Age | Commit message (Collapse) | Author | Files | Lines |
|
This runs a headscale server on sanduny which lets users join their
machines to the TVL tailscale network.
This would theoretically let people communicate with each other on the
internal network, but also more notably joined servers can advertise
exit node capability so that we can have our own "VPN network", for
starters with endpoints in Germany, UK and Russia (whitby, sanduny and
koptevo respectively).
This setup isn't fully stable yet, notably:
* The IP range used by tailscale is just the default one right now,
I'm not sure if that should be changed or what.
* The system is stateful (on sanduny), but the state is not (yet)
backed up anywhere. Use with caution.
* Machine joining is a manual process requiring SSH & root access to
sanduny.
The process is to log in to sanduny, then get a headscale shell with
`sudo -u headscale bash`, and to use the `headscale` CLI within
there to administrate access.
I've opted to create a user account `tvl` for TVL-owned machines,
and a personal account for myself and my machines.
Change-Id: I4f1be1fe8062a6c2e77203ff72fe8709f4e4dec8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8837
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
This machine is now being decomissioned.
Change-Id: Ib7f016c7de84dab2cdf3c071445cf830d2eccf5f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8838
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
The main instance is still running on polyanka, but things are moving
in this direction.
Change-Id: Idfa9e508023c05148003ac4621ae01dceb284c66
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8827
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: Ie7c55ee286d2a1ebcc623374fb02775ed8dfbb58
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8789
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
|
|
With this commit, Quassel becomes operative on koptevo.
Change-Id: Ic877c5bb1525cf5288b0091cb0cd1328b5276264
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8788
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I38420686467dad7429dae981ab2f7b446d540b75
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8787
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I614bba9e28ca789d2e641391ccf3bdbc6ff95dd5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8785
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
This is the "new polyanka" (eventually), as I'm decommissioning that
host slowly.
Change-Id: Ia0fe664f3bf64513d8177434c6c0fface857cd99
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8783
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
* //ops/modules/depot-inbox: Adapt to upstream option type declaration.
See nixpkgs commit b6ed3b8f402893df91a8e21ce993520301c2f076.
* //ops/machines/sanduny, //users/tazjin/polyanka:
Remove boot.loader.grub.version options (no longer has any effect).
* //users/sterni/emacs: reflect rename emacsPgtk -> emacs-pgtk
* //3p/overlays: update tdlib to match emacs-overlay
* //3p/overlays: give EXWM from depot a separate name
* //users/grfn/system/home: disable Slack support in ntfy
Change-Id: I03bde088bc70e05b23925f244899807210cb7b20
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8547
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I04cb7c448228771536f9f87155183bdaa8faf4e8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8768
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I45824b65689a659ba25629f3565b9d5cb77b61c3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8626
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: I78f2116a63675fff5a36826b3e5390798ab9db9f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8526
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: flokli
|
|
Tailscale just works better out of the box than Zerotier, and its
clients aren't unfree.
Change-Id: Ie35ef1adde0edbe923992b02e6b636269a96a81e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8482
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
* Satisfy new assert that the corresponding shell needs to be enabled
via programs.* if it is as the login shell of at least one user.
* //users/tazjin: “Address” removal of hardware.video.hidpi option.
* //3p/gerrit: update fetch sha256
Change-Id: Id0988a0ea7f393d6b7848a7104fc3526ee1177f4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8407
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Scrot doesn't work very well anyways, it keeps producing crazy
artifacts. Maim seems more sane.
Change-Id: I0823b1755b7810c8b35a9c53f232d2e7f1722943
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8414
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: Idec699f2c52385dbb4cceb9aece1e1f246d2f619
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8233
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: Ie5caa5648d34a4163e752f121edd8e828c922a77
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8232
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
|
|
One normal chromium is enough. google-chrome is not needed because
Chromecasts usually don't work anymore anyways.
Change-Id: I48bed05c56bd6f450be393cf727930eaad5cd6b9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8231
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
|
|
need that ubuntu for ~reasons~
Change-Id: Ia3ba60d84c39b7930b7e7a2a1ee83a01e49ef6a0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7921
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
|
|
This seems to have been turned on in ~November/December 2022, and is
wreaking havoc on my system usability as it keeps killing my X session
as soon as any kind of load happens on the system.
This can be as little as accidentally playing two YouTube videos (as
each YouTube tab can take 3-5GiB of RAM), or trying to process a
dataset locally.
I'm not sure if this is the culprit, but it sure seems like it.
Change-Id: Id742b4506262cc362c9fd3f2575aea23e5c092a7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7858
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
This is currently hosted by the company, and I'm assigning my
copyright to the company, which also runs an ad placement on the page.
Note that the NixOS module for hosting it has not been moved yet.
