Commit graph

357 commits

Author SHA1 Message Date
Max
d9ed574742 VEGAS/matrix: don't chown the generated db config 2022-12-18 00:45:03 +01:00
Max
9e6cc6b4c9 VEGAS/nextcloud: upgrade package 24 -> 25 2022-12-17 21:50:42 +01:00
Max
81e58eca02 VEGAS/nextcloud: disable broken ciphers 2022-12-17 21:50:42 +01:00
Max
f1685ef060 VEGAS/monitoring: move stuff into settings 2022-12-17 21:50:42 +01:00
Max
dbf4d05613 VEGAS/virtualisation: enable PolKit as per module requirements 2022-12-17 21:50:42 +01:00
Max
8ccb1477db VEGAS/monitoring: extraOptions -> settings 2022-12-17 21:50:42 +01:00
Max
49e1b408be VEGAS/monitoring: new datasource provisioning format 2022-12-17 21:50:42 +01:00
Max
1423a45b3a cluster/services/hercules-ci-multi-agent: init
obsoletes modules/hercules-ci-agent

Hercules CI orgs:
- private-void
- nixpak
2022-11-23 16:24:04 +01:00
Max
93b7118de9 hosts/VEGAS: drop all outgoing traffic to private IP addresses 2022-11-17 16:55:43 +01:00
Max
125ab8c3a5 VEGAS/minecraft/0fyy6ksf: end contract 2022-11-15 18:27:38 +01:00
Ikoe Tanioka
90b58c617c Extra ASCIIS to, you guessed it, /ascii 2022-11-01 21:54:37 +00:00
Ikoe Tanioka
8a3bf03298 Introduce 'proper' MotD printout post-boot 2022-10-31 22:58:43 +00:00
Max
d560d76028 cluster/services/nginx: init from host-specific modules 2022-10-31 18:14:39 +01:00
f7f656416b hosts/soda: make last not show IP 2022-10-28 20:04:24 +01:00
Max
9aa68e4b16 hosts/VEGAS: remove hydra service 2022-10-23 