cheshire
/
hscloud
forked from hswaw/hscloud
1
0
Fork 0
Code Pull Requests Activity
840 Commits
1 Branch
0 Tags
55 MiB
Commit Graph

840 Commits (856b2164591512d025fae9c1ba27fbc12a876cf6)

Author SHA1 Message Date
q3k 4a024bbd6a WORKSPACE: fix for newer bazel versions 2019-05-17 18:10:02 +02:00
q3k 36cc4fb61a bazel-cache: deploy, add waw-hdd-yolo-1 ceph pool 2019-05-17 18:09:39 +02:00
informatic aa0e755389 app/matrix: bump oauth2-cas-proxy for service_url security 2019-05-17 12:55:48 +02:00
informatic 9ab9f61a67 app/matrix: bump riot-web version to fix broken SSO 2019-05-17 09:53:13 +02:00
informatic c39fb04451 app/matrix: initial oauth2/casproxy setup 2019-05-17 09:13:56 +02:00
informatic fef4c12ca1 app/matrix: appservice-irc 2019-05-16 21:05:02 +02:00
informatic ffbb47c2b3 app/matrix: svc usage cleanup 2019-05-16 12:18:39 +02:00
q3k a4b3767455 tools/nixops.sh: add 2019-05-15 19:23:38 +02:00
q3k e986728648 gcp: init, add service account 2019-05-15 19:19:19 +02:00
q3k bb77892924 tools/install.sh: soft requirement on nix 2019-05-15 19:13:11 +02:00
q3k 1e6b52a194 tools/: add nixops 
This now means we require Nix to be installed globally. This shouldn't
be the case in the long run, but will be until
https://github.com/tweag/rules_nixpkgs/issues/75 gets fixed or we maybe
move from rules_nixpkgs to nix-bundle or something similar.
 2019-05-15 19:08:25 +02:00
informatic 4b4231d900 app/matrix: disable piwik & 3pid auth, allow guest login, fix roomDirectory 2019-05-15 11:41:32 +02:00
informatic a222691ca5 app/matrix: initial matrix test deployment WIP 2019-05-14 18:49:29 +02:00
q3k b7e4bd4fa1 nix/cluster-configuration: pin nixpkgs for k8s 
We pin nixpkgs for k8s and also bypass some issues with the new k8s
startup sequencing.

We also pin the kernel to 5.1.

Next step is to also pin nixpkgs for the rest of the system, I think we
can do it from within cluster-configuration.nix.
 2019-05-14 01:45:48 +02:00
informatic fc514a9b52 cluster/kube/cert-manager: don't add APIService when webhooks are disabled 2019-05-05 12:12:13 +02:00
informatic b187bf5b2c cluster/kube/metallb: downgrade to 0.7.3 2019-05-05 12:11:14 +02:00
q3k ac140b3427 go/svc/invoice: statusz cleanups 
- Remove internal ID
 - Sort by time
 2019-05-01 17:11:47 +02:00
q3k 3976e3cee8 go/svc/invoice: refactor 
We unify calculation logic, move the existing Invoice proto message into
InvoiceData, and create other messages/fields around it to hold
denormalized data.
 2019-05-01 15:27:49 +02:00
q3k 57ef6b0d7f go/svc/invoice: add statusz 2019-05-01 14:08:29 +02:00
q3k c2d322c504 go/svc/invoice: polishify 2019-05-01 13:14:32 +02:00
q3k fb18c99df3 go/svc/invoice: import from code.hackerspace.pl/q3k/inboice 2019-05-01 12:27:43 +02:00
q3k 258686cf9a WORKSPACE: bump gazelle for go 1.12 2019-05-01 12:26:43 +02:00
q3k a9bb1d5b5b tools/secretstore: fix decryption of updated secrets 2019-04-28 17:13:12 +02:00
q3k 4232c8b733 nix: bump to new k8s 2019-04-28 17:12:54 +02:00
q3k b245865087 app/registry: allow anonymous pull access and temporary vms/ push access 2019-04-19 14:41:10 +02:00
q3k 3e59718d3a WORKSPACE: add bazel docker rules 2019-04-19 14:40:47 +02:00
q3k 321fad9865 cluster/kube/rook: lower debug 2019-04-19 14:14:36 +02:00
q3k ed2e670c8b cluster/kube/rook: bump to ceph v14 fully 2019-04-19 13:27:20 +02:00
informatic 56918237ed cluster: update ceph README 2019-04-09 23:48:33 +02:00
informatic 2c5391b6e6 tools/rook-s3cmd-config: tool to generate s3cmd config from rook.io secrets 2019-04-09 23:30:38 +02:00
informatic 7adc0eb998 app/registry: migrate to ceph object storage 2019-04-09 22:39:42 +02:00
informatic 5ac85c6e73 cluster/kube: refactor rook.io object store configuration 2019-04-09 21:45:32 +02:00
informatic 6da3b288dc WIP: app/registry: ceph object storage 2019-04-09 13:48:21 +02:00
informatic e24ccd678c clustercfg: fix broken admincreds generation 2019-04-09 13:43:54 +02:00
informatic dc1e5f0cb4 README: update according to new bazel paradigm(tm) 2019-04-09 13:30:28 +02:00
informatic c10f00b7da tools/secretstore: decrypt secrets when requesting plaintext path 2019-04-09 13:29:33 +02:00
informatic 598a079f57 clustercfg: extract cfssl handling to separate function 2019-04-09 13:29:33 +02:00
q3k acd001bf83 tools: add cfssl 2019-04-09 13:17:06 +02:00
q3k 73cef11c85 *: rejigger tls certs and more 
This pretty large change does the following:

 - moves nix from bootstrap.hswaw.net to nix/
 - changes clustercfg to use cfssl and moves it to cluster/clustercfg
 - changes clustercfg to source information about target location of
   certs from nix
 - changes clustercfg to push nix config
 - changes tls certs to have more than one CA
 - recalculates all TLS certs
   (it keeps the old serviceaccoutns key, otherwise we end up with
   invalid serviceaccounts - the cert doesn't match, but who cares,
   it's not used anyway)
 2019-04-07 00:06:23 +02:00
q3k 208f005830 go/svc/leasifier: sort returned leases 2019-04-06 01:28:04 +02:00
q3k a9a266c08c go/svc/leasifier: fixes, add statusz table 2019-04-06 01:21:25 +02:00
q3k 1affad42e7 go/statusz: factor out load avg to separate file 2019-04-06 01:21:04 +02:00
q3k 3a2a693e0c WORKSPACE: bump go 2019-04-06 01:20:19 +02:00
q3k 9dc4b68f24 go: add bazel buildfiles, implement leasifier 2019-04-05 23:53:25 +02:00
q3k efc7928a73 go/vendor: nuke 2019-04-05 23:50:28 +02:00
q3k 6916f7e244 app/toot: start implementing redis 2019-04-04 16:54:00 +02:00
q3k 242152f65e cluster/kube/lib/metallb: bump memory hoping to prevent crashes 2019-04-04 16:54:00 +02:00
informatic ac38d5aeb1 app/registry: oauth2 authentication 2019-04-03 08:41:20 +02:00
informatic 6dc4839d74 app/registry: initial docker registry setup 2019-04-02 18:59:37 +02:00
q3k 0f78cea802 Merge branch 'master' of hackerspace.pl:hscloud 2019-04-02 14:45:23 +02:00