aboutsummaryrefslogtreecommitdiff
path: root/.guix/guix-na/config/balg02.scm
AgeCommit message (Collapse)Author
2024-12-06balg02: Correct missing MiB reference in previous commit - a24f14cCollin J. Doering
2024-12-06balg02: Set guix-publish ttl and cache-bypass-thresholdCollin J. Doering
* .guix/guix-na/config/balg02.scm: Prior to this change, the guix-publish cache has been filling up without having items removed. The reason being that the ttl was not set! Additionally, avoid caching items that are less then 150MiB.
2024-11-07balg02: Bypass failing tests in coreutils on btrfsCollin J. Doering
* .guix/guix-na/config/balg02.scm: Add tmpfs based /tmp file-system. This bypasses the issue seen on cuiass.genenetwork.org, where the 'tests/cp/reflink-auto.sh' coreutils test was failing, but not on other build farms or on my personal systems. Further root cause analysis needs to take place, however btrfs' concept of subvolumes may be interfering with the test. A partition outside of where the build is happening is located and selected by coreutils ('coreutils/tests/other-fs-tmpdir'); which ends up selecting '/tmp'. guix-daemon builds occur in /tmp. Because of this, the 'cp --reflink=auto ..' in the failing coreutils test doesn't behave as expected, which in this case would be failing to create the reflink because the files are expected to be on separate partitions. By using a tmpfs /tmp, coreutils will select it during tests, and we can ensure guix-daemon uses a build location other then /tmp (necessitating the following change). (guix-daemon-config): Use /var/tmp for guix-daemon builds (so they are not built on tmpfs)
2024-11-07Adjust git.rekahsoft.ca references to new home: git.genenetwork.orgCollin J. Doering
2024-07-22balg02: Add guix-north-america as a cuirass channel specCollin J. Doering
* .guix/guix-na/config/balg02.scm: Extended %cuirass-specs, adding this channel itself as a cuirass specification. This allows for change to this configuration channel (guix-north-america) to be validated before deployment. Further, it could be extended to build operating-system images for balg02 and any other machines, and even running tests on them to ensure they will deploy and function as expected.
2024-07-22balg02: Adjust guix-daemon configuration; only use local substitutesCollin J. Doering
* .guix/guix-na/config/balg02.scm: In response to feedback from Ludo (https://lists.gnu.org/archive/html/guix-devel/2024-07/msg00073.html), adjust guix-daemon configuration to use only local substitutes. This is at a cost of extra build time on balg02, but will allow for more build diversity among guix substitute servers.
2024-06-30balg02: Use AnonIP service for nginx access log filesCollin J. Doering
2024-06-04balg02: Configure guix-deamon to build in parallelCollin J. Doering
* .guix/guix-na/config/balg02.scm (guix-daemon-config): New function. (balg02): Modify guix-daemon service to enable build parallelism, and using substitutes from the local build server if available.
2024-05-31balg02: Re-enable https (that was disabled in 4230616)Collin J. Doering
- https was initially disabled as nginx failed to start due to a missing certificate - Worth noting that dhparam's were manually generated on balg02
2024-05-31balg02: Send nginx logs to /var/run/nginx/...Collin J. Doering
2024-05-31balg02: Temporarily disable https until letsencrypt certs can be generatedCollin J. Doering
2024-05-31balg02: Correct typosCollin J. Doering
2024-05-31balg02: Initial implementation of Guix build farmCollin J. Doering
* .guix/guix-na/config/balg02.scm (%automation-user): Removed variable (only used in one place). (%cuirass-specs): New variable. (Initial) Cuirass specifications that are run by the guix-na build farm. (publish-robots.txt): New variable. Used in nginx configuration. (publish-locations): New function. Defines nginx publish locations (used for http and https servers). (balg02-locations): New function. Defines nginx publish locations used for guix-na. (%publish-url): New variable. String representing local publish URL. (%tls-settings): New variable. Captures nginx tls settings used in nginx configuration. (le): New function. Generates lets encrypt path given a host and optionally a private key. (languages-to-accept): New variable. Languages for i8ln. (accept-languages): New function. (%balg02-servers): New variable. balg02 nginx servers. (%extra-content): New variable. Extra nginx configuration content. (%nginx-configuration): New variable. Capture nginx configuration given all previous helper functions and variables. (%nginx-cache-activation): New variable. Service the ensures /var/cache/nginx exists on the first run. (%nginx-deploy-hook): New variable. Hook used upon cerbot certificate updates. (balg02 (packages)): Add btrfs-progs. (balg02): Remove root ssh key (not necessary as ssh root login is disabled). (balg02 (services)): Add cuirass, certbot, nginx, and guix-publish services.
2024-05-27balg02: Add additional ssh key for user arunCollin J. Doering
* .guix/guix-na/config/balg02.scm: New ssh key for arun * .pubkeys/arun-ed25519.pub: New file: Arun's ssh public key
2024-05-27balg02: Add new users, and ssh keys for Arun and PjotrCollin J. Doering
2024-05-25balg02: Add megaraid_sas to initrd-modulesCollin J. Doering
2024-04-10balg02: Disable root logins over sshCollin J. Doering
2024-04-09balg02: openssh: permit root login with key; enable agent-forwardingCollin J. Doering
* .guix/guix-na/config/balg02.scm: This is in response to feedback provided by Pjotr and Arun.
2024-04-05balg02: Mount efi partition; expose balg02 functionCollin J. Doering
* .guix/guix-na/config/balg02.scm: New function: balg02; this is necessary as the efi partition UUID changes between testing and the deployed system. Additionally, mount the efi partition. Its useful to note that when testing, I found a bug in guix that resulting in a partial system upgrade! Namely, grub/kernel stuff appears to have been updated, but the `guix system reconfigure ...` never completed. This was because the efi system partition was not mounted. However the odd part was that even if I manually mounted the efi partition and retried `guix system reconfigure ..` the command update would still hang. I suspect this is because for some reason the efi system partition must be explicitly specified in the operating-system configuration.
2024-04-01balg02: Specify console kernel argument for ttyS0Collin J. Doering
* .guix/guix-na/config/balg02.scm: Remove export of temporary balg02 function
2024-03-21balg02: Use efi bootloader instead of biosCollin J. Doering
* .guix/guix-na/config/balg02.scm: Correct the above mistake.
2024-03-21balg02: Make minor adjusting to allow for testingCollin J. Doering
* .guix/guix-na/config/balg02.scm (guix-na): Add function balg02 which parameterized the disk that the bootloader (grub) is installed to. This enables testing in a vm where the disk may not match what is used on the physical server.
2024-03-21balg02: Minor adjustment and reformattingCollin J. Doering
* .guix/guix-na/config/balg02.scm: Move swap-devices to be after file-systems (file-systems is referenced from within swap-devices). Other changes are just noop reformatting.
2024-03-12Initial setup (not yet bootstrapped or thoroughly tested)Collin J. Doering
* .gitignore: Ignore files used by 'guix deploy' * .guix/guix-na/config/balg02.scm: Initial balg02 guix configuration (sans cuirass) * .pubkeys/collin.pub: Public key of Collin Doering * .pubkeys/deploy-key.pub: Public key used for 'guix deploy' usage * README.org: Various updates to how balg02 (guix-north-america) is setup