[PATCH] hydra: dns: Add "data" to point at milano-guix-1.

  • Done
  • quality assurance status badge
Details
2 participants
  • Ludovic Courtès
  • Christopher Baines
Owner
unassigned
Submitted by
Christopher Baines
Severity
normal
C
C
Christopher Baines wrote on 6 Sep 2019 13:44
(address . guix-patches@gnu.org)
20190906114441.19067-1-mail@cbaines.net
* hydra/modules/sysadmin/dns.scm (milano-guix-1-ip4): New variable.
(guix.gnu.org.zone): Add "data" to point at milano-guix-1, and update
the serial.
---
hydra/modules/sysadmin/dns.scm | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

Toggle diff (28 lines)
diff --git a/hydra/modules/sysadmin/dns.scm b/hydra/modules/sysadmin/dns.scm
index 164caf1..ef1f265 100644
--- a/hydra/modules/sysadmin/dns.scm
+++ b/hydra/modules/sysadmin/dns.scm
@@ -47,6 +47,7 @@
(define hydra-ip4 "18.4.89.46")
(define bayfront-ip4 "185.233.100.56")
(define berlin-ip4 "141.80.181.40")
+(define milano-guix-1-ip4 "159.149.133.203")
(define-zone-entries guix.gnu.org.zone
;; Name TTL Class Type Data
@@ -89,6 +90,7 @@
("issues" "" "IN" "A" berlin-ip4)
("logs" "" "IN" "A" bayfront-ip4)
("ci" "" "IN" "A" berlin-ip4)
+ ("data" "" "IN" "A" milano-guix-1-ip4)
;; This record is required in order to prove to Amazon ACM that we
;; own the domain. As long as it exists, ACM will automatically
@@ -102,4 +104,4 @@
(zone (zone-file
(origin "guix.gnu.org")
(entries guix.gnu.org.zone)
- (serial 2019090201)))))
+ (serial 2019090601)))))
--
2.23.0
C
C
Christopher Baines wrote on 6 Sep 2019 15:10
(address . guix-sysadmin@gnu.org)(address . 37320@debbugs.gnu.org)
87a7bhbmfd.fsf@cbaines.net
Now that milano-guix-1 is back online, I'm interested in sorting out
configuration for nginx, as well as letsencrypt for a TLS certificate.

For that, it's probably useful to think about the DNS configuration. I
think that this is something that has been discussed a bit in the past,
but at that time there were some improvements I wanted to make before
making anything more public.

But, over the last month I've fixed some of the problems I knew about
and added new features, so I'm happier at this point with it being more
widely available.

So, I've started looking at setting up the DNS configuration, and I've
sent this patch which I think is the relevant change in the maintenance
repository.

Thanks,

Chris


Christopher Baines <mail@cbaines.net> writes:

