Commit graph

478 commits

Author SHA1 Message Date
Max
804e7b0363 cluster/services/cachix-deploy-agent: use cluster secrets 2024-07-08 19:48:28 +02:00
Max
0c4e603e86 cluster/services/forge: use cluster secrets 2024-07-08 19:48:28 +02:00
Max
04031ef198 cluster/services/search: use cluster secrets 2024-07-08 19:48:28 +02:00
Max
482a594aa1 cluster/lib: set restartTriggers for changing secrets 2024-07-08 19:48:28 +02:00
Max
22ae42673f cluster/catalog: add actions for secrets 2024-07-08 16:32:08 +02:00
Max
dcc1e1ce83 cluster/catalog: refactor 2024-07-08 16:32:08 +02:00
Max
5727bdb37e cluster/lib: inject secrets into agenix modules 2024-07-08 16:32:08 +02:00
Max
8adc26c5c3 cluster/lib: add secrets options 2024-07-08 16:00:59 +02:00
Max
0a390ad0d7 cluster/services/object-storage: drop 2024-07-07 23:42:29 +02:00
Max
8a53e376bd cluster/services/content-delivery: expose bucket at cdn subdomain 2024-07-07 23:41:37 +02:00
Max
4cacd03afb cluster/services/ways: support buckets 2024-07-07 23:38:56 +02:00
Max
b8ff5d7d03 cluster/catalog: init 2024-07-06 00:02:08 +02:00
Max
278803e474 cluster/services/matrix: lib.cartesianProductOfSets -> lib.cartesianProduct 2024-07-04 22:17:35 +02:00
Max
faff22a9a1 cluster/services/ipfs: fix add_header placement 2024-07-04 22:15:30 +02:00
Max
4f3abd5a8e cluster/services/content-delivery: enable bucket website access for content-delivery 2024-07-04 22:08:02 +02:00
Max
4be09304ae cluster/services/hercules-ci-multi-agent: enable bucket website access for nix-store 2024-07-04 22:07:09 +02:00
Max
60b18c9ccb cluster/services/storage: support bucket website mode 2024-07-04 22:06:25 +02:00
Max
c81aec9b9a cluster/services/storage: switch garage to ways 2024-07-04 20:51:50 +02:00
Max
b8067c6a33 cluster/services/ways: serialize acme cert updates 2024-07-04 20:51:50 +02:00
Max
c358714cbe cluster/services/ways: unique upstreams 2024-07-04 20:51:50 +02:00
Max
e2397ac946 cluster/services/ipfs: switch to ways 2024-07-04 20:51:50 +02:00
Max
ac047b189d cluster/services/ways: support wildcards 2024-07-04 19:51:52 +02:00
Max
a2cbfb9c25 cluster/services/monitoring: switch to ways 2024-07-04 17:31:59 +02:00
Max
a39ef182d4 cluster/services/ways: support multiple backends via consul services 2024-07-04 17:03:39 +02:00
Max
c484a2cf02 cluster/services/forge: switch to ways 2024-07-04 15:51:30 +02:00
Max
01f113046f cluster/lib: implement meshLinks 2024-07-04 15:51:30 +02:00
Max
98cb84c4d0 cluster/services/ways: init 2024-07-04 15:51:30 +02:00
Max
e68ec76011 cluster/services/forge: switch to s3 storage 2024-07-04 00:26:07 +02:00
Max
b13746f395 cluster/services/forge: add s3 bucket 2024-07-02 17:07:43 +02:00
Max
db709b6309 cluster/services/ipfs: update cluster peer id for prophet 2024-07-02 16:48:29 +02:00
Max
c6f4a639e3 cluster/services/monitoring: use upstream grafana 2024-06-30 23:00:46 +02:00
Max
bf0aad67e0 cluster/services/hercules-ci-multi-agent: mkPackageOptionMD -> mkPackageOption 2024-06-30 00:49:24 +02:00
Max
c9c46a678a cluster/services/warehouse: hardware.opengl -> hardware.graphics 2024-06-30 00:48:32 +02:00
Max
03f227a4d1 cluster/services/content-delivery: init 2024-06-29 22:10:31 +02:00
Max
2995b78bc7 cluster/services/attic: remove minio fallback 2024-06-29 21:48:59 +02:00
Max
221a74793c cluster/services/c-f32aebf5: implement control stuff 2024-06-29 21:17:24 +02:00
Max
598f9a1a1e cluster/services/c-f32aebf5: fix restarting, perform daily backups and auto-restarts 2024-06-13 22:06:36 +02:00
Max
6f6883f4a1 cluster/services/storage: update external storage secret for prophet 2024-06-07 03:23:55 +02:00
Max
3427f9db21 cluster/services/storage: upgrade s3ql filesystems 2024-06-07 03:15:20 +02:00
