cheshire
/
hscloud
forked from hswaw/hscloud
1
0
Fork 0
Code Pull Requests Activity
447 Commits
1 Branch
0 Tags
55 MiB
Commit Graph

54 Commits (6a0b75bd84480355c0eb6d2499bddc18815d5d83)

Author SHA1 Message Date
q3k 006c1bf8f3 *: add more OWNERS 
Change-Id: If2740a0aaee845160b38b8ea0b23fea7bab3bded
 2020-04-13 01:46:15 +02:00
q3k 9b50a69c11 Merge "app/matrix: upgrade and migrate to official appservice-irc image" 2020-04-12 12:50:31 +00:00
q3k ddd5c8e6e0 Merge "app/matrix: upgrade and migrate to official riot-web container image" 2020-04-12 12:50:27 +00:00
q3k adb72ccdec Merge "app/matrix: synapse upgrade" 2020-04-12 12:38:09 +00:00
informatic 973076c0fb app/covid-formity: covid19 hackerspace relief form 
Change-Id: I952ca040e85e6305d5241816c3afa8ae69031d5f
 2020-03-26 21:40:01 +01:00
informatic 57349d2a76 app/matrix: upgrade and migrate to official appservice-irc image 
Change-Id: I9104974bd0906739f08239146737c56efde36cfe
 2020-03-21 23:35:11 +01:00
informatic aca7e28f69 app/matrix: upgrade and migrate to official riot-web container image 
Change-Id: I438e5b6e1bfb4a20bb6613904497e1e8a6d86fc5
 2020-03-21 23:35:03 +01:00
informatic 8ebfc1d338 app/matrix: synapse upgrade 
Change-Id: Ice5f70be190126da5eecfc1d5ec5c1f746679ec9
 2020-03-03 21:01:18 +01:00
q3k 92b48d6216 {matrix,lelegram}: pin to bc01n0{1,2}.hswaw.net 
Only these nodes (and bc01n03( are #blesed by freenode.

In the future we should fix this by having custom node labels for
blessed nodes. But this will do for now.

Change-Id: Ia5d7cfcb9329da0de8d596ed40b20b0e0f286f43
 2020-01-08 13:59:04 +01:00
q3k 6781f62ec4 Merge "app/radio: add support for following relays" 2019-09-25 12:06:17 +00:00
q3k 2d81427410 app/radio: add support for following relays 
Change-Id: Ib079d657239b1bf5294ad8457370d56a0093dd6d
 2019-09-25 13:59:08 +02:00
q3k 5f3a5e0310 cluster/kube: emergency fixes after evition 
Some pods got evicted. Some of them broke.

  - postgres in matrix and nginx in internet because of the new policies
    (chown issues)
  - cas proxy in matrix because apparently the image was not reuploaded
    to the regsitry after ceph-waw1 died, and another node didn't have it
  - registry because it had a weak image pin an downgraded to some
    broken version on another node

Change-Id: I836036872629843c8ede1b7f67982112c90d71f0
 2019-09-25 02:58:15 +02:00
informatic eabbe8a11e app/matrix: update software components, refactor config handling 
Dynamic config generation based on environment variables in Synapse is
no longer supported. To pass secrets to container we use a patch that
implements configuration overrides via environment variables directly.
(to be upstreamed...)

Due to Synapse update, appservice configuration ConfigMaps don't need to
be copied into Synapse /data volume anymore.

Change-Id: I70e6480983bfb997362739c6ce0ec3c313320836
 2019-08-30 23:21:53 +02:00
informatic b20b366092 app/matrix: change storageclass to waw-hdd-paranoid-2 
Change-Id: I757942409f4ef4da69d4cf1925d26dc758c65311
 2019-08-30 23:21:53 +02:00
q3k d07861b7df ceph-waw1 -> ceph-waw2 
Change-Id: I03d6244b9697a9efc06492114ef90cdb01e17601
 2019-08-08 17:49:31 +02:00
q3k f774f2f31d Merge "app/registry: integrate into cluster/kube" 2019-08-02 00:28:10 +00:00
q3k 7fb4acb690 app/factorio -> personal/q3k/factorio 
Change-Id: I92be6a726aef306f6f4de4e5a91defa86cda81fc
 2019-07-21 15:07:07 +00:00
q3k c4e653ad46 app/internet -> bgpwtf/internet 
Change-Id: I66740f68ebfb508d866c742d7849447a3aca45be
 2019-07-21 15:06:52 +00:00
q3k 4d61d20aec app/registry: integrate into cluster/kube 
This makes a registry be automatically part of the cluster
infrastructure.

Tested by running kubecfg diff, no diffs (apart from out-of-date ACLs)
found.

Change-Id: Ic0635e789cf3fb851f410bcf2865326f1fa87545
 2019-07-21 16:56:41 +02:00
q3k 57efce6b02 app/{gerrit,bazel-cache} -> devtools/ 
Change-Id: I2a98f33c76a59392e644579a1f7064a7c8eaec7c
 2019-07-21 16:40:33 +02:00
q3k 9b5359d0f4 app/gerrit: fix advertised address 
This should get rid of some :29418 ports publically visible.

