fsagbuya/it-infra
1
0
Fork 0
forked from M-Labs/it-infra
Code Pull Requests Activity
528 Commits 11 Branches 0 Tags 1.3 MiB
11181f0397
Commit Graph

264 Commits

Author SHA1 Message Date
Sebastien Bourdeauducq
6333165321 nixbld: setup email server for m-labs.hk 2022-06-27 18:17:30 +08:00
Sebastien Bourdeauducq
8bc44199fc nixbld: make bind CLI tools available 2022-06-27 18:16:38 +08:00
Sebastien Bourdeauducq
66a7a29b0a nixbld: do not create backups during ZFS scrubs 2022-06-27 18:15:57 +08:00
Sebastien Bourdeauducq
cef6b7263a nixbld: backup mail 2022-06-27 18:15:47 +08:00
Sebastien Bourdeauducq
08ab958a76 nixbld: use semi-automatic DNSSEC 2022-06-27 13:08:16 +08:00
Sebastien Bourdeauducq
3909d7428d nixbld: DNS server (WIP) 2022-06-26 16:57:17 +08:00
Sebastien Bourdeauducq
70ad63ca56 nixbld: block internet access on insecure device 2022-06-23 15:33:37 +08:00
Sebastien Bourdeauducq
6cb5c84a9b nixbld: enable mail server again 2022-06-18 13:58:51 +08:00
Sebastien Bourdeauducq
7f599bdbc9 nixbld: remove gitea patch (merged upstream) 2022-06-07 10:17:15 +08:00
Sebastien Bourdeauducq
ae5e85d611 nixbld: re-add networked derivations patch 2022-06-04 13:52:21 +08:00
Sebastien Bourdeauducq
5f1ff14380 afws_module: fix nix command 2022-05-26 13:05:34 +08:00
Sebastien Bourdeauducq
5354daf585 nixbld: NixOS 22.05 2022-05-26 12:12:14 +08:00
Sebastien Bourdeauducq
cb75072f15 nixbld: add kk105 2022-05-26 10:57:19 +08:00
Sebastien Bourdeauducq
da3a82a52d nixbld: add spaqin 2022-05-06 16:55:00 +08:00
Sebastien Bourdeauducq
aba22c34ca nixbld: add nkrackow 2022-05-05 19:23:40 +08:00
Sebastien Bourdeauducq
a58a613418 nixbld: add .science tld 2022-04-14 12:17:22 +08:00
Sebastien Bourdeauducq
61c008ff43 nixbld: publish msys2 repos on web 2022-04-05 11:14:17 +08:00
Sebastien Bourdeauducq
7a14264be4 hydra: fix msys2 icon 2022-04-04 15:39:28 +08:00
Sebastien Bourdeauducq
a8d28d2cbc hydra: add msys2 type 2022-04-04 15:05:39 +08:00
Sebastien Bourdeauducq
e1e723ece5 nixbld: backup afws 2022-03-20 10:49:59 +08:00
Sebastien Bourdeauducq
28ca789aae nixbld: use flake output for beta conda channel 2022-02-12 18:50:08 +08:00
Sebastien Bourdeauducq
0c04f014d7 nixbld: use sipyco flake output for manual 2022-02-12 11:23:19 +08:00
Sebastien Bourdeauducq
d4c36b8cfd nixbld: use ARTIQ flake output for manual 2022-02-12 10:19:15 +08:00
Sebastien Bourdeauducq
0b8aa97192 nixbld: run AFWS server 2022-02-07 14:31:37 +08:00
Sebastien Bourdeauducq
322d267caf hydra: update evalSettings.allowedUris 2022-02-07 14:31:21 +08:00
Sebastien Bourdeauducq
a270418cfc nixbld: exclude new gitea archive location from backups 2022-02-02 10:53:11 +08:00
Sebastien Bourdeauducq
995f8897a4 nixbld: work around hidden hydra sudo dependency 2022-01-17 18:48:23 +08:00
Sebastien Bourdeauducq
8e20a3df6e nixbld: update gitea templates 2022-01-04 15:17:17 +08:00
Sebastien Bourdeauducq
910506d3e4 nixbld: enable fail2ban 2022-01-03 14:34:57 +08:00
Sebastien Bourdeauducq
ec7e9209f5 nixbld: improve root account security 2022-01-03 13:46:57 +08:00
Sebastien Bourdeauducq
b70908f864 nixbld: restrict maxJobs again to avoid Vivado OOM 2021-12-03 11:03:36 +08:00
Sebastien Bourdeauducq
a0cb49b59d nixbld: nixos 21.11 2021-12-01 18:11:06 +08:00
Sebastien Bourdeauducq
628e5fb9d7 nixbld: cleanup buildMachines 2021-11-25 10:42:01 +08:00