Max
799a1dede9 cluster/services/storage: prepare for s3ql upgrades 2024-06-07 02:55:50 +02:00
Max
46d2a4056a cluster/services/monitoring: fix loki config for 3.0.0 2024-06-07 01:34:37 +02:00
Max
890622750c cluster/services/forge: chown dataDir 2024-06-06 21:24:57 +02:00
Max
75b6d3e2f5 cluster/services/forge: services.forgejo.appName -> services.forgejo.settings.DEFAULT.APP_NAME 2024-06-06 21:24:57 +02:00
Max
efe0ede612 cluster/services/forge: services.gitea -> services.forgejo 2024-06-06 21:24:57 +02:00
Max
fc1bad5663 cluster/services/nextcloud: services.nextcloud.config.overwriteProtocol -> services.nextcloud.settings.overwriteprotocol 2024-06-06 21:24:57 +02:00
Max
f2fa8aa087 cluster/services/nginx: depend on network-online.target 2024-06-06 21:24:57 +02:00
Max
d8c0fd5ea2 cluster/services/storage: use s3v4 signatures for external storage 2024-06-06 21:24:57 +02:00
Max
75a4987efe cluster/services/storage: make replication_mode a string 2024-06-06 21:24:57 +02:00
Max
7f9881e932 cluster/services/ipfs: use new oauth2-proxy options format 2024-06-06 21:24:57 +02:00
Max
eaa53cd05d cluster/services/ipfs: use upstream ipfs-cluster package 2024-06-06 21:24:57 +02:00
Max
5b9d428f84 cluster/services/consul: use our consul package 2024-06-06 21:24:57 +02:00
Max
1cc18c5480 cluster/services/hercules-ci-multi-agent/modules/multi-agent-refactored: don't use getExe 2024-06-05 20:15:04 +02:00
Max
8766c44419 cluster/services/c-f32aebf5: init 2024-06-05 18:15:30 +02:00
Max
206d6a2ba6 cluster/services/dns: drop DS queries 2024-06-05 02:53:50 +02:00
Max
5bd296ab6c cluster/services/dns: heavily limit cpu and memory 2024-06-05 01:20:24 +02:00
Max
6318a87236 cluster/services/dns: remove tracing 2024-06-04 22:10:12 +02:00
Max
a2f34efb41 cluster/services/dns: only serve stale entries if upstream is not available 2024-06-04 20:51:36 +02:00
Max
7e7eac04a0 cluster/services/nextcloud: nextcloud28 -> nextcloud29 2024-06-04 20:14:38 +02:00
Max
ab13d2c437 cluster/services/nextcloud: nextcloud27 -> nextcloud28 2024-06-04 20:07:33 +02:00
Max
fe26456ae9 cluster/services/ipfs: prepare ipfs-cluster for ascension 2024-06-04 19:59:08 +02:00
Max
b5e4aeb266 cluster/services/forge: prepare for ascension 2024-06-04 19:54:44 +02:00
Max
82f34e96f2 cluster/services/matrix: use DNS01 challenge for cinny cert 2024-06-01 22:01:48 +02:00
Max
4e7c83361b cluster/services/websites: host hyprspace docs 2024-06-01 21:36:39 +02:00
Max
3a61f93b5b cluster/services/matrix: host static resources redundantly 2024-05-29 10:17:49 +02:00
Max
c4ee4559f6 cluster/services/hercules-ci-multi-agent: add hyprspace org 2024-05-24 22:51:57 +02:00
Max
e4b2eae2c3 cluster/services/monitoring: keep grafana running 2024-05-17 19:29:05 +02:00
Max
c445867b16 cluster/services/dns: use new hyprspace dns server address 2024-05-17 14:12:01 +02:00
Max
a7ae49128e VEGAS/vault, cluster/services/vault: drop 2024-05-17 14:08:40 +02:00
Max
5c67cc7880 cluster/services/search: use tor 2024-04-30 03:10:33 +02:00
Max
eccf23ce9e cluster/services/tor: init 2024-04-30 02:34:51 +02:00
Max
e36260c449 cluster/services/attic: doh 2024-04-25 02:14:08 +02:00
Max
9ae4ed5ce9 cluster/services/attic: also use the garage bucket for the binary cache 2024-04-21 23:43:28 +02:00
Max
964ab05fad cluster/services/nginx: enable proxyResolveWhileRunning 2024-04-21 23:41:13 +02:00
Max
c26db970ac cluster/services/storage: host garage web endpoint 2024-04-21 23:40:21 +02:00
Max
45af3167b2 cluster/services/hercules-ci-multi-agent: use garage 2024-04-19 18:26:35 +02:00
Max
dc7f39c905 Revert "cluster/services/attic: auto-restart atticd"
This reverts commit 6a51b09f8c.
