Commit Graph

168 Commits

Author SHA1 Message Date
771b91f4f3 nixbld: support yubikey+password 2FA 2019-09-22 20:25:03 +08:00
099b7dee2a nixbld: store email account info in /etc/nixos/secret 2019-09-19 09:44:34 +08:00
d28167badf Revert "nixbld: use store_uri for hydra"
secret-key should not be used with the local store (https://github.com/NixOS/hydra/issues/679#issuecomment-532607341)

This reverts commit ef80154c64.
2019-09-18 18:46:18 +08:00
ef80154c64 nixbld: use store_uri for hydra
Note that binary_cache_secret_key_file is actually not ignored, contrary to what the hydra warning message says.
binary_cache_secret_key_file is used by the perl code, when hydra itself as acting as a binary cache (over http), but store-uri is used by the c++ code, when the queue-runner is copying artifacts into whatever the store-uri is
This mess ought to be cleaned up in hydra at some point.
2019-09-18 17:35:39 +08:00
361d7445a5 nixbld: cleanup 2019-09-18 15:38:07 +08:00
0f45d03e32 nixbld: fix flarum 'bad gateway' error 2019-09-18 14:23:14 +08:00
f531f0c0d7 nixbld: add IPv6 tunnel 2019-09-18 12:38:35 +08:00
9ea3e2e47b nixbld: factor out network interface names 2019-09-18 12:20:03 +08:00
3bd0f2c1e9 nixbld: LAN router
Replaces OpenWrt router that was limited to 100Mbps (new fiber is 300Mbps).
2019-09-18 12:13:10 +08:00
44018d0a56 nixbld: handle upstream patches properly in overridden packages 2019-09-18 11:57:13 +08:00
8efe227959 nixbld: NixOS 19.09 fixes 2019-09-17 17:22:43 +08:00
4f648fba07 nixbld: fix nginx alias_traversal configuration issue
https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md
2019-09-17 16:40:22 +08:00
bd9062421d nixbld: enable apparmor
This doesn't do much for now and apparmor support needs some work, but this enables the
kernel boot options so we can fix apparmor later without having to reboot the server.
2019-09-16 09:32:58 +08:00
b8b6fdbba5 nixbld: add prototype mail server 2019-09-13 12:48:51 +08:00
40e87731e0 nixbld: enable UPS monitoring 2019-09-11 17:37:59 +08:00
350701c682 nixbld: update installed packages 2019-09-05 16:47:01 +08:00
8a8f987098 nixbld: act as wifi access point 2019-09-05 15:27:44 +08:00
dc3cc3f596 nixbld: run hydra hooks for artiq-manual only on success
should fix GH issue #18
2019-08-14 00:05:04 +02:00
f92d6b96f4 nixbld: disable docker 2019-08-01 10:37:47 +08:00
405492b2e9 nixbld: add fish shell 2019-07-31 22:48:42 +08:00
a86f29733e nixbld: redirect old artiq resources page 2019-07-31 22:48:42 +08:00
552b872bac nixbld: add legacy migen manual URL 2019-07-29 11:44:48 +08:00
820ede4ac3 nixbld: optimize web server settings 2019-07-27 11:27:28 +08:00
049ef39c29 remove ARTIQ-2 manual 2019-07-27 10:38:06 +08:00
4d0c0e295a nixbld: use custom 404 page 2019-07-26 21:29:54 +08:00
06e8e67d10 nixbld: increase max push size for HTTPS gitea 2019-07-22 19:34:07 +08:00
af31db6d21 nixbld: add ARTIQ-4 manual legacy URL 2019-07-22 19:32:18 +08:00
00de3141b0 nixbld: update fractalide settings 2019-07-19 16:24:04 +08:00
618486ca8a nixbld: update web settings 2019-07-19 16:23:47 +08:00
78caeebf02 serve website from hydra 2019-07-19 15:57:35 +08:00
5326cab419 use recommended nginx patch 2019-07-19 15:19:39 +08:00
c134bfd3c1 web fixes and improvements 2019-07-19 15:00:06 +08:00
4d9e1f6e36 nixbld: redirect old URLs 2019-07-18 23:25:35 +08:00
5173a26468 nixbld: ignore broken conda-generated index.html 2019-07-18 00:47:18 +08:00
f51d24ac2e nixbld: publish conda channel on WWW 2019-07-18 00:20:05 +08:00
dfa2a4017e nixbld: update documentation jobset name 2019-07-18 00:10:33 +08:00
41a19cbf34 update stewart settings 2019-07-01 22:53:39 +08:00
8d9faac567 backup: exclude gitea archives 2019-07-01 22:53:03 +08:00
9e796e5073 nixbld: add password on munin output 2019-06-24 18:54:44 +08:00
e149012443 backup: fix improper copy/paste 2019-06-01 16:05:41 +08:00
b01f6aee27 ensure hydra does not fill hard disk 2019-05-29 15:48:59 +08:00
3da02d5f47 raise hydra max_output_size
Anaconda is large and reinstalling it sometimes goes over that limit.
2019-05-29 15:32:19 +08:00
5f7def845a nixbld: forward more traffic to stewart's machine 2019-05-27 00:42:50 +08:00
7882767a71 nixbld: back up more 2019-05-25 00:31:32 +08:00
42fac07c85 nixbld: add simple backups (WIP) 2019-05-24 15:19:33 +08:00
64eaa90250 nixbld: enable munin 2019-05-24 10:26:59 +08:00
898e81abc3 nixbld: forward some traffic to stewart's machine 2019-05-22 19:23:41 +08:00
