palid
/
hscloud
forked from hswaw/hscloud
1
0
Fork 0
Code Pull Requests Actions Activity
1,289 Commits
1 Branch
0 Tags
56 MiB
Commit Graph

1289 Commits (master)

Author SHA1 Message Date
palid c30968754b
test3
/ test (push) Successful in 1s Details
2023-12-03 17:57:40 +01:00
palid 68d82124d9
test2
/ test (push) Has been cancelled Details
2023-12-03 17:56:14 +01:00
palid 8e8e77ca32
actions test
/ test (push) Has been cancelled Details
2023-12-03 17:55:29 +01:00
radex f2cf98e04c doc: add radex to owners 
Change-Id: Ib4b3ca54227038c3e7a82771a3415ae4edeb9436
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1815
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-12-02 19:10:50 +00:00
cheshire 808a2cd723 doc/codelabs/getting-started: update tutorials from hscloud-docs 
Change-Id: I2781c0913a59d33721bde6a0132d2bf6dea7ad42
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1764
Reviewed-by: radex <radex@hackerspace.pl>
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-12-02 19:08:04 +00:00
radex f41987b880 app/walne: deploy 
Change-Id: I25c56698a8d366ae0af401b9eb68d669b571c7cc
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1763
Reviewed-by: palid <palid@hackerspace.pl>
 2023-12-02 17:57:41 +00:00
radex 9da9df6b7a cluster/kube: admitomatic, admins, owners changes 
Change-Id: Ia2f167d84cff999c9ab273db16609d1dec740f25
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1801
Reviewed-by: informatic <informatic@hackerspace.pl>
 2023-11-26 15:50:57 +00:00
radex 03365c6de1 cluster/kube: group admitomatic, admins entries by category 
Change-Id: I0405fd894c775314059e382a804994184afb0f64
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1800
Reviewed-by: informatic <informatic@hackerspace.pl>
 2023-11-26 15:49:37 +00:00
radex 0e12849717 kube: use ns.Contain() for postgres and redis 
This is purely for consistency. While it's objectively more "magic" than the previous convention, newcomers may be asking themselves how come namespace is passed to kube objects using ns.Contain(), but to these custom objects via cfg.namespace.

Change-Id: I061c27c74213d5481b2c7e0afd5f316e84335786
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1808
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-24 20:39:30 +00:00
radex 37991744d8 kube: standardize convention for passing postgres options 
Declare options when creating postgres {}, then pass env by taking from postgres's cfg and svc. This is both to reduce chance of making a mistake, and to improve copy-pasteability of jsonnets

Change-Id: Ief16a6825af64795f3b10e1e617b96c3d1c2a578
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1807
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-24 20:39:18 +00:00
radex 1439fde1ba kube: standardize top.secretRefs convention 
Introduce a convention of declaring a secretsRefs:: object below cfg:: for containing all secretKeyRefs. The goal is to self-document all secrets that need to be created in order to deploy a service

Change-Id: I3a990d54f65a288f5e748262c576d2a120efd815
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1806
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-24 20:39:11 +00:00
radex c995c212d2 kube: standardize on a `local top = self` convention 
A convention is introduced to specify `local top = self` declaration at the top of an app/service/component's jsonnet, representing the top-level object. Reasoning is as following:

- `top` is more universal/unambiguous than `app`
- `top` is usually shorter than $NAME
- a conventional `top` instead of $NAME (coupled with other conventions introduced) makes app jsonnets wonderfully copy-paste'able, aiding in learning and quickly building

Change-Id: I7ece83ce7e97021ad98a6abb3500fb9839936811
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1805
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-24 20:38:59 +00:00
radex 99ed6a7abb kube: standardize on a `local ns` convention 
A convention is introduced to specify the kube.Namespace object in a deployment as a `local ns` instead of an `ns:` or a `namespace:` for these reasons:

- non-cluster admins cannot create new namespaces, and we've been moving in the direction of specifying objects that require cluster admin permissions to apply (policies, role bindings) in //cluster/kube/k0 instead of in the app jsonnet
- namespace admins CAN delete the namespace, making `kubecfg delete` unexpectedly dangerous (especially if a namespace contains more than just the contents of the file being applied - common with personal namespaces)
- `.Contain()` is a common operation, and it shows up in lines that are pretty long, so `ns.Contain()` is preferable to `app.ns.Contain()` or `service.namespace.Contain()`

Change-Id: Ie4ea825376dbf6faa175179054f3ee3de2253ae0
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1804
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-24 20:38:44 +00:00
radex 36964dca3b kube: clean up PersistentVolumeClaims 
There's no difference as far as jsonnet is concerned, but it may confuse newbies, as Service and SimpleIngress use double colon for its top-level kube helpers. This also removes any ambiguity as to whether this is manifested in final JSON. So we can make that a convention.

