Age | Commit message (Collapse) | Author |
|
* .guix/guix-na/config/balg02.scm: In my tired state, ttl was set on cuirass instead of the
guix-publish service!
* docs/administration.org: Correct copy/paste error
|
|
|
|
|
|
|
|
* .guix/guix-na/config/balg02.scm: Prior to this change, the guix-publish cache has been
filling up without having items removed. The reason being that the ttl was not set!
Additionally, avoid caching items that are less then 150MiB.
|
|
|
|
|
|
* .guix/guix-na/config/balg02.scm: Add tmpfs based /tmp file-system. This bypasses the issue
seen on cuiass.genenetwork.org, where the 'tests/cp/reflink-auto.sh' coreutils test was
failing, but not on other build farms or on my personal systems. Further root cause analysis
needs to take place, however btrfs' concept of subvolumes may be interfering with the test. A
partition outside of where the build is happening is located and selected by
coreutils ('coreutils/tests/other-fs-tmpdir'); which ends up selecting '/tmp'. guix-daemon
builds occur in /tmp. Because of this, the 'cp --reflink=auto ..' in the failing coreutils
test doesn't behave as expected, which in this case would be failing to create the reflink
because the files are expected to be on separate partitions. By using a tmpfs /tmp, coreutils
will select it during tests, and we can ensure guix-daemon uses a build location other then
/tmp (necessitating the following change).
(guix-daemon-config): Use /var/tmp for guix-daemon builds (so they are not built on tmpfs)
|
|
|
|
|
|
* README.org: Add new README that details how to use cuirass.genenetwork.org, and provides
links to other reference documents.
* docs/administration.org: Add a new, initially sparse, reference document detailing administration and
maintenance of cuirass.genenetwork.org.
* docs/initial-setup.org: Adjust abstract phrasing.
|
|
|
|
* .guix/guix-na/config/balg02.scm: Extended %cuirass-specs, adding this channel itself as a
cuirass specification. This allows for change to this configuration
channel (guix-north-america) to be validated before deployment. Further, it could be extended
to build operating-system images for balg02 and any other machines, and even running tests on
them to ensure they will deploy and function as expected.
|
|
* .guix/guix-na/config/balg02.scm: In response to feedback from
Ludo (https://lists.gnu.org/archive/html/guix-devel/2024-07/msg00073.html), adjust
guix-daemon configuration to use only local substitutes. This is at a cost of extra build
time on balg02, but will allow for more build diversity among guix substitute servers.
|
|
|
|
|
|
|
|
* .guix/guix-na/config/balg02.scm (guix-daemon-config): New function.
(balg02): Modify guix-daemon service to enable build parallelism, and using substitutes from
the local build server if available.
|
|
- https was initially disabled as nginx failed to start due to a missing certificate
- Worth noting that dhparam's were manually generated on balg02
|
|
|
|
|
|
|
|
* .guix/guix-na/config/balg02.scm (%automation-user): Removed variable (only used in one place).
(%cuirass-specs): New variable. (Initial) Cuirass specifications that are run by the guix-na build farm.
(publish-robots.txt): New variable. Used in nginx configuration.
(publish-locations): New function. Defines nginx publish locations (used for http and https servers).
(balg02-locations): New function. Defines nginx publish locations used for guix-na.
(%publish-url): New variable. String representing local publish URL.
(%tls-settings): New variable. Captures nginx tls settings used in nginx configuration.
(le): New function. Generates lets encrypt path given a host and optionally a private key.
(languages-to-accept): New variable. Languages for i8ln.
(accept-languages): New function.
(%balg02-servers): New variable. balg02 nginx servers.
(%extra-content): New variable. Extra nginx configuration content.
(%nginx-configuration): New variable. Capture nginx configuration given all previous helper
functions and variables.
(%nginx-cache-activation): New variable. Service the ensures /var/cache/nginx exists on the
first run.
(%nginx-deploy-hook): New variable. Hook used upon cerbot certificate updates.
(balg02 (packages)): Add btrfs-progs.
(balg02): Remove root ssh key (not necessary as ssh root login is disabled).
(balg02 (services)): Add cuirass, certbot, nginx, and guix-publish services.
|
|
* .guix/guix-na/config/balg02.scm: New ssh key for arun
* .pubkeys/arun-ed25519.pub: New file: Arun's ssh public key
|
|
|
|
|
|
|
|
|
|
* README.org: It was discovered that the wrong disk was referenced in the README!
Its worth noting that this documentation error does not impact the configuration of balg02,
as it doesn't directly reference the disk its being installed to, but instead references
where /boot/efi is located (which is setup as part preparing for the guix installation by
mounting guix's esp partition to /mnt/boot/efi) as well as references to partitions by label.
Also noteworthy is that this documentation error does not impact the Manual Testing of
bootstrapping Guix from a Debian VM, which still quiet closely mimics balg02.
|
|
|
|
|
|
* .guix/guix-na/config/balg02.scm: This is in response to feedback provided by Pjotr and
Arun.
|
|
See: https://github.com/niklasfasching/go-org/issues/32#issuecomment-1546940722
|
|
* README.org: Completed/removed TODOs. Filled in section "Bootstrap Guix". Added section on
manually testing bootstrapping guix from debian in a VM. Corrected typo/oversight when
creating swapfile.
|
|
* .guix/guix-na/config/balg02.scm: New function: balg02; this is necessary as the efi
partition UUID changes between testing and the deployed system. Additionally, mount the efi
partition.
Its useful to note that when testing, I found a bug in guix that resulting in a partial
system upgrade! Namely, grub/kernel stuff appears to have been updated, but the `guix system
reconfigure ...` never completed. This was because the efi system partition was not mounted.
However the odd part was that even if I manually mounted the efi partition and retried `guix
system reconfigure ..` the command update would still hang. I suspect this is because for
some reason the efi system partition must be explicitly specified in the operating-system configuration.
|
|
* .guix/guix-na/config/balg02.scm: Remove export of temporary balg02 function
|
|
* .guix/guix-na/config/balg02.scm: Correct the above mistake.
|
|
* .guix/guix-na/config/balg02.scm (guix-na): Add function balg02 which parameterized the disk
that the bootloader (grub) is installed to. This enables testing in a vm where the disk may
not match what is used on the physical server.
|
|
|
|
* .guix/guix-na/config/balg02.scm: Move swap-devices to be after file-systems (file-systems
is referenced from within swap-devices). Other changes are just noop reformatting.
|
|
|
|
In order to ease distribution of the various machine configurations defined within this
repository, make this repository an authenticated Guix channel.
* .guix-authorizations: Add a single authorized key to start
* .guix-channel: Set various channel details
* news.txt: Provide an initial news item
|
|
* .gitignore: Ignore files used by 'guix deploy'
* .guix/guix-na/config/balg02.scm: Initial balg02 guix configuration (sans cuirass)
* .pubkeys/collin.pub: Public key of Collin Doering
* .pubkeys/deploy-key.pub: Public key used for 'guix deploy' usage
* README.org: Various updates to how balg02 (guix-north-america) is setup
|
|
* .gitignore: Ignore emacs backup files
* README.org: Add preliminary plan, with a few more details
* balg02.scm: Placeholder file that will become guix operating-system configuration for balg02
|