about summary refs log tree commit diff
path: root/users/sterni/machines
AgeCommit message (Collapse)AuthorFilesLines
11 days r/8933 chore(sterni/ingeborg/minecraft): 1.20.4 -> 1.21.1sterni1-6/+8
1.21.1 fixes an exploit in 1.21 without any other changes, so we can safely skip it. Change-Id: I72503c9f3869d7bafdfc78842b61804627a1d452 Reviewed-on: https://cl.tvl.fyi/c/depot/+/12798 Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
13 days r/8931 feat(sterni/code.sterni.lv): hide emails in cgitsterni1-2/+3
Change-Id: If48823b7992aa61fee9b1a6f458434a596bead90 Reviewed-on: https://cl.tvl.fyi/c/depot/+/12795 Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
13 days r/8930 refactor(sterni/code.sterni.lv): downgrade network-online to wantssterni1-1/+1
`requires` is not recommended in this context. I think I tried it out of desperation trying to combat the issue that these units would be started before they were able to resolve names in switch-to-configuration. Unfortunately, network access during switch-to-configuration can't be detected using network-online.target, it seems. Change-Id: Ia98a0a3b505ffa56eb37fb58a5375a1215d6cb1b Reviewed-on: https://cl.tvl.fyi/c/depot/+/12794 Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
13 days r/8929 fix(sterni/code.sterni.lv): gc after mirroring repositoriessterni1-0/+3
Repositories (especially nixpkgs) WILL grow to ridiculous sizes otherwise, killing cgit performance in the process. Change-Id: I3bef3e5dc5a61152e89fd53e31f14e78193a4888 Reviewed-on: https://cl.tvl.fyi/c/depot/+/12793 Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
13 days r/8928 docs(sterni/machines/ingeborg): add example ssh config for unlocksterni1-0/+7
Mostly it's important (which I did this time at least) to remember that with how things work at the moment, the initrd sshd is only reachable via IPv4. Change-Id: Ie9a87b6a38b2e128a8a2141d2221bbe7cfe24cdb Reviewed-on: https://cl.tvl.fyi/c/depot/+/12792 Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
13 days r/8927 chore(sterni/machines/ingeborg): add usbhid kernel modulesterni1-0/+1
nixos-generate-config claims I need this, so let's add it… Change-Id: I3d852ffce5d0e7c65d9a1bbe887d3de15136698a Reviewed-on: https://cl.tvl.fyi/c/depot/+/12791 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org>
2024-08-14 r/8488 chore(3p/sources): Bump channels & overlayssterni1-2/+2
* //users/sterni/machines/ingeborg: adjust to yet another API change in the fcgiwrap module Change-Id: Ic601bb7161887dec5cfbe68205be816cf9b92d17 Reviewed-on: https://cl.tvl.fyi/c/depot/+/12202 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de> Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: sterni <sternenseemann@systemli.org>
2024-08-01 r/8435 chore(3p/sources): Bump channels & overlays (2024-07-28)Aspen Smith2-17/+14
* Treewide: re-run depotfmt * //third_party/nixpkgs:html5validator: build with Python 3.11, dependency openstackdocstheme doesn't support 3.12 * //users/sterni/machines/ingeborg: adapt to poorly handled fcgiwrap module API change: https://github.com/NixOS/nixpkgs/pull/318599 * //tvix/*-go: regenerate protobuf files * //third_party/nixpkgs:treefmt: Remove patch for merged pull request * //users/flokli/ipu6-softisp: rebase, drop upstreamed kernel patches Change-Id: Ie4e0df007c287e8cd6207683a9a25838aa5bd39a Reviewed-on: https://cl.tvl.fyi/c/depot/+/11971 Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: flokli <flokli@flokli.de> Reviewed-by: aspen <root@gws.fyi> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su> Reviewed-by: Ilan Joselevich <personal@ilanjoselevich.com>
2024-04-27 r/8021 feat(sterni/machines/ingeborg): switch to quasselsterni2-0/+19
Change-Id: I2970f47e22e6984db49d455b31903814fa94ec76 Reviewed-on: https://cl.tvl.fyi/c/depot/+/11529 Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2024-02-26 r/7607 fix: explicit dependencies on network-online.targetVincent Ambo1-0/+2
A recent change in nixpkgs introduced evaluation warnings if a systemd service is configured to start after network-online.target, but does not directly depend on it. This is done because the existing dependency from multi-user.target to network-online.target is being removed, leaving these services without an actual dependency on the service. This affected autosubmit (I added a weak dependency here, for now the service is actually on the same host as Gerrit), and sterni's mirror setup (I added a strong dependency here). Change-Id: I88a4aa69f6788c489f59533d34be3c9cea681326 Reviewed-on: https://cl.tvl.fyi/c/depot/+/11026 Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2024-02-15 r/7519 chore(sterni/ingeborg/minecraft): 1.20.2 -> 1.20.4sterni1-6/+6