8d77380ff3 nixbld: disable ARTIQ manual caching in nginx 2019-05-22 19:23:21 +08:00
ff6d082fc3 Revert "nixbld: refactor hydra-www-outputs to generate etags for nginx"
This reverts commit 8e3f1cc5a0.
2019-05-22 19:21:40 +08:00
8f051e300f Revert "nixbld: hydra-www-outputs-init before nginx.service"
This reverts commit 74bfc361e1.
2019-05-22 19:21:39 +08:00
74bfc361e1 nixbld: hydra-www-outputs-init before nginx.service
the service creates nginx config include files.
2019-05-22 01:54:10 +02:00
8e3f1cc5a0 nixbld: refactor hydra-www-outputs to generate etags for nginx
Should again resolve Gitea issue #12
2019-05-21 21:41:12 +02:00
e7eedf0f48 nixbld: centralize package overrides 2019-05-21 16:47:47 +08:00
45c2ce2f0c nixbld: set up forum 2019-05-21 16:08:54 +08:00
71d631d416 nixbld: gather and serve artiq-manual from hydra outputs
Should resolve Gitea issue #12.
2019-05-20 18:58:57 +02:00
58f5901897 print path to docs in hydra-queue-runner logs 2019-05-20 09:57:32 +08:00
9fed94be78 make jq accessible in hydra runcommand 2019-05-20 09:57:04 +08:00
4b78fb8124 enable docker 2019-05-20 09:20:28 +08:00
07af1db124 get SSL certificate for hooks.m-labs.hk 2019-05-20 09:18:21 +08:00
0796a9efa1 disable notifico for now 2019-05-20 09:18:10 +08:00
b91e17ea78 gitea: allows all file types for attachments 2019-05-20 09:08:39 +08:00
25de5790cd nixbld: add hydra runcommand config for artiq-manual pkgs
preparation for gitea issue #12
2019-05-13 18:35:27 +02:00
b1b21e9c25 nixbld: add /gateware.html redirect to nginx
gitea issue #11
2019-05-13 18:17:42 +02:00
28879f2c89 nixbld: fix ssl for nginx hooks+notifico vhosts 2019-05-13 17:18:04 +02:00
5f5aa32341 nixbld: move services.redis into notifico/nixos-module 2019-05-13 16:23:48 +02:00
50407d2b86 nixbld: integrate notifico
gitea issue #9
2019-05-13 02:10:04 +02:00
1facdd7755 notifico/pkg: clean up 2019-05-10 00:43:21 +02:00
7cffd4f8f8 add notifico/pkg 2019-05-10 00:41:11 +02:00
141cb709de homu: fixes 2019-05-04 17:48:19 +08:00
3a4d24b062 nixbld: remove fixed UIDs
https://github.com/NixOS/nixpkgs/issues/60732#issuecomment-488829636
2019-05-03 16:40:04 +08:00
304bb235b5 nixbld: put static UIDs away from automatic range 2019-05-02 16:09:44 +08:00
b47e660c2f enable homu 2019-05-02 13:54:21 +08:00
ad2fe47688 homu: do not put configuration file in nix
* issue with multiline string values
* slight security problem
2019-05-02 13:53:34 +08:00
9d29f4fccc add whitequark user 2019-05-02 13:18:31 +08:00
cbc1df481b remove buildbot.m-labs.hk 2019-05-02 13:09:46 +08:00
d78930d09a nixbld: set some security options 2019-05-02 13:06:07 +08:00
9805090d9e homu: run under separate static user/group 2019-04-30 22:50:26 +02:00
f684ad7f55 homu: prepare nixos integration
gitea issue #10
2019-04-30 22:38:58 +02:00
96cfa7b55f disable matterbridge for github bot notifications 2019-04-26 21:23:33 +08:00
be406bd0c7 move mattermostgithub config to /etc/nixos/secret 2019-04-26 19:21:00 +08:00
c0601e0f65 wrap mattermost-github-integration with uwsgi, add to nixbld 2019-04-26 00:16:33 +02:00
2365add996 move mattermost-github-integration, explicit imports 2019-04-25 17:34:00 +02:00
f6ebe4a88d add homu package 2019-04-23 17:02:34 +08:00
816ead8b96 add astro user 2019-04-21 10:44:14 +08:00
87a664721b set up wireshark 2019-04-21 10:44:08 +08:00
7487560b10 host website 2019-04-21 10:43:48 +08:00
448934fe6e add rj 2019-04-18 19:49:02 +08:00
48fb502658 enable mosh 2019-04-18 19:48:58 +08:00
3e0bfb6558 fix VNC 2019-04-18 19:48:42 +08:00
d16f6ed141 fix SSH key location 2019-04-14 18:35:01 +08:00
c2cf0b08fa enable SSH X11 forwarding
X11's crappy "network transparent" protocol is somewhat usable with a wired GbE connection straight to the server.
2019-04-14 18:33:06 +08:00
4e002f8751 patch hydra instead of using forked repos 2019-04-14 18:32:01 +08:00
bcfc9ea471 distribute aarch64 openocd 2019-04-08 23:45:30 +08:00
fa5afb3fc4 add big-parallel to hydra builds 2019-04-08 22:35:38 +08:00
0cae8a546c install jq 2019-04-08 22:35:28 +08:00
e06e5af52d mattermost: enable mutableConfig and IRC bridge 2019-04-02 00:50:26 +08:00
556be7d198 mattermost: fix websocket proxying 2019-04-02 00:50:02 +08:00
3fc48bc594 gitea: use disableRegistration available on 19.03 2019-04-02 00:49:37 +08:00
e71e35a498 update hydra 2019-04-02 00:49:09 +08:00
7e3a95f280 use single ACME certificate 2019-04-01 19:47:47 +08:00