Commit graph

307 commits

Author SHA1 Message Date
Max
db416ab9e2 cluster/services/storage: remove broken incantation 2023-11-02 19:50:10 +01:00
Max
b2e30146d9 cluster/services/storage: remove checkmate from garage cluster 2023-11-02 19:13:34 +01:00
Max
7c3ee49b82 cluster/services/storage: limit garage memory usage on low-memory nodes 2023-11-02 03:37:11 +01:00
Max
10c5d853d7 cluster/services/storage: move prophet storage to S3 2023-11-02 03:22:28 +01:00
Max
25f3b2da0a cluster/services/storage: fix config for heresy 2023-11-02 03:21:57 +01:00
Max
4d0d1d2254 cluster/services/attic: move to garage 2023-10-31 22:19:08 +01:00
Max
9edfe4f2de cluster/services/storage: allow configuring garage buckets and keys through cluster options 2023-10-31 18:41:40 +01:00
Max
cec2fc0bc1 cluster/services/storage: serviceConfig.RequiresMountsFor -> unitConfig.RequiresMountsFor 2023-10-31 15:37:15 +01:00
Max
f4779a8512 cluster/services/storage: declarative garage keys and buckets 2023-10-30 23:06:06 +01:00
Max
7eb3eea599 cluster/services/storage: externalize garage layout implementation 2023-10-30 23:06:06 +01:00
Max
1b3a990866 cluster/services/storage: add garage 2023-10-30 23:06:06 +01:00
Max
c877404caf cluster/services/idm: fix infra-admins policy tmpfiles rules 2023-10-30 01:57:03 +01:00
Max
4f31e37014 cluster/services/idm: wait for nscd before starting idm-nss-ready 2023-10-30 01:40:43 +01:00
Max
f6813d933d cluster/services/hercules-ci-multi-agent: remove some hardening options that break effects 2023-10-29 15:22:56 +01:00
Max
7916856d92 cluster/services/ipfs: update config, host routing API endpoint 2023-10-27 19:22:39 +02:00
Max
451da5558a cluster/services/hercules-ci-multi-agent: set home directory 2023-10-26 02:14:31 +02:00
Max
55d19314a9 cluster/services/hercules-ci-multi-agent: use hercules-ci-agent package from flake 2023-10-26 02:14:20 +02:00
Max
2335305284 cluster/services/hercules-ci-multi-agent: use kranzes' refactored modules 2023-10-26 01:35:31 +02:00
Max
cf807b7b61 cluster/services/dns: expose hyprspace namespace on coredns 2023-10-24 23:41:34 +02:00
Max
542d7e95f8 cluster/services/consul: host remote API on vstub 2023-10-24 23:41:06 +02:00
Max
402f25ccc5 cluster/services/idm: fix stdout buffering for idm-nss-ready 2023-10-22 13:50:22 +02:00
Gerg-L
31260502a8
massive improvements 2023-09-19 10:19:27 -04:00
Max
163f111a81 cluster/services/meet: remove blackbox check 2023-09-04 16:39:54 +02:00
Max
ae48e4807a treewide: massive refactor 2023-09-03 01:11:49 +02:00
Max
6a4b07f036 cluster/services/warehouse: workaround for ffmpeg config bug 2023-08-29 00:23:47 +02:00
Max
9245b0909e cluster/services/warehouse: move from VEGAS 2023-08-28 23:30:00 +02:00
Max
f423f868c5 cluster/services/monitoring: grafana: use distributed service 2023-08-27 16:26:17 +02:00
Max
f71774102e cluster/services/patroni: use our postgresql 2023-08-23 21:48:04 +02:00
Max
a79b829da5 cluster/services/ipfs: use strictMounts 2023-08-23 17:04:01 +02:00
Max
e40a40dc93 cluster/services/monitoring: use default dataDir for Grafana 2023-08-23 01:01:12 +02:00
Max
53d283c918 cluster/services/patroni: set external waldir 2023-08-23 00:59:53 +02:00
Max
2705e5835a cluster/services/ipfs: set RequiresMountsFor 2023-08-23 00:58:36 +02:00
Max
3ca29def33 cluster/services/storage: mount external storage on prophet 2023-08-23 00:57:35 +02:00
Max
365e4c69c9 cluster/services/storage: mount heresy via external-storage 2023-08-23 00:56:27 +02:00
Max
8ddc79bf5b cluster/services/monitoring: make grafana-ha more resilient to weird failures 2023-08-21 19:19:23 +02:00
Max
3742dd45fb cluster/services/forge: init 2023-07-24 00:52:14 +02:00