We skip 1.20.3 which had a somewhat nasty bug that was immediately fixed in 1.20.4 with no other changes. Change-Id: Ib7ef12912b3ed7a7ed2e00fea654d5d7532a92f7 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10863 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org>
2024-02-15 r/7518 chore(sterni/ingeborg/minecraft): 1.20.1 -> 1.20.2sterni1-6/+6
Change-Id: I2ec2e61f6b8a3d706966a9d259d350a010424ef1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10862 Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: sterni <sternenseemann@systemli.org>
2024-02-14 r/7517 chore(sterni/ingeborg/minecraft): 1.19.4 -> 1.20.1sterni1-6/+6
1.20.1 doesn't seem to have any substantial changes except bug fixes, so let's jump to it right away. Change-Id: If41f06352f5e5351e37af1969fa8152693a227e8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10861 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org>
2024-01-23 r/7444 fix(sterni/ingeborg/netdata): silence disk_* alarms for virtual devssterni1-0/+21
The btrfs scrub causes 8 WARNING messages otherwise, followed by 8 CLEAR messages. Change-Id: Ib43d419461c154f74022b3051e256102ab2b03cb Reviewed-on: https://cl.tvl.fyi/c/depot/+/10688 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: sterni <sternenseemann@systemli.org>
2024-01-16 r/7390 feat(sterni/ingeborg): add tv user for accessing media archivesterni2-0/+14
Change-Id: I8070b44b15b585e32d4939515d742a2800a2d762 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10641 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org>
2023-12-31 r/7291 chore(sterni/machines): move http services from edwin to ingeborgsterni10-22/+46
* Make sterni.lv declarative * Disable gopher server * Disable likely-music.sterni.lv for now * Don't give systemd too much leeway with scheduling git syncs Change-Id: Ie8507d96f2df76ad8e393b2181ed7378c37829d0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10480 Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-12-25 r/7263 feat(sterni/machines/ingeborg): regularly back up minecraft worldssterni1-2/+6
This is just intended as a local backup in case things go wrong horribly, so you can revert to a recent state. Change-Id: I1d666bad77045a1c807204df144422ba69d1d99f Reviewed-on: https://cl.tvl.fyi/c/depot/+/10417 Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-11-30 r/7097 chore(sterni/machines): move minecraft from edwin to ingeborgsterni3-1/+1
Change-Id: I6917a9633c998148d6e5d23b17d949ee007898e5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10180 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2023-11-30 r/7096 feat(sterni/machines): prevent deploy if hostname doesn't matchsterni1-1/+5
Change-Id: I5a850e0d98069483e89d90022b624feba60ceebc Reviewed-on: https://cl.tvl.fyi/c/depot/+/10179 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2023-11-30 r/7095 feat(sterni/ingeborg): make secrets availablesterni1-0/+2
Change-Id: I2a39a6e5125e95c4ea10836694b594d068ceda73 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10178 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-11-30 r/7094 feat(sterni/ingeborg): set up monitoring via netdatasterni3-0/+155
Main objective was to get SMART/md monitoring working, alerts go (via some awful glue code) to #sterni.lv on hackint. Bot nick should also be registered in the future. Change-Id: Ia73c5a64ee9f6df62f5fbe21fc1606477e3d6e73 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10174 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-11-30 r/7093 chore(sterni/edwin): disable creative minecraft serversterni1-1/+1
We currently don't need it actively and it is easy to re-enable if needed. Due to spawn chunks simulation it is not really idling either. Change-Id: I2e4e5ff2271fd61ee1affec27a614244d4a87fcf Reviewed-on: https://cl.tvl.fyi/c/depot/+/10173 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2023-11-30 r/7091 fix(sterni/edwin): launch mirror jobs after network-online.targetsterni1-1/+1
This will hopefully prevent failures on system deploys where DNS is briefly not available, so git(1) fails to resolve github.com. Thanks flokli for the tip. Change-Id: I6096e9f3655cbe28ca2a71142de22337814e0be1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10172 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-11-26 r/7070 feat(sterni/ingeborg): enable btrfs auto scrubsterni2-1/+3
