guix/maintenance
2
0
Fork 0
mirror of git://git.savannah.gnu.org/guix/maintenance.git synced 2023-12-14 03:33:04 +01:00
Code Issues Releases Wiki Activity
737 commits 2 branches 0 tags 146 MiB
Commit graph

737 commits

This branch
This branch
All branches
Author SHA1 Message Date
Ludovic Courtès 7d907077e9
hydra: Add contact for berlin. 
* hydra/machines.rec (berlin): Add contact.
 2019-01-09 14:36:15 +01:00
Chris Marusich 0adacfcf43
cdn: Update the deployment plan in README.org. 
* cdn/README.org (Deployment Plan): Update it.
 2019-01-08 01:49:27 -08:00
Chris Marusich 4e7e971040
cdn: Only accept requests for substitutes. 
* cdn/terraform/cloudfront.tf (locals) <default_behavior>: New
variable.
(berlin-mirror) <origin>: Add empty-origin, pointing to
guix-empty-bucket.
<default_cache_behavior>: Update its target_origin_id to point to the
empty-origin.
<ordered_cache_behavior>: New field.  Add one behavior for each
substitute-related path published by "guix publish".
* cdn/terraform/s3.tf (guix-empty-bucket): New bucket.
 2019-01-05 19:29:00 -08:00
Chris Marusich 1540978fda
cdn: Move service configs into individual files. 
* cdn/terraform/main.tf: Remove all service-specific configuration.
* cdn/terraform/acm.tf: New file.
* cdn/terraform/cloudfront.tf: New file.
* cdn/terraform/cloudwatch.tf: New file.
* cdn/terraform/dynamodb.tf: New file.
* cdn/terraform/iam.tf: New file.
* cdn/terraform/s3.tf: New file.
 2019-01-05 15:53:02 -08:00
Chris Marusich 43b1e2353f
cdn: Add a minor comment. 
* cdn/terraform/main.tf: Label the start of the IAM configuration with
a comment.
 2019-01-04 23:56:14 -08:00
Chris Marusich ce210ea35d
cdn: Update the README.org. 
* cdn/README.org: Update many parts of it.
 2019-01-04 23:42:48 -08:00
Chris Marusich 03121abf87
cdn: Update README.org. 
* cdn/README.org: Add an overview and clean up some sections.
 2019-01-04 01:13:35 -08:00
Chris Marusich f584a1f3a8
cdn: Increase Terraform state retention period. 
* cdn/terraform/main.tf (guix-terraform-state) <lifecycle_rule>:
Update abort_incomplete_multipart_upload_days to 7 and
noncurrent_version_expiration to 14 days.
 2019-01-04 00:05:47 -08:00
Chris Marusich fd899edad3
cdn: Hard-code the region to us-east-1. 
* cdn/terraform/main.tf (provider) <region>: New field.  Set it to
us-east-1.
(guix-terraform-state) <region>: Remove it.
 2019-01-04 00:05:47 -08:00
Ricardo Wurmus 846f1d103c
hydra: Add ntp-service for berlin build nodes. 
* hydra/modules/sysadmin/build-machines.scm (berlin-build-machine-os):
Add ntp-service.
 2019-01-01 12:17:28 +01:00
Ricardo Wurmus 2c4acf6066
hydra: Add script to remotely configure berlin build nodes. 
* hydra/install-berlin.scm: New file.
 2019-01-01 10:33:32 +01:00
Ricardo Wurmus 9db57468e8
hydra: sysadmin: Add qemu-binfmt-service-type. 
* hydra/modules/sysadmin/build-machines.scm (berlin-build-machine-os):
Add qemu-binfmt-service-type for arm and aarch64 to services.
 2018-12-30 08:25:50 +01:00
Ricardo Wurmus 3e9645280d
hydra: berlin-build-machine-os: Do not ask for list of sysadmins. 
* hydra/modules/sysadmin/build-machines.scm (berlin-build-machine-os):
Do not request list of sysadmins.
 2018-12-30 08:15:12 +01:00
Chris Marusich 2a6a274122
cdn: Remove a stale comment from README.org 
* cdn/README.org (Next steps): Remove a stale comment.
 2018-12-29 19:47:26 -08:00
Chris Marusich 5e0890def9
cdn: Remove "set up locking" from README.org. 
* cdn/README.org (Next steps): Remove "set up locking" because we've
set it up.
 2018-12-29 19:31:44 -08:00
Chris Marusich 75aa4ee1d4
cdn: Enable locking in the S3 backend. 
* cdn/terraform/main.tf (terraform-locking): New table.
