summary refs log tree commit diff
path: root/fleet
AgeCommit message (Collapse)Author
2022-06-20fleet/test: run builds with --keep-goingedef
Change-Id: I41e2932131c31346a421761d45fdc9d2a9b6ff3d
2022-06-20fleet/test: don't rely on SSH config and repo remotesedef
Change-Id: I066a1fdbeabef0c2c38dcb0740c89eb056bb62f5
2022-06-20fleet: it's monorepo time!V
Change-Id: I4670dd7930a9b6227993c1caf92c5877918f982d
2022-06-19fleet/pkgs/naut: point source URL at the monorepoedef
Change-Id: I107a0402464f13afe318bfb91229dfeacda61806
2022-06-06fleet/hosts/trieste/web: fix homepage 404ingV
Unless Caddy recently changed how it resolves directives, this has been broken since the initial deployment. `error` directives are processed before `respond` directives[1], and unlike CSS, matcher precision does not impact directive precedence. Sticking a `route` directive around the two of them makes things work as expected. [1]: https://caddyserver.com/docs/caddyfile/directives#directive-order Change-Id: Ic05c6ba9a7143c3a58c2bf7ccd0498a7337257f8
2022-06-06fleet/hosts/trieste/cgit: switch implementation to cgit-pinkV
cgit-pink purports to be actively maintained, unlike its upstream. Change-Id: I4d76324ddb24f5fd3e53aeed6fa6ed17713ee15d
2022-06-04fleet: upgrade to NixOS 22.05V
Change-Id: Ie5542d079ee7b2de06e0faed52343905b3287b39
2022-05-30fleet/hosts/{kaikou,trieste,vityaz}: add my SSH certificateV
This will live alongside the existing keys until I'm completely comfortable with the new setup. Change-Id: Ia26299c0a1ff60fff37104c0fb8eaf31f17a3df5
2022-05-14fleet/modules/web: drop Content-Security-Policy header, for nowV
Blocking inline scripts was causing Gerrit to load fonts from Google's CDN. Rather than adding the appropriate exception for this one instance, and giving myself a false sense of safety (which will inevitably result in me running into other subtle issues of this kind in the future), I'm going to disable the entire thing until I have time to set up reporting. Change-Id: I7c48e4f7d113ecc15dec0bb930918ccc691b124f
2022-05-14fleet/hosts/kaikou: add skeleton Gerrit configV
Change-Id: Ibf68b5b4d7377ea5863315ffd5b6ed24c2874961
2022-05-11fleet/hosts/kaikou: a build automation serverV
This will host a Gerrit instance and run CI jobs for us. Change-Id: Ida683bfa910843cc4bcc8a96f2872364067a17ea
2022-04-12fleet/hosts/vityaz: add Alyssa to the WireGuard networkV
\o/ Change-Id: Ice50886c10b0d22f6ef8ff7ddec215da393575c2
2022-03-28fleet/hosts/trieste/naut: don't notify on infra updatesV
These aren't really relevant to the project. If people particularly care about our infra, we could create a channel specifically for that, but currently it's not of interest to anyone, and just clutters things up. Change-Id: I86a484604b9442a51ba0ea22783c9286857ce403
2021-08-30fleet/hosts/trieste/naut: put proxy socket in its own directoryV
As the main service runs as a dynamic user, service restarts cause the runtime directory (/run/naut) to be recreated. This resulted in the proxy socket being deleted, never to be seen again (breaking the hook). Change-Id: Ief0655d24116939e401191acd75d9d59b9c03e86
2021-08-22fleet/naut: pluralise "{} commits pushed" message correctlyV
Change-Id: I716969d8c18628166c6b49dba8eca2807e22784d
2021-08-21fleet/hosts/trieste/naut: fix proxy service dependencyedef
This ensures that only a single instance can be running, and allows the socket and service to be restarted together. Change-Id: Iaa7a2f36705996458d0c7af692151bba6209c028
2021-08-21fleet/pkgs/naut: a little commit notification botV
After a couple of days wrangling Rust's async ecosystem, we now have an IRC bot that will announce new commits. This should hopefully give people a better view into what we're working on! Change-Id: Ie7b3be62afca3ad2a10cb04c15ff666c62408fa2
2021-08-20fleet/hosts/trieste/cgit: put our tagline in the root descriptionV
I'm not sure why I didn't think to do this earlier. Change-Id: I951f7d5fa3d3276befe687e62393cbad807bd4c4
2021-08-17fleet/modules/public-inbox: fix updated descriptions not getting picked upV
Stale data just tastes bad, y'know? Change-Id: I027250bfb6831ef473088e2ee2652df2a8f894a4
2021-08-17fleet/modules/public-inbox: set NonBlocking on the httpd serviceV
For whatever reason, it complains if you don't provide this. It will then set O_NONBLOCK by itself, so I'm not really sure what the point is. Change-Id: Iec21e48f027a9782625f5fbbe539a8a7ccc04e2c
2021-08-17fleet/modules/public-inbox: add Requires/After of the corresponding socket ↵V
to the httpd service This ensures they can be restarted together correctly, as well as ensuring the service has a socket available at all times. Change-Id: Ifa06e217cc2209aea4bcf28ed054d74cbc091a99
2021-08-17fleet/modules/public-inbox: fix permissions issueV
It turns out the strange behaviour we were observing was due to createHome applying an overly-restrictive mode to the public-inbox top-level directory. This prevented public-inbox-httpd from accessing any of the inboxes, despite it having the correct group assigned. This fixes: - Inbox descriptions showing up as "($INBOX_DIR/description missing)" - Inbox pages only containing the text "No messages, yet" - Mysterious "fatal: not a git repository: '/path/to/inbox'" errors - Probably even more things that I simply didn't notice Change-Id: Ia5a3d57546efd2d0375528fa10e4e979d155b045
2021-08-17fleet: initV
Co-authored-by: edef <edef@unfathomable.blue> Change-Id: I36d2c4cca542ed91630b1b832f3c7a7b97b33c65