Commit graph

1201 commits

Author SHA1 Message Date
94d96497b5 hswaw/site: implement recurring events
Change-Id: Ib3c570d058141c4d8441801010f0f1755ccfc0e7
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1624
Reviewed-by: radex <radex@hackerspace.pl>
2023-09-22 22:50:39 +00:00
937722e465 hswaw/ldapweb: give admin rights to radex
Change-Id: I5d0ce4b500e7d9c9750dc5f306ea182013362838
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1627
Reviewed-by: radex <radex@hackerspace.pl>
2023-09-22 22:49:05 +00:00
c5f466822e third_party/py: bump/reformat
Change-Id: Ia148d7f56af8ecbf382dfb3d663963f682f64fb9
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1628
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-22 22:44:25 +00:00
80cee0a987 hswaw/site: deploy
Already contains https://gerrit.hackerspace.pl/1624

Change-Id: I248c2f1653a3423d7dfc6ca5374229f072e111dc
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1626
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-22 22:23:00 +00:00
88bec7a3c3 capacifier: lol, lmao even
This was never deployed. It is now.

It was broken. It is less now.

Change-Id: I37bcdc5d5d1ffc3484aadecd2226d41aea49bca4
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1625
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-22 22:22:47 +00:00
f3d42d6ddc hswaw/site: add "upcoming events" section
Change-Id: Ic5d36a7ff35c210aff3b3c451e6f0024ed20e896
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1563
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-22 22:19:11 +00:00
b8d4a8a902 ldapweb: migrate from mirko to standalone
Change-Id: I169598232b39b99bfd2d4ff3799b44083ba77e84
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1623
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-22 21:54:20 +00:00
a7c36ed9f3 ldapweb: bump image and config
Change-Id: I5dd24c3dca84f191c45d453f31812f2091d3036c
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1622
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-22 21:54:20 +00:00
97b5cd7b58 go: re-do the entire thing
This is a mega-change, but attempting to split this up further is
probably not worth the effort.

Summary:

1. Bump up bazel, rules_go, and others.
2. Switch to new go target naming (bye bye go_default_library)
3. Move go deps to go.mod/go.sum, use make gazelle generate from that
4. Bump up Python deps a bit

And also whatever was required to actually get things to work - loads of
small useless changes.

Tested to work on NixOS and Ubuntu 20.04:

   $ bazel build //...
   $ bazel test //...

Change-Id: I8364bdaa1406b9ae4d0385a6b607f3e7989f98a9
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1583
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-22 21:50:19 +00:00
291f554164 go/pki: show helpful hint to new contributors about -hspki_disable
Change-Id: I714f503f5962578055b99009aa0eccb72517d37b
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1562
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-22 20:45:15 +00:00
26fb573055 doc: improve cluster/user docs, make it more discoverable
Change-Id: Icbb348865a442a01a3ab191dad88662a88635007
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1565
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-22 20:44:48 +00:00
603b4f7293 hswaw/kube: add radex to admins
Change-Id: I4f60b139bb86b52399ad84a5373ac5e1eb8828f9
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1621
Reviewed-by: radex <radex@hackerspace.pl>
2023-09-22 20:44:29 +00:00
69dd2bfd2a hswaw/paperless: grant access to zarzad *and* paperless-admin groups
Change-Id: I622ee8818da2097914cf0da433e3832d680286db
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1587
Reviewed-by: arsenicum <arsenicum@hackerspace.pl>
2023-09-17 22:33:19 +00:00
f5b1a215f4 app/mailman-web: create
There's a lot of ugly hacks here, but this has been the state of prod
for months now, so we should reflect that.
Also, this bumps a bunch of workspace deps.

Change-Id: I744e0d3aff27036cfed73416cf442c7d62444a8b
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1473
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-10 21:11:37 +00:00
8036d7f4da hswaw/site: update README, fix non-breaking whitespace and nitpicks
Change-Id: Id9dac11a1b4f2ac527dacf96e3b5c6fb79f1f3a4
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1561
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-02 16:35:40 +00:00
6715080ebc doc/codelabs: stub of bazel-go.md
Change-Id: Icf408f9edddfb5e446b2675485c6f9e17ff7357a
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1564
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-02 16:32:48 +00:00
54183ba222 go/workspace: fix nix-instantiate exec error typecast
Also skip nix tests on systems without nix.

