peter/haccfiles
1
0
Fork 0
forked from hacc/haccfiles
Code Issues Pull requests Projects Releases Wiki Activity
Nixfiles, for hacc.
274 commits 40 branches 0 tags 20 MiB
Nix 86.3%
SCSS 8.1%
HTML 5.6%
Find a file
stuebinm 4c6f13c68a
synapse: add mail config (currently broken) 
tl;dr: mail config works, but on trying to send mail synapse gets rejected by
postfix for using a too-old version of tls, as apparently tls in twisted (the
python library used for mail in synapse) is just hardcoded to v1, which our
postfix rejects.

```
postfix/smtpd[9737]: warning: TLS library problem: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol:ssl/statem/statem_srvr.c:1685:
synapse[9211]: synapse.handlers.identity: [POST-41] Error sending threepid validation email to stuebinm@hacc.space
               Traceback (most recent call last):
                 File "/nix/store/55mh6w2ark2blrbkyq0d1jjg9alb1dw5-matrix-synapse-1.29.0/lib/python3.8/site-packages/synapse/handlers/identity.py", line 382, in send_threepid_validation
                   await send_email_func(email_address, token, client_secret, session_id)
                 File "/nix/store/55mh6w2ark2blrbkyq0d1jjg9alb1dw5-matrix-synapse-1.29.0/lib/python3.8/site-packages/synapse/push/mailer.py", line 207, in send_add_threepid_mail
                   await self.send_email(
                 File "/nix/store/55mh6w2ark2blrbkyq0d1jjg9alb1dw5-matrix-synapse-1.29.0/lib/python3.8/site-packages/synapse/push/mailer.py", line 349, in send_email
                   await make_deferred_yieldable(
               twisted.mail._except.SMTPConnectError: Unable to connect to server.
```

This is a known issue [1], which should be fixed in the current version of twisted,
which will be in the next version of synapse.

[1] https://github.com/matrix-org/synapse/issues/6211
2021-08-26 22:51:01 +02:00
common parsons: config nginx 2021-08-23 19:32:02 +00:00
desktop stuff 2021-08-25 16:23:34 +00:00
hosts hainich/matrix: init matrix & element 2021-08-26 22:50:58 +02:00
modules services/gitlab-runner: init on parsons 2021-08-23 19:32:02 +00:00
nix maintenance: update sources, fix mattermost 2021-08-23 19:32:02 +00:00
pkgs nixda/decklink: bump version of bmv to 12.1 2021-08-23 19:54:18 +00:00
services synapse: add mail config (currently broken) 2021-08-26 22:51:01 +02:00
.gitignore repo: add vim swapfiles to gitignore 2020-11-29 12:53:03 +00:00
.gitlab-ci.yml services/gitlab-runner: init on parsons 2021-08-23 19:32:02 +00:00
default.nix sources: update nixpkgs to 21.05 2021-08-07 12:05:25 +00:00
README.md readme: add golden commit rule 2021-01-20 18:47:57 +00:00

README.md

hacc nixfiles

welcome to hacc nixfiles (haccfiles). this is the code describing our nix-based infrastructure.

structure

  • default.nix: Entrypoint to the config
  • common/: configuration common to all hosts
  • desktop/: desktop-relevant communication
  • modules/: home-grown modules for hacc-specific services
  • nix/: sources files, managed with niv
  • pkgs/: packages we built and don't want to upstream

working with the haccfiles

deploy:

nix build -f . deploy.$hostname && ./result switch

$hostname can be replaced with any hostname or group

committing to haccfiles

  • Golden Rule: DO NOT COMMIT TO MAIN
    • exceptions apply, if you are not sure where to commit, don't commit to main
  • split up commits, every commit is one atomic change
    • e.g. no big "did some changes" but instead "updated service x", "updated service y", "update service z"
  • follow the commit format: "$prefix$place: $change"
    • prefix: one of fixup, nothing
    • place: one of "modules/$module", "$hostname/service", "common/($place)", "pkgs/$pkgs" or "sources"
    • change: describe your change, don't go over the character limit where git starts hiding/wrapping
  • Exception: autogenerated messages (merge commits, reverts, etc)