Commit graph

21567 commits

Author SHA1 Message Date
sterni
1fcd827230 feat(sterni/machines/ingeborg): disallow crawling of /tmp
Change-Id: Ic104ff7837c5f728b4e9b33b2ed2ed1ceba8103e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13054
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-24 21:26:31 +00:00
sterni
5720399a19 feat(sterni/emacs): bind rename-visited-file
(ty leah2)

Change-Id: Ia8aa3ebed0b29b453046a2b5b661cdeaf5f26487
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13053
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-24 20:13:43 +00:00
sterni
decc0e4576 fix(sterni/machines): adjust deploy script for nq >= 1.0
fq was renamed to nqtail, otherwise nothing changes for us.

Change-Id: I3c40d0d0702e50b3421e320b5adf58a450303693
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13052
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
2025-01-24 20:07:09 +00:00
sterni
27f21489ac fix(sterni/emacs): inbox.org should remain org-capture target
Change-Id: I99f57cede225dcb3fce6b1866a7e8da7d6dc4995
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13051
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-24 20:06:07 +00:00
sterni
1c18c8456f feat(sterni/emacs): increase maxlevel for org-refile
Change-Id: I2e160015b1ed6fe158da7c544a0b5c7b6697f999
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13050
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-24 20:06:06 +00:00
sterni
78b05b5448 feat(sterni/emacs): binds for refiling and archiving subtrees in org
Archive to a single archive file that is ignored in org-agenda.
Archiving that “stays close” can be done using the archive tag.

Change-Id: Icd121a765e5befa0ab2f6df662d757483c65efa5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13049
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-24 20:06:06 +00:00
sterni
9f6d4306f7 style(sterni/acme/plumb): use tabs to separate the fields
This is convention in Plan 9 and e.g. the plumber will reformat the
rules this way when they are read back via `9p read plumb/rules`.

Change-Id: I53543d774c11789c8352e2e632678313037c5555
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13048
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
2025-01-24 14:48:54 +00:00
sterni
446127938d fix(sterni/acme): fix plumbing of e.g. //users and [//nix](./nix)
Change-Id: Ic85d71831d799db5bd8458f19593a05f3157d1de
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13042
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
2025-01-24 14:06:09 +00:00
sterni
0481a5778e feat(sterni/acme): add plumbing rule for r/XXXX short links
This uses git show to display the revision same as the git commit rule.

Change-Id: Ibf518adb60d15cac2126b6ab0c7e12c4b4637c25
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13041
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-24 14:06:09 +00:00
sterni
75e0c1cf43 feat(sterni/acme): add plumbing rule for showing git commits
Change-Id: Iee072e1dc7c6d11456aeae47140e6a62fe832531
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13040
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-24 14:06:09 +00:00
sterni
a396f4162f feat(sterni/emacs): open context file on startup
context.org tracks ongoing things, e.g. code I'm working on or want to
get started on. Tracking means that it contains notes (“context”) on the
things in question. These will mainly be links or quick todo lists which
will hopefully reduce the amount of open tabs and unread emails (marked
as TODO in thunderbird) I have.

Having inbox.org open is not as useful since it isn't viewed really: For
adding tasks org-capture should be used and for viewing them org-agenda
is far superior.

Change-Id: I4acbaa33e4c2de40a92393376bb86251d9dceb02
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13044
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-23 22:41:46 +00:00
sterni
26edf809ff docs(REVIEWS): mention use of merge commits in gerrit intro
Change-Id: I15de6314171ad882786a95753a7c439b8998f900
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13037
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-23 14:50:32 +00:00
sterni
55a7ec7b9d docs(REVIEWS): explicitly recommend using an LDAP account
Change-Id: I02e2736ded37c9a5208d8d315bbfc2752b19276c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13036
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2025-01-23 14:46:29 +00:00
sterni
975b9603cc refactor(sterni/plan9port): move custom install logic into wrapper
The wrapper allows me to pick and choose what to install and also to set
some extra environment variables if necessary. A separate wrapper
derivation prevents the hefty rebuild of the entire plan9port derivation
when making changes.

