Commit graph

276 commits

Author SHA1 Message Date
sterni
11681612c3 chore: lib.types.string -> lib.types.str
lib.types.string concatenates conflicting definitions on module merge
which is counter intuitive and hard to debug behavior.

Change-Id: I8ccdca0e8895fb5cc4600c367f8d52a9ab80ff75
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13177
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: aspen <root@gws.fyi>
2025-03-02 13:55:21 +00:00
Vincent Ambo
dddcc6ef01 fix(ops/livegrep): adapt reindexer command for podman
Something recently caused us to replace Docker with Podman (I guess a default
changed in nixpkgs? I don't remember making the change explicitly), which broke
the reindexing unit.

Change-Id: I1d3453ed970e536abb540c6ef79765cfda271810
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13173
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
2025-02-24 11:35:36 +00:00
Vincent Ambo
27f8a8367a fix(ops/www): block ClaudeBot/GPTBot/Amazonbot from cgit
These bots are doing unthrottled requests to cgit 24/7, and it's starting to
annoy me.

Change-Id: I6b7d7a68e9becb8ed4b5c52b376c2a60febc6ec6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13145
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-02-16 16:10:56 +00:00
Vincent Ambo
2d989ef6cb refactor(ops/tvl-buildkite): add concept of small/large slots
Adds a new tagging system to Buildkite agents, where agents are tagged with
large/small slots. All agents have small slots, only some agents have large
slots. The small slots are purely informative - nothing targets them, whereas
large slots will be used for filtering agents.

This allows us to target large slots in some builds and minimise the concurrent
execution of extremely large builds, while keeping a large number of small slots
around for all the light targets.

This will need some tuning over time (also because tagging is a manual process).

Change-Id: I15aa657773ed874d84d98e55238fb31c75d4efa7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13120
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-02-09 20:59:31 +00:00
Vincent Ambo
c88fae5277 chore: remove whitby configuration
Removes whitby DNS records and other related configuration that is no longer
required now that whitby is gone.

whitby served us well. RIP.

This resolves b/433.

Change-Id: I56fe6f88cde9112fc3bfc79758ac33e88a743422
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13117
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
2025-02-07 22:18:00 +00:00
Vincent Ambo
84bdb1e89a feat(ops/restic): configure backups to Yandex Cloud
Backups are moving from GleSYS to Yandex Cloud (is this motivated by me not
having to pay for them in that case? Maybe!); this changes the default backup
location to accommodate that.

I also noticed that we previously manually placed the backup key on whitby, so
the new key is going into agenix instead, as well as the secrets for protecting
the repositories.

Change-Id: Ibe5dbfec6784345f020a8b4d92bb01c6ad719a89
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13096
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-02-02 15:01:24 +00:00
Vincent Ambo
7851917ebf chore(ops/whitby): retire most services on whitby
This turns off almost all of the lights. The server will be decomissioned on
2025-02-05. Until then we can keep running the Buildkite builders there for
extra capacity.

Stuff that was left in the whitby config has been migrated to nevsky.

This relates to b/433.

Change-Id: I84953e9d5e912f75b8884cb9d8edd5a1b7d5c85d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13095
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-02-02 15:01:24 +00:00
Vincent Ambo
afcdcc6338 feat(ops/modules): factor grafana & prometheus setup into a module
... that is then promptly enabled on nevsky.

Change-Id: Ie51037cec810bb7f81099a67ebd2581dcf710bd5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13093
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-02-02 14:58:16 +00:00
Vincent Ambo
6f7239b3b8 fix(ops/known-hosts): add bugry & nevsky keys
Without these, Gerrit replication is unhappy.

Change-Id: Id0edbc6a1cf301f9ed7ef2a88ccb0ef70f469693
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13089
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-02-02 14:58:16 +00:00
Vincent Ambo
7824f8a91f feat(ops/bugry): configure depot replication to bugry
Change-Id: I3ee35e76c9ec6d7a175801c45eee073ce23d3dfd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13020
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-18 22:31:05 +00:00
Vincent Ambo
de8ffb723c chore(ops): remove nixery-01 VM completely
This is no longer needed; Nixery is now served by bugry.