Sebastien Bourdeauducq
e8527e496b nixbld: include rt in backups 2021-11-25 00:15:09 +08:00
Sebastien Bourdeauducq
c5c22da2ba nixbld: update nixops 2021-11-24 23:57:18 +08:00
Sebastien Bourdeauducq
8114dcfb6d nixbld: remove memtest86 2021-11-24 23:57:06 +08:00
Sebastien Bourdeauducq
29830b0ae9 nixbld: more frequent backups 2021-11-24 23:56:48 +08:00
Sebastien Bourdeauducq
3e2061c47b nixbld: fix rt group 2021-11-23 13:52:00 +08:00
Sebastien Bourdeauducq
f5ff63b74b nixbld: remove hkadmin 2021-11-22 12:19:00 +08:00
Sebastien Bourdeauducq
ae6915ab44 nixbld: fix RT startup 2021-11-22 12:18:06 +08:00
Sebastien Bourdeauducq
813b4831c6 nixbld: cleanup 2021-11-22 12:17:58 +08:00
Sebastien Bourdeauducq
c75cf3456b nixbld: improve backup 
include Mattermost attachments
stop using expensive and insecure dropbox
 2021-11-16 14:21:59 +08:00
Sebastien Bourdeauducq
7342601788 nixbld: add occheung user 2021-11-11 12:12:46 +08:00
Harry Ho
bcc5502ec6 rt: prevent text attachments from appearing inline on web interface 2021-10-27 12:20:08 +08:00
Sebastien Bourdeauducq
00d29eba4d nixbld: install borgbackup 2021-09-18 16:35:25 +08:00
Sebastien Bourdeauducq
82e161dba3 hydra: hack-patch allowed URIs to work around Nix issue #5039 2021-09-01 19:59:23 +08:00
Sebastien Bourdeauducq
4ce9c2a718 nixbld: enable flakes 2021-08-18 14:53:01 +08:00
Sebastien Bourdeauducq
c96b3793c4 rt: persistent sessions 2021-08-12 13:39:53 +08:00
Sebastien Bourdeauducq
63250304d2 rt: fix default queue (2) 2021-08-11 16:01:32 +08:00
Sebastien Bourdeauducq
89dd90075e rt: fix default queue 2021-08-11 15:35:23 +08:00
Sebastien Bourdeauducq
223ab96b5a nixbld: fix RT SSL 2021-08-11 12:02:33 +08:00
Sebastien Bourdeauducq
0e548d1eff nixbld: handle incoming RT emails 2021-08-11 11:57:05 +08:00
Sebastien Bourdeauducq
e3578011a5 rt: email setup WIP 2021-08-11 10:54:24 +08:00
Sebastien Bourdeauducq
d9536ff5db rt: fix API security problem 2021-08-11 10:54:12 +08:00
Sebastien Bourdeauducq
a385c2db4b rt: stop using tmpfiles for db password file permissions 2021-08-11 10:53:48 +08:00
Sebastien Bourdeauducq
a97302a80a nixbld: RT working, no mail 2021-08-10 21:28:14 +08:00
Sebastien Bourdeauducq
ef3544f8f3 nixbld: publish conda channel archives 2021-08-10 19:08:25 +08:00
Sebastien Bourdeauducq
977cccc997 nixbld: fix hooks page breaking github backups 
https://github.com/josegonzalez/python-github-backup/issues/176
 2021-08-09 13:46:46 +08:00
Sebastien Bourdeauducq
01212b4e51 nixbld: install iw and nvme-cli 2021-08-09 13:32:37 +08:00
Sebastien Bourdeauducq
adccf47d3c nixbld: wifi problems 2021-08-09 13:32:18 +08:00
Sebastien Bourdeauducq
7d073e371c nixbld: add github backups 2021-08-07 17:47:16 +08:00
Sebastien Bourdeauducq
4c394a0976 nixbld: wifi problems 2021-08-07 17:45:53 +08:00
Sebastien Bourdeauducq
a0f445b0dd nixbld: remove old flarum files 2021-08-07 13:47:26 +08:00
Sebastien Bourdeauducq
9474dfa3a2 nixbld: fix stateVersion 2021-08-07 13:19:47 +08:00
Sebastien Bourdeauducq
58252a93a4 nixbld: new server 2021-08-07 12:24:31 +08:00
Sebastien Bourdeauducq
b7a49505bc nixbld: end mailserver experiment 
This was going well, until some assholes at Gmail decided to block our IP address and as usual PCCW are useless when it
comes to changing to a whitelisted IP.

