aboutsummaryrefslogtreecommitdiff
path: root/.guix/guix-na/config
AgeCommit message (Collapse)Author
2024-07-22balg02: Add guix-north-america as a cuirass channel specCollin J. Doering
* .guix/guix-na/config/balg02.scm: Extended %cuirass-specs, adding this channel itself as a cuirass specification. This allows for change to this configuration channel (guix-north-america) to be validated before deployment. Further, it could be extended to build operating-system images for balg02 and any other machines, and even running tests on them to ensure they will deploy and function as expected.
2024-07-22balg02: Adjust guix-daemon configuration; only use local substitutesCollin J. Doering
* .guix/guix-na/config/balg02.scm: In response to feedback from Ludo (https://lists.gnu.org/archive/html/guix-devel/2024-07/msg00073.html), adjust guix-daemon configuration to use only local substitutes. This is at a cost of extra build time on balg02, but will allow for more build diversity among guix substitute servers.
2024-06-30balg02: Use AnonIP service for nginx access log filesCollin J. Doering
2024-06-04balg02: Configure guix-deamon to build in parallelCollin J. Doering
* .guix/guix-na/config/balg02.scm (guix-daemon-config): New function. (balg02): Modify guix-daemon service to enable build parallelism, and using substitutes from the local build server if available.
2024-05-31balg02: Re-enable https (that was disabled in 4230616)Collin J. Doering
- https was initially disabled as nginx failed to start due to a missing certificate - Worth noting that dhparam's were manually generated on balg02
2024-05-31balg02: Send nginx logs to /var/run/nginx/...Collin J. Doering
2024-05-31balg02: Temporarily disable https until letsencrypt certs can be generatedCollin J. Doering
2024-05-31balg02: Correct typosCollin J. Doering
2024-05-31balg02: Initial implementation of Guix build farmCollin J. Doering
* .guix/guix-na/config/balg02.scm (%automation-user): Removed variable (only used in one place). (%cuirass-specs): New variable. (Initial) Cuirass specifications that are run by the guix-na build farm. (publish-robots.txt): New variable. Used in nginx configuration. (publish-locations): New function. Defines nginx publish locations (used for http and https servers). (balg02-locations): New function. Defines nginx publish locations used for guix-na. (%publish-url): New variable. String representing local publish URL. (%tls-settings): New variable. Captures nginx tls settings used in nginx configuration. (le): New function. Generates lets encrypt path given a host and optionally a private key. (languages-to-accept): New variable. Languages for i8ln. (accept-languages): New function. (%balg02-servers): New variable. balg02 nginx servers. (%extra-content): New variable. Extra nginx configuration content. (%nginx-configuration): New variable. Capture nginx configuration given all previous helper functions and variables. (%nginx-cache-activation): New variable. Service the ensures /var/cache/nginx exists on the first run. (%nginx-deploy-hook): New variable. Hook used upon cerbot certificate updates. (balg02 (packages)): Add btrfs-progs. (balg02): Remove root ssh key (not necessary as ssh root login is disabled). (balg02 (services)): Add cuirass, certbot, nginx, and guix-publish services.
2024-05-27balg02: Add additional ssh key for user arunCollin J. Doering
* .guix/guix-na/config/balg02.scm: New ssh key for arun * .pubkeys/arun-ed25519.pub: New file: Arun's ssh public key
2024-05-27balg02: Add new users, and ssh keys for Arun and PjotrCollin J. Doering
2024-05-25balg02: Add megaraid_sas to initrd-modulesCollin J. Doering
2024-04-10balg02: Disable root logins over sshCollin J. Doering
2024-04-09balg02: openssh: permit root login with key; enable agent-forwardingCollin J. Doering
* .guix/guix-na/config/balg02.scm: This is in response to feedback provided by Pjotr and Arun.
2024-04-05balg02: Mount efi partition; expose balg02 functionCollin J. Doering
* .guix/guix-na/config/balg02.scm: New function: balg02; this is necessary as the efi partition UUID changes between testing and the deployed system. Additionally, mount the efi partition. Its useful to note that when testing, I found a bug in guix that resulting in a partial system upgrade! Namely, grub/kernel stuff appears to have been updated, but the `guix system reconfigure ...` never completed. This was because the efi system partition was not mounted. However the odd part was that even if I manually mounted the efi partition and retried `guix system reconfigure ..` the command update would still hang. I suspect this is because for some reason the efi system partition must be explicitly specified in the operating-system configuration.
2024-04-01balg02: Specify console kernel argument for ttyS0Collin J. Doering
* .guix/guix-na/config/balg02.scm: Remove export of temporary balg02 function
2024-03-21balg02: Use efi bootloader instead of biosCollin J. Doering
* .guix/guix-na/config/balg02.scm: Correct the above mistake.
2024-03-21balg02: Make minor adjusting to allow for testingCollin J. Doering
* .guix/guix-na/config/balg02.scm (guix-na): Add function balg02 which parameterized the disk that the bootloader (grub) is installed to. This enables testing in a vm where the disk may not match what is used on the physical server.
2024-03-21balg02: Minor adjustment and reformattingCollin J. Doering
* .guix/guix-na/config/balg02.scm: Move swap-devices to be after file-systems (file-systems is referenced from within swap-devices). Other changes are just noop reformatting.
2024-03-12Initial setup (not yet bootstrapped or thoroughly tested)Collin J. Doering
* .gitignore: Ignore files used by 'guix deploy' * .guix/guix-na/config/balg02.scm: Initial balg02 guix configuration (sans cuirass) * .pubkeys/collin.pub: Public key of Collin Doering * .pubkeys/deploy-key.pub: Public key used for 'guix deploy' usage * README.org: Various updates to how balg02 (guix-north-america) is setup
generated by cgit v1.2.3 (git 2.44.0) at 2024-11-22 15:14:57 +0000