Max
d84dc11af7 cluster/services/hercules-ci-multi-agent: provide cachix deploy token 2023-07-23 14:00:41 +02:00
Max
664b92203d cluster/services/cachix-deploy-agent: init 2023-07-23 14:00:41 +02:00
Max
44143ff07f cluster/services/storage: init 2023-07-09 15:39:54 +02:00
Max
d751a0f16f cluster/services/attic: increase max upload size to 4GB 2023-06-16 17:27:40 +02:00
Max
2aeb766afb VEGAS/nix: move to cluster/services/attic and adapt for migration 2023-06-16 17:20:57 +02:00
Max
116d257fc4 cluster/services/attic: make dataDir writable 2023-06-14 02:10:29 +02:00
Max
bf88c4720b cluster/services/attic: init 2023-06-13 23:28:14 +02:00
Max
a49766e75a cluster/services/idm: allow infra admins to read systemd journal 2023-06-12 23:44:46 +02:00
Max
9ec0faeea2 cluster/services/idm: implement helpers for IDM NSS 2023-06-12 23:44:22 +02:00
Max
38d40c2abe cluster/services/nextcloud: nextcloud25 -> nextcloud26 2023-06-12 20:56:42 +02:00
Max
bd771be6ee cluster/services/monitoring: fix tempo querier frontend address 2023-06-12 20:56:42 +02:00
Max
af6259a8e4 cluster/services/idm: enable LDAP 2023-06-12 20:56:42 +02:00
Max
640eb9df23 cluster/services/irc: switch to kanidm for verification 2023-06-12 20:56:42 +02:00
Max
a9801c3308 cluster/services/idm: add policy for soda 2023-06-12 20:56:42 +02:00
Max
6dcdf7aeaa cluster/services/idm: include soda 2023-06-12 20:56:42 +02:00
Max
3f7667aa2a cluster/services/idm: enable unixd 2023-06-12 20:56:42 +02:00
Max
44d874c5c6 cluster/services/idm: init 2023-06-12 20:56:42 +02:00
Max
a6d0b92a54 cluster/services/certificates: give kanidm access to internal cert 2023-06-09 19:01:44 +02:00
Max
bd94d0d868 cluster/services/monitoring: auto-restart grafana 2023-06-09 18:14:33 +02:00
Max
5f097c6b6b cluster/services/dns: OIDC_OAUTH_SERVER_METADATA_URL -> OIDC_OAUTH_METADATA_URL 2023-06-06 17:11:54 +02:00
Max
7c557e98f7 prophet/meet: use colibriRestApi 2023-06-06 17:11:54 +02:00
Max
34097c81f1 cluster/services/soda: init with check 2023-06-05 23:22:24 +02:00
Max
642399088c cluster/services/monitoring: add blackbox sshConnect module 2023-06-05 23:17:56 +02:00
Max
81e9274c77 cluster/services/ipfs: add blackbox check for gateway 2023-06-05 22:34:20 +02:00
Max
d0ebfa278a cluster/services/matrix: migrate from VEGAS/matrix, add blackbox check 2023-06-05 22:00:03 +02:00
Max
9075ef05cd cluster/services/meet: migrate from prophet/meet, add blackbox check 2023-06-05 21:02:53 +02:00
Max
bc35407987 cluster/services/monitoring: fix grafana frontend check 2023-06-05 21:02:53 +02:00
Max
4610811a48 cluster/services/consul: fix remote api frontend check 2023-06-05 21:02:53 +02:00
Max
d5492689c4 cluster/services/ipfs: fix gateway frontend check 2023-06-05 21:02:53 +02:00
Max
d6caf48aed cluster/services/object-storage: migrate from VEGAS/object-storage, add blackbox check 2023-06-05 01:26:43 +02:00
Max
c4e437578c cluster/services/nextcloud: migrate from VEGAS/nextcloud, add blackbox check 2023-06-05 01:21:21 +02:00
Max
ae62e395a5 cluster/services/monitoring: add blackbox nextcloudStatus module 2023-06-05 01:14:45 +02:00
Max
b4b3899c5b cluster/services/search: migrate from VEGAS/searxng, add blackbox check 2023-06-05 00:58:43 +02:00
Max
72f8a047e9 cluster/services/irc: fix monitoring target 2023-06-05 00:17:46 +02:00
Max
1389d46d5c cluster/services/irc: monitor with blackbox 2023-06-05 00:02:37 +02:00
Max
d274edbb2d cluster/services/monitoring: add blackbox ircConnect module 2023-06-04 23:56:54 +02:00
Max
ad0a3f8cc2 cluster/services/websites: refactor and register blackbox check 2023-06-04 23:29:13 +02:00
Max
