| Message ID | 20190906114441.19067-1-mail@cbaines.net |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [bug#37320] hydra: dns: Add "data" to point at milano-guix-1. | expand |
Now that milano-guix-1 is back online, I'm interested in sorting out configuration for nginx, as well as letsencrypt for a TLS certificate. For that, it's probably useful to think about the DNS configuration. I think that this is something that has been discussed a bit in the past, but at that time there were some improvements I wanted to make before making anything more public. But, over the last month I've fixed some of the problems I knew about and added new features, so I'm happier at this point with it being more widely available. So, I've started looking at setting up the DNS configuration, and I've sent this patch which I think is the relevant change in the maintenance repository. Thanks, Chris Christopher Baines <mail@cbaines.net> writes: > * hydra/modules/sysadmin/dns.scm (milano-guix-1-ip4): New variable. > (guix.gnu.org.zone): Add "data" to point at milano-guix-1, and update > the serial. > --- > hydra/modules/sysadmin/dns.scm | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/hydra/modules/sysadmin/dns.scm b/hydra/modules/sysadmin/dns.scm > index 164caf1..ef1f265 100644 > --- a/hydra/modules/sysadmin/dns.scm > +++ b/hydra/modules/sysadmin/dns.scm > @@ -47,6 +47,7 @@ > (define hydra-ip4 "18.4.89.46") > (define bayfront-ip4 "185.233.100.56") > (define berlin-ip4 "141.80.181.40") > +(define milano-guix-1-ip4 "159.149.133.203") > > (define-zone-entries guix.gnu.org.zone > ;; Name TTL Class Type Data > @@ -89,6 +90,7 @@ > ("issues" "" "IN" "A" berlin-ip4) > ("logs" "" "IN" "A" bayfront-ip4) > ("ci" "" "IN" "A" berlin-ip4) > + ("data" "" "IN" "A" milano-guix-1-ip4) > > ;; This record is required in order to prove to Amazon ACM that we > ;; own the domain. As long as it exists, ACM will automatically > @@ -102,4 +104,4 @@ > (zone (zone-file > (origin "guix.gnu.org") > (entries guix.gnu.org.zone) > - (serial 2019090201))))) > + (serial 2019090601)))))
Hi Christopher, Christopher Baines <mail@cbaines.net> skribis: > * hydra/modules/sysadmin/dns.scm (milano-guix-1-ip4): New variable. > (guix.gnu.org.zone): Add "data" to point at milano-guix-1, and update > the serial. LGTM! > Now that milano-guix-1 is back online, I'm interested in sorting out > configuration for nginx, as well as letsencrypt for a TLS certificate. > > For that, it's probably useful to think about the DNS configuration. I > think that this is something that has been discussed a bit in the past, > but at that time there were some improvements I wanted to make before > making anything more public. > > But, over the last month I've fixed some of the problems I knew about > and added new features, so I'm happier at this point with it being more > widely available. > > So, I've started looking at setting up the DNS configuration, and I've > sent this patch which I think is the relevant change in the maintenance > repository. Awesome. You can also add yourself an account in bayfront.scm (when the DNS is hosted) so you can reconfigure, or I or someone else can reconfigure for you. Let us know! Thanks, Ludo’.