Done upstream now.
2024-02-22 11:26:22 +01:00
Max
6a51b09f8c cluster/services/attic: auto-restart atticd 2024-02-12 22:49:51 +01:00
Max
40a3521bc1 cluster/services/meet: don't use SCTP datachannel 2024-01-27 09:27:06 +01:00
Max
5a519d3a48 cluster/services/certificates: setfacl on current directory 2023-12-31 04:02:51 +01:00
Max
30e926a654 cluster/services/dns: don't rewrite NS and SOA requests 2023-12-30 14:12:38 +01:00
Max
400664edf8 cluster/services/idm: enable sudo auth with pam_rssh 2023-12-06 01:01:09 +01:00
Max
42e2fb5af6 cluster/services/soda: add internal dns record 2023-12-05 23:25:57 +01:00
Max
82bf6c028a cluster/services/nextcloud: nextcloud26 -> nextcloud27 2023-12-05 22:55:07 +01:00
Max
7972c40a4d cluster/services/idm: remove backported pam module 2023-12-05 22:42:25 +01:00
Max
0943c410c3 cluster: switch to exec dns01 provider 2023-12-04 23:33:20 +01:00
Max
bfd7a4214c cluster/services/acme-client: switch to acme-dns with custom script 2023-12-04 23:33:20 +01:00
Max
3231b65a26 cluster/services/cdn-shield: init 2023-12-04 23:33:20 +01:00
Max
0fef0fca66 cluster/services/n8n: init 2023-12-04 23:33:20 +01:00
Max
779429c289 cluster/services/gitlab: init 2023-12-04 23:33:20 +01:00
Max
2a49d440f7 cluster/services/vault: init 2023-12-04 23:33:20 +01:00
Max
f1e68e7e28 cluster/services/reflex: init 2023-12-04 23:33:20 +01:00
Max
195fe56279 cluster/services/bitwarden: init 2023-12-04 23:33:20 +01:00
Max
5150894720 cluster/services/ipfs: more dns records 2023-12-04 23:33:20 +01:00
Max
bde04dac87 cluster/services/websites: add dns records for old sites 2023-12-04 23:33:20 +01:00
Max
0a6755dac5 cluster/services/sso: init 2023-12-04 23:33:20 +01:00
Max
9abd4b6c0a cluster/services/attic: add dns records 2023-12-04 23:33:20 +01:00
Max
6d22f7bdb7 cluster/services/meet: add dns records 2023-12-04 23:33:20 +01:00
Max
001f6cd078 cluster/services/fbi: init 2023-12-04 23:33:20 +01:00
Max
e961260700 cluster/services/object-storage: add dns records 2023-12-04 23:33:20 +01:00
Max
38d8894676 cluster/services/nextcloud: add dns records 2023-12-04 23:33:20 +01:00
Max
bbaf0b0c14 cluster/services/soda: add dns records 2023-12-04 23:33:20 +01:00
Max
cb8744b99a cluster/services/matrix: add dns records 2023-12-04 23:33:20 +01:00
Max
38d22c1964 cluster/services/warehouse: add dns records 2023-12-04 23:33:20 +01:00
Max
4aadf0c482 cluster/services/forge: add dns records 2023-12-04 23:33:20 +01:00
Max
7d7714db4c cluster/services/search: add dns records 2023-12-04 23:33:20 +01:00
Max
b24f73bc4b cluster/services/idm: add dns records 2023-12-04 23:33:20 +01:00
Max
93ceb5c0ea cluster/services/websites: add top-level dns record 2023-12-04 23:33:20 +01:00
Max
eae6934b92 cluster/services/dns: add nameserver records 2023-12-04 23:33:20 +01:00
Max
afb95e1d3b cluster/services/mail: init 2023-12-04 23:33:20 +01:00
Max
a09b8ff7c5 cluster/services/dns: create dns records for machines 2023-12-04 23:33:20 +01:00
Max
2a9fdfa4f9 cluster/services/dns: switch to acme-dns, host static records 2023-12-04 23:33:20 +01:00
Max
eaa4bdb449 cluster/services/dns: support TXT records 2023-12-04 23:28:02 +01:00
Max
b485a93df4 cluster/services/storage: use consul catalog api for garage discovery 2023-12-02 13:40:51 +01:00
Max
1554d59c7d cluster/services/nextcloud: remove enableBrokenCiphersForSSE 2023-12-02 02:48:44 +01:00
Max
f973ca2084 cluster/services/storage: mkForce garage's StateDirectory 2023-12-02 01:06:20 +01:00
Max
79b6798fe6 cluster/services/attic: enable garbage collection 2023-12-02 00:18:10 +01:00
Max
9c9c8d250d Revert "cluster/services/attic: use DynamicUser"
This reverts commit 2a75c2ae02.
