Sebastien Bourdeauducq
f6d4bc3d83
nixbld: try new workaround for Linux wifi shittiness
...
The Linux wifi AP support is dire:
* rtl8192cu AP mode loses packets and connections
* rtl8xxxu does not support AP mode
* ath10k firmware crashes from time to time
* iwlwifi with hostapd 2.9 causes kernel crashes every few days with NULL pointer dereference
It seems iwlwifi with hostapd 2.8 could be the least bad option.
Revert to that version and disable problematic (insecure) CONFIG_EAP_PWD.
2019-12-30 18:23:54 +08:00
Sebastien Bourdeauducq
49f014fb67
nixbld: stop using iwlwifi garbage
...
It just won't stop crashing.
2019-12-25 17:53:03 +08:00
Sebastien Bourdeauducq
e34a070124
nixbld: lock Linux kernel version to 4.19.79
...
On newer kernel versions (somewhere before 4.19.89) the shitty iwlwifi driver would crash
the machine every few days with a message like:
Dec 25 12:22:25 nixbld kernel: BUG: unable to handle kernel NULL pointer dereference at 0000000000000068
Dec 25 12:22:25 nixbld kernel: PGD 0 P4D 0
Dec 25 12:22:25 nixbld kernel: Oops: 0002 [#1 ] SMP PTI
Dec 25 12:22:25 nixbld kernel: CPU: 2 PID: 15625 Comm: kworker/2:1 Not tainted 4.19.90 #1-NixOS
Dec 25 12:22:25 nixbld kernel: Hardware name: EVGA INTERNATIONAL CO.,LTD Default string/121-KS-E375, BIOS 1.07 03/15/2018
Dec 25 12:22:25 nixbld kernel: Workqueue: events iwl_mvm_add_new_dqa_stream_wk [iwlmvm]
Dec 25 12:22:25 nixbld kernel: RIP: 0010:iwl_trans_pcie_txq_enable+0x5b/0x460 [iwlwifi]
Dec 25 12:22:25 nixbld kernel: Code: 63 c6 4c 8b ac c7 40 91 00 00 f0 48 0f ab 87 40 a1 00 00 73 0d 80 3d 6b 65 03 00 00 0f 84 cb 03 00 00 44 89 c7 e8 15 c7 14 ce <49> 89 45 68 4d 85 e4 0f 84 eb 02 00>
Dec 25 12:22:25 nixbld kernel: RSP: 0018:ffffa47386937c30 EFLAGS: 00010202
Dec 25 12:22:25 nixbld kernel: RAX: 0000000000002710 RBX: 000000000000001f RCX: 0000000000000000
Dec 25 12:22:25 nixbld kernel: RDX: 3ffffffffffffffe RSI: 000000000000001f RDI: 0000000000002710
Dec 25 12:22:25 nixbld kernel: RBP: 0000000000000000 R08: 0000000000002710 R09: 0000000000000001
Dec 25 12:22:25 nixbld kernel: R10: 0000000000000004 R11: ffff916f0a199ff0 R12: 0000000000000000
Dec 25 12:22:25 nixbld kernel: R13: 0000000000000000 R14: 0000000000000000 R15: ffff916f08480018
Dec 25 12:22:25 nixbld kernel: FS: 0000000000000000(0000) GS:ffff916f36280000(0000) knlGS:0000000000000000
Dec 25 12:22:25 nixbld kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Dec 25 12:22:25 nixbld kernel: CR2: 0000000000000068 CR3: 0000000834e0a004 CR4: 00000000003606e0
Dec 25 12:22:25 nixbld kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Dec 25 12:22:25 nixbld kernel: DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Dec 25 12:22:25 nixbld kernel: Call Trace:
Dec 25 12:22:25 nixbld kernel: iwl_mvm_enable_txq+0x230/0x3b0 [iwlmvm]
Dec 25 12:22:25 nixbld kernel: ? iwl_mvm_add_new_dqa_stream_wk+0x897/0x13b0 [iwlmvm]