Ludovic Courtès <ludo@gnu.org> writes: > Hi Christopher, > > Christopher Baines <mail@cbaines.net> skribis: > >> * hydra/modules/sysadmin/dns.scm (milano-guix-1-ip4): New variable. >> (guix.gnu.org.zone): Add "data" to point at milano-guix-1, and update >> the serial. > > LGTM! Great, I've pushed this change now. >> Now that milano-guix-1 is back online, I'm interested in sorting out >> configuration for nginx, as well as letsencrypt for a TLS certificate. >> >> For that, it's probably useful to think about the DNS configuration. I >> think that this is something that has been discussed a bit in the past, >> but at that time there were some improvements I wanted to make before >> making anything more public. >> >> But, over the last month I've fixed some of the problems I knew about >> and added new features, so I'm happier at this point with it being more >> widely available. >> >> So, I've started looking at setting up the DNS configuration, and I've >> sent this patch which I think is the relevant change in the maintenance >> repository. > > Awesome. > > You can also add yourself an account in bayfront.scm (when the DNS is > hosted) so you can reconfigure, or I or someone else can reconfigure for > you. > > Let us know! So I've pushed the DNS change to the maintenance repository, and also added another change to for bayfront access. I guess someone will need to reconfigure bayfront before I can access it, there's no rush though, so no pressure. Thanks, Chris
Hi Chris, Christopher Baines <mail@cbaines.net> skribis: > Ludovic Courtès <ludo@gnu.org> writes: > >> Hi Christopher, >> >> Christopher Baines <mail@cbaines.net> skribis: >> >>> * hydra/modules/sysadmin/dns.scm (milano-guix-1-ip4): New variable. >>> (guix.gnu.org.zone): Add "data" to point at milano-guix-1, and update >>> the serial. >> >> LGTM! > > Great, I've pushed this change now. I’ve reconfigured bayfront now, and data.guix.gnu.org resolves fine. I guess we’ll need a bit of nginx magic somewhere so we can access it on the standard http/https ports? Besides, you should now be able to log in on bayfront. I’ve sent you in a separate message an initial password (which you should change) so you can sudo if needed. Please let people know on guix-sysadmin if you reconfigure the machine or do something funny with it. :-) Thanks, Ludo’.
Ludovic Courtès <ludo@gnu.org> writes: > Hi Chris, > > Christopher Baines <mail@cbaines.net> skribis: > >> Ludovic Courtès <ludo@gnu.org> writes: >> >>> Hi Christopher, >>> >>> Christopher Baines <mail@cbaines.net> skribis: >>> >>>> * hydra/modules/sysadmin/dns.scm (milano-guix-1-ip4): New variable. >>>> (guix.gnu.org.zone): Add "data" to point at milano-guix-1, and update >>>> the serial. >>> >>> LGTM! >> >> Great, I've pushed this change now. > > I’ve reconfigured bayfront now, and data.guix.gnu.org resolves fine. Great, looks like it's working for me too :) > I guess we’ll need a bit of nginx magic somewhere so we can access it on > the standard http/https ports? Yep, I've got some configuration I used for my server so I'm planning to adapt that. > Besides, you should now be able to log in on bayfront. I’ve sent you in > a separate message an initial password (which you should change) so you > can sudo if needed. Please let people know on guix-sysadmin if you > reconfigure the machine or do something funny with it. :-) I can confirm that I can login, and that I've changed my password :)
diff --git a/hydra/modules/sysadmin/dns.scm b/hydra/modules/sysadmin/dns.scm index 164caf1..ef1f265 100644 --- a/hydra/modules/sysadmin/dns.scm +++ b/hydra/modules/sysadmin/dns.scm @@ -47,6 +47,7 @@ (define hydra-ip4 "18.4.89.46") (define bayfront-ip4 "185.233.100.56") (define berlin-ip4 "141.80.181.40") +(define milano-guix-1-ip4 "159.149.133.203") (define-zone-entries guix.gnu.org.zone ;; Name TTL Class Type Data @@ -89,6 +90,7 @@ ("issues" "" "IN" "A" berlin-ip4) ("logs" "" "IN" "A" bayfront-ip4) ("ci" "" "IN" "A" berlin-ip4) + ("data" "" "IN" "A" milano-guix-1-ip4) ;; This record is required in order to prove to Amazon ACM that we ;; own the domain. As long as it exists, ACM will automatically @@ -102,4 +104,4 @@ (zone (zone-file (origin "guix.gnu.org") (entries guix.gnu.org.zone) - (serial 2019090201))))) + (serial 2019090601)))))