2023-12-02 00:10:58 +01:00
Max
02ea8d50c7 cluster/services/attic: wait for postgresql 2023-12-01 23:22:01 +01:00
Max
2a75c2ae02 cluster/services/attic: use DynamicUser 2023-12-01 23:21:36 +01:00
Max
03e802bcab cluster/services/ipfs: give ipfs-cluster more time to start 2023-12-01 23:12:42 +01:00
Max
993cb7f967 cluster/services/hercules-ci-multi-agent: disable AWS IMDS lookups
so this was the reason hci has been so fucking slow substituting things

fuck you, jeff
2023-12-01 18:28:34 +01:00
Max
4b34be5916 packages/cachix: init with patch 2023-12-01 17:45:27 +01:00
Max
24722bf586 cluster/services/hercules-ci-multi-agent: move agent processes to builder.slice 2023-12-01 01:05:55 +01:00
Max
ff4e3af21e cluster/services/patroni: move one worker from prophet to grail 2023-12-01 00:25:13 +01:00
Max
9227c66448 cluster/services/storage: increase garage upload size limit 2023-11-11 20:01:02 +01:00
Max
4c25e003b7 cluster/services/storage: monitor garage with blackbox 2023-11-09 21:42:13 +01:00
Max
0ce00ad1dc cluster/services/monitoring: move tempo to s3 2023-11-08 23:10:10 +01:00
Max
bbfdd6440c cluster/services/monitoring: enable env var resolution in loki config 2023-11-08 19:55:19 +01:00
Max
ee8750f748 cluster/services/monitoring: prepare loki for s3 2023-11-07 22:22:24 +01:00
Max
f88749fd95 cluster/services/monitoring: create buckets for loki and tempo 2023-11-06 20:53:20 +01:00
Max
2d1d8c5370 cluster/services/storage: disable-expect100 2023-11-05 01:11:17 +01:00
Max
a087445358 cluster/services/monitoring: move one blackbox agent from VEGAS to grail 2023-11-05 00:12:19 +01:00
Max
d6fe67c14e cluster/services/storage: use external s3 endpoint for remote storage 2023-11-04 23:36:19 +01:00
Max
b332dc4a4e cluster/services/storage: scrape metrics from garage 2023-11-04 20:12:11 +01:00
Max
eefc380890 cluster/services/dns: trace coredns 2023-11-04 03:59:27 +01:00
Max
83b9ed9c09 cluster/services/monitoring: fix tempo, add zipkin endpoint 2023-11-04 03:59:17 +01:00
Max
3c7cb33820 cluster/services/monitoring: make tempo-grpc listen on localhost 2023-11-04 03:22:20 +01:00
Max
da9c1cca67 cluster/services/storage: rotate storage auth for prophet 2023-11-04 02:09:22 +01:00
Max
eb69940c8f cluster/services/attic: rotate s3 credentials 2023-11-04 02:08:07 +01:00
Max
2aed1f4df2 cluster/services/storage: add grail to garage cluster 2023-11-04 02:07:29 +01:00
Max
84644cfbf6 cluster/services/monitoring: enable monitoring on grail 2023-11-04 01:24:34 +01:00
Max
df1b0e1850 cluster/services/certificates: allow grail to use the internal wildcard cert 2023-11-04 01:18:50 +01:00
Max
491666c17a cluster/services/consul: add grail 2023-11-04 01:17:59 +01:00
Max
20991ec5d8 cluster/services/acme-dns-client: add grail 2023-11-04 01:17:59 +01:00
Max
55c0b848a6 cluster/services/nginx: add grail 2023-11-04 01:17:59 +01:00
Max
6cb9c5a9f3 cluster/services/dns: add grail to clients 2023-11-04 01:17:59 +01:00
Max
5200dab0eb cluster/services/cachix-deploy-agent: add grail 2023-11-04 01:17:59 +01:00
Max
2c01ab818a cluster/services/idm: add grail to clients 2023-11-04 00:47:04 +01:00
Max
125732e03a cluster/services/wireguard: add grail to mesh 2023-11-04 00:47:04 +01:00
Max
0752d1e1d8 cluster/services/storage: don't explicitly set port in s3 endpoint url 2023-11-03 22:09:45 +01:00