While we are at it, rename disk-checkup.nix to btrfs-auto-scrub.nix and move it into //ops/modules. I originally wanted to have additionally disk health related services in that module, but the btrfs scrub functionality is nicely self-contained and reusable, so I think it makes sense to have this in a more central location. Change-Id: Iabdd62838eef009540ca71abafd921afda2a9b47 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10128 Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-11-25 r/7069 feat(sterni/machines/ingeborg): boot-strapsterni3-0/+153
Network configuration and initrd setup is basically the same as with edwin, but we are using md for Software RAID this time as well as LVM over two partitions with LUKS: - sda2 <-- RAID1 --> sdb2 (boot-raid) └ boot partition, ext4 (encrypted-container-raid) - sda3 <-- RAID1 --> sdb3 └ LUKS container └ Volume Group vgmain ├ Logical Volume vgmain/swap │ └ swap └ Logical Volume vgmain/root └ btrfs So we no longer rely on btrfs raid1 due to question marks over its reliability (I personally did not have any problems though). This also means that we have less LUKS containers we need to unlock when booting (kind of neglible improvement). The biggest improvement is that we have redundancy for the swap, so a disk failure shouldn't cause memory corruption/loss. Change-Id: I14f065b659857415917d9a60a7ec019e687f8d1c Reviewed-on: https://cl.tvl.fyi/c/depot/+/10127 Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <tazjin@tvl.su> Reviewed-by: sterni <sternenseemann@systemli.org>
2023-11-25 r/7067 refactor(sterni/edwin): move generic settings into modulesterni1-64/+2
These settings would also be applied to a machine that'd replace edwin, so it's useful to have them outside edwin's default.nix. Change-Id: I4e8f464118a103645e53909a87c6ee4446022fa3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10125 Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-10-08 r/6734 chore(3p/sources): bump channels & overlays (2023-10-04)Vincent Ambo1-1/+0
nixpkgs changed something in how it deals with configuration of the package set itself when that is externally instantiated (like in depot) It seems like we can work around this mostly by just ... deleting some code, as all instances of this were for allowing unfree code, which we've already set on the top-level anyways. * //users/sterni: fix nixpkgs config assertion to point at pkgs.config * //users/wpcarro: disable locate service, which is broken in nixpkgs Change-Id: Iacf6f1c8fd5b5289e7265e155d74f8269a858ceb Reviewed-on: https://cl.tvl.fyi/c/depot/+/9541 Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: wpcarro <wpcarro@gmail.com> Reviewed-by: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-23 r/6347 chore(sterni/machines/edwin): drop obsolete grub version optionsterni1-1/+0
Change-Id: I40452e0a4f7237eb7352fb3f7342a64bf0e37cd2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8841 Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-04-29 r/6120 fix(sterni/machines/edwin): use https for saneterm git upstreamsterni1-1/+1
Upstream server no longer answers to git://. Change-Id: I9c3608222a02f04d1cd77fa15738fa91e0088247 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8533 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org>
2023-04-05 r/6071 chore(sterni/machines/edwin): minecraft 1.19.2 -> 1.19.4sterni1-6/+6
Change-Id: Ib6141a6d905220395d822ac1d8e4f47aa89161a3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8425 Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: sterni <sternenseemann@systemli.org>
2023-03-21 r/6035 chore(sterni/machines/edwin): minecraft 1.18.2 -> 1.19.2sterni1-6/+7
Change-Id: I4d002c933929508baab12d3802ac67d42813507b Reviewed-on: https://cl.tvl.fyi/c/depot/+/8333 Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-03-21 r/6034 chore(sterni/machines/edwin): minecraft 1.18 -> 1.18.2sterni1-6/+6
Starting with 1.18.1 we no longer need to pass an extra flag to work around the log4j CVE, so baseJvmOpts can be empty. Change-Id: I6d6c5a366ecbb499b2e3945db81ca0a8b2e2dcbf Reviewed-on: https://cl.tvl.fyi/c/depot/+/8332 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: sterni <sternenseemann@systemli.org>
2023-03-21 r/6033 chore(sterni/machines/edwin): minecraft 1.17.1 -> 1.18sterni1-6/+8
Change-Id: If9f6ee1c49a6c427530e56ceff60a2508f6fd9c6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8331 Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-03-21 r/6032 chore(sterni/machines/edwin): minecraft 1.17 -> 1.17.1sterni1-6/+6
Change-Id: I5e27eb7cfb87cd20a87aa49af114f43aaadc32d5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8330 Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-03-21 r/6031 feat(sterni/machines/edwin): minecraft 1.16.5 -> 1.17sterni1-6/+6
