In preparation for updating to 1.1.0, which will be much more involved.
Also fix a typo in registry.libsonnet, whoops.
Change-Id: I7668bf53c7580f99fdf56fe6227f04a468f8de50
For us this manifests when doing
kubecfg update cluster/kube/cluster.libsonnet
To be precise: when hitting the Ceph/Rook CRD definition.
This is a weird bug. I've seen it manifest earlier on NixOS, but I am
now also seeing it on Gentoo. I've thought that it was because of Go API
breakage, but I've quickly tried to specify older toolchain versions,
but that didn't seem to help? :/
Regardless, I've applied a patch by rnb [1] that seems to fix this. I
also have a suspicion that updating to a newer k8s version might just
fix this, that's why I'm not not too concerned about this for now.
[1] - a32521024f
Change-Id: Id66e3c0bd56e84d785e1baeca86373aa2d0eb6f9
cz2's key has expired. Removing it for now as there's no easy way to
force gpg to encrypt content for expired keys.
Change-Id: Ib27b9a09385fcead1ba2d48ebf45426038d8b647
This reflects current production. This needs to get bumped up to 3 at some point as otherwise we lose HA for this cluster.
Change-Id: Ie5937e6a216b635ecbc4c82ecd182a410167c3f8
We change the existing behaviour (copy files & run nixos-rebuild switch)
to something closer to nixops-style. This now means that provisioning
admin machines need Nix installed locally, but that's probably an okay
choice to make.
The upside of this approach is that it's easier to debug and test
derivations, as all data is local to the repo and the workstation, and
deploying just means copying a configuration closure and switching the
system to it. At some point we should even be able to run the entire
cluster within a set of test VMs.
We also bump the kubernetes control plane to 1.14. Kubelets are still at
1.13 and their upgrade is comint up today too.
Change-Id: Ia9832c47f258ee223d93893d27946d1161cc4bbd
This doesn't automatically bump generated numbers - however, new users
will at least have sensible IDs now :).
To bump an existing deployment, you will have to do some mild surgery:
- edit the touched query to once generate a new, appropriate serial
(eg. 20001)
- run and seal one invoice
- restore original code (now with the new 20000 default)
In the future we should have an RPC override for the new sealed final
UID with some basic sanity checks.
Change-Id: Idd8187618869f6ea76f1b187acfbdd2f1c94005b
Only these nodes (and bc01n03( are #blesed by freenode.
In the future we should fix this by having custom node labels for
blessed nodes. But this will do for now.
Change-Id: Ia5d7cfcb9329da0de8d596ed40b20b0e0f286f43
This is an IRC/Telegram bridge.
It does multi-account puppet-like access to IRC making everyone's life
easier.
Compared to teleirc it also:
- is smarter about converting messages
- uses teleimg for public image access
- is not written in JS
Experimental for now.
Change-Id: I66ba3f83abdfdea6463ab3be5380d8d3f2769291
This is a shitty small proxy to unfuck telegram's bot image URLs, ie. do
not add content-disposition and send a proper MIME in content-type.
It also does some local caching and hides the Telegram API token.
Change-Id: I0afb29ca3f1807a13fa157fdcf486ee4c857f08d
This needed an upstream change to allow only some pools to be backed up,
otherwise benji would crash when stubmling upon the first PVC from a
pool that wasn't backed by the ceph cluster it was acting upon.
Change-Id: I52bf163c16352cb59fdd3dbdd576145ce1dbac03