Change-Id: Idd072505c4da1e6af636224e092b6fb21eff9250
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13001
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2025-01-15 15:38:48 +00:00
Vincent Ambo
aea48b54aa chore(ops/nixery): use unstable nixpkgs channel for nixery
We switched to stable temporarily in 2023 (!) because of some breakage that has
long been fixed.

In general, running nixery against stable is probably advisable, but because of
our Lisp package situation updating stable is not possible at the moment.

Change-Id: I122ac63d6307cab76a3069101682fc5f8f985914
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12999
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-15 15:38:48 +00:00
Vincent Ambo
5a33dd7ec3 feat(ops/bugry): run nixery instance
Running Nixery on bugry is much more cost efficient (better traffic economics
than on a cloud provider, and Nixery is mostly a traffic-heavy service), and
frees up my Yandex Cloud credits for adding another builder.

Change-Id: Id6c8c76b28a5ce13cc8b743ad6e72fffd19353fb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12997
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
2025-01-15 15:38:48 +00:00
Vincent Ambo
d2d06241a0 feat(ops/tvl-cache): add option for using experimental cache
Adds a `tvl.cache.builderball` option for cache *consumers* which enables the
experimental builderball cache. This cache uses whitby AND nevsky.

Change-Id: I4d99ba52d6ebd9a49e6fcb931d01e69383b15bcf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12986
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-14 17:51:21 +00:00
Vincent Ambo
c948a26d7d feat(ops/modules): configure builderball cache setup
Configures an experimental setup for a builderball-based public cache.

This cache only includes the two build machines (whitby & nevsky), for the time
period where both of them exist simultaneously.

The idea is this:

All participating hosts run a harmonia binary cache locally (whitby already
does). They then run builderball instances pointing at each other's harmonia
caches (through dedicated public hostnames).

When a request comes in, the first matching cache address is returned and Nix
will substitute from there.

Change-Id: Ia7d5357fd5e04f77b460205544fa24e82b100230
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12975
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-14 17:51:21 +00:00
Vincent Ambo
4210e2c480 refactor(ops/tvl-buildkite): remove hardcoded whitby references
Change-Id: I3b2df9d3926f4698cbc0b557ad5b522e1921ca13
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12988
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: aaqaishtyaq <aaqaishtyaq@gmail.com>
Tested-by: BuildkiteCI
2025-01-14 11:34:33 +00:00
Vincent Ambo
c30344475c fix(tvl-headscale): restore default ACL policy
I omitted the `acls` section when adding the tag configuration. In "normal"
tailscale, emitting this is equivalent to putting the defaults there (i.e. all
traffic inside the tailnet is allowed), however in headscale it defaults to
blocking everything instead.

This meant that internal tailnet traffic wasn't really working correctly anymore.

Change-Id: Ic37504e9a8a97b9f8eb3ac173c88201aef1c044a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12972
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
2025-01-12 21:53:54 +00:00
Vincent Ambo
45f8f7d39f feat(tvl-headscale): configure tag for TVL builders
Configures an ACL for a tailscale tag that can be added by the `tvl` and
`tvl-builders` users.

This tag will be used by dynamic builders to bootstrap and advertise to other
builders that they might be valid substitution targets.

Relates to b/432.

Change-Id: I561a5b4bfeb7e7b306edfaf18b42404d33d84519
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12948
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
2025-01-08 20:40:35 +00:00
sterni
e9b2b0d51c feat(ops/monorepo-gerrit): link r/<id> shortlinks to revisions
I've decided to use the commit view instead of the log view (which cgit
uses) for now. It really depends on how you use it in commit messages:
To refer to a depot state or to a specific change (independently of what
CL gerrit assigned). I'm happy to change it to use the log view.

Change-Id: I472b511fa1322f91304f6543473b51f9c5f21ca2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12837
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2024-11-25 11:39:36 +00:00
sterni
58f795d7c3 fix(ops/modules/irccat): only start after network is online
I've discovered that it is possible for irccat to fail enough times to
run into the restart limit before network is online after booting.

