Headscale is an open server for tailscale. Clicks, another group I work
on nix stuff with, has a module which makes it extremely easy to set up
a headscale server. I've spent a while over the past week making it safe
to import, and it's finally ready for Auxolotl to have!
We want to use headscale for internal communication between servers, so
it's OK to avoid setting up OIDC ... similarly, the only people who are
on the headscale should be relatively-well trusted. The expectation is
that to start with, this will be people who want to run buildbot workers
Reviewed-on: #13
Co-authored-by: Skyler Grey <sky@a.starrysky.fyi>
Co-committed-by: Skyler Grey <sky@a.starrysky.fyi>
I have forked buildbot-nix to https://git.auxolotl.org/auxolotl/buildbot-nix
I have made an improvement there to how output paths are written, and
this input change pulls in the update
Reviewed-on: #12
Co-authored-by: Skyler Grey <sky@a.starrysky.fyi>
Co-committed-by: Skyler Grey <sky@a.starrysky.fyi>
For a while we've been lacking a CI, which has led to problems such as
an inability to enforce REUSE, as well as an inability to build and
deploy docs-site automatically
Buildbot is commonly used (nix-community, lix, etc.), and very
extensible, which we hope will benefit us over something like Hydra or
Typhon
The buildbot instance is available at https://builds.auxolotl.org
Openssh had a security vulnerability that allowed RCE as root, this
flake update includes a openssh patch for said CVE
Change-Id: Ic7a3b58d9f3bc32d952b34e1995ed2ab740af76c
Jake Hamilton
Skyler Grey
Samuel Shuert