7f9742089b cluster/services/monitoring: make blackbox targets configurable through cluster config 2023-06-04 23:06:53 +02:00
Max
4202954095 cluster/services/monitoring: add blackbox tcpConnect module 2023-06-04 22:48:58 +02:00
Max
8f1ec4c40a cluster/services/monitoring: rekey secrets 2023-06-04 22:48:58 +02:00
Max
5bd83ec5c1 cluster/services/monitoring: make grafana highly available 2023-06-04 22:48:58 +02:00
Max
1aebeef6a2 cluster/services/monitoring: make tempo datasource externally accessible 2023-06-03 01:04:37 +02:00
Max
a55fc7bb44 cluster/services/ipfs: configure public gateway address on node 2023-06-02 23:39:41 +02:00
Max
3e0684ffb5 cluster/services/ipfs: make gateway consul service public 2023-06-02 23:26:44 +02:00
Max
56d0d07d26 cluster/services/ipfs: add consul service for gateway 2023-06-02 22:53:54 +02:00
Max
70f67f6e71 cluster/services/irc: no DNS indirection 2023-06-02 21:58:00 +02:00
Max
d308f80ab5 cluster/services/websites: no DNS indirection 2023-06-02 21:05:14 +02:00
Max
d264751a9f cluster/services/ipfs: metrics via grafana-agent 2023-06-02 18:50:02 +02:00
Max
a714c37cec cluster/services/ipfs: split remote api, rework gateway 2023-06-02 18:34:15 +02:00
Max
4fb9373f1f cluster/services/ipfs: split io tweaks 2023-06-02 17:51:00 +02:00
Max
f41265ed00 cluster/services/ipfs: switch to cluster otlp trace endpoint 2023-06-02 17:38:12 +02:00
Max
d0ec0c4f82 cluster/services/monitoring: make tempo otlp receivers externally accessible 2023-06-02 17:35:53 +02:00
Max
98b2537482 cluster/services/patroni: enable metrics 2023-06-01 23:18:22 +02:00
Max
6fb3a543b8 cluster/services/consul: enable metrics 2023-06-01 22:36:57 +02:00
Max
4dbfb3b6ab cluster/services/monitoring: provision dashboards 2023-06-01 00:41:00 +02:00
Max
a4888920df cluster/services/monitoring: add some dashboards 2023-06-01 00:41:00 +02:00
Max
6624e2b7c7 cluster/services/monitoring: refactor 2023-05-27 14:18:02 +02:00
Max
9b5e44461e cluster/services/monitoring: add blackbox_exporter 2023-05-27 13:44:31 +02:00
Max
68ca309c93 cluster/services/monitoring: use grafana-agent integrated node_exporter 2023-05-26 17:36:23 +02:00
Max
6cff7460f6 cluster/services/monitoring: configure remote write url 2023-05-26 17:03:33 +02:00
Max
6ecd210130 cluster/services/monitoring: make Prometheus accessible in host mesh 2023-05-26 16:26:24 +02:00
Max
c4d2a13912 cluster/services/monitoring: remove Jitsi monitoring 2023-05-26 16:15:20 +02:00
Max
1945265362 cluster/services/monitoring: use grafana-agent for central logging 2023-05-26 15:02:28 +02:00
Max
f24d794215 cluster/services/ipfs: OTel sampling: 0.01 -> 0.50 2023-05-13 23:29:53 +02:00
Max
05bfdae17c cluster/services/monitoring: switch grafana to postgres 2023-05-13 16:42:40 +02:00
Max
09f40ffde5 VEGAS/monitoring: move to cluster 2023-05-13 16:42:40 +02:00
Max
8d8ea8edaa cluster/services/monitoring: enable systemd collector on node_exporter 2023-05-08 21:25:35 +02:00
Max
c5541eadb1 cluster/services/ipfs: allow access to DNS servers 2023-04-12 23:25:55 +02:00
Max
7d4b7470c8 treewide: re-encode secrets for prophet 2023-04-12 20:36:53 +02:00
Max
21e9cf9c53 cluster/services/certificates: install certs on prophet 2023-04-12 19:37:32 +02:00
Max
2adcd30e42 cluster/services/consul: enable agent on prophet 2023-04-12 19:36:26 +02:00
Max
2146597a06 cluster/services/patroni: enable dcs failsafe mode 2023-03-31 18:19:18 +02:00
Max
e8d350b9a3 cluster/services/hercules-ci-multi-agent: remove custom agent package 2023-03-31 16:03:03 +02:00
Max
29c37f7a54 cluster/services/patroni: use integrated consul service registration 2023-03-24 17:52:48 +01:00
Max
1b22ad2c01 cluster/services/hercules-ci-multi-agent: configure HCI effects secrets for private-void 2023-03-23 19:43:44 +01:00
