Re: Solstice infrastructure hackathon

From: Ludovic Courtès
Subject: Re: Solstice infrastructure hackathon
Date: Wed, 22 Dec 2021 01:44:19 +0100
Hello Guix!

Ludovic Courtès <> skribis:

> Here are tasks that were brought up:
>   • Set up a backup server for, the head node of the
>, possibly moving some services such as the web site
>     there.
>   • Add DNS redundancy for so it can point to one of two
>     hosts (need to figure out certbot challenges so both machines can
>     update their certificates).
>   • Set up with sysadmin status updates (possibly
>     using Prometheus?).
>   • Come up with a plan to add disks to the RAID array on bayfront, the
>     head node of
>   • Work on a plan to back up the Disarchive database currently on
>     berlin.guix.
>   • Work on a plan to mirror nars from ci.guix and bordeaux.guix, using
>     plain rsync or <>.
>   • Have a documented procedure to set up substitute mirrors, such as
>     the one in .cn (I can’t find the URL), ideally with plain rsync
>     access.

A small but dedicated bunch of people made progress on several of these
items today, in a loosely coordinated fashion on IRC—which perhaps made
it hard to get started, let us know what you think would help you join!

Most of the progress so far is visible in the commit log of the
maintenance repository:

There’s IPv6, use of nar-herder to distribute bordeaux.guix substitutes,
I/O performance testing on a possible ci.guix head node
replacement/backup, web site replication, backups over rsync from berlin
to bordeaux, and more.

We have yet to complete support for web site replication: adding nginx
rules on the backup, having point to the two hosts, setting
up Let’s Encrypt.  This should be within reach quickly.

Other items above are yet to be addressed.  Our next priority should be
to have an off-site copy of the ci.guix substitutes.

Overall I think we need to aim for complete redundancy of the main
services.  The good news is that this Guix System thing greatly
simplifies the work!

To be continued with a second session sometime in January!


