cheshire
/
hscloud
forked from hswaw/hscloud
1
0
Fork 0
Code Pull Requests Activity
1,226 Commits
1 Branch
0 Tags
55 MiB
Commit Graph

1226 Commits (a28fa4d7f261861f4fe6c7e44491cde600469f60)

Author SHA1 Message Date
vuko 3125aa1186 hswaw/customs: improve unbound config 
Change-Id: Ic616033897b87f692ee92a106b417423a09d630b
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1456
Reviewed-by: informatic <informatic@hackerspace.pl>
 2023-03-31 19:33:17 +00:00
vuko ee8f1d5e2c hswaw/customs: disable DynamicUser for dhcpd / checkinator 
Change-Id: I9c7feccf8eb908bf3808afb2ffc5adac50d7abd9
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1455
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-03-31 19:33:17 +00:00
implr 779727b39e machines/bc01n05: postgres: auth, hba, more ram 
Change-Id: Id10b97efa3588a2a9147a349391da559e6cce7e5
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1482
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-03-28 21:22:50 +00:00
q3k f262868753 matrix.hackerspace.pl: use external postgres 
Change-Id: Ie0bb76a4200f905bfd0c065cde81283271f8397a
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1483
Reviewed-by: informatic <informatic@hackerspace.pl>
 2023-03-28 20:33:26 +00:00
implr 26a7f5bb56 bgpwtf: peer with cloudflare 
Change-Id: I00d040d56610b965d03d5af5cf7f17a5ea7f7b2d
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1484
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-03-28 17:12:52 +00:00
implr 3b0887397a machines/bc01n05: postgres tuning 
Change-Id: I30925a84216b45bde9e92b67b007f15b2cdf58e8
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1481
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-03-26 12:16:20 +00:00
implr 821b839b16 machines/bc01n05: zfsify; initial postgres 
Change-Id: I355ac4aa3c56a1e6a564b7a3c7cfc4e67b072dae
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1470
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-03-11 21:33:14 +00:00
implr 3320155d23 cluster/machines/base: enable microcode loading 
This will happen at next boot via early microcode - no risk to currently
running processes.

Change-Id: I88553fa9a1350ebb80aaf978e29e8f1156783a2c
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1469
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-03-11 21:33:05 +00:00
patryk 98604701ab bgpwtf: customer cleanup 
Change-Id: Idb2e66a1d75d713fc3c73cc9af41d66883bf6366
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1472
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-03-10 21:15:55 +00:00
q3k 8f0842341a ops: repin edge01.waw to old nixpkgs 
We accidentally bumped nixpkgs at https://gerrit.hackerspace.pl/1441 and
forgot to upgrade it. We don't wanna upgrade it right now.

This doesn't give us back a zero-diff, but it's close enough.

Change-Id: I1a9f50df88e564cd4de76f67adfaa1e88a746f2e
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1471
Reviewed-by: patryk <patryk@hackerspace.pl>
 2023-03-10 20:17:15 +00:00
q3k 712a5dc3e3 cluster: add bc01n05.hswaw.net 
This will be our postgres pet machine.

Change-Id: Ifff6648394ca6407fb5b5daa853f4abc42541703
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1467
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-03-04 22:26:46 +00:00
q3k 3a9562ecfd cluster: k0: remove native ceph 
After installing HBJ11s and spreading out the mons we're going full
Rook.

Change-Id: Ia00cbe953548f06cf27343371fc67890619c8262
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1466
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-03-04 22:26:39 +00:00
q3k ef3aab6a14 k0: host os bump wip 
This bumps it on bc01n01, but nowhere else yet.

We have to vendor some more kubelet bits unfortunately.

Change-Id: Ifb169dd9c2c19d60f88d946d065d4446141601b1
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1465
Reviewed-by: implr <implr@hackerspace.pl>
 2023-03-04 22:26:14 +00:00
implr 45394bf3b0 app/matrix: enable wal=logical for postgres, add tmp mount 
This is quite hacky, but we intend to remove that postgres soon anyway.
The changes to synapse's resource limits are to reflect current state of
prod.