https://support.google.com/mail/answer/10336?p=NotAuthorizedError

Fuck Google.
Fuck PCCW.
 2021-08-02 13:32:29 +08:00
Sebastien Bourdeauducq
b7cef86473 nixbld: nixos 21.05 2021-06-07 09:56:05 +08:00
Sebastien Bourdeauducq
3b4f5d27c8 nixbld: reduce zfs scrub frequency 2021-05-28 16:07:09 +08:00
Sebastien Bourdeauducq
4fc5d2e56a nixbld: fix gitea logo 2021-05-13 15:51:50 +08:00
Sebastien Bourdeauducq
2f8d46d872 nixbld: update for newer hydra (2021-05-03) 2021-05-13 15:46:52 +08:00
Sebastien Bourdeauducq
7b6ed95090 nixbld: disable Nix flarum module 
hacky and buggy

https://github.com/NixOS/nixpkgs/pull/96869
 2021-05-06 10:09:26 +08:00
Sebastien Bourdeauducq
9185cdcec1 nixbld: update flarum deps 2021-05-06 06:41:32 +08:00
Sebastien Bourdeauducq
a680baed40 nixbld: fix hydra-send-stats 2021-04-24 18:19:33 +08:00
Sebastien Bourdeauducq
be8881892f nixbld: upgrade flarum and remove unused extensions 2021-04-24 18:13:44 +08:00
Sebastien Bourdeauducq
536a134b32 nixbld: Hydra sysbuild patch merged upstream 
https://github.com/NixOS/hydra/issues/784
 2021-04-24 17:08:04 +08:00
Sebastien Bourdeauducq
43005f0f65 nixbld: update Nix patches 2021-04-24 17:07:14 +08:00
Sebastien Bourdeauducq
86c840d7f0 nixbld: minor flarum updates, install FoF/subscribed 2021-04-05 14:20:26 +08:00
Sebastien Bourdeauducq
7d04f99e33 nixbld: implement fbda8b064 correctly 2021-04-05 00:08:44 +08:00
Sebastien Bourdeauducq
fbda8b0643 nixbld: disable IPv6 DAD 
dnsmasq silently stops sending RAs on interfaces where DAD has kicked in, which creates very annoying obscure network
problems for everyone (e.g. IPv6 default route deleted 30min after boot) when an address conflict has occured,
even after the address conflict is no longer present.
nixbld should have authority on LAN IP addresses anyway.