Change-Id: Ia54a46d56bdc765a825fee50e7bdc8206718edc0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12790
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
2024-11-15 14:53:59 +00:00
Vincent Ambo
022cc42395 chore(3p/sources): bump channels & overlays (2024-10-23)
* ops/modules: remove deprecated headscale DNS setting
* users/aspen: use stable julia again (upstream ticket is resolved, and 16 has
  been removed because it's long deprecated)
* users/wpcarro: utillinux -> util-linux
* 3p/overlays: temporarily restore utillinux until upstream breakage is fixed
* users/tazjin: noto-cjk -> noto-cjk-sans
* tvix: regenerate Go protobufs

Change-Id: I9dbec812306cd4e66030d14bbea3805e8224e0d5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12679
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: aspen <root@gws.fyi>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2024-10-27 00:17:15 +00:00
Vincent Ambo
143f35e003 feat(whitby): switch from nix-serve to harmonia for the cache
Harmonia is, ostensibly, faster and better and, most importantly, not a giant
pile of wonky Perl.

I've tested locally that Harmonia works with Nix 2.3 (on both ends), so I think
we should be good to go here.

We have a vendored copy of the upstream module for now. We need to fix Nix 2.3
compatibility in upstream for the module, but the service itself works fine.

Change-Id: I3897bb02b83bd466b6fe7077c05728ac49ea4406
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12517
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
2024-09-26 23:27:29 +00:00
Vincent Ambo
7593592241 chore(users/tazjin): move my homepage module into //users
This was in //ops for legacy reasons, but this is really not necessary.

Change-Id: I758b257838993ef0f7d55809c137118826e2ba85
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12483
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2024-09-14 23:47:29 +00:00
Vincent Ambo
bfab474d0c fix(ops/modules): re-add cheddar highlighting server
This was deleted when removing the Sourcegraph module, but it turns out it is
also needed by panettone.

Change-Id: I8f14165bf783743247894c2b64882fbb032ffbf8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12295
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2024-08-23 23:41:39 +00:00
Vincent Ambo
11665f4e0a chore(whitby): remove Sourcegraph instance
Change-Id: I4d03f98e79de5e3a9c8c4a33682d5c78e3e0f028
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12286
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2024-08-23 14:40:09 +00:00
Vincent Ambo
73896eb075 feat(ops/www): redirect cs.tvl.fyi to livegrep & cgit
Goodbye, Sourcegraph.

Relates to b/290.

Change-Id: Ic1cf3c1cf52ae17cdcc18c675b4c01d477644a3c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12285
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2024-08-23 11:07:15 +00:00
Profpatsch
9559ef56e3 feat(fun/clbot,ops/machines/whitby): filter tvix-dev clbot
In #tvix-dev, we want to display only CLs that relate to tvix and
related projects.

So use a pretty dumb allow-list for which CLs to display in that
channel.

Change-Id: I3ef50b64e3d7fbc27a6690be6a10f1b55c04cd6e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11658
Reviewed-by: flokli <flokli@flokli.de>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Tested-by: BuildkiteCI
2024-06-03 19:35:34 +00:00
Vincent Ambo
61cf4905fe feat(ops/modules): launch teleirc for Volga Sprint
For the duration of the sprint, this bot will take care of
synchronising the IRC channel with the Telegram group.

After the sprint, it will be removed again.

Change-Id: I6d5b1316fc85ddd26adf55e31f6bff742907fc24
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11727
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2024-05-26 19:36:29 +00:00
Vincent Ambo
fd5fc31e65 fix(tazj.in): fix redirect
Change-Id: I0b695f0104bc587b1c5b7591c8d512a265d96873
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11534
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2024-04-30 06:52:21 +00:00
sterni
545eb05357 refactor(3p): use josh from nixpkgs
The change we need has been released and propagated to nixos channels.