Toggle quote (33 lines)
> * hydra/modules/sysadmin/dns.scm (milano-guix-1-ip4): New variable.
> (guix.gnu.org.zone): Add "data" to point at milano-guix-1, and update
> the serial.
> ---
> hydra/modules/sysadmin/dns.scm | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/hydra/modules/sysadmin/dns.scm b/hydra/modules/sysadmin/dns.scm
> index 164caf1..ef1f265 100644
> --- a/hydra/modules/sysadmin/dns.scm
> +++ b/hydra/modules/sysadmin/dns.scm
> @@ -47,6 +47,7 @@
> (define hydra-ip4 "18.4.89.46")
> (define bayfront-ip4 "185.233.100.56")
> (define berlin-ip4 "141.80.181.40")
> +(define milano-guix-1-ip4 "159.149.133.203")
>
> (define-zone-entries guix.gnu.org.zone
> ;; Name TTL Class Type Data
> @@ -89,6 +90,7 @@
> ("issues" "" "IN" "A" berlin-ip4)
> ("logs" "" "IN" "A" bayfront-ip4)
> ("ci" "" "IN" "A" berlin-ip4)
> + ("data" "" "IN" "A" milano-guix-1-ip4)
>
> ;; This record is required in order to prove to Amazon ACM that we
> ;; own the domain. As long as it exists, ACM will automatically
> @@ -102,4 +104,4 @@
> (zone (zone-file
> (origin "guix.gnu.org")
> (entries guix.gnu.org.zone)
> - (serial 2019090201)))))
> + (serial 2019090601)))))
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEPonu50WOcg2XVOCyXiijOwuE9XcFAl1yWrZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF
ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcACgkQXiijOwuE
9Xe6Aw//SW/BXlJ0jqpAEiUE3CDufstMpWtjlJG0eMBp5HriimpDoj2c57s5pBZH
G+8kvOXOpysSMiBzqomyUoXBLSvIDnoU77zj+PzImJeoA3olRT4dL2Wl1SeWBxv5
401Wa5gGF6n3B6GJtwTMclbO7LqocaCvkMXwSkmqG67MwC+sqSP4Kh5/pW6ff7Po
v3OfFNXZP2NoojI2RbiFahtBmDs+Vij/aK17MlnWBxOMwSjef0gVA2bnVqNSX8sV
YANmns01QwEwyaFXHci6pVqHa1+h0EsCi/ABoQM1QJWB2vkazJp977XqJm4iNKcP
t3X1asIUEhk3t7O3P1OaGdHHkyIQqwSc1MSXrQmCQApF5v9eKJC9jpqghdjB7oSp
s8lNYZ3TS2178Q69UzEwIUmeXwuBaYWc3F0C2fqJSxIK6X1ikh/rKcT5fr1SSNpP
LfwpsRI6XTisMKBZD6oEUiIpW04FpyAgXK4XsYtFLVvUaOvxxs35OA4iUc0tlt65
AiqZbAGQIWrTN4KPakD9wYOCRfXms4JXIlZSo1CAHCnnePSFsRw8Yw5j6/x4oY94
fXajERNNmj4jcEpBeQYQ449FwhgG3L8qUMMlR/dDj8l4QAziJrHJnZPICMOIZg7p
VE/meyDAF7vyTXwH9J37slteVE4fQy0XJuUIGltqMfOBanVDel0=
=NWC0
-----END PGP SIGNATURE-----

L
L
Ludovic Courtès wrote on 7 Sep 2019 00:04
(name . Christopher Baines)(address . mail@cbaines.net)(address . 37320@debbugs.gnu.org)
87sgp9axp8.fsf@gnu.org
Hi Christopher,

Christopher Baines <mail@cbaines.net> skribis:

Toggle quote (4 lines)
> * hydra/modules/sysadmin/dns.scm (milano-guix-1-ip4): New variable.
> (guix.gnu.org.zone): Add "data" to point at milano-guix-1, and update
> the serial.

LGTM!

Toggle quote (16 lines)
> Now that milano-guix-1 is back online, I'm interested in sorting out
> configuration for nginx, as well as letsencrypt for a TLS certificate.
>
> For that, it's probably useful to think about the DNS configuration. I
> think that this is something that has been discussed a bit in the past,
> but at that time there were some improvements I wanted to make before
> making anything more public.
>
> But, over the last month I've fixed some of the problems I knew about
> and added new features, so I'm happier at this point with it being more
> widely available.
>
> So, I've started looking at setting up the DNS configuration, and I've
> sent this patch which I think is the relevant change in the maintenance
> repository.

Awesome.

You can also add yourself an account in bayfront.scm (when the DNS is
hosted) so you can reconfigure, or I or someone else can reconfigure for
you.

Let us know!

Thanks,
Ludo’.
C
C
Christopher Baines wrote on 7 Sep 2019 21:29
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 37320-done@debbugs.gnu.org)
878sqzc3cq.fsf@cbaines.net
Ludovic Courtès <ludo@gnu.org> writes:

Toggle quote (10 lines)
> Hi Christopher,
>
> Christopher Baines <mail@cbaines.net> skribis:
>
>> * hydra/modules/sysadmin/dns.scm (milano-guix-1-ip4): New variable.
>> (guix.gnu.org.zone): Add "data" to point at milano-guix-1, and update
>> the serial.
>
> LGTM!