Change-Id: Ied3114888ccfdea494580d19e04d88a847d96cfe
 2019-07-21 15:38:21 +02:00
q3k b4f6fb3c3b app/registry: allow inf and q3k to push to app/* and go/svc/* 
We have quite a bit of them at this point, and we're likely going to use
app/* and go/svc/* for 'core' services only anyway.

Change-Id: Ic315fbd2d672e525439992bfcd9ead730d1a1b71
 2019-07-13 17:13:09 +02:00
q3k 4343e9289e Merge "app/internet: initialize with landing page" 2019-07-09 11:24:28 +00:00
q3k 94f8dbf347 app/internet: initialize with landing page 
This is already rolled out at https://internet.hackerspace.pl/.

Change-Id: Ibebaeb830a4b58cecfc1ecbf63d07cc63ded7e2b
 2019-07-09 13:03:30 +02:00
q3k 0ef497e461 Merge "app/registry: abstract away pushers" 2019-07-09 10:39:40 +00:00
q3k c292410d15 app/factorio: update to 0.17.52 
Change-Id: I70230b1f83a40cc70015e135e25319116c6e15e8
 2019-06-30 17:35:57 +02:00
q3k 1c825949c4 app/registry: abstract away pushers 
Another change I lost somewhere in the process of remembering how to
gerrit.

I rewrote it (lost the original commit), and also added the (upcoming)
egressifier service.

Change-Id: I1647bc3b1e504a192150ab76f4c6d1709e608f0a
 2019-06-30 00:37:34 +02:00
q3k a7e26ccfe1 app/gerrit/kube: implement 
This change impelements the k8s machinery for Gerrit.

This might look somewhat complex at first, but the gist of it is:

 - k8s mounts etc, git, cache, db, index as RW PVs
 - k8s mounts a configmap containing gerrit.conf into an external
   directory
 - k8s mounts a secret containing secure.conf into an external directory
 - on startup, gerrit's entrypoint will copy over {gerrit,secure}.conf
   and start a small updater script that copies over gerrit.conf if
   there's any change. This should, in theory, make gerrit reload its
   config.

This is already running on production. You're probably looking at this
change through the instance deployed by itself :)

Change-Id: Ida9dff721c17cf4da7fb6ccbb54d2c4024672572
 2019-06-21 20:47:53 +02:00
q3k 573da78859 app/gerrit: import OAuth provider and add SSO support 
This change:

 - imports gerrit-oauth-provider from upstream
 - adds sso.hackerspae.pl support to it

Change-Id: I92e7053614a9297bf1ced3aac044c0002acd836a
 2019-06-21 20:09:01 +02:00
q3k 9d6929f7c0 app/radio: fix fallback mounts, fix admin login 2019-06-20 12:52:38 +02:00
q3k c807f86b6a app/radio: lower resource requests and limits 2019-06-19 16:18:28 +02:00
q3k f9281d844f app/radio: add standby 2019-06-19 14:55:11 +02:00
q3k 610bec40a2 app/radio: init 2019-06-19 14:31:19 +02:00
q3k 4b1d4ca257 app/registry: allow app/radio to q3k 2019-06-19 14:09:31 +02:00
informatic 77c0162a6f Merge branch 'feature/matrix' 2019-05-23 16:35:42 +02:00
informatic 3ea979dab5 app/matrix: forward IP to synapse 2019-05-23 16:11:52 +02:00
q3k cb5c321f80 app/factorio: implement kube 2019-05-19 03:10:17 +02:00
q3k 644f9ff57e app/factorio: multiple versions 2019-05-19 03:09:47 +02:00
q3k 6586533bb3 app/factorio: build docker image 2019-05-18 16:23:45 +02:00
q3k 36cc4fb61a bazel-cache: deploy, add waw-hdd-yolo-1 ceph pool 2019-05-17 18:09:39 +02:00
informatic aa0e755389 app/matrix: bump oauth2-cas-proxy for service_url security 2019-05-17 12:55:48 +02:00
informatic 9ab9f61a67 app/matrix: bump riot-web version to fix broken SSO 2019-05-17 09:53:13 +02:00
informatic c39fb04451 app/matrix: initial oauth2/casproxy setup 2019-05-17 09:13:56 +02:00
informatic fef4c12ca1 app/matrix: appservice-irc 2019-05-16 21:05:02 +02:00
informatic ffbb47c2b3 app/matrix: svc usage cleanup 2019-05-16 12:18:39 +02:00
informatic 4b4231d900 app/matrix: disable piwik & 3pid auth, allow guest login, fix roomDirectory 2019-05-15 11:41:32 +02:00
informatic a222691ca5 app/matrix: initial matrix test deployment WIP 2019-05-14 18:49:29 +02:00
q3k b245865087 app/registry: allow anonymous pull access and temporary vms/ push access 2019-04-19 14:41:10 +02:00
informatic 7adc0eb998 app/registry: migrate to ceph object storage 2019-04-09 22:39:42 +02:00
informatic 6da3b288dc WIP: app/registry: ceph object storage 2019-04-09 13:48:21 +02:00