Change-Id: Iba9e1cab9370faa79e43c3344fbfbbbabead50b3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7857
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: I664dc09cf92b98ab7cccb785b1e5f00c00b3305e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7743
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: I0521ded37ea047124c117b07d01016a6f0a1d4ac
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7657
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Quassel sometimes thinks it's a reasonable thing to do to start
firefox instead of my default browser. Why? I've got no clue.
But since I don't use Firefox anyways unless there's a special
situation going on, lets just delete it.
Change-Id: Ib7ad4cc53c44ac47f3a0c3922600c3915f90219c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7646
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
* //users/grfn/modules/games: StoneSense requires DFHack to be enabled
* //users/grfn/system/iso: gtk needs cairo with xlibs
* //users: deal with emacs-overlay attribute renames
* //3p/overlays: downgrade sbcl to workaround lisp-binary compilation
failure
Change-Id: I1573280a923e5021ef399734cb5519b37e72c670
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7563
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Change-Id: Ic65e5af3be96d7e49068a7b17f3087a495e51e02
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7591
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: I966e48a846a101f01a78ed9245f4bb45bc905695
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7455
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
|
|
I don't currently need these for any client work but they're constant
battery drains.
Change-Id: Id45d4dacfd59cb3d18d79311fa29450d14a33e6e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7454
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
it annoys me and I've been turning it off manually, which is also annoying
Change-Id: Ia3b79d11068757c0bb9ee5543a376effb98506df
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7441
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
It's impossible to log into many public wifi networks otherwise when
the login depends on DNS hijacking.
Change-Id: I09f8b504810eebeb788997d2100a6db4777a8725
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7307
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
|
|
Change-Id: I9ae66d54cc557e0f4dec7bd3b38022274b16263f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7169
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
The DNS server on the network of this boat refuses to deliver *any*
results to my laptop, only to my phone, so I had to do some trickery
to figure out the address of the WiFi login portal.
Change-Id: I7934c570be79d6191feb999e6860428623cfd88f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7168
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Relates to b/200
Change-Id: Ifdc4e694ddf22b899109a843dfce176164af80a5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6839
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
|
|
Change-Id: I7e28ac3d71acd7d99a1d3ef97bef9422097e4abf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6154
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I190865e1bf560129d6345009b0ec0cc0d3d9cc9a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5987
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I7753ccb53ce7a692b79f46e62ce395dfd1770edf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5950
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
otherwise the files end up clashing with each other, causing annoying
errors on activation
Change-Id: Iaa4df8c50aa183f4a12749c66ee1b7a746d785da
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5949
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
this has weird side effects on the AMD thinkpad (of course), but since
that is stationary in my office anyways the power-saving stuff doesn't
matter so much there.
Change-Id: Ie43e3a86b2da885c25eb5c3eb36683adb14edd1a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5948
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: Ibbff85955482a4e0e4e56f6cc677c85bab6e9ba4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5946
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
otherwise passing through USB devices is not possible
Change-Id: I3ab52aaae2567f39e483717b74023316fc3d033a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5941
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
sometimes I need a GUI mail client for stuff
Change-Id: I956e804b7167571e535556ad02a50637621b01bf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5923
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
|
|
Change-Id: I7c9e9617f646beaa4b5f0cdddd6e7946b18a7395
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5909
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: Ic6bc463304643a7f983a5f7c182f95a7706ca35b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5868
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
It only sometimes works and that's not enough times.
Change-Id: I11c1bc6e5c2eec4706bd935352188ffa83057c8f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5869
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Maybe this will lead to me being able to log in to this machine again
eventually.
Change-Id: I348d6ea3b8d4cc6b8083766669ba1371b3d1216b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5866
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
I still have the issue where after reboots I can't log in to my
machines without going through a horrible dance with booting a NixOS
installer and so on.
I suspect this has somethign to do with this initial hashed password
set here, but I was unable to verify what password I've actually set
up there, so I'm resetting it to a known string to verify my theory.
Change-Id: Ic9d495255ca48110920cf2df371946ac146dcd72
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5865
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: I3a00d23a604aa56f7a566a1caac0314cad90deff
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5863
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: I28977356c5a051addb1bb98e3c2aa2c81494fd74
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5861
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
* //users/tazjin: the services.localtime module was renamed
https://github.com/NixOS/nixpkgs/pull/175831#issuecomment-1146590790
* //3p/nixpkgs: glimpse is broken, pick it from stable channel
Change-Id: I4ea3f243e4575d3d7992ee6377fa9890c46db1ed
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5848
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
|
|
I keep having this in the user env instead, not good.
Change-Id: I683efc9782281053cb4aee1875c3a664c8dcdae8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5794
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|