Max
9d4026b2e3 cluster/services/dns: add checkmate and thunderskin to clients 2023-03-22 23:27:35 +01:00
Max
ae07af5a80 cluster/services/dns: client: use more DNS servers 2023-03-22 23:23:14 +01:00
Max
7985d891a0 cluster/services/dns: improve resiliency 2023-03-22 23:00:29 +01:00
Max
694bd7d712 cluster/services/wireguard: use hostLinks 2023-03-22 21:26:02 +01:00
Max
72636cfffb cluster/services/wireguard: remove extraPeers 2023-03-22 21:14:46 +01:00
Max
23b4929f5d cluster/services/patroni: run worker on thunderskin 2023-03-22 18:07:16 +01:00
Max
4a6e329391 cluster/services/acme-client: configure on thunderskin 2023-03-22 00:05:07 +01:00
Max
a0fa03ab05 cluster/services/wireguard: fix mesh config for thunderskin 2023-03-21 23:56:19 +01:00
Max
eaa164d6ab cluster/services/certificates: install internal wildcard cert on thunderskin 2023-03-21 23:55:22 +01:00
Max
faf9fca341 cluster/services/consul: run server agent on thunderskin 2023-03-21 23:51:35 +01:00
Max
769dcdac3f cluster/services/monitoring: monitor thunderskin 2023-03-21 23:51:02 +01:00
Max
3c6e5fae77 cluster/services/nginx: host on thunderskin 2023-03-21 23:49:49 +01:00
Max
5872083e56 cluster/services/websites: host on thunderskin 2023-03-21 23:44:38 +01:00
Max
8be3c9084c hosts/thunderskin: init 2023-03-20 20:03:20 +01:00
Max
1c27955577 cluster: use new hosts style 2023-03-11 19:48:30 +01:00
Max
be919cb2b3 treewide: pipe /modules through flake-parts 2023-03-11 19:48:30 +01:00
Max
9b71bd9a59 cluster/services/consul: add recursors 2023-03-06 21:52:29 +01:00
Max
ff09634883 cluster/services/dns: resolve via consul 2023-03-06 21:52:17 +01:00
Max
cfe4513627 cluster/services/dns: enable alias records 2023-03-06 21:10:22 +01:00
Max
a62db21de2 cluster/services/dns: enable Lua records 2023-03-06 18:28:55 +01:00
Max
789566e224 cluster/services/patroni: improve health checks 2023-03-06 18:05:04 +01:00
Max
5b0560752a cluster/services/consul: provide internal remote API access 2023-03-06 17:58:29 +01:00
Max
b56e484bd6 cluster/services/certificates: init, add internal wildcard cert 2023-03-06 16:52:52 +01:00
Max
2348b8f0f3 cluster/services/patroni: add a service health check for postgres itself 2023-03-06 16:45:49 +01:00
Max
4d6c88ce97 modules/consul-service-registry: allow binding multiple services to one systemd unit 2023-03-06 16:42:14 +01:00
Max
027d681ede cluster/services/dns: run authoritative nameserver on checkmate 2023-03-06 16:21:40 +01:00
Max
2b6b6964b7 cluster/services/dns: handle consul addr requests correctly 2023-03-06 00:49:44 +01:00
Max
63b9957926 cluster/services/websites: register with consul 2023-03-06 00:48:49 +01:00
Max
baf8fe481e cluster/services/patroni: register with consul 2023-03-06 00:28:15 +01:00
Max
363c54b0f6 cluster/services/irc: register with consul 2023-03-06 00:12:00 +01:00
Max
3be1bc9336 cluster/services/dns: register with consul 2023-03-05 23:50:50 +01:00
Max
8be69d13ad cluster/services/dns: forward consul domain 2023-03-05 22:16:06 +01:00
Max
b362ef59cf cluster/services/consul: use proper subdomain 2023-03-05 22:14:05 +01:00
Max
347cb9dfe7 cluster/services/consul: rename datacenter 2023-03-05 22:00:43 +01:00
Max
2a5094c284 cluster/services/dns: put coredns in front of powerdns 2023-03-05 22:00:18 +01:00
Max
59795e6fb1 cluster/services/dns: generify coredns config 2023-03-05 21:21:10 +01:00
Max
39134f74c3 cluster/services/patroni: switch to consul, remove etcd 2023-03-05 20:51:20 +01:00
Max
9a1fa4e418 cluster/services/consul: init 2023-03-05 20:39:15 +01:00
Max
b854cfdde4 cluster/services/acme-client: add checkmate to hosts 2023-03-01 22:45:23 +01:00