Change-Id: I3f96cc3e31baf3bd37ae419578c5789aa093e578
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13038
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
2025-01-22 18:14:51 +00:00
sterni
58cafde03d docs(REVIEWS): link additional related documentation
Unfortunately, the git book doesn't link the man pages of the involved
tools, but I assume users will figure out to read them on their own.
I've not linked https://git-send-email.io due to the slight reservation
that it's not an official resource (and is an advertisment), but I don't
feel strongly on that. The linked chapter of the Git Book links it in a
footnote anyways.

Change-Id: I70e3c75396006256c775f84bc7aeb5a4bde081a1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13032
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
2025-01-21 20:41:36 +00:00
sterni
e102e6686b docs(REVIEWS): improve wording, fix smaller mistakes
Change-Id: If1fbd44208ab1b15e644a49a89af4d5d5c0826a1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13031
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
2025-01-21 20:41:05 +00:00
sterni
623ebc615f feat(sterni/acme/plan9port): make my plumbing rules the default
To avoid the need for two different versions of plan9port in the CI
pipeline, just move the plumbing sanity check into installCheckPhase.
For local iteration you'd have a plumber running anyways, so the short
build time of the plumb derivation isn't really a necessity.

Change-Id: Ib0ba5fa2d8107530fb7d1144cf7395f4f5a3cd12
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13035
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-21 20:19:56 +00:00
sterni
9743fbf6b7 feat(sterni/acme/plan9port): allow entering BQN chars via compose
plan9port completely ignores XCompose because it has its own compose
mechanism (which is mapped to the same key). The sequences are defined
in /lib/keyboard and need to be compiled in.

Support for the BQN unicode characters is achieved by generating the
necessary lines for /lib/keyboard from the .inputrc (for GNU readline)
that is part of mlochbaum/BQN (simply because that file is somewhat
parseable and stores the sequences in ASCII, contrary to .XCompose).
This is implemented by a small BQN script which is executed in
postPatch.

All usual sequences are supported except those that map to the second
ASCII character of the sequence. These exist to keep certain characters
typeable in other input system. Thanks to the explicit compose key,
Plan 9 doesn't have this problem.

Change-Id: I590c03fd69a2aae3cbbbd39ebcbce6cec0418b50
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13034
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
2025-01-21 20:19:56 +00:00
sterni
3b9d5a02ce feat(sterni/acme): import my patched plan9port from vuizvui
This is equivalent to
<2e4032c31b>,
with the addition of patchesFromDir to assemble a list of patches.

Import into depot since I'm interested in adding some depot specific
configuration and tools to (mainly) acme that doesn't make sense to
track outside of depot. Since persisting user configuration and tooling
with plan9port is annoying, it's easier compiling it in to begin with.

Change-Id: I565a285368485c7ce1d5caa7baa87a8ca86abcb7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13033
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-21 20:19:56 +00:00
sterni
47cda5e89f feat(sterni/acme): add initial plumbing rules
Rules for the Plan 9 plumber (see https://9p.io/sys/doc/plumb.pdf)
allowing quick navigation through depot (and related services) in acme.

- man, urls: some rules that I like taken from /plumb/basic and split
  across individual files.
- tvl: incomplete support for TVL short links and targets:
  - //…
  - cl/…
  - b/…

As mentioned, these are incomplete and I want to implement the remaining
short links and things like git support. I want to continue
experimenting with the plumber, but what I've got so far is already
pretty cool. Eventually, I'll want to implement something equivalent for
Emacs (maybe via Hyperbole) which is probably going to be of general
interest to depot users.

