Lix infrastructure guide
Information about adminstering Lix's infrastructure.
Machine and service overview
The Lix infrastructure is maintained with Nix code at https://git.lix.systems/lix-project/web-ser...
Auth/SSO systems
A major part of Lix infrastructure is the authentication/SSO systems. Here, you can find informat...
Changing names, emails, etc
The Lix project endeavours to not deadname people, because we believe in human decency. However, ...
How accounts work
Lix has one source of truth for authentication: Keycloak (identity.lix.systems). Most services ar...
How do permissions work?
In an ideal world, all permissions are managed directly in Keycloak and propagated down to downst...
Assigning Groups
See How do permissions work? for implementation details. tldr; Go to the admin console (no trail...
Buildbot runbook
Our buildbot instance has a habit of breaking due to excess load. Restarting the worker If the wo...
Why
Why? Why self-host all your own infrastructure? We tried not to, at the very beginning of the pro...
Obliterating history from Git
To obliterate history from the Git repo means removing it from three different sources: Gerrit, F...
Tooling improvements
We use a lot of tooling. There are papercuts we run into with our use cases that we would really ...
Postmortems
Working with S3
Introduction We use garage, an open-source server compatible with Amazon's S3 API, hosted on our ...