Commit graph

1517 commits

Author SHA1 Message Date
Akshay Mankar 5c894c5265
Rekey agenix secrets
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-04-25 12:10:02 +02:00
teutat3s a5061b8947
secrets: add host keys for hensoko
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-04-25 10:18:54 +02:00
teutat3s 41939956c5
secrets: add host keys for b12f + teutat3s
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-04-25 10:14:46 +02:00
teutat3s b55dace1ea
Merge branch 'momo/main' into momo/keycloak
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-04-25 09:49:13 +02:00
teutat3s 9efce1619a
Merge pull request 'host_001_momo_koeln: fix swap UUID and initrd boot modules' (#223) from momo/fix-swap-uuid into momo/main
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: #223
Reviewed-by: hensoko <hensoko@gssws.de>
2023-04-24 18:02:29 +02:00
teutat3s db53f9f1be
host_001_momo_koeln: fix initrd kernelModules
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
boot.initrd.kernelModules overrides boot.initrd.availableKernelModules
and forces the initrd to load only those modules. This leads to the host
being unbootable in this case because of missing required modules.
availableKernelModules is the correct place for desired modules.

This got fixed during a debugging session of hensoko and teutat3s, but
not implemented in nix code until now.
2023-04-24 13:13:12 +02:00
teutat3s 2692b2dc20
host_001_momo_koeln: fix swap UUID
All checks were successful
continuous-integration/drone/push Build is passing
This got changed while debugging boot failures on this host, by

re-creating swap.
2023-04-24 13:05:05 +02:00
b12f 211f1d16d0
Merge pull request 'momo/main: merge main branch' (#219) from momo-merge-main into momo/main
Some checks failed
continuous-integration/drone/push Build is failing
Reviewed-on: #219
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-04-24 12:50:47 +02:00
teutat3s 4faf4267a3
Merge branch 'main' into momo-merge-main
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-04-18 10:45:27 +02:00
teutat3s ed532fa271
Merge pull request 'modules/networking: Use mkDefault for caddy config' (#220) from networking-mkDefault into main
Some checks failed
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
Reviewed-on: #220
Reviewed-by: teutat3s <teutates@mailbox.org>
2023-04-17 20:16:48 +02:00
Akshay Mankar 91353938af
modules/networking: Use mkDefault for caddy config
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-04-17 20:05:42 +02:00
Akshay Mankar 4c4c4cab0b
secrets: Add keycloak-database-password
Some checks failed
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
2023-04-17 18:41:44 +02:00
Akshay Mankar 8b8280d07e
secrets: Add keys for axeman and host_001_momo_koeln 2023-04-17 18:41:44 +02:00
Akshay Mankar a0a92d27c9
001_momo_koeln: Add caddy 2023-04-17 18:41:42 +02:00
Akshay Mankar 6e6e5857fd
001_momo_koeln: Add keycloak 2023-04-17 18:41:26 +02:00
teutat3s 029be00eab
Merge pull request 'cachix: remove unused binary caches' (#209) from cachix/remove-unused-caches into main
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: #209
Reviewed-by: hensoko <hensoko@gssws.de>
2023-04-15 19:03:51 +02:00
teutat3s 76d8af7c3a
Merge pull request 'audio: disable useless bluetooth sap plugin' (#208) from audio/disable-bluetooth-sap-plugin into main
Some checks reported errors
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build was killed
Reviewed-on: #208
Reviewed-by: hensoko <hensoko@gssws.de>
2023-04-15 19:01:55 +02:00
teutat3s 9f7d209392
Merge pull request 'flake: pull in changes from digga upstream' (#207) from upstream/digga-changes into main
Some checks reported errors
continuous-integration/drone/pr Build is failing
continuous-integration/drone/push Build was killed
Reviewed-on: #207
Reviewed-by: hensoko <hensoko@gssws.de>
2023-04-15 18:59:02 +02:00
teutat3s 366d3b1278
Merge pull request '001_momo_koeln: Add @axeman's key to barkeeper's authorized_keys' (#213) from momo/add-axeman-key into momo/main
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: #213
Reviewed-by: teutat3s <teutates@mailbox.org>
2023-03-31 16:44:25 +02:00
Akshay Mankar 48d55417bd
001_momo_koeln: Add @axeman's key to barkeeper's authorized_keys
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-03-31 16:40:13 +02:00
teutat3s ea18402f21
Merge pull request 'main-to-momo-main' (#212) from main-to-momo-main into momo/main
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: #212
Reviewed-by: teutat3s <teutates@mailbox.org>
2023-03-31 16:19:07 +02:00
Akshay Mankar 3992ca0d5f
Merge branch 'main' into main-to-momo-main
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-03-31 16:15:10 +02:00
teutat3s 3ea141d445
cachix: remove unused binary caches from drone
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
runner
2023-03-28 14:03:41 +02:00
teutat3s 3bdc4b1f39
ci: cleanup unused directories
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-03-28 14:00:07 +02:00
teutat3s 52c2ca9f13
nix.conf: add back required experimental features
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-03-27 18:54:29 +02:00
teutat3s 972e3f1569
cachix: default binary cache is nixos.org, no need
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
to specify it explicitly (results in double entry in nix.conf)