Change-Id: I3393c16db76fba839ea72612f54e6a2a72d0b69d Reviewed-on: https://cl.tvl.fyi/c/depot/+/8329 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: sterni <sternenseemann@systemli.org>
2023-03-01 r/5864 feat(sterni/edwin/code.sterni.lv): mirror vuizvuisterni1-0/+4
Change-Id: I8b163614b588d1cfb8d758cafb8fb407397a1ef7 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8188 Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2023-01-15 r/5659 fix(sterni/machines/edwin): fix cgit default branch declarationssterni1-3/+4
Change-Id: Icfd167e608955ec33367ca51dd8ae1d8d2740b4d Reviewed-on: https://cl.tvl.fyi/c/depot/+/7837 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org>
2022-12-29 r/5535 feat(sterni/edwin/code.sterni.lv): disable commit graph for nixpkgssterni1-4/+6
The commit graph can be quite slow for repositories like nixpkgs, so it is disabled there. For this we refactor the module a bit, allowing us to set arbitrary cgit settings for repositories. This feature can also handle all instances of defaultBranch now. Change-Id: I22e44b7398d2692e8cc16555fb5203ad6a7a69a9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7672 Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2022-12-02 r/5372 fix(sterni/machines/edwin): set default branch for depotsterni1-1/+2
This fixes cgit's ability to infer the idle time on the repo overview properly. While we're at it, use the proper remote URL, so the redirection warning doesn't clutter the logs. Change-Id: Ie3a75886bdf9c704c18950290b1f7115d0ca0c02 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7496 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: sterni <sternenseemann@systemli.org>
2022-12-01 r/5361 feat(sterni/machines/edwin): mirror some repos I'm involved insterni1-2/+21
Change-Id: I83bd86540bb1de7c02b204165c094d8514ffcae9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7487 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-12-01 r/5360 feat(sterni/machines/edwin): automatically sync repos with githubsterni2-8/+101
I primarily use GitHub for most of these preexisting repositories, but they should be properly replicated on edwin in case I want to stop. Pushing the respective refs manually is cumbersome and error prone, so let's automate it. The repositories are basically chowned to git:git currently and `git fetch <remote> 'refs/*:refs/*' --prune` is execute regularly to update the repository. In the future I could contemplate doing it the other way round – using edwin as upstream and using `git push --mirror` to update the GitHub repositories. Change-Id: Icb8a11223c0b4d3c8ce9a2da7fb2b4d4df4887f8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7486 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2022-11-27 r/5344 feat(sterni/machines/edwin): categorize by project state in cgitsterni1-35/+57
This should make it a bit clearer where not a lot is to be expected – either yet or anymore. Change-Id: I8139213814f2645f376ef2175aa2bc3721ee1e51 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7442 Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2022-11-26 r/5338 feat(sterni/machines/edwin): activate headcounter binary cachesterni1-1/+11
Occasionally I debug i686-linux builds on this machine, the headcounter.org binary cache (despite being slow due to Hydra serving it) speeds this up with significant cache available. Change-Id: Ic8bc6139cf31f412676ef2925ceb726740987ff0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7295 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2022-11-26 r/5337 feat(sterni/machines/edwin): enable btrfs autoscrubsterni1-0/+1
Small module that regularly runs btrfs scrub on all btrfs filesystems. Eventually the module should also do SMART value monitoring, as edwin is a server from Hetzner's server auction, so a disk failure may not be too far away. Change-Id: I11e423a5d91c99ad455c2bb29b632efb79ef908e Reviewed-on: https://cl.tvl.fyi/c/depot/+/7294 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2022-11-26 r/5336 feat(sterni/machines): add edwinsterni13-0/+656
This adds edwin, the machine running sterni.lv, as well as my idiosyncratic deployment solution. It is based on instantiating the system configuration locally (where you'd work on the configuration), copying the derivation files to the remote machine where the system derivation is realised and deployed. Unfortunately, the first step tends to be quite slow (despite gzip compression), so this may not be the definite way despite its advantages. Change-Id: I30f597692338df3981e01a1b7eee9cdad48f94cb Reviewed-on: https://cl.tvl.fyi/c/depot/+/7293 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI