Commit Graph

154 Commits

Author SHA1 Message Date
Sebastien Bourdeauducq 58bd5c697e nixbld: try another workaround for wifi bugs 2020-01-02 17:18:02 +08:00
Sebastien Bourdeauducq f6d4bc3d83 nixbld: try new workaround for Linux wifi shittiness
The Linux wifi AP support is dire:
* rtl8192cu AP mode loses packets and connections
* rtl8xxxu does not support AP mode
* ath10k firmware crashes from time to time
* iwlwifi with hostapd 2.9 causes kernel crashes every few days with NULL pointer dereference

It seems iwlwifi with hostapd 2.8 could be the least bad option.
Revert to that version and disable problematic (insecure) CONFIG_EAP_PWD.
2019-12-30 18:23:54 +08:00
Sebastien Bourdeauducq 49f014fb67 nixbld: stop using iwlwifi garbage
It just won't stop crashing.
2019-12-25 17:53:03 +08:00
Sebastien Bourdeauducq e34a070124 nixbld: lock Linux kernel version to 4.19.79
On newer kernel versions (somewhere before 4.19.89) the shitty iwlwifi driver would crash
the machine every few days with a message like:

Dec 25 12:22:25 nixbld kernel: BUG: unable to handle kernel NULL pointer dereference at 0000000000000068
Dec 25 12:22:25 nixbld kernel: PGD 0 P4D 0
Dec 25 12:22:25 nixbld kernel: Oops: 0002 [#1] SMP PTI
Dec 25 12:22:25 nixbld kernel: CPU: 2 PID: 15625 Comm: kworker/2:1 Not tainted 4.19.90 #1-NixOS
Dec 25 12:22:25 nixbld kernel: Hardware name: EVGA INTERNATIONAL CO.,LTD Default string/121-KS-E375, BIOS 1.07 03/15/2018
Dec 25 12:22:25 nixbld kernel: Workqueue: events iwl_mvm_add_new_dqa_stream_wk [iwlmvm]
Dec 25 12:22:25 nixbld kernel: RIP: 0010:iwl_trans_pcie_txq_enable+0x5b/0x460 [iwlwifi]
Dec 25 12:22:25 nixbld kernel: Code: 63 c6 4c 8b ac c7 40 91 00 00 f0 48 0f ab 87 40 a1 00 00 73 0d 80 3d 6b 65 03 00 00 0f 84 cb 03 00 00 44 89 c7 e8 15 c7 14 ce <49> 89 45 68 4d 85 e4 0f 84 eb 02 00>
Dec 25 12:22:25 nixbld kernel: RSP: 0018:ffffa47386937c30 EFLAGS: 00010202
Dec 25 12:22:25 nixbld kernel: RAX: 0000000000002710 RBX: 000000000000001f RCX: 0000000000000000
Dec 25 12:22:25 nixbld kernel: RDX: 3ffffffffffffffe RSI: 000000000000001f RDI: 0000000000002710
Dec 25 12:22:25 nixbld kernel: RBP: 0000000000000000 R08: 0000000000002710 R09: 0000000000000001
Dec 25 12:22:25 nixbld kernel: R10: 0000000000000004 R11: ffff916f0a199ff0 R12: 0000000000000000
Dec 25 12:22:25 nixbld kernel: R13: 0000000000000000 R14: 0000000000000000 R15: ffff916f08480018
Dec 25 12:22:25 nixbld kernel: FS:  0000000000000000(0000) GS:ffff916f36280000(0000) knlGS:0000000000000000
Dec 25 12:22:25 nixbld kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Dec 25 12:22:25 nixbld kernel: CR2: 0000000000000068 CR3: 0000000834e0a004 CR4: 00000000003606e0
Dec 25 12:22:25 nixbld kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Dec 25 12:22:25 nixbld kernel: DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Dec 25 12:22:25 nixbld kernel: Call Trace:
Dec 25 12:22:25 nixbld kernel:  iwl_mvm_enable_txq+0x230/0x3b0 [iwlmvm]
Dec 25 12:22:25 nixbld kernel:  ? iwl_mvm_add_new_dqa_stream_wk+0x897/0x13b0 [iwlmvm]
Dec 25 12:22:25 nixbld kernel:  iwl_mvm_add_new_dqa_stream_wk+0x897/0x13b0 [iwlmvm]
Dec 25 12:22:25 nixbld kernel:  ? entry_SYSCALL_64_stage2+0xf/0x10
Dec 25 12:22:25 nixbld kernel:  ? __switch_to_asm+0x41/0x70
Dec 25 12:22:25 nixbld kernel:  ? __switch_to_asm+0x41/0x70
Dec 25 12:22:25 nixbld kernel:  ? __switch_to_asm+0x41/0x70
Dec 25 12:22:25 nixbld kernel:  ? __switch_to+0x8c/0x440
Dec 25 12:22:25 nixbld kernel:  ? __switch_to_asm+0x41/0x70
Dec 25 12:22:25 nixbld kernel:  ? __switch_to_asm+0x35/0x70
Dec 25 12:22:25 nixbld kernel:  process_one_work+0x206/0x400
Dec 25 12:22:25 nixbld kernel:  worker_thread+0x2d/0x3e0
Dec 25 12:22:25 nixbld kernel:  ? process_one_work+0x400/0x400
Dec 25 12:22:25 nixbld kernel:  kthread+0x112/0x130
Dec 25 12:22:25 nixbld kernel:  ? kthread_bind+0x30/0x30
Dec 25 12:22:25 nixbld kernel:  ret_from_fork+0x35/0x40
2019-12-25 14:39:31 +08:00
Sebastien Bourdeauducq 1f2eabed65 nixbld: fix wifi network 2019-12-19 11:47:38 +08:00
Sebastien Bourdeauducq 8fddcd68e8 nixbld: update mail server 2019-12-18 16:26:10 +08:00
Sebastien Bourdeauducq 107060f50c nixbld: remove adoptopenjdk-openj9-bin-11
This is for running NATview, but since there are fewer uTCA issues with Sayma v2 this is not really necessary anymore.