Change-Id: I678f000369db4c7ce30b2aedbc2dbccf3ddef0a9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13026
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
2025-01-21 20:18:54 +00:00
sterni
edf4bf6165 docs(CONTRIBUTING): mention magrathea (and direnv)
Change-Id: I226b9e56ebd74a2bcb8bf1427fc2403348826abe
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13030
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
2025-01-21 15:57:36 +00:00
sterni
507495de5b fix(docs/SPARSE_CHECKOUTS): correct link to depot-scan
Change-Id: Ie5bdb30279c4e988e358cc88eb6fe999cc83deeb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13029
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
2025-01-21 15:57:34 +00:00
sterni
2dea110842 docs(CONTRIBUTING): link subtree doc, don't assume git-subtree(1)
Change-Id: I13a94b296b4cb96be43003f33c005f65da99abb4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13028
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-21 15:57:34 +00:00
sterni
280fb298f9 fix(nix/buildkite): pass extraSteps script to buildkite directly
Fixes execution of extraSteps on a machine that hasn't built the
pipeline and thus realised the extra step shell script. You can sort of
dump a script into `command` for buildkite as long as you escape any
variable access since buildkit would substitute those before entering
the step environment.

Change-Id: I8ddc0b80f6f568204ea6c80a118533bc11786473
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12992
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-21 15:56:33 +00:00
Aspen Smith
5a2737299a feat(aspen/goodcry-band): jan '25 updates
Change-Id: I340946d51e322d176799cee1f31b5683154461aa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13027
Reviewed-by: aspen <root@gws.fyi>
Tested-by: BuildkiteCI
Autosubmit: aspen <root@gws.fyi>
2025-01-21 01:56:59 +00:00
Luflosi
2c76d92a87 feat(tvix/nix-compat/narinfo): roundtrip missing References
We aim to produce bit-identical output when roundtripping.

Change-Id: Iffc9dbd100f5239c948ee02c11b7735fda30bbc9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13025
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
Autosubmit: Lukas Zirpel <luflosi@luflosi.de>
2025-01-19 13:52:09 +00:00
Luflosi
860b374a54 feat(tvix/nix-compat/narinfo): roundtrip special compression algorithms
Roundtrip `Compression: none` and the default compression algorithm (`Compression:` missing).
We aim to produce bit-identical output when roundtripping.

Change-Id: I9db00db4b15b71f33f34ff3308a8e12d7deec5f4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13004
Autosubmit: Lukas Zirpel <luflosi@luflosi.de>
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2025-01-19 10:22:48 +00:00
Vincent Ambo
7824f8a91f feat(ops/bugry): configure depot replication to bugry
Change-Id: I3ee35e76c9ec6d7a175801c45eee073ce23d3dfd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13020
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-18 22:31:05 +00:00
sterni
a031b918b1 test(sterni/blipqn): add sanity check
This tests that a single pixel is set in the correct place and correctly
sent over UDP.

Change-Id: I617dda739262b4c6cf55c0bf99d2f3e141adece3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13013
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-17 15:50:33 +00:00
sterni
10dc365e34 feat(sterni/blipqn): print some extra information when using :debug
Change-Id: I92ebde397e679c7e3f8ddcf6fcecd6af5c84f629
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13012
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-17 15:50:33 +00:00
sterni
a9e121380b feat(sterni/blipqn): reuse address and socket for multiple Sends
This is achieved by storing the resources we need to acquire for
interacting with the flipdot (socket fd and addrinfo struct) in a
`struct flipdot` that is dynamically allocated and treated as an opaque
pointer object via the BQN FFI.

To make sure these resources are released correctly, we only provide a
lisp style WithFlipdot to the user which takes care of acquiring and
releasing the `struct flipdot`. This works even if an error occurs in
the function the user provides thanks to _defer_. I'm not sure if
calling it _defer_ is right since Go's error handling works differently,
so defer really is deferred execution in a sense which doesn't really
fit what we're doing here. The closest is probably Haskell's bracket,
but that name references it's triadic nature which doesn't fit our
implementation.

