c948a26d7d
Configures an experimental setup for a builderball-based public cache. This cache only includes the two build machines (whitby & nevsky), for the time period where both of them exist simultaneously. The idea is this: All participating hosts run a harmonia binary cache locally (whitby already does). They then run builderball instances pointing at each other's harmonia caches (through dedicated public hostnames). When a request comes in, the first matching cache address is returned and Nix will substitute from there. Change-Id: Ia7d5357fd5e04f77b460205544fa24e82b100230 Reviewed-on: https://cl.tvl.fyi/c/depot/+/12975 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| default.nix | ||
| dns-nixery-dev.tf | ||
| dns-tvix-dev.tf | ||
| dns-tvl-fyi.tf | ||
| dns-tvl-su.tf | ||
| main.tf | ||
| README.md | ||
Terraform for GleSYS
This contains the Terraform configuration for deploying TVL's infrastructure at GleSYS. This includes object storage (e.g. for backups and Terraform state) and DNS.
Secrets are needed for applying this. The encrypted file
//ops/secrets/tf-glesys.age contains export calls which should be
sourced, for example via direnv, by users with the appropriate
credentials.
An example direnv configuration used by tazjin is this:
# //ops/secrets/.envrc
source_up
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-glesys.age)
watch_file $(git rev-parse --show-toplevel)/secrets/tf-glesys.age