(terraform) <dynamodb_table>: Use it to perform locking.
 2018-12-29 19:26:41 -08:00
Chris Marusich 017e25ef71
cdn: Add another Terraform benefit to README.org. 
* cdn/README.org (Avoiding "Service as a Software Substitute"):
Mention that Terraform also helps to avoid vendor lock-in.
 2018-12-29 19:21:31 -08:00
Ricardo Wurmus 510baede1e
hydra: berlin: Add zabbix-agent on Zabbix server. 
* hydra/berlin.scm <services>: Add zabbix-agent-service-type.
 2018-12-29 23:33:08 +01:00
Chris Marusich 0796267b6b
cdn: Alarm when we start paying money. 
* cdn/terraform/main.tf (alarm-free-tier-exceeded): New alarm.
 2018-12-29 12:59:03 -08:00
Ricardo Wurmus a182a57acd
hydra: sysadmin: Add zabbix-agent to build nodes. 
* hydra/modules/sysadmin/build-machines.scm (berlin-build-machine-os):
Enable zabbix-agent service.
 2018-12-29 17:04:08 +01:00
Ricardo Wurmus 8a8eef3388
hydra: berlin: Restrict zabbix front-end to localhost. 
* hydra/berlin.scm <services>: Override zabbix-front-end-configuration
to only listen on localhost.
 2018-12-29 15:15:52 +01:00
Ricardo Wurmus a94e1be874
hydra: berlin: Use new nginx-configuration. 
* hydra/berlin.scm <services>: Override nginx-service-type
configuration.
 2018-12-29 11:16:34 +01:00
Ricardo Wurmus a54f0125ed
hydra: berlin: Add missing module import. 
* hydra/nginx/berlin.scm: Use (gnu services web) module.
 2018-12-29 11:13:22 +01:00
Ricardo Wurmus 5132c64f3b
hydra: berlin: Fix syntax error. 
* hydra/nginx/berlin.scm: Fix accidental escape sequence.
 2018-12-29 11:12:16 +01:00
Ricardo Wurmus b76e5e1177
hydra: berlin: Remove extraneous semicolon. 
* hydra/nginx/berlin.scm (le): Remove trailing semicolon.
 2018-12-29 11:11:33 +01:00
Ricardo Wurmus 89745574c8
hydra: berlin: Remove %wwwroot variable. 2018-12-29 11:10:47 +01:00
Ricardo Wurmus cbc7944fa1
hydra: berlin: Add zabbix monitoring and postgres database services. 
* hydra/berlin.scm <services>: Add services for zabbix-server,
zabbix-front-end, and postgresql.
 2018-12-29 09:33:06 +01:00
Ricardo Wurmus 7c6a918311
hydra: berlin: Bind mount cache directories to external storage. 
* hydra/berlin.scm <file-systems>: Add bind mounts.
 2018-12-29 09:33:06 +01:00
Chris Marusich 5b68c2fc3f
cdn: Add an example command to the README.org. 
* cdn/README.org (Process) <General>: Add an example command.
 2018-12-28 23:04:05 -08:00
Chris Marusich a84019c594
cdn: Add billing alarms. 
* cdn/README.org: Mention that Terraform does not support email
subscriptions to SNS topics.
* cdn/terraform/main.tf (guix-billing-alarms): New SNS topic.
(alarm-estimated-charges-150-usd, alarm-estimated-charges-140-usd)
(alarm-estimated-charges-100-usd): New alarms.
 2018-12-28 23:04:05 -08:00
Chris Marusich ddc2420c6f
cdn: Allow clients to use both HTTP and HTTPS. 
* cdn/terraform/main.tf (berlin-mirror) <viewer_protocol_policy>:
Change to "allow-all".
 2018-12-28 23:04:05 -08:00
Chris Marusich 5a8cf18447
cdn: Provision a TLS certificate for ci.guix.info. 
* cdn/README.org: Mention that certificate validation requires manual
action outside of Terraform.
* cdn/terraform/main.tf (berlin-mirror-certificate): New certificate.
(berlin-mirror): Use it with SNI in the CloudFront distribution.
 2018-12-28 23:04:04 -08:00
Chris Marusich a130bda64c
cdn: Switch default region to us-east-1. 
Before doing this, I destroyed all Terraform-managed AWS resources and
locally stored Terraform state, so we can rebuild it fresh.

* cdn/README.org: Update us-west-2 references to us-east-1.
* cdn/terraform/main.tf (terraform, guix-terraform-state): Likewise.
 2018-12-28 23:04:04 -08:00
Chris Marusich b4eee7c69b
cdn: Add a basic deployment plan to the README.org 
* cdn/README.org: Discuss the deployment plan.