Change-Id: Iff65d277a448dbe0c6ac93e816ece5ab6fa10190
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13011
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-17 15:50:33 +00:00
sterni
1027e21eee feat(sterni/blipqn): interact with a flipdot display from BQN
The idea of this “library” is to do the least. The most natural way to
represent the image to render on a flipdot image is a two dimensional
array of booleans. This something BQN is very well equipped for, i.e. it
has primitives that are designed to deal with this type of data
structure. The only thing we have to do is to take care of sending such
arrays to the flipdot display via the μCCC's un(der)documented UDP
protocol.

Compact implements the conversion from a boolean array to a bitmap that
only uses 1 bit per pixel. All socket code is written in C and invoked
via •FFI. Currently, every time a bitmap is sent to a display, the
target host has to be resolved again. This should be fixed in the
future.

Change-Id: Idea7c81baac919da93c88a69f98cbbbd026fa328
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13010
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-17 15:50:33 +00:00
sterni
b51720f844 feat(sterni/emacs): search through all org files
It can also be useful to find things I've noted down in my todo lists.

Change-Id: I6f3d7da49bfd4392c70e5b14c21b1d659645867e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13009
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
2025-01-16 22:19:12 +00:00
sterni
689fee1398 feat(sterni/machines): enable fail2ban for ssh
The upstream module is kind of inscrutable so it may be nice to port it
to a simple reaction setup. Since that's probably going to require
writing rules manually, though, I'm putting this off for now.

Change-Id: Ic3d8c5f2d1b08701f0dc5b8b4eb57dc45bcd58ee
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13008
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-16 22:19:12 +00:00
Profpatsch
3953fd7030 feat(users/Profpatsch/whatcd-resolver): add simple settings
For now just a setting whether we want to use freeleech tokens.

Change-Id: I1c0228031df8c79c2ec26ec5bdfef6dde1cb373e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13007
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2025-01-16 19:44:32 +00:00
Profpatsch
3e5b3b82a6 feat(users/Profpatsch/whatcd-resolver): generic otel struct attrs
A generic way to turn Haskell structs into json objects, and therefor
to otel attributes.

I don’t know how to make it so I can give anything where Rep
implements that thing a `toOtelJsonAttr` implementation, things
overlap too much if I do that …

Change-Id: Iededb697dff206ddc6481a2eead210d44faa70c9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13006
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2025-01-16 19:44:32 +00:00
Profpatsch
5d31e25588 refactor(users/Profpatsch/whatcd-resolver): response struct as GADT
I got stuck with unsolvable type inference problems using HasField and
a struct here, since this is all returning an enum anyway, why not
just use a GADT. It seems to work just fine and is more
ergonomic (still not very, but this is Haskell).

Change-Id: I1b5d0f98528ff85c0e3044bc730b660972142cd6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13005
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2025-01-16 19:44:32 +00:00
Vincent Ambo
de8ffb723c chore(ops): remove nixery-01 VM completely
This is no longer needed; Nixery is now served by bugry.

Change-Id: Idd072505c4da1e6af636224e092b6fb21eff9250
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13001
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2025-01-15 15:38:48 +00:00
Vincent Ambo
98aee9f84a fix(ops/machines): add missing bugry & nevsky entries
Why are we doing this manually again?

Change-Id: I5a941d677e7c6e762f97d8b607d8409b6e9badb9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/13000
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2025-01-15 15:38:48 +00:00
Vincent Ambo
aea48b54aa chore(ops/nixery): use unstable nixpkgs channel for nixery
We switched to stable temporarily in 2023 (!) because of some breakage that has
long been fixed.

In general, running nixery against stable is probably advisable, but because of
our Lisp package situation updating stable is not possible at the moment.