Change-Id: Ib10a1d42d7ef6deaf5665a13b72ece345e83d7dc
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11457
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2024-04-28 15:19:15 +00:00
Vincent Ambo
d816b18fa6 chore(tazj.in): add a convenience redirect
Change-Id: Ia41fbff390a2b1df0926ab33e9f4f66b1fd92512
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11533
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2024-04-28 14:40:24 +00:00
Vincent Ambo
9204b58f15 feat(automatic-gc): robust way to disable automatic-gc
We just had a minor incident where apparently our build cache for the
critical security fix was deleted by automatic-gc (which I had stopped
manually) being reenabled by an unrelated whitby deploy.

This adds a new mechanism where by touching a file called
`/run/stop-automatic-gc` the GC can be prevented from running.

We might want to configure an occasional alert or something if this
file exists, so we don't forget about it when we are using it.

Change-Id: I041e57e24b2b684696164a2d516581d7f5696ef0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11326
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: flokli <flokli@flokli.de>
2024-03-31 21:44:26 +00:00
Vincent Ambo
3633d846f8 chore(3p/sources): bump channels & overlays (2024-03-17)
In hope that iwlwifi works again on this commit, and I don't actually
have to debug it.

Includes following changes:

* users/aspen: home-manager is shuffling around pinentry options again
* users/flokli: rebase ipu6-softisp patches to Linux 6.8
                make cl/11097 a separate patch
* ops/modules: remove unused (and now broken) v4l2loopback module

Co-Authored-By: Florian Klink <flokli@flokli.de>
Change-Id: I763f1f075778f2ed8db7803f87248c9dabde4213
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11174
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: aspen <root@gws.fyi>
Reviewed-by: flokli <flokli@flokli.de>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2024-03-18 16:28:40 +00:00
Florian Klink
8f19ffc4fd chore(ops/modules/open_eid): use nativeMessagingHosts.packages
trace: warning: The `programs.firefox.nativeMessagingHosts.euwebid`
option is deprecated, please add `web-eid-app` to
`programs.firefox.nativeMessagingHosts.packages` instead.

Change-Id: Ic2518957eb8e9151f2fdb13a5f25dfbc12c577a2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11138
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2024-03-13 18:06:19 +00:00
Florian Klink
65a810fc0b feat(tvix/docs): switch to mdbook
Some of the docs are still outdated (like architecture and drv path
inconsistencies).

Change-Id: I7a6afceb008ef4cd19a764dd6c637b39fa842a2e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11072
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Reviewed-by: edef <edef@edef.eu>
2024-03-03 16:52:38 +00:00
Vincent Ambo
a9f8491891 feat(ops/sanduny): deploy volgasprint.org
Change-Id: I5058e78ee3d7c26f2abafedeb5c0fb9d55a4da6a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11066
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: Mark Shevchenko <markshevchenko@gmail.com>
2024-02-28 20:34:47 +00:00
Vincent Ambo
2dbeaa80c3 fix: explicit dependencies on network-online.target
A recent change in nixpkgs introduced evaluation warnings if a systemd
service is configured to start after network-online.target, but does
not directly depend on it.

This is done because the existing dependency from multi-user.target to
network-online.target is being removed, leaving these services without
an actual dependency on the service.

This affected autosubmit (I added a weak dependency here, for now the
service is actually on the same host as Gerrit), and sterni's mirror
setup (I added a strong dependency here).

Change-Id: I88a4aa69f6788c489f59533d34be3c9cea681326
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11026
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2024-02-26 11:48:32 +00:00
Florian Klink
515d933808 feat(ops/modules/www): drop hsts for .dev
The .dev TLS is on the HSTS preload list, so there's no need to set this
header here at all.

Change-Id: I253fa2427e75bd0808945cd5d53159cac74e7f8b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11018
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2024-02-23 18:50:22 +00:00
Florian Klink
f3faeae52a feat(ops/glesys): add bolt.tvix.dev
Make tvixbolt.tvl.su just serve a redirect to the new domain, and fold
everything into the tvix.dev.nix module.