Dec 25 12:22:25 nixbld kernel: iwl_mvm_add_new_dqa_stream_wk+0x897/0x13b0 [iwlmvm]
Dec 25 12:22:25 nixbld kernel: ? entry_SYSCALL_64_stage2+0xf/0x10
Dec 25 12:22:25 nixbld kernel: ? __switch_to_asm+0x41/0x70
Dec 25 12:22:25 nixbld kernel: ? __switch_to_asm+0x41/0x70
Dec 25 12:22:25 nixbld kernel: ? __switch_to_asm+0x41/0x70
Dec 25 12:22:25 nixbld kernel: ? __switch_to+0x8c/0x440
Dec 25 12:22:25 nixbld kernel: ? __switch_to_asm+0x41/0x70
Dec 25 12:22:25 nixbld kernel: ? __switch_to_asm+0x35/0x70
Dec 25 12:22:25 nixbld kernel: process_one_work+0x206/0x400
Dec 25 12:22:25 nixbld kernel: worker_thread+0x2d/0x3e0
Dec 25 12:22:25 nixbld kernel: ? process_one_work+0x400/0x400
Dec 25 12:22:25 nixbld kernel: kthread+0x112/0x130
Dec 25 12:22:25 nixbld kernel: ? kthread_bind+0x30/0x30
Dec 25 12:22:25 nixbld kernel: ret_from_fork+0x35/0x40
2019-12-25 14:39:31 +08:00
Sebastien Bourdeauducq
1f2eabed65
nixbld: fix wifi network
2019-12-19 11:47:38 +08:00
Sebastien Bourdeauducq
8fddcd68e8
nixbld: update mail server
2019-12-18 16:26:10 +08:00
Sebastien Bourdeauducq
107060f50c
nixbld: remove adoptopenjdk-openj9-bin-11
...
This is for running NATview, but since there are fewer uTCA issues with Sayma v2 this is not really necessary anymore.
And for power control, STM32 + SSR works better than uTCA.
2019-12-10 11:59:29 +08:00
Sebastien Bourdeauducq
e6488e16d2
nixbld: boards are no longer connected directly
2019-12-10 11:58:52 +08:00
Sebastien Bourdeauducq
6680dc6c34
nixbld: remove whitequark account
2019-12-10 11:52:05 +08:00
Sebastien Bourdeauducq
d88137f8b7
gitea: enable emails (and password recovery)
2019-11-25 21:58:49 +08:00
Sebastien Bourdeauducq
4bd0495834
nixbld: set up rpi SSH port redirects for IPv4 users
2019-11-20 19:29:35 +08:00
Sebastien Bourdeauducq
3b3371eebf
restore ARTIQ-2 manual
2019-11-19 10:18:53 +08:00
Sebastien Bourdeauducq
596a9bc6b4
customize gitea homepage
2019-11-18 13:48:40 +08:00
Sebastien Bourdeauducq
3d8252acf8
restore ARTIQ-3 manual
2019-11-17 09:33:31 +08:00
Sebastien Bourdeauducq
e50a89acea
build ARTIQ releases
2019-11-14 17:07:46 +08:00
Sebastien Bourdeauducq
0136a154a8
fix sipyco doc aliases
2019-11-12 18:34:03 +08:00
Sebastien Bourdeauducq
57b817f07e
build sipyco manual
2019-11-12 10:43:50 +08:00
Sebastien Bourdeauducq
e69ddf6c4c
nixbld: fix munin
2019-11-07 16:14:01 +08:00
Sebastien Bourdeauducq
c1db80023b
nixbld: add kasli-customer DNS entry
2019-10-31 11:14:20 +08:00
Sebastien Bourdeauducq
aa6d631863
nixops: set up devboard users
2019-10-22 20:27:02 +08:00
Sebastien Bourdeauducq
392e3dcb8e
nixbld: use faster rpi for aarch64 builds
2019-10-22 20:10:20 +08:00
Sebastien Bourdeauducq
ee60f202b1
nixops: add rpi-3 and rpi-4
2019-10-22 20:09:56 +08:00
Sebastien Bourdeauducq
7167c34bfe
nixbld: install nixops, remove virtmanager
2019-10-21 21:38:24 +08:00
Sebastien Bourdeauducq
379335cc6e
nixbld: remove unnecessary NetworkManager setting
...
We are not using NetworkManager here.