And for power control, STM32 + SSR works better than uTCA.
2019-12-10 11:59:29 +08:00
Sebastien Bourdeauducq e6488e16d2 nixbld: boards are no longer connected directly 2019-12-10 11:58:52 +08:00
Sebastien Bourdeauducq 6680dc6c34 nixbld: remove whitequark account 2019-12-10 11:52:05 +08:00
Sebastien Bourdeauducq d88137f8b7 gitea: enable emails (and password recovery) 2019-11-25 21:58:49 +08:00
Sebastien Bourdeauducq 4bd0495834 nixbld: set up rpi SSH port redirects for IPv4 users 2019-11-20 19:29:35 +08:00
Sebastien Bourdeauducq 3b3371eebf restore ARTIQ-2 manual 2019-11-19 10:18:53 +08:00
Sebastien Bourdeauducq 596a9bc6b4 customize gitea homepage 2019-11-18 13:48:40 +08:00
Sebastien Bourdeauducq 3d8252acf8 restore ARTIQ-3 manual 2019-11-17 09:33:31 +08:00
Sebastien Bourdeauducq e50a89acea build ARTIQ releases 2019-11-14 17:07:46 +08:00
Sebastien Bourdeauducq 0136a154a8 fix sipyco doc aliases 2019-11-12 18:34:03 +08:00
Sebastien Bourdeauducq 57b817f07e build sipyco manual 2019-11-12 10:43:50 +08:00
Sebastien Bourdeauducq e69ddf6c4c nixbld: fix munin 2019-11-07 16:14:01 +08:00
Sebastien Bourdeauducq c1db80023b nixbld: add kasli-customer DNS entry 2019-10-31 11:14:20 +08:00
Sebastien Bourdeauducq aa6d631863 nixops: set up devboard users 2019-10-22 20:27:02 +08:00
Sebastien Bourdeauducq 392e3dcb8e nixbld: use faster rpi for aarch64 builds 2019-10-22 20:10:20 +08:00
Sebastien Bourdeauducq ee60f202b1 nixops: add rpi-3 and rpi-4 2019-10-22 20:09:56 +08:00
Sebastien Bourdeauducq 7167c34bfe nixbld: install nixops, remove virtmanager 2019-10-21 21:38:24 +08:00
Sebastien Bourdeauducq 379335cc6e nixbld: remove unnecessary NetworkManager setting
We are not using NetworkManager here.
2019-10-21 16:12:57 +08:00
Sebastien Bourdeauducq 833a9c7430 nixbld: add perso.m-labs.hk 2019-10-17 15:17:42 +08:00
Sebastien Bourdeauducq 3aa23cacfc nixbld: fix indentation 2019-10-17 14:36:49 +08:00
Sebastien Bourdeauducq 0469ca21da nixbld: get static IPs out of DHCP range, and give them DNS entries 2019-10-16 17:49:00 +08:00
Sebastien Bourdeauducq 68534d2ce2 nixbld: IPv6 on internal networks 2019-10-16 13:48:13 +08:00
Sebastien Bourdeauducq e89afabdfb nixbld: isolate wifi network. Closes #20 2019-10-15 19:42:26 +08:00
Sebastien Bourdeauducq dd490121b6 nixbld: filter CUPS access using firewall
CUPS listenAddresses is problematic.
2019-10-15 19:20:32 +08:00
Sebastien Bourdeauducq f3fe798126 nixbld: disable libvirtd (#20) 2019-10-15 17:26:51 +08:00
Sebastien Bourdeauducq c0c9af04d4 nixbld: add openhardware.hk site 2019-10-09 21:33:37 +08:00
Sebastien Bourdeauducq a85a16ff73 nixbld: remove fractalide 2019-10-09 21:08:12 +08:00
Sebastien Bourdeauducq dfe48379c5 nixbld: document secret permissions 2019-10-09 10:41:15 +08:00
Sebastien Bourdeauducq 6a09d1cc6f nixbld: add QF users 2019-09-30 10:33:28 +08:00
Sebastien Bourdeauducq e05fd797fd nixbld: install gdb system-wide 2019-09-30 10:33:28 +08:00
Sebastien Bourdeauducq 771b91f4f3 nixbld: support yubikey+password 2FA 2019-09-22 20:25:03 +08:00
Sebastien Bourdeauducq 099b7dee2a nixbld: store email account info in /etc/nixos/secret 2019-09-19 09:44:34 +08:00
Sebastien Bourdeauducq d28167badf Revert "nixbld: use store_uri for hydra"
secret-key should not be used with the local store (https://github.com/NixOS/hydra/issues/679#issuecomment-532607341)