Change-Id: I4c0069a429df10a496b2651c2506b2d4625d5f43
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1585
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-01 17:22:41 +00:00
0d3e609013 bazlets: use python3
Change-Id: Idf8ec4b70eed991874a0bcdcced132b9f6da3f83
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1584
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-01 17:17:24 +00:00
7631880620 *: remove java/minecraft
Change-Id: Id2b1e69dcad240d7ef8a80b844531ef862e27dd2
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1582
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-01 16:50:48 +00:00
dc03494c2c third_party/factorio: update version hashes
Change-Id: Ib4e07bdebbb913bf970db9dd124c8177b947ca04
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1581
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-01 16:50:48 +00:00
b6504238e7 *: add gomod placeholders for generated files
Change-Id: I8a4824ff31590185cd45fd43cc065bb8e2fa7bb2
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1580
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-09-01 16:50:48 +00:00
7459bbcd89 hswaw/kube: give ar prod access
Change-Id: I1d03232389a53f7e3a52a3f695071e719482355b
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1544
Reviewed-by: ar <ar@hackerspace.pl>
2023-08-17 12:40:32 +00:00
c2c66bf770 cluster/kube: update admitomatic settings for inventory
Change-Id: I62279519f93da338591b1b164878e33027b8f851
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1576
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-08-17 12:39:56 +00:00
5365e7e12c personal/radex/demo-next: add volume mount demo
Change-Id: I992d089c8d345e87667bf4040086a28b2096cc35
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1574
2023-08-15 16:17:05 +00:00
noisersup
dba676d7a8 personal: ferretdb
Change-Id: I0a460e558f2ed068d8bd899b549b230a4f27f0ca
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1573
2023-08-14 02:06:31 +00:00
ae2a725bd2 personal/radex: +demo-next
Change-Id: I7563f509e12ee1d6ec83261f3ad6386d8033fdc5
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1570
2023-08-13 09:46:18 +00:00
e632263635 personal/radex/demo: +bruh
Change-Id: Ie0ed25308284f9a9dea59c456bce77968f59524f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1569
2023-08-12 15:30:18 +00:00
5e475370be personal/radex/demo: +tls
Change-Id: Ib10633b90256bbe15131326aa69e19fdc6ef21e3
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1568
2023-08-12 15:30:09 +00:00
df18c80b1e personal/radex: +demo
Change-Id: I4948a4ebc33c2331ed8def3396f18def234fbd0d
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1567
2023-08-12 15:29:48 +00:00
noisersup
6de8e41f5c personal: update
Change-Id: Ie5352cfab0835ee1c48660eb14092d840a344f33
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1566
2023-08-11 19:14:20 +00:00
8100a2de97 third_party: replace jq with gojq
Building jq portably is annoying, and the way we were doing it (which we
iirc stole from some google project?) sucked. Let's use a Go jq clone
instead.

This is an alternative for 1535. jq is currently used only in one
script, which could really be replaced by a Go program, but let's keep
it simple for now.

Change-Id: Ie25dffadd545df143490f510e9b75a74adf81492
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1540
Reviewed-by: palid <palid@hackerspace.pl>
2023-07-24 14:47:54 +00:00
03c2d996a0 cluster: fix prodvider deploy (after new CA)
Change-Id: Icbdb5e3ac592e9eac3a033ba50af401b706c3e78
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1541
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-07-24 14:15:46 +00:00
b19e8123ad tools: fix install.sh for non-Nix systems
Change-Id: Id3aa846255129d90be22bce2aa38d468d78d816c
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1533
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-07-24 14:01:55 +00:00
7094d69a70 //go/workspace: fix go workspace on MacOS
Change-Id: I5d287d53b31c36ef19f2ea4ebc7a0647c87f2e29
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1532
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-07-24 14:01:46 +00:00
844b9b4353 hswaw/site: update deployment
Change-Id: If9a652956743e69cdb822b8686729b389b269e34
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1539
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-07-24 13:49:33 +00:00
2861c69298 hswaw/site: link statute of the association on the main page
Change-Id: I431bd047bba923c3180266b98781762d3b0c24fd
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1538
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-07-23 13:24:20 +00:00
1ad72123b6 mastodon: bump to 4.0.6
Fixes after the security bugfix last week.
Not yet rolled out to qa/prod.