Change-Id: I01ad4ea63f4d5d8ee6e5d41c79637ba186548c6f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1803
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-24 20:37:53 +00:00
radex 8b8f3876a9 kube: add target:: convenience field to Service 
Change-Id: If69116d93b6074136a36d98973e1aa997e2ebbef
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1802
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-24 20:37:48 +00:00
radex 6e0041d401 hswaw/ldapweb: deploy latest; add radex to owners 
Change-Id: Ib2c90bcc2e0e782f957d92b36a9413f1c1f87dc2
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1799
Reviewed-by: informatic <informatic@hackerspace.pl>
 2023-11-23 19:45:00 +00:00
radex f28cd62c0e *: Simplify kube.PersistentVolumeClaims 
Change-Id: I0a3e44de9f1c4db146fd1e493741f5fe381da3ae
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1768
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-18 12:36:00 +00:00
radex 527386ab0c hswaw/teleimg: RIP lelegram 
Change-Id: Iea1acac5826519c63ab7da1955972544f2098ce0
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1793
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-18 12:34:38 +00:00
radex 63328a353a hswaw/cebulacamp: migrate away from mirko.libsonnet 
Change-Id: I208ff1eec8ead60ebdc1c8a52063bfe383eaaa6f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1792
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-18 11:19:30 +00:00
informatic 6963e8b96b hswaw/paperless: fix ingestion failure for invoices from new generator 
https: //ocrmypdf.readthedocs.io/en/latest/advanced.html#rendering-and-rasterizing-options
Change-Id: I88e3e7cbf1c97f54004df50f7626cf6c74a839ee
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1787
Reviewed-by: radex <radex@hackerspace.pl>
 2023-11-16 22:36:44 +00:00
informatic 13e6052b93 hswaw/beyondspace: fix https redirect pollution for local non-https services 
Change-Id: I86505b571695e1bbcfccf869817f627140d7b596
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1786
Reviewed-by: informatic <informatic@hackerspace.pl>
 2023-11-16 22:36:44 +00:00
informatic d0920a5a9a hswaw/checkinator: implement unclaimed devices listing 
Change-Id: Ieecaf44927b7949c6e16dabea3a84e3bd80d3b7f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1785
Reviewed-by: vuko <vuko@hackerspace.pl>
Reviewed-by: implr <implr@hackerspace.pl>
 2023-11-16 22:36:44 +00:00
informatic 8abe2023dc hswaw/customs: sensible webpage for unknown vhosts, beyondspace branding 
Change-Id: Ie73f8abc3c596f82bb787cac66b454519fe9621f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1784
Reviewed-by: vuko <vuko@hackerspace.pl>
 2023-11-16 22:36:44 +00:00
informatic ab299d4b9b hswaw/customs: avoid major rebuilds, nixpkgs deprecations, update arcade 
Change-Id: I6f2d15e2a6b8f9189a92ab88658e3235ed119c48
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1729
Reviewed-by: vuko <vuko@hackerspace.pl>
 2023-11-16 22:36:44 +00:00
implr ac4f99e2e1 cluster/machines/dcr01s24: pivot to lvm root and efi boot 
Change-Id: I2df08a0ff7366607781421e6fe8c0ddce86e57a5
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1781
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-12 19:36:25 +00:00
implr f47d359a28 cluster/machines/dcr01s22: pivot to mirrored efi boot 
Change-Id: I673bad18915ee76e0f35c56e689345f360d295dc
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1771
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-12 19:36:25 +00:00
implr b8ccfa8459 cluster/machines: move common LVM support bits into base.nix 
Change-Id: I13e5653241a8245bae67cc7e660312484f1dcaca
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1767
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-12 01:31:39 +00:00
implr 8edc52e619 c/m/dcr01s22: pivot to lvm root 
The bootloader is *not* moved yet, machine still boots off the old disk

Change-Id: I8cc92489bb06bfe9581d68503237e08fa8082c7c
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1766
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-12 01:30:42 +00:00
implr b37b70cbd4 cluster/m/m/base: chronyd: enable rtc sync, aggresively step 
Change-Id: I61827ec2c77e79ce3e394eb2574372d3c21394d8
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1765
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-12 01:30:42 +00:00
q3k 18c27aedca k0: add dcr03s16 OSDs 
Change-Id: I654ea780b53970732b735a9f62c7e3ca4d87c088
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1725
Reviewed-by: implr <implr@hackerspace.pl>
 2023-11-11 13:55:34 +00:00
informatic 4d3a0cc123 cluster/kube-common: avoid full nixpkgs checkouts 
fetchGit was unnecessarily fetching full nixpkgs repository during
evaluation.