 2018-12-28 23:04:04 -08:00
Chris Marusich 5129c65178
cdn: Add a lifecycle policy to the state bucket. 
* cdn/terraform/main.tf (guix-terraform-state) <lifecycle_rule>: New
lifecycle rule.
 2018-12-28 23:04:04 -08:00
Chris Marusich 01189233b6
cdn: Use Terraform's S3 backend. 
* cdn/terraform/main.tf (terraform): New object, with an s3 backend.
* cdn/README.org: Update accordingly.
 2018-12-28 23:04:04 -08:00
Chris Marusich 03cff9ec02
cdn: Add an S3 bucket to hold Terraform state. 
* cdn/terraform/main.tf (guix-terraform-state): New bucket.
* cdn/README.org: Add more documentation.
 2018-12-28 23:04:04 -08:00
Chris Marusich d3600c75b9
cdn: Add a CloudFront distribution fronting berlin. 
This is not the final version, but it gives us a good starting point.

* cdn/terraform/main.tf (berlin-mirror): New resource.
(berlin-mirror-id, berlin-mirror-status, berlin-mirror-domain-name):
New outputs.
* cdn/README.org: Update accordingly.
 2018-12-28 23:04:03 -08:00
Chris Marusich 1204bc3d45
cdn: Do not hard-code the profile name. 
* cdn/terraform/main.tf (provider) <profile>: Remove it.
 2018-12-28 23:04:03 -08:00
Chris Marusich 7680ddf06c
cdn: Add thoughts about next steps to README. 
* cdn/README.org (Next steps): New section.
 2018-12-28 23:04:03 -08:00
Chris Marusich 0efa3d77a4
cdn: Give Ludo and Ricardo administrative access. 
* cdn/terraform/main.tf (civodul, rekado): New users.
(administrators-membership): Add civodul and rekado as members of the
administrators group.
(civodul-access-key-1, rekado-access-key-1) New access keys.
(civodul-login-profile, rekado-login-profile): New login profiles.
(civodul-name, civodul-password, civodul-access-key-1-id)
(civodul-access-key-1-secret, rekado-name, rekado-password)
(rekado-access-key-1-id, rekado-access-key-1-secret): New outputs.
* cdn/terraform/variables.tf (pgp_key_civodul, pgp_key_rekado): New
variables.
 2018-12-28 23:04:03 -08:00
Chris Marusich 176631a416
cdn: Initial commit of Terraform configuration. 
* .gitignore (/cdn/terraform/terraform.tfstate)
(/cdn/terraform/terraform.tfstate.backup, /cdn/terraform/.terraform):
New ignore patterns.
* cdn/README.org: New file.
* cdn/terraform/main.tf: New file.
* cdn/terraform/variables.tf: New file.
 2018-12-28 23:04:03 -08:00
Ricardo Wurmus 777e9e1012
hydra: berlin: Add nginx-configuration. 
* hydra/nginx/berlin.scm: New file.
 2018-12-28 22:49:19 +01:00
Ricardo Wurmus cefc5eb71e
hydra: berlin: Remove duplicate acess_log line. 
* hydra/nginx/berlin.conf: Remove earlier access_log line from
bootstrappable.org server block.
 2018-12-28 22:48:24 +01:00
Ludovic Courtès e33d3fdc92
hydra: services: Reduce daemon build timeouts. 
* hydra/modules/sysadmin/services.scm (guix-daemon-config): Reduce
'max-silent-time' and 'timeout'.
 2018-12-28 22:32:09 +01:00
Ricardo Wurmus 2eaeb8e48f
talks: icg-2018: Add rule to generate video. 2018-12-27 21:57:29 +01:00
Ricardo Wurmus eb985a0469
talks: icg-2018: Remove useless Makefile rules. 2018-12-27 21:56:40 +01:00
Ricardo Wurmus a11d052a32
talks: icg-2018: Add extra slides. 
* talks/icg-2018/big-graph-fixed.svg,
talks/icg-2018/pigx.svg: New files.
* talks/icg-2018/Makefile (SLIDES): Use them.
 2018-12-27 21:55:34 +01:00
Ricardo Wurmus da9c2e0583
hydra: sysadmin: Use the new 'initrd-modules' field. 
* hydra/modules/sysadmin/build-machines.scm (initrd): Remove.
(initrd-modules): New field.
 2018-12-25 10:20:04 +01:00
Ricardo Wurmus e810c5044c
berlin: Add hostnames in comments. 2018-12-17 19:15:47 +01:00