 2021-03-14 17:04:39 +08:00
Sebastien Bourdeauducq
dbc288c813 fix IP for rpi-5, rename to rpi-ext 2021-03-05 18:57:20 +08:00
Sebastien Bourdeauducq
f42fc3b986 nixops: create ext wifi network 2021-03-04 15:54:55 +08:00
Sebastien Bourdeauducq
a2a7b7458f nixbld: route ext wifi network 2021-03-04 15:54:41 +08:00
Sebastien Bourdeauducq
ed9746f3f4 nixbld: set up artiq-legacy 2021-02-17 16:09:20 +08:00
Sebastien Bourdeauducq
ed42476712 nixbld: work around Gitea token syntax problem (#14) 2021-01-27 11:59:10 +08:00
Sebastien Bourdeauducq
6d7235dfc4 nixbld: freeze nixos-mailserver commit 2021-01-26 18:26:17 +08:00
Sebastien Bourdeauducq
e5b8b37bed nixbld: update secret_permissions 2021-01-26 18:19:06 +08:00
Astro
e94fc3ea85 hydra: add patch for, configure giteastatus plugin 
Fixes M-Labs/nix-scripts#32
 2021-01-25 21:17:54 +01:00
Sebastien Bourdeauducq
169876e211 nixbld: add account creation note to gitea signin page 2021-01-23 17:20:05 +08:00
Sebastien Bourdeauducq
6bc5b75ccb nixbld: fix gitea errors 500 
https://github.com/go-gitea/gitea/issues/14274
 2021-01-11 16:19:30 +08:00
Sebastien Bourdeauducq
1fa9caf1b8 nixbld: work around nixos bug with acme and local dns resolver 
https://github.com/NixOS/nixpkgs/issues/106862
 2020-12-21 13:04:24 +08:00
Sebastien Bourdeauducq
5ea921f80f nixbld: disable openhardware.hk 2020-11-06 15:05:33 +08:00
Sebastien Bourdeauducq
5322347cb2 nixbld: fix acme permissions 2020-11-06 14:58:35 +08:00
Sebastien Bourdeauducq
cffeaeba23 nixbld: nixos 20.09 WIP 2020-11-06 14:33:07 +08:00
Astro
b10ee89454 nixbld: update Nix unstable patch for networked derivations 
Fixes Gitea issue #7
 2020-11-05 17:22:26 +01:00
Sebastien Bourdeauducq
8f62706b08 nixbld: update users 2020-10-27 14:57:07 +08:00
Sebastien Bourdeauducq
9cd9eb43f4 nixbld: add static IPs for cora and rust-pitaya 2020-10-14 12:53:51 +08:00
Astro
4ec72130b1 nixbld: add Nix unstable patch for networked derivations 
Fixes Gitea issue #7
 2020-10-06 00:45:56 +02:00
Astro
8ad847c7fa hydra: configure githubstatus plugin 
Part of M-Labs/nix-scripts#32
 2020-09-02 19:55:15 +02:00
Sebastien Bourdeauducq
e3690e50f0 nixbld: enable gitea code search 2020-08-31 17:39:28 +08:00
Astro
24e1201ab1 flarum: init 2020-08-22 02:25:43 +02:00
Sebastien Bourdeauducq
4d8214d00e nixbld: open firewall for jitsi-videobridge 2020-08-03 15:32:06 +08:00
Sebastien Bourdeauducq
420796a547 nixbld: install jitsi 2020-08-03 15:19:56 +08:00
Sebastien Bourdeauducq
5322606804 disable homu 
Not used anymore.
 2020-08-02 20:44:01 +08:00
Sebastien Bourdeauducq
c6c392d10f Revert "hydra: move store to zfs" 
This is a mess: https://github.com/NixOS/hydra/issues/796

This reverts commit ac2ea5621d.
 2020-07-29 19:03:34 +08:00
Sebastien Bourdeauducq
c49e1fbade nixbld: also store backups on zfs tank 2020-07-27 20:28:34 +08:00
Sebastien Bourdeauducq
ac2ea5621d hydra: move store to zfs 2020-07-26 23:53:04 +08:00
Sebastien Bourdeauducq
2cdff2b132 nixbld: turn on zfs autosnapshot 2020-07-26 22:29:38 +08:00
Sebastien Bourdeauducq
d2f7181a1f nixbld: continue zfs setup 2020-07-26 22:21:31 +08:00
Sebastien Bourdeauducq
deaf3e9e75 nixbld: enable ZFS 2020-07-25 19:21:41 +08:00
Sebastien Bourdeauducq
805a3e33ad nixbld: add Nix 'networked' derivations 
This obsoletes the fixed-output derivation hack previously used on Hydra, and the associated retry patch.
 2020-07-04 16:02:30 +08:00
Astro
45037cb464 nixbld: add hydra-restrictdist.patch 
Preparation for M-Labs/nix-scripts#26
 2020-06-26 20:20:03 +02:00
Sebastien Bourdeauducq
a595a5b8ce update static IP allocation 2020-06-24 11:06:35 +08:00
Sebastien Bourdeauducq
e0310b191b remove notifico 
Complex/problematic to set up and not so useful after all.
 2020-06-20 17:54:45 +08:00
Sebastien Bourdeauducq
5a0afc48d4 import from nix-scripts 2020-06-20 17:54:21 +08:00