Commit graph

28 commits

Author SHA1 Message Date
Skyler Grey 6cc4c3fc67 feat(axol, baxter): Enable tailscale (#14)
All checks were successful
buildbot/nix-eval Build done.
Previously, we set up headscale

We need to enable tailscale on baxter, as we intend to use tailscale to
connect builders to its buildbot instance

As the headscale server doesn't automatically put the server running it
into the tailscale network, we also need to set up the tailscale daemon
on axol

Reviewed-on: #14
Co-authored-by: Skyler Grey <sky@a.starrysky.fyi>
Co-committed-by: Skyler Grey <sky@a.starrysky.fyi>
2024-08-09 20:28:14 +00:00
Skyler Grey 740e35fb48 feat(axol): Add headscale module (#13)
All checks were successful
buildbot/nix-eval Build done.
Headscale is an open server for tailscale. Clicks, another group I work
on nix stuff with, has a module which makes it extremely easy to set up
a headscale server. I've spent a while over the past week making it safe
to import, and it's finally ready for Auxolotl to have!

We want to use headscale for internal communication between servers, so
it's OK to avoid setting up OIDC ... similarly, the only people who are
on the headscale should be relatively-well trusted. The expectation is
that to start with, this will be people who want to run buildbot workers

Reviewed-on: #13
Co-authored-by: Skyler Grey <sky@a.starrysky.fyi>
Co-committed-by: Skyler Grey <sky@a.starrysky.fyi>
2024-08-08 22:37:17 +00:00
Skyler Grey e290667c89 feat: Replace buildbot-nix with auxolotl fork (#12)
All checks were successful
buildbot/nix-eval Build done.
I have forked buildbot-nix to https://git.auxolotl.org/auxolotl/buildbot-nix

I have made an improvement there to how output paths are written, and
this input change pulls in the update

Reviewed-on: #12
Co-authored-by: Skyler Grey <sky@a.starrysky.fyi>
Co-committed-by: Skyler Grey <sky@a.starrysky.fyi>
2024-08-08 22:35:31 +00:00
Skyler Grey 198b4dff20 feat(baxter): Add buildbot CI
All checks were successful
buildbot/nix-eval Build done.
For a while we've been lacking a CI, which has led to problems such as
an inability to enforce REUSE, as well as an inability to build and
deploy docs-site automatically

Buildbot is commonly used (nix-community, lix, etc.), and very
extensible, which we hope will benefit us over something like Hydra or
Typhon

The buildbot instance is available at https://builds.auxolotl.org
2024-07-27 00:08:27 +00:00
Skyler Grey e8e8b54465 chore(reuse): Remove unused license 2024-07-25 22:51:41 +00:00
Skyler Grey 919b3c4e73 feat: Add agenix-rekey
Agenix-rekey is a project which uses rage to encrypt secrets for hosts
where they're needed. We'll need it for a future commit with buildbot
2024-07-25 22:50:00 +00:00
Samuel Shuert 5104c5e8ca Patch eval fails caused by flake update
Update's mailerPasswordFile to secrets.mailer.PASSWD and removes our
custom overlay as it was already merged into current nixpkgs

Change-Id: Ic2c8079094fdd93a3350a35f6dbdd67465cee1da
Reviewed-on: #9
Co-authored-by: Samuel Shuert <me@thecoded.prof>
Co-committed-by: Samuel Shuert <me@thecoded.prof>
2024-07-02 22:40:42 +00:00
Samuel Shuert 6bc0e1ea10 fix: Update nixpkgs to pull in CVE-2024-6387 fix
Openssh had a security vulnerability that allowed RCE as root, this
flake update includes a openssh patch for said CVE

Change-Id: Ic7a3b58d9f3bc32d952b34e1995ed2ab740af76c
2024-07-02 22:12:06 +00:00
Samuel Shuert aa4b968600 fix: Update auxolotl-website flake input
Change-Id: Ib42071c14dbe491724ae5a115bd42c680fa9f112
2024-07-02 18:06:39 -04:00
Samuel Shuert 4eb39381eb
feat(keys): Add coded SSH keys for infra 2024-06-29 13:42:49 -04:00
Jake Hamilton eb5fcf642c
chore: update website 2024-06-16 08:49:44 -07:00
Skyler Grey b3f31dd71d
fix(forgejo): Patch to stop 500s on import+review
A while ago we set up forgejo. After that, we discovered that in certain
circumstances you could cause forgejo to give an error 500 when
approving a pull request.

Please see https://codeberg.org/forgejo/forgejo/issues/3860

This has been fixed upstream, but we are impatient so we would like to
pull in the patch before it lands in nixpkgs.
2024-05-28 23:58:52 +00:00
Skyler Grey 0add9248e7
feat(license): Switch to REUSE
https://reuse.software is a way of specifying licenses in a simple way
that easily allows us to specify multiple licenses in a project and
check that we are correctly specifying our licenses

We plan to add an MIT-licensed file to the project in a future commit,
which prompted us to look at REUSE to make this simpler
2024-05-28 23:58:52 +00:00
Skyler Grey 24bf8788de
feat: add default shell
We're starting to need a few packages which people are less likely to
have on their system. Let's provide an environment where everyone can
quickly install everything we need.
2024-05-28 23:44:14 +00:00
Jake Hamilton 77bd5f86ae
fix: add isabel's missing key 2024-05-21 15:07:21 -07:00
Jake Hamilton 6b7e8f4bd4
feat: add signing via gpg key 2024-05-21 15:00:33 -07:00
Jake Hamilton e1cd5994e5
fix: mail domain, indexing options, disable org creation 2024-05-21 14:25:46 -07:00
Jake Hamilton a866a1d1aa
docs: add baxter to system entries 2024-05-21 14:25:45 -07:00
Jake Hamilton 6cb331f1c0
feat: add baxter 2024-05-21 14:25:42 -07:00
Samuel Shuert fdef711071
Merge pull request #3 from auxolotl/private/skyler/bump-website
chore: bump website
2024-05-16 17:55:04 -04:00
Skyler Grey 05a146d669
chore: bump website 2024-05-16 21:54:16 +00:00
Abhiram 61cbcbc01d
Merge pull request #2 from auxolotl/isabel/ssh-keys
feat: add isabel's ssh keys
2024-05-16 03:32:36 +05:30
isabel roses 650d6a115a
feat: add isabel's ssh keys 2024-05-15 20:48:19 +01:00
Jake Hamilton 9ede5a54c4
Merge pull request #1 from auxolotl/private/skyler/bump-website 2024-05-12 11:48:10 -07:00
Skyler Grey f36a63a58d
feat: add minion's ssh keys
I am adding my keys to allow me to deploy updates, e.g. the previous
commit's website bump, using deploy-rs
2024-05-12 18:00:13 +00:00
Skyler Grey a3b48f4843
chore: bump auxolotl website version 2024-05-12 17:56:00 +00:00
Jake Hamilton 72eedae40b
feat: full axol deployment 2024-05-06 20:36:54 -07:00
Jake Hamilton eabcf2de48
chore: initial commit 2024-05-04 14:20:45 -07:00