Change-Id: Ia22a234938014659d4c33e16c5028a63884d476c
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1728
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-06 21:55:24 +00:00
radex 934f7d3626 cluster/kube: configure k0 for sourcegraph 
Change-Id: I8ac3ca1269527faa98ce6949da066eb74f299c2c
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1770
Reviewed-by: implr <implr@hackerspace.pl>
 2023-11-03 18:17:08 +00:00
implr 6f1fda4329 cluster/k/l/cockroach: make publicService select *all* nodes 
Change-Id: I705b89057f9c191eb62771e3683224376b2207a1
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1762
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-01 23:30:52 +00:00
implr c783390cf5 cluster/m/m/base: add a bunch of utilities to systemPackages 
Change-Id: I8ad61f925011d019b8ef868013fcb266947a9c94
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1755
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-11-01 23:12:07 +00:00
radex e1dbc3cf74 personal/radex: wordpress 
Change-Id: Ia493d47ace83451169abb715f893325cba0ce5f7
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1756
 2023-11-01 18:58:57 +00:00
q3k ab2e470bd3 cluster/kube: generate namespaces in NamespaceAdmins 
Change-Id: I37981a4d8d7cf9b85b9b9ab8cfdfc6c66eaa4453
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1760
Reviewed-by: radex <radex@hackerspace.pl>
 2023-10-31 10:52:01 +00:00
radex a6592b845c cluster: grant radex access to more namespaces 
Change-Id: I4f3df51fbc200f1a69ec1225244621e0c724f95b
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1759
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-10-30 21:35:46 +00:00
radex 3fdda9c9a3 hswaw/walne: initial deployment 
Co-authored-by: Palid <palid@hackerspace.pl>
Change-Id: I7c5ef8a1d310821937c49598c4bd983f80a8fbcb
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1741
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-10-30 21:35:29 +00:00
radex 29a96ddcf7 hswaw/ldapweb: deploy 
Change-Id: I1447ea050cf51584a7d25bc283fe2b55fc4992f5
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1746
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-10-30 21:35:17 +00:00
radex caf65fcaaf *: Kill frab, smsgw, toot, covid-formity, voucherchecker 
Change-Id: I763c758994008db38b47a7e61d3f1b503685aba6
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1750
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-10-30 19:08:23 +00:00
q3k 633fb2e8ce cluster/admitomatic: deploy 
Change-Id: Id08c4b428a9c01b310b69396890083f999090928
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1749
Reviewed-by: radex <radex@hackerspace.pl>
 2023-10-28 20:12:30 +00:00
radex f5844311eb */kube: Add kube.SimpleIngress 
Change-Id: Iddcac629b9938f228dd93b32e58bb14606d5c6e5
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1745
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-10-28 17:55:48 +00:00
q3k 56df80cf24 hswaw/site: deploy 
Remove spurious hspki_disable, now that mirko is ripped out.

Change-Id: I277869e58804cc79bee84334a7abc93c3593c82e
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1748
Reviewed-by: radex <radex@hackerspace.pl>
 2023-10-28 17:47:11 +00:00
q3k 4768e2ff32 hswaw/capacifier: deploy 
1. Fix spurious -hspki_disable call now that mirko has been ripped out.
2. Build pure/static binary.

Change-Id: Ibe05f18f23d0794eb1a839064474112e004df824
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1747
Reviewed-by: radex <radex@hackerspace.pl>
 2023-10-28 17:47:07 +00:00
q3k 49431e8909 gerrit/bazlets: use fork for better fetching 
Change-Id: Id0c51b2e1591bef0c3d597cbcae64b373a2aa17f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1744
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-10-27 19:42:30 +00:00
q3k 28b5260753 gerrit: use profile.hackerspace.pl avatars 
Change-Id: I44d1ff32843d6239e9728427d479208d853a06d2
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1743
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-10-27 19:42:30 +00:00
elia 5cd3d5299c hacklock: fix documentation 
Change-Id: I95d60bf004bd33b91b392cda927794b7dc275b52
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1730
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-10-19 23:43:43 +00:00
radex 401aa5e754 hswaw/ldapweb: update to latest, add service user 
Change-Id: I2cc20d35d0a141bc2ea1948942f9518c84e7ea41
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1727
Reviewed-by: informatic <informatic@hackerspace.pl>
 2023-10-16 19:34:21 +00:00
informatic b17060a688 matrix/0x3c: increase postgres volume size before migration to matrix-ng 
Change-Id: I80834986f9aeb629c3eb32c4e824290d9531c4ca
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1602
Reviewed-by: informatic <informatic@hackerspace.pl>
 2023-10-16 17:18:08 +00:00
informatic 0bb2fcaa32 hswaw/paperless: upgrade postgres to 15.4, paperless-ngx to 1.17.4 
Change-Id: I790f306cf2a7837e11e035615862cf00641d5c96
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1699
Reviewed-by: radex <radex@hackerspace.pl>
 2023-10-16 12:02:07 +00:00