This reverts commit ef80154c64.
2019-09-18 18:46:18 +08:00
Sebastien Bourdeauducq ef80154c64 nixbld: use store_uri for hydra
Note that binary_cache_secret_key_file is actually not ignored, contrary to what the hydra warning message says.
binary_cache_secret_key_file is used by the perl code, when hydra itself as acting as a binary cache (over http), but store-uri is used by the c++ code, when the queue-runner is copying artifacts into whatever the store-uri is
This mess ought to be cleaned up in hydra at some point.
2019-09-18 17:35:39 +08:00
Sebastien Bourdeauducq 361d7445a5 nixbld: cleanup 2019-09-18 15:38:07 +08:00
Sebastien Bourdeauducq 0f45d03e32 nixbld: fix flarum 'bad gateway' error 2019-09-18 14:23:14 +08:00
Sebastien Bourdeauducq f531f0c0d7 nixbld: add IPv6 tunnel 2019-09-18 12:38:35 +08:00
Sebastien Bourdeauducq 9ea3e2e47b nixbld: factor out network interface names 2019-09-18 12:20:03 +08:00
Sebastien Bourdeauducq 3bd0f2c1e9 nixbld: LAN router
Replaces OpenWrt router that was limited to 100Mbps (new fiber is 300Mbps).
2019-09-18 12:13:10 +08:00
Sebastien Bourdeauducq 44018d0a56 nixbld: handle upstream patches properly in overridden packages 2019-09-18 11:57:13 +08:00
Sebastien Bourdeauducq 8efe227959 nixbld: NixOS 19.09 fixes 2019-09-17 17:22:43 +08:00
Sebastien Bourdeauducq 4f648fba07 nixbld: fix nginx alias_traversal configuration issue
https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md
2019-09-17 16:40:22 +08:00
Sebastien Bourdeauducq bd9062421d nixbld: enable apparmor
This doesn't do much for now and apparmor support needs some work, but this enables the
kernel boot options so we can fix apparmor later without having to reboot the server.
2019-09-16 09:32:58 +08:00
Sebastien Bourdeauducq b8b6fdbba5 nixbld: add prototype mail server 2019-09-13 12:48:51 +08:00