Change-Id: Ic7beaa3e7ee378c0e10ba24f9a5a3aee67c2ccf2
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1468
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-03-01 20:38:24 +00:00
implr 0156ab24ca cluster/kube/k0: remove implr-spark bucket, add implr bucket 
the spark one has been an abandoned experiment from years ago, and
I could use a personal one right now

Change-Id: I78a706c3371d441b2f8460fd796d0cfd9a198cc6
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1464
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-02-26 16:41:23 +00:00
implr f21ca388ba WORKSPACE: rules_python->0.13; switch to hermetic interpreter 
Change-Id: I0145f9db6a71fa9080b166dd75ff2c1b93e2b241
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1462
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-02-19 17:12:35 +00:00
implr 0173f501d7 cockroach: v20.2 -> v21.1 
Following https://www.cockroachlabs.com/docs/v21.1/upgrade-cockroach-version?filters=linux
--logtostderr is deprecated/removed, but AFAICT from the default config
it will still log there: https://www.cockroachlabs.com/docs/v21.1/configure-logs#default-logging-configuration

Change-Id: I7fb3f835693f955b37de24dc581140ea34b11630
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1461
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-01-30 21:16:42 +00:00
vuko 9836999652 allow passing system to default.nix 
This is needed to use hscloud in builds invoked from flakes.

Change-Id: I7551b97dfeedb9399866cd2c16cc573ee60359cc
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1452
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-01-29 16:22:37 +00:00
vuko aa077968f9 hswaw/customs: hotfix laserproxy build by using old hscloud 
Change-Id: I5a00d138ed7e5080e55997912413bf2f776cd295
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1451
Reviewed-by: vuko <vuko@hackerspace.pl>
 2023-01-29 16:22:37 +00:00
vuko 32624090e4 hswaw/customs use ip address in spejsiot proxy 
Change-Id: I2148783d9470c09234feaa59e935606bdb21f6f4
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1450
Reviewed-by: vuko <vuko@hackerspace.pl>
 2023-01-29 16:22:37 +00:00
vuko 740a52dec9 hswaw/customs: fix warnings after nixpkgs update 
Change-Id: I4d62e8fa73f16dbb51a1cacfa1bc70183b6bff2d
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1449
Reviewed-by: vuko <vuko@hackerspace.pl>
 2023-01-29 16:22:37 +00:00
vuko 8fcffb2fa2 hswaw/laserproxy: improve username suggestions 
Change-Id: I64a683d83ec383fa1cf289c1795cc9ed61144239
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1454
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-01-29 16:21:36 +00:00
implr 9851b38608 WORKSPACE,third_party/py: bump rules_{python,docker} and some py packages 
Those are far from the latest versions still, but this change should be
non-breaking.

Change-Id: Ieeb9d6b301184f46677d821fe8276391346d6285
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1459
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-01-29 01:40:25 +00:00
informatic 3b2a2a2ce1 cluster/k0: add paperless to admitomatic config 
Change-Id: I54df444cddca8a05febfb96af07b9e2f614639fc
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1453
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-01-05 09:12:18 +00:00
vuko 142c8e6504 hswaw/sound: add password file to mosquitto 
Change-Id: Ifda90bb0fb6be681a04381335d18d19ffab81298
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1448
Reviewed-by: vuko <vuko@hackerspace.pl>
 2022-12-27 21:04:12 +00:00
vuko 6204ccdf92 hswaw/sound: open mosquitto firewall port 
Change-Id: Ie46cbe27b1d47bc0ad90bde193283f134ba767be
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1447
Reviewed-by: vuko <vuko@hackerspace.pl>
 2022-12-27 21:04:00 +00:00
vuko f0ab6c498a hswaw/sound: add spejsiot-api 
Change-Id: If40cdbeadb570d8c33b4c950482c01f4b2bbd1c4
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1446
Reviewed-by: vuko <vuko@hackerspace.pl>
 2022-12-27 21:03:49 +00:00
vuko aa7303ec45 hswaw/sound: use officiall ip address 
Change-Id: I7b99762e280884eb83f69a6803eddbb86fedc3b3
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1445
Reviewed-by: informatic <informatic@hackerspace.pl>
 2022-12-27 21:03:34 +00:00
vuko 4fe6e02942 hswaw/sound: refactor home-assistant 
Change-Id: I80442defc97fc7aaf4422f8e2fe6b956b1e130cf
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1444
Reviewed-by: informatic <informatic@hackerspace.pl>
 2022-12-27 21:03:26 +00:00
patryk a2bcfeaf0b cluster: bump vm.max_map_count sysctl tunable to a higher value 
This is needed for running some memory-intensive workloads, like
ElasticSearch/OpenSearch.