Change-Id: I122ac63d6307cab76a3069101682fc5f8f985914
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12999
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-15 15:38:48 +00:00
Vincent Ambo
96a42945a5 feat(ops/glesys): point nixery.dev records at bugry
Change-Id: I360876dfd416eb1cce4dd2772ef312aae6dd7ac3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12998
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2025-01-15 15:38:48 +00:00
Vincent Ambo
5a33dd7ec3 feat(ops/bugry): run nixery instance
Running Nixery on bugry is much more cost efficient (better traffic economics
than on a cloud provider, and Nixery is mostly a traffic-heavy service), and
frees up my Yandex Cloud credits for adding another builder.

Change-Id: Id6c8c76b28a5ce13cc8b743ad6e72fffd19353fb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12997
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
2025-01-15 15:38:48 +00:00
Vincent Ambo
c49297d9ad chore(3p/sources): bump channels & overlays (2025-01-12)
This (temporarily) bumps the nixpkgs channel to nixos-unstable-small, because it
has an update I really want, and also to stress-test the new builders.

Included fixes:

* disabled tests in niri to avoid a flaky test; this is fixed upstream already,
  but the change is still percolating through
* regenerated Go protobufs

Change-Id: Ia09fdc38f620fe8301c2111b0e4c142f37df2dd5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12991
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
2025-01-15 11:57:22 +00:00
Vincent Ambo
b153679388 fix(ops/bugry): enable TVL binary cache
I thought this was enabled and got confused when deploying ... cache should
always be enabled on machines that don't build themselves.

Change-Id: Ie52b27c44db4c26387b05553dbe36f7693628e89
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12993
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-14 17:51:54 +00:00
Vincent Ambo
f081642b3a feat(ops/nevsky): run buildkite agents on nevsky
This relates to b/433.

Change-Id: Ic39e4836ca354ce2f9f365cba95f96ceb5eec281
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12990
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-14 17:51:54 +00:00
Vincent Ambo
d2d06241a0 feat(ops/tvl-cache): add option for using experimental cache
Adds a `tvl.cache.builderball` option for cache *consumers* which enables the
experimental builderball cache. This cache uses whitby AND nevsky.

Change-Id: I4d99ba52d6ebd9a49e6fcb931d01e69383b15bcf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12986
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-14 17:51:21 +00:00
Vincent Ambo
c948a26d7d feat(ops/modules): configure builderball cache setup
Configures an experimental setup for a builderball-based public cache.

This cache only includes the two build machines (whitby & nevsky), for the time
period where both of them exist simultaneously.

The idea is this:

All participating hosts run a harmonia binary cache locally (whitby already
does). They then run builderball instances pointing at each other's harmonia
caches (through dedicated public hostnames).

When a request comes in, the first matching cache address is returned and Nix
will substitute from there.

Change-Id: Ia7d5357fd5e04f77b460205544fa24e82b100230
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12975
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-14 17:51:21 +00:00
Vincent Ambo
6733b26ba5 feat(ops/secrets): grant nevsky builder secret access
Change-Id: I2343357b7c92c49a9bb22d1b8ce20091d6ab70ba
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12987
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
2025-01-14 17:51:21 +00:00
Vincent Ambo
ec06690c42 fix(ops/nevsky): include known hosts module
Otherwise pushes to Github from CI will fail.

Change-Id: Ib3eb3165577cb98c5a7d5f2055b09dbf118da6c3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12994
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2025-01-14 17:40:26 +00:00
Vincent Ambo
bf552f7a9b feat(ops/machines): IPv6 setup for bugry
Adman (the hoster) have not provided an ETA for native v6 on bugry yet, so we
establish a public v6 connection through nevsky for now.

In traffic flows going West->East the overhead is minimal (a few ms), though I
guess it might be worse if you're in the middle (Yekaterinburg or something).

The prefix was chosen by the bugry public v4 address encoded in hex, and
appended to the nevsky prefix.

Change-Id: I133622c17bd02eade0a6febc6bdf97f403fed14c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12974
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2025-01-14 16:44:26 +00:00