2019-10-21 16:12:57 +08:00
Sebastien Bourdeauducq
833a9c7430
nixbld: add perso.m-labs.hk
2019-10-17 15:17:42 +08:00
Sebastien Bourdeauducq
3aa23cacfc
nixbld: fix indentation
2019-10-17 14:36:49 +08:00
Sebastien Bourdeauducq
0469ca21da
nixbld: get static IPs out of DHCP range, and give them DNS entries
2019-10-16 17:49:00 +08:00
Sebastien Bourdeauducq
68534d2ce2
nixbld: IPv6 on internal networks
2019-10-16 13:48:13 +08:00
Sebastien Bourdeauducq
e89afabdfb
nixbld: isolate wifi network. Closes #20
2019-10-15 19:42:26 +08:00
Sebastien Bourdeauducq
dd490121b6
nixbld: filter CUPS access using firewall
...
CUPS listenAddresses is problematic.
2019-10-15 19:20:32 +08:00
Sebastien Bourdeauducq
f3fe798126
nixbld: disable libvirtd ( #20 )
2019-10-15 17:26:51 +08:00
Sebastien Bourdeauducq
c0c9af04d4
nixbld: add openhardware.hk site
2019-10-09 21:33:37 +08:00
Sebastien Bourdeauducq
a85a16ff73
nixbld: remove fractalide
2019-10-09 21:08:12 +08:00
Sebastien Bourdeauducq
dfe48379c5
nixbld: document secret permissions
2019-10-09 10:41:15 +08:00
Sebastien Bourdeauducq
6a09d1cc6f
nixbld: add QF users
2019-09-30 10:33:28 +08:00
Sebastien Bourdeauducq
e05fd797fd
nixbld: install gdb system-wide
2019-09-30 10:33:28 +08:00
Sebastien Bourdeauducq
771b91f4f3
nixbld: support yubikey+password 2FA
2019-09-22 20:25:03 +08:00
Sebastien Bourdeauducq
099b7dee2a
nixbld: store email account info in /etc/nixos/secret
2019-09-19 09:44:34 +08:00
Sebastien Bourdeauducq
d28167badf
Revert "nixbld: use store_uri for hydra"
...
secret-key should not be used with the local store (https://github.com/NixOS/hydra/issues/679#issuecomment-532607341 )
This reverts commit ef80154c64
.
2019-09-18 18:46:18 +08:00
Sebastien Bourdeauducq
ef80154c64
nixbld: use store_uri for hydra
...
Note that binary_cache_secret_key_file is actually not ignored, contrary to what the hydra warning message says.
binary_cache_secret_key_file is used by the perl code, when hydra itself as acting as a binary cache (over http), but store-uri is used by the c++ code, when the queue-runner is copying artifacts into whatever the store-uri is
This mess ought to be cleaned up in hydra at some point.
2019-09-18 17:35:39 +08:00
Sebastien Bourdeauducq
361d7445a5
nixbld: cleanup
2019-09-18 15:38:07 +08:00
Sebastien Bourdeauducq
0f45d03e32
nixbld: fix flarum 'bad gateway' error
2019-09-18 14:23:14 +08:00
Sebastien Bourdeauducq
f531f0c0d7
nixbld: add IPv6 tunnel
2019-09-18 12:38:35 +08:00
Sebastien Bourdeauducq
9ea3e2e47b
nixbld: factor out network interface names
2019-09-18 12:20:03 +08:00
Sebastien Bourdeauducq
3bd0f2c1e9
nixbld: LAN router
...
Replaces OpenWrt router that was limited to 100Mbps (new fiber is 300Mbps).
2019-09-18 12:13:10 +08:00
Sebastien Bourdeauducq
44018d0a56
nixbld: handle upstream patches properly in overridden packages
2019-09-18 11:57:13 +08:00
Sebastien Bourdeauducq
8efe227959
nixbld: NixOS 19.09 fixes
2019-09-17 17:22:43 +08:00
Sebastien Bourdeauducq
4f648fba07
nixbld: fix nginx alias_traversal configuration issue
...
https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md
2019-09-17 16:40:22 +08:00
Sebastien Bourdeauducq
bd9062421d
nixbld: enable apparmor
...
This doesn't do much for now and apparmor support needs some work, but this enables the
kernel boot options so we can fix apparmor later without having to reboot the server.
2019-09-16 09:32:58 +08:00
Sebastien Bourdeauducq
b8b6fdbba5
nixbld: add prototype mail server
2019-09-13 12:48:51 +08:00
Sebastien Bourdeauducq
40e87731e0
nixbld: enable UPS monitoring
2019-09-11 17:37:59 +08:00