I wanted to keep this minimal. It didn't work: Wireguard clients use
10.0.0.0/8 IPs directly as well.
* hydra/nginx/berlin.scm (%berlin-servers): Match anything ending in a
digit, which, until the gTLD crowd goes truly bonkers, is an IP address.
And if it's not, the request wouldn't reach us anyway, right?
Reported by Ludovic Courtès <ludo@gnu.org>.
* hydra/nginx/berlin.scm (%berlin-servers): Add a default port-80 server
to redirect all requests to their HTTPS counterparts. Remove explicit
HTTP support for guix.gnu.org and issues.guix.gnu.org.
This makes the 'rdv-guix-maintainers' as well as the
'rdv-guix-sysadmin' Jami rendezvous points accounts available for live
conference calls (audio or video). The service runs in a Linux
container and can only be reached by the Jami contacts declared as
allowed.
* hydra/milano-guix-1.scm (operating-system)
[services]{jami-service-type}: New service.
With the recent OpenSSH 8.8p1 update, SHA1-signed RSA keys are
deprecated, which my previous key was.
* hydra/keys/ssh/maxim.pub: Update to a newer ed25519 key.
* hydra/bayfront.scm <nginx-configuration>: Remove 'nginx' field. The
extra modules are enabled by default in the 'nginx' package since Guix
commit 2d31eeecf06ab14732d374c75cdf6e7a55aa704e.
* hydra/modules/sysadmin/services.scm (<disarchive-configuration>): New
record type.
(disarchive-activation, disarchive-mcron-jobs): New procedures.
(disarchive-service-type): New variable.
* hydra/berlin.scm <services>: Use it.
This should avoid high load on bayfront from building things.
* hydra/bayfront.scm (operating-system)[services]: Have the
guix-build-coordinator-agent only perform one build at a time,
increase guix-daemon timeouts and reduce the --cores configuration to
6.
This has actually been in place for a week now, so
bordeaux.guix.gnu.org has good coverage for armhf-linux.
* hydra/bayfront.scm (operating-system)[services]: Change the
guix-build-coordinator-queue-builds-configuration to include
armhf-linux.
This has been discussed here: <https://issues.guix.gnu.org/48926>.
* hydra/modules/sysadmin/services.scm (frontend-services): Increase the
default publish nar ttl to 180 days.
That makes it consistent with the guix-daemon settings.
* hydra/modules/sysadmin/build-machines.scm (berlin-new-build-machine-os):
Use MAX-JOBS as the number of Cuirass workers.
* hydra/nginx/berlin.scm (languages-to-accept): New list. Move here
the languages list from ...
(%extra-content) ... here. Use languages from 'languages-to-accept'.
(guix.gnu.org-redirects-for-each-language): New procedure. Add
new video redirections.
(guix.gnu.org-redirect-locations): New list. Move here the
old redirections.
(guix.gnu.org-other-locations): New list. Move here the other nginx
locations from ...
(guix.gnu.org-locations): ... here. Reimplement in terms of the above.
* hydra/nginx/html/bordeaux/index.html: (Using these substitutes):
Fixed a typo, and added a how to code snippet for users of guix system.
Signed-off-by: Christopher Baines <mail@cbaines.net>
* hydra/bayfront.scm (operating-system)[services]: Change the
guix-build-coordinator-queue-builds-configuration to include i586-gnu
and cross builds to i586-pc-gnu.
* hydra/nginx/html/bordeaux/index.html: New file.
* hydra/bayfront.scm (%bayfront-nginx-service-extra-config): Remove
proxy config relevant for hydra.
(%bordeaux.guix.gnu.org-nginx-servers): Serve log files, and show log
files for /build/UUID requests. Also service an index.html page.
(operating-system)[services]: Use a custom nginx package built with a
couple of additional modules.
This is used when deciding whether the outputs from a build should be
submitted.
* hydra/bayfront.scm (%guix-build-coordinator-configuration)[hooks]:
Specify a build-submit-outputs-hook.