Great, I've pushed this change now.

Toggle quote (24 lines)
>> Now that milano-guix-1 is back online, I'm interested in sorting out
>> configuration for nginx, as well as letsencrypt for a TLS certificate.
>>
>> For that, it's probably useful to think about the DNS configuration. I
>> think that this is something that has been discussed a bit in the past,
>> but at that time there were some improvements I wanted to make before
>> making anything more public.
>>
>> But, over the last month I've fixed some of the problems I knew about
>> and added new features, so I'm happier at this point with it being more
>> widely available.
>>
>> So, I've started looking at setting up the DNS configuration, and I've
>> sent this patch which I think is the relevant change in the maintenance
>> repository.
>
> Awesome.
>
> You can also add yourself an account in bayfront.scm (when the DNS is
> hosted) so you can reconfigure, or I or someone else can reconfigure for
> you.
>
> Let us know!

So I've pushed the DNS change to the maintenance repository, and also
added another change to for bayfront access.

I guess someone will need to reconfigure bayfront before I can access
it, there's no rush though, so no pressure.

Thanks,

Chris
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEPonu50WOcg2XVOCyXiijOwuE9XcFAl10BQVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF
ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcACgkQXiijOwuE
9XcDzA//VUCRZKQAVbXhcPnlZrEyF8zt19ar3ckQ1SmN6IqFOPPLE0WTYioDWiJ5
VVxJpiomVHIV/dPTMjvNvYfYVxx6JOTG+RT0K09gonkM/CNUyz+ZMbq/KZOKV+LS
+51CMX5SlUG/aPO9ElDoTFv+GQKdaeYGH+UJxm07qLQayUZ4Q0j7EsBq6/DphhvG
Xo5rS3Oc5FFFqkCyBTbSzP7Y7iN97ykHCplE0u3VhbX7y6v0BlTWYrFrNvnTN+D3
eaXv3Or/qWekwwuhK3l+ZnZLaOa0/URwVQwReZshjL1nTbkuHM2cFoCJdTa+zXIj
eKjFukyTnh5uoUNe/gwPJNw8vDmZVAxxz0fRSoTdaNUZXnw0HU4eLDrJlx+xp2mm
qoe0u9WLZbrZpDubyl2PQarLPPd2ylyJKOF/TdXkpyzKHNucljEagI7IvSs1XK/x
PufbHPH44BaQQshFNp63l4HJw8z4to8vyRE1X2tozy2tKL+MzV4KQ1FWup+NR1Oz
Xxut4M7J+yliYwttmyXdv3BGbMJnKiw+iZIA3ZqusNWYtBOAQn81e/5Uu4MBDZws
rHbrD/K5BL0pgrTPJ21kfLOlVrfGMOU2DUZpT8GNApPOv3UuoNI8TfnOgPSmLPNi
tnebR8adXQ7L8bwHX91HGHRe72SqKdmlBi9noTTvplYw+iAPKvc=
=hDpN
-----END PGP SIGNATURE-----

Closed
L
L
Ludovic Courtès wrote on 8 Sep 2019 22:03
(name . Christopher Baines)(address . mail@cbaines.net)(address . 37320-done@debbugs.gnu.org)
87v9u24kug.fsf@gnu.org
Hi Chris,

Christopher Baines <mail@cbaines.net> skribis:

Toggle quote (14 lines)
> Ludovic Courtès <ludo@gnu.org> writes:
>
>> Hi Christopher,
>>
>> Christopher Baines <mail@cbaines.net> skribis:
>>
>>> * hydra/modules/sysadmin/dns.scm (milano-guix-1-ip4): New variable.
>>> (guix.gnu.org.zone): Add "data" to point at milano-guix-1, and update
>>> the serial.
>>
>> LGTM!
>
> Great, I've pushed this change now.