Also force our nix.extraOptions because digga tries real hard to put
their binary caches there:
0595ae70cd/modules/nix-config.nix (L19-L23)
2023-03-27 18:09:46 +02:00
teutat3s b1ad71cd35
cachix: remove unused binary caches
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-03-27 13:52:40 +02:00
teutat3s b01c5f9fce
audio: disable useless bluetooth sap plugin
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-03-27 13:51:12 +02:00
teutat3s d0470d5aaf
flake: pull in changes from digga upstream
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
See:
54ede8e591...0595ae70cd?diff=unified
2023-03-27 13:48:39 +02:00
teutat3s fd7f326376
Merge pull request 'flake: Remove nur' (#206) from cleanup-nur into main
Some checks failed
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is failing
Reviewed-on: #206
Reviewed-by: teutat3s <teutates@mailbox.org>
2023-03-26 16:18:36 +02:00
Akshay Mankar 1f5b2b9d10
flake: Remove nur
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
It was perhaps added manually, not sure if the overlay was actually useful to
anyone.
2023-03-26 15:14:33 +02:00
teutat3s cffffbd440
Merge pull request 'ci: upload ISO images to bigger /data disk' (#179) from fix/move-iso-store-to-bigger-disk into main
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: #179
Reviewed-by: hensoko <hensoko@gssws.de>
2023-03-08 20:00:25 +01:00
teutat3s 43bd742150
Merge pull request 'ci: fix Host key verification failed' (#205) from momo/ci-deployment-known-hosts into momo/main
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: #205
2023-03-08 14:13:03 +01:00
teutat3s b21b98dadd
ci: fix Host key verification failed
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
- Fix missing SSH known_hosts in deploy pipeline
- SSH tries to use Trust-On-First-Use (TOFU) interactively to add a new
  host key
- Verbose SSH logs show:
debug1: Server host key: ssh-ed25519 SHA256:1bbksDNYBWSh/rIFP7MMfs557kWn1dM64bpXdnfBE5E
debug1: read_passphrase: can't open /dev/tty: No such device or address
- deploy-rs uses nix, which uses SSH which doesn't use the environment variable
HOME, but rather /etc/passwd to find a user's HOME
- To solve this, we override SSH options using UserKnownHostsFile and
  the -i flag
2023-03-08 14:10:19 +01:00
teutat3s f5239c042b
Merge pull request 'ci: debug Host key verification failed error' (#204) from momo/ci-deployment-known-hosts into momo/main
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: #204
2023-03-08 14:05:19 +01:00
teutat3s 51e84e9418
ci: debug Host key verification failed error
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-03-08 14:04:06 +01:00
teutat3s f6708d252e
Merge pull request 'ci: debug Host key verification failed error' (#203) from momo/ci-deployment-known-hosts into momo/main
Some checks failed
continuous-integration/drone/push Build is failing
Reviewed-on: #203
2023-03-08 13:55:32 +01:00
teutat3s 0bd30c33d5
ci: debug Host key verification failed error
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-03-08 13:54:50 +01:00
teutat3s 3f9b0f9a3b
Merge pull request 'ci: debug Host key verification failed error' (#202) from momo/ci-deployment-known-hosts into momo/main
Some checks failed
continuous-integration/drone/push Build is failing
Reviewed-on: #202
2023-03-08 13:49:58 +01:00
teutat3s 09cdf6c390
ci: debug Host key verification failed error
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-03-08 13:49:27 +01:00
teutat3s 30652571cf
Merge pull request 'ci: debug Host key verification failed error' (#201) from momo/ci-deployment-known-hosts into momo/main
Some checks failed
continuous-integration/drone/push Build is failing
Reviewed-on: #201
2023-03-08 13:43:13 +01:00
teutat3s 9812687fb1
ci: debug Host key verification failed error
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-03-08 13:42:29 +01:00
teutat3s 86ca4f6f54
Merge pull request 'ci: debug Host key verification failed error' (#200) from momo/ci-deployment-known-hosts into momo/main
Some checks failed
continuous-integration/drone/push Build is failing
Reviewed-on: #200
2023-03-08 13:35:46 +01:00
teutat3s 1a16083510
ci: debug Host key verification failed error
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-03-08 13:35:02 +01:00
teutat3s 8c4cc68bd6
Merge pull request 'ci: fix Host key verification failed' (#199) from momo/ci-deployment-known-hosts into momo/main
Some checks failed
continuous-integration/drone/push Build is failing
Reviewed-on: #199
2023-03-08 13:30:24 +01:00
teutat3s 9dc77abfc8
ci: fix Host key verification failed
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
- missing SSH known_hosts in deploy pipeline
- SSH tries to use Trust-On-First-Use (TOFU) interactively to add a new
  host key
- verbose SSH logs:
debug1: Server host key: ssh-ed25519 SHA256:1bbksDNYBWSh/rIFP7MMfs557kWn1dM64bpXdnfBE5E
debug1: read_passphrase: can't open /dev/tty: No such device or address
- deploy-rs uses nix, which uses SSH which doesn't use the environment variable
HOME, but rather /etc/passwd to find a user's HOME
2023-03-08 13:25:49 +01:00
teutat3s 6192881ac1
Merge pull request 'ci: debug Host key verification failed error' (#198) from momo/ci-deployment-known-hosts into momo/main
Some checks failed
continuous-integration/drone/push Build is failing
Reviewed-on: #198
2023-03-08 12:54:37 +01:00
teutat3s 3890494935
ci: debug Host key verification failed error
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-03-08 12:53:56 +01:00
teutat3s 420a201f70
Merge pull request 'ci: debug Host key verification failed error' (#197) from momo/ci-deployment-known-hosts into momo/main
Some checks failed
continuous-integration/drone/push Build is failing
Reviewed-on: #197
2023-03-08 12:26:33 +01:00
teutat3s e2c601509a
ci: debug Host key verification failed error
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/pr Build is passing
2023-03-08 12:26:01 +01:00