Change-Id: I3a9ccf37d2ceee8886208d6f662e7598ce395b1a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11015
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2024-02-23 18:44:18 +00:00
Vincent Ambo
782cfa9e33 chore(tvixbolt): move from //corp to //web
Assigning copyright to the TVL community (whatever that is), and
adding AGPL-3.0-or-later license.

I also cleaned up some of the stuff on the landing page.

Change-Id: I4dbca19406e00e5105fed50e8fb64e0fcca23e3a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11013
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2024-02-23 08:08:07 +00:00
Vincent Ambo
6be42d6a35 feat(ops/modules): reindex livegrap when depot refs change
Change-Id: I917e628428171fa30a89e061cd9bf07e5a759081
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10950
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
Autosubmit: tazjin <tazjin@tvl.su>
2024-02-18 08:20:50 +00:00
Vincent Ambo
a9f5bb859f feat(ops/modules): initialise module for running livegrep
Change-Id: Ic22118def24089cda25ccc74c9da670d41c6b323
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10936
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2024-02-17 07:11:25 +00:00
Vincent Ambo
472f727c24 fix(ops/gerrit): mitigate Quarkus temporarily
Keycloak has a new thing going on: Wildfly (whatever that is) is out,
and Quarkus (whatever that is) is in.

https://www.keycloak.org/migration/migrating-to-quarkus

This breaks our stuff, however, so we're using the Gerrit OAuth
plugins recommendations for how to work around that:

https://gerrit.googlesource.com/plugins/oauth/+/8d467e99457466c71eb0ca9e661dd433f03a0123%5E%21/#F1

Change-Id: I2391a89c6791015e66c5e480b905b6ee56663020
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10905
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2024-02-15 16:23:32 +00:00
sterni
0c0edd5928 chore(ops/modules/btrfs-auto-scrub): schedule later by default
Midnight is kind of when you're still up and may want read performance
that is not affected by a btrfs scrub.

Change-Id: I0609269d3ee9853f7c7fe08cae18efe1d9259e7e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10864
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2024-02-15 00:03:45 +00:00
Aspen Smith
82ecd61f5c chore(users): grfn -> aspen
Change-Id: I6c6847fac56f0a9a1a2209792e00a3aec5e672b9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10809
Autosubmit: aspen <root@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2024-02-14 19:37:41 +00:00
Luke Granger-Brown
28173ca4b9 chore(3p/gerrit): 3.8.2 -> 3.9.1
Change-Id: I8fa10b52c44bd3d5efb0fff740ad6d5da6e96831
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10802
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2024-02-12 15:59:15 +00:00
Florian Klink
a1b2dc8aaf feat(tvix/build-go): init
This adds the generated golang bindings for tvix-build.

Change-Id: I2eb0d1cc38bc2fa34afd7c904eea05c5ee192cce
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10242
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
2023-12-11 21:43:38 +00:00
Vincent Ambo
a554531e28 chore(ops): move from gerrit-queue to gerrit-autosubmit
Enables the new autosubmit bot, albeit without rebase
functionality (this will be a separate change).

Change-Id: Ia42a4f08c0edca5e6cc8bf4770ec24dbf16a5db7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10132
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
2023-11-27 21:51:08 +00:00
sterni
79c38dbf2a fix(ops/modules/irccat): recursively merge config attribute set
`lib.types.attrs` is deprecated in favor of `lib.types.attrsOf
lib.types.anything` because it doesn't merge attribute sets
/recursively/. `attrsOf` and `anything` do, the former is used to ensure
that the top value is an attribute set as expected by irccat.

Change-Id: I2a9d943a06c8f99f7d6d20c9944288e854924bff
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10129
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-26 22:16:16 +00:00
sterni
03d5ffd2de feat(sterni/ingeborg): enable btrfs auto scrub
While we are at it, rename disk-checkup.nix to btrfs-auto-scrub.nix and
move it into //ops/modules. I originally wanted to have additionally
disk health related services in that module, but the btrfs scrub
functionality is nicely self-contained and reusable, so I think it makes
sense to have this in a more central location.

Change-Id: Iabdd62838eef009540ca71abafd921afda2a9b47
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10128
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-26 22:16:16 +00:00