Change-Id: I7b00ec5faca73ec69bdbf1ca41c025d7efeae55c
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1443
Reviewed-by: implr <implr@hackerspace.pl>
 2022-12-11 20:28:51 +00:00
q3k 3c9b825ec7 games/valheim: create serviceaccount for external users/systems 
q3k uses this to give access to someone who plays on the valheim server
so that they can get logs / restart things / etc.

Change-Id: If205709142d386c460eeb835829888957d28a654
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1442
Reviewed-by: patryk <patryk@hackerspace.pl>
 2022-11-27 16:35:56 +00:00
patryk 28742b8106 Make golang deps fetching go faster 
This commit aims to increase the speed of hscloud rebuild process
by optimizing the behavior of Go dependency fetching routines.

Gazelle v0.25.0 introduced a new dependency resolution mode
where it does not reach out for external dependencies; instead,
it operates solely on what is contained inside the workspace.

Because static dependency resolution mode is now the default
behavior in go_repository() rules, we are also updating the
contents of //third_party/go/repositories.bzl.

Also, I changed some of the bigger Go dependencies to be downloaded
by a tarball fetch in order to speed up the rebuild process.

Other changes:
  * Bump nixpkgs to a fresh snapshot
  * Upgrade to Bazel v5

Change-Id: Icfe752411b3128bcd5b25fa28bb76bec45ae2f71
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1441
Reviewed-by: q3k <q3k@hackerspace.pl>
 2022-11-27 16:27:53 +00:00
q3k d171263d6e k0: remove waw-hdd-yolo-3 
This was never used and only caused scary warnings during OSDs reboots
due to lack of availability.

Change-Id: I14eacd88855bc56e06f2a61cc2d914d985330852
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1423
Reviewed-by: implr <implr@hackerspace.pl>
 2022-11-20 12:28:20 +00:00
implr 4d98cf5ca8 calico: move from etcd to crd 
Leaving the CRD definitions as YAML, extracted without modifications
from the original install file - this should make upgrades simpler.

Change-Id: I7211d2711e2af014b36dd887a951abb9e1032eb9
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1179
Reviewed-by: q3k <q3k@hackerspace.pl>
 2022-11-19 21:40:34 +00:00
implr e3dd96adb0 app/mastodon: complete migration to versioned postgres 
Change-Id: Ib09a42e60cc3bf7a0388b5199a22df6a1271b5a3
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1424
Reviewed-by: q3k <q3k@hackerspace.pl>
 2022-11-19 12:38:55 +00:00
implr 65b30af78e kube/postgres: add versioned library 
also use in mastodon-qa

