71ffc90b1b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4784
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: sterni <sternenseemann@systemli.org>
|
|
Change-Id: I0299242982c183fa9fc1f26b1bacb14f8fc14b28
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4684
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: zseri <zseri.devel@ytrizja.de>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Start setting up agenix with secrets in //users/grfn/secrets for
mugwump, starting with my cloudflare API key which I use for the ddns
from my home apartment
Change-Id: Ida66cb91da3415357a512039d6c23402f0ae9388
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4683
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Change-Id: I46132dd4439339365f2950de763815e548893b1f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4663
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Add a nixos module for running the xanthous server in a docker
container, and install it on mugwump including a prometheus scrape
config.
Change-Id: Ifeb315845b7eef2ee33af98fa3f71acdd3d9fe6b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3812
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Included fixes:
* grfn/mugwump: removed superfluous Buildkite agent user
* tazjin/camden: Disabled bitlbee (user config is broken)
* grfn/home/vim: vimUtils expects a `pname`
* 3p/nixpkgs: Pick awscli2 from stable channel
Change-Id: I64ed726b3350f75c7a8a0e6552bcf1d8d9ba7d46
|
|
Break out the configuration for the prometheus fail2ban exporter, which
is a simple python script that exports stats from fail2ban as a
prometheus-scrapable textfile, from Mugwump into a reusable nixos module
in //ops/nixos/modules.
Change-Id: I5451c9c5de6c7bc4431150ae596a9c758bf1b693
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3136
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
* users/grfn/system/home/yeren: remove obsolete awscli2 overrides
* ops: make new isSystemUser || isNormalUser assertion happy
* users/grfn/system/system/mugwump: make buildkite agents system users
* users/tazjin/nixos/camden: set isSystemUser = true for git
* users/tazjin/emacs: Remove missing & broken packages
* third_party/openldap: remove, as the argon2 module is now enabled upstream
* third_party/gerrit_plugins: Pinned new unstable hashes
* third_party/nix, third_party/grpc: Disabled CI as these are broken
* third_party/overlays/emacs: Bumped version to stay in sync with channel
* third_party/buzz: Update LIBCLANG_PATH to reference libclang.lib,
since libclang's default output no longer contains libclang.so
* users/grfn/system/home: Install julia-stable instead of julia (which
aliases to julia-lts), as the latter depends on an insecure version of
libgit
Change-Id: Iff33b0ecb0ef07a82d1de35e23c40d2f4bf0f8ed
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3001
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Rename my //users directory and all places that refer to glittershark to
grfn, including nix references and documentation.
This may require some extra attention inside of gerrit's database after
it lands to allow me to actually push things.
Change-Id: I4728b7ec2c60024392c1c1fa6e0d4a59b3e266fa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2933
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: glittershark <grfn@gws.fyi>
|