I’ve reconfigured bayfront now, and data.guix.gnu.org resolves fine.

I guess we’ll need a bit of nginx magic somewhere so we can access it on
the standard http/https ports?

Besides, you should now be able to log in on bayfront. I’ve sent you in
a separate message an initial password (which you should change) so you
can sudo if needed. Please let people know on guix-sysadmin if you
reconfigure the machine or do something funny with it. :-)

Thanks,
Ludo’.
Closed
C
C
Christopher Baines wrote on 8 Sep 2019 22:23
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 37320-done@debbugs.gnu.org)
87k1aio7um.fsf@cbaines.net
Ludovic Courtès <ludo@gnu.org> writes:

Toggle quote (20 lines)
> Hi Chris,
>
> Christopher Baines <mail@cbaines.net> skribis:
>
>> Ludovic Courtès <ludo@gnu.org> writes:
>>
>>> Hi Christopher,
>>>
>>> Christopher Baines <mail@cbaines.net> skribis:
>>>
>>>> * hydra/modules/sysadmin/dns.scm (milano-guix-1-ip4): New variable.
>>>> (guix.gnu.org.zone): Add "data" to point at milano-guix-1, and update
>>>> the serial.
>>>
>>> LGTM!
>>
>> Great, I've pushed this change now.
>
> I’ve reconfigured bayfront now, and data.guix.gnu.org resolves fine.

Great, looks like it's working for me too :)

Toggle quote (3 lines)
> I guess we’ll need a bit of nginx magic somewhere so we can access it on
> the standard http/https ports?

Yep, I've got some configuration I used for my server so I'm planning to
adapt that.

Toggle quote (5 lines)
> Besides, you should now be able to log in on bayfront. I’ve sent you in
> a separate message an initial password (which you should change) so you
> can sudo if needed. Please let people know on guix-sysadmin if you
> reconfigure the machine or do something funny with it. :-)

I can confirm that I can login, and that I've changed my password :)
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEPonu50WOcg2XVOCyXiijOwuE9XcFAl11Y0FfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF
ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcACgkQXiijOwuE
9Xdrww//RxyJc66d2L9UerEFMnvSx67N/3Mm09GofY8lTzWFRJgEmPSdobly/Ykr
7Vm4mtft/RZddWDkDcWOHFnbSgEncZsQT8b/OjgbmlV4Ebxm2z3UScVz8UGqQZb1
0apGyl1pOqp1qptLkh4yPuIlkjfuIbBPoftTWGc9IlNFM1aG4dEW9R15azoOT/nb
/YezfeeSwSNhcd8MGZSaK/G+jOq0IVjHeYZwma52grz4ksmQ8hJL5TjcjvWSYdUw
GfCe12sEYwZIFGJ8eld+dTXtDkktR3SM175ovRfCZjnQqtCs5UdpH/wA+Pyv1lVM
ZWlshAbTNvXM465RS75ZhNN6xCW1+BH3qT4LCTyAA1tbYRS+gl23a5y6Lq04XHIN
ugsu6myDWRAB6r0+NbzjbHw1e4i8a4xt3Jj3gvQTOqzpj1m6zEO1t6teDrDixXbi
0GQb2FenPfs7s6iYWeXQmmkpndHN6Y8qD6M1izbTcT+yo3hjyHuYdG/jmVYV7rID
RX018k54zUGpq0Y8eCZGb3U+61tSxqkb4QIh2tdn/FImQkYTCmY3DBx1RZtyByIJ
XUBXMjqFBwWOWkp7QDjJcYbgEZRfLEt360IVFOtJYA/z4kN0NBb/T2Gq68R3horH
MKtsDAVJEX5gVpHqiqxBbSXXZGz/P34ZhTvoJ8u6jWrBeEkvY4o=
=Csbf
-----END PGP SIGNATURE-----

Closed
?