Change-Id: I628293fcfe9081c350087572ecda9e51ee18238f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1422
Reviewed-by: q3k <q3k@hackerspace.pl>
 2022-11-18 14:52:05 +00:00
q3k 16842119d1 app/mastodon: deploy 
Change-Id: I88c104d1a8d5627355b01a8c48dc235635fca5ed
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1421
Reviewed-by: implr <implr@hackerspace.pl>
 2022-11-18 12:15:22 +00:00
q3k 08c32996e5 hswaw: deploy 1405 
Change-Id: If765bdc35d662d644701d2b81a3817ac56ccecb9
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1406
Reviewed-by: informatic <informatic@hackerspace.pl>
 2022-11-07 00:24:09 +00:00
q3k 15b5bc1783 hswaw/site: fix catch-all, add robots.txt 
Change-Id: I23db4e18185f029a094ea4f69ac0f469d3dd8a8e
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1405
Reviewed-by: informatic <informatic@hackerspace.pl>
 2022-11-07 00:24:09 +00:00
q3k 9171451c53 bgpwtf: delegate /29 to customer 
Change-Id: I3607580126477560f642ec5d9c4ccba7022de559
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1404
Reviewed-by: informatic <informatic@hackerspace.pl>
 2022-11-06 17:05:02 +00:00
q3k ee41e94e0a k0: bump certs 
Change-Id: I9d7a48d64de5d1aa82a134a8c22bfc50ba8ad270
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1402
Reviewed-by: informatic <informatic@hackerspace.pl>
 2022-10-09 20:22:43 +00:00
vuko deeeff861e hswaw/machines: add sound.waw.hackerspace.pl 
Change-Id: Id0e6a02d9ae4cf61d758713a99d21c6da0c72b66
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1401
Reviewed-by: vuko <vuko@hackerspace.pl>
Reviewed-by: informatic <informatic@hackerspace.pl>
 2022-10-09 19:35:18 +00:00
q3k 0d22d0bcb6 bgpwtf/m/edge01: allow 10.10.32.0/24 (dcr03 mgmt) 
Change-Id: Ide36e7fbcb39c178b0d51dd0da8534c6bf60954b
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1403
Reviewed-by: patryk <patryk@hackerspace.pl>
 2022-10-08 18:12:21 +00:00
informatic aa67387717 hswaw/machines/tv: enable avahi 
This fixes webrtc mdns discovery. (to be used sometime later for desktop
casting in a separate tool)

Change-Id: Ic3d454c67ff930d13990481b7ed33f9bf1f5c5e0
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1341
Reviewed-by: q3k <q3k@hackerspace.pl>
 2022-09-28 23:01:55 +00:00
informatic dc1878c3cc app/matrix: bump element-web to v1.11.8 
Change-Id: I667d694f39ff75ec98fb68620037c06b1475ae9e
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1392
Reviewed-by: informatic <informatic@hackerspace.pl>
 2022-09-28 23:01:35 +00:00
informatic d3c14e5cbc app/matrix: bump appservice-irc to v0.35.1 
Change-Id: Ie884f75dd9c068363f160598d23e21de49f8a95d
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1393
Reviewed-by: informatic <informatic@hackerspace.pl>
 2022-09-28 23:01:35 +00:00
informatic 654dd80e03 app/matrix: bump matrix-media-repo to v1.2.12 
Change-Id: I4192c6a54537c10724c63c373083eca5bd0c298e
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1391
Reviewed-by: informatic <informatic@hackerspace.pl>
 2022-09-28 23:01:35 +00:00
informatic a8bb615464 app/matrix: adjust resources configuration for prod changes 
Change-Id: Ib81847bd65e254cbd650d60456185e681e2b1e88
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1390
Reviewed-by: informatic <informatic@hackerspace.pl>
 2022-09-28 23:01:35 +00:00
informatic 3f0bc2083b app/matrix: bump appservice-irc to v0.35.0 
Change-Id: Ie1b7c014e46fc1e06e434ad9394cf591248c92cb
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1389
Reviewed-by: informatic <informatic@hackerspace.pl>
 2022-09-28 23:01:35 +00:00
informatic 690ed45f66 app/matrix: add coturn deployment 
TURN server is required for proper cross-NAT voice/video calls via
Matrix.

Change-Id: I8182292dd8ef30690ae4b9487c22aedcff098710
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1387
Reviewed-by: informatic <informatic@hackerspace.pl>
 2022-09-28 23:01:35 +00:00