nixos

titaniumtown/nixos

Fork 0

Commit Graph

Author	SHA1	Message	Date
Simon Gardling	d00ff42e8e	site-config: dedupe cross-host values, fix stale dark-reader urls, drop desktop 1g hugepages new site-config.nix holds values previously duplicated across hosts: domain, old_domain, contact_email, timezone, binary_cache (url + pubkey), dns_servers, lan (cidr + gateway), hosts.{muffin,yarn} (ip/alias/ssh_host_key), ssh_keys.{laptop,desktop,ci_deploy}. threaded through specialArgs on all three hosts + home-manager extraSpecialArgs + homeConfigurations.primary + serverLib. service-configs.nix now takes { site_config } as a function arg and drops its https namespace; per-service domains (gitea/matrix/ntfy/mollysocket/livekit/firefox-sync/grafana) are derived from site_config.domain. ~15 service files and 6 vm tests migrated. breakage fixes rolled in: - home/progs/zen/dark-reader.nix: 5 stale .gardling.com entries in disabledFor rewritten to .sigkill.computer (caddy 301s the old names so these never fired and the new sigkill urls were getting dark-reader applied) - modules/desktop-common.nix: drop unused hugepagesz=1G/hugepages=3 kernelParams (no consumer on mreow or yarn; xmrig on muffin still reserves its own via services/monero/xmrig.nix) verification: muffin toplevel is bit-identical to pre-refactor baseline. mreow/yarn toplevels differ only in boot.json kernelParams + darkreader storage.js (nix-diff verified). deployGuardTest and fail2banVaultwardenTest (latter exercises site_config.domain via bitwarden.nix) pass.	2026-04-22 20:48:29 -04:00
Simon Gardling	aef99e7365	deploy-guard: block activation while users are online Some checks failed Build and Deploy / mreow (push) Successful in 51s Details Build and Deploy / yarn (push) Successful in 47s Details Build and Deploy / muffin (push) Failing after 1m9s Details - modules/server-deploy-guard.nix: extendable aggregator registered via services.deployGuard.checks.<name>.{description,command}. Installs deploy-guard-check with per-check timeout, pass/block reporting, JSON output, DEPLOY_GUARD_BYPASS / /run/deploy-guard-bypass (single-shot). - services/jellyfin/jellyfin-deploy-guard.nix: curl+jq on /Sessions, blocks when any session carries NowPlayingItem; soft-fails when unreachable. - services/minecraft-deploy-guard.nix: mcstatus SLP query on 25565, blocks when players.online > 0; soft-fails when unreachable. - flake.nix: wrap deploy.nodes.muffin activation with activate.custom so deploy-guard-check runs before switch-to-configuration. Auto-rollback catches the failure. dryActivate/boot branches preserved. - deploy.sh: SSH preflight for ./deploy.sh muffin with --force / DEPLOY_GUARD_FORCE=1 (touches remote bypass marker). Connectivity failure is soft; activation still enforces. - tests/deploy-guard.nix: aggregator contract, bypass mechanics, timeout, JSON output.	2026-04-22 00:36:21 -04:00

Author

SHA1

Message

Date

Simon Gardling

d00ff42e8e

site-config: dedupe cross-host values, fix stale dark-reader urls, drop desktop 1g hugepages

new site-config.nix holds values previously duplicated across hosts:
  domain, old_domain, contact_email, timezone, binary_cache (url + pubkey),
  dns_servers, lan (cidr + gateway), hosts.{muffin,yarn} (ip/alias/ssh_host_key),
  ssh_keys.{laptop,desktop,ci_deploy}.

threaded through specialArgs on all three hosts + home-manager extraSpecialArgs +
homeConfigurations.primary + serverLib. service-configs.nix now takes
{ site_config } as a function arg and drops its https namespace; per-service
domains (gitea/matrix/ntfy/mollysocket/livekit/firefox-sync/grafana) are
derived from site_config.domain. ~15 service files and 6 vm tests migrated.

breakage fixes rolled in:
 - home/progs/zen/dark-reader.nix: 5 stale *.gardling.com entries in
   disabledFor rewritten to *.sigkill.computer (caddy 301s the old names so
   these never fired and the new sigkill urls were getting dark-reader applied)
 - modules/desktop-common.nix: drop unused hugepagesz=1G/hugepages=3
   kernelParams (no consumer on mreow or yarn; xmrig on muffin still reserves
   its own via services/monero/xmrig.nix)

verification: muffin toplevel is bit-identical to pre-refactor baseline.
mreow/yarn toplevels differ only in boot.json kernelParams + darkreader
storage.js (nix-diff verified). deployGuardTest and fail2banVaultwardenTest
(latter exercises site_config.domain via bitwarden.nix) pass.

2026-04-22 20:48:29 -04:00

Simon Gardling

aef99e7365

deploy-guard: block activation while users are online

Build and Deploy / mreow (push) Successful in 51s

Details

Build and Deploy / yarn (push) Successful in 47s

Details

Build and Deploy / muffin (push) Failing after 1m9s

Details

- modules/server-deploy-guard.nix: extendable aggregator registered via
  services.deployGuard.checks.<name>.{description,command}. Installs
  deploy-guard-check with per-check timeout, pass/block reporting, JSON
  output, DEPLOY_GUARD_BYPASS / /run/deploy-guard-bypass (single-shot).
- services/jellyfin/jellyfin-deploy-guard.nix: curl+jq on /Sessions,
  blocks when any session carries NowPlayingItem; soft-fails when unreachable.
- services/minecraft-deploy-guard.nix: mcstatus SLP query on 25565, blocks
  when players.online > 0; soft-fails when unreachable.
- flake.nix: wrap deploy.nodes.muffin activation with activate.custom so
  deploy-guard-check runs before switch-to-configuration. Auto-rollback
  catches the failure. dryActivate/boot branches preserved.
- deploy.sh: SSH preflight for ./deploy.sh muffin with --force /
  DEPLOY_GUARD_FORCE=1 (touches remote bypass marker). Connectivity
  failure is soft; activation still enforces.
- tests/deploy-guard.nix: aggregator contract, bypass mechanics, timeout,
  JSON output.

2026-04-22 00:36:21 -04:00

2 Commits