Change-Id: I52de0dc1d082fd1c6269025b1f41d87c02c67113
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1536
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-07-23 11:49:09 +00:00
3cc078e27f hswaw/site: mention fediverse in the social media list
Change-Id: I47dc9b0dbd427e99961e8a81a3d3d191633d54b2
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1537
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-07-23 11:35:14 +00:00
723dfbd829 .bazelversion: use 5.2.0, as that's what we use in nix
Change-Id: Ia64cb4d86f590992116c26b027860a554cc74ec6
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1531
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-07-13 21:19:05 +00:00
a27733bbfc .bazelversion: init
Change-Id: I773db584702894399235642c005d602b6341ed68
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1530
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-07-13 21:14:58 +00:00
00c7be3fd3 hacklock: document
Change-Id: I949937a050857e3790645cc4ad93ead7a141ccf8
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1526
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-07-09 13:02:12 +00:00
0ec2e31e83 hacklock: init at rev a
Change-Id: Ic0481ae37ca354233658ff0d8d2a9b5d7c7a5a2a
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1525
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-07-09 13:02:12 +00:00
c69ccf8cee mastodon: bump to 4.0.5
Rolled out to prod and qa.

Change-Id: I0b66ccda2f5ffad812a9654fd7edffe239e7e576
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1524
Reviewed-by: ar <ar@hackerspace.pl>
2023-07-09 13:02:12 +00:00
10384cd394 cluster/registry: fix common namespaces
Public pull ACL in the middle had priority over our more specific rules
- moving these to the top fixes common registry namespace ACLs.

Change-Id: Ia6f05cef09c0db4eb71155d2c0e2d9944b81f903
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1522
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-06-19 23:15:37 +00:00
2e632b9247 hswaw/sound: add q3k's key
Change-Id: Ic1ee340cb875cb0858af7738d27c3c5b1f13a738
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1523
Reviewed-by: informatic <informatic@hackerspace.pl>
2023-06-19 23:15:28 +00:00
c1f372561a cluster/admitomatic: implement opt-out namespaces
Change-Id: I32d4b019211fa755e2b3b103b88ea3f4c14e500f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1521
Reviewed-by: informatic <informatic@hackerspace.pl>
2023-06-19 22:54:33 +00:00
9f0e1e88f1 cluster/clustercfg: rewrite it in Go
This replaces the old clustercfg script with a brand spanking new
mostly-equivalent Go reimplementation. But it's not exactly the same,
here are the differences:

 1. No cluster deployment logic anymore - we expect everyone to use ops/
    machine at this point.
 2. All certs/keys are Ed25519 and do not expire by default - but
    support for short-lived certificates is there, and is actually more
    generic and reusable. Currently it's only used for admincreds.
 3. Speaking of admincreds: the new admincreds automatically figure out
    your username.
 4. admincreds also doesn't shell out to kubectl anymore, and doesn't
    override your default context. The generated creds can live
    peacefully alongside your normal prodaccess creds.
 5. gencerts (the new nodestrap without deployment support) now
    automatically generates certs for all nodes, based on local Nix
    modules in ops/.
 6. No secretstore support. This will be changed once we rebuild
    secretstore in Go. For now users are expected to manually run
    secretstore sync on cluster/secrets.

Change-Id: Ida935f44e04fd933df125905eee10121ac078495
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1498
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-06-19 22:23:52 +00:00
a03b60b310 go/workspace: implement EvalHscloudNix
This allows us to access hscloud nix 'facts' from Go.

Change-Id: Ic8fc3350a7d073947c44529fcae0bbb8627421aa
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1508
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-06-19 22:23:52 +00:00
8e22f6c7db hswaw/pretalx: config drift - remove cronjob
Change-Id: I829a80eeed162b654151dc85e467ced85e3fa6a0
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1513
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-06-19 21:20:53 +00:00
7e841065b0 *: post-certmanager manifests update
Change-Id: I745c850268c31777c5722a9833c8152a55615aed
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1512
Reviewed-by: q3k <q3k@hackerspace.pl>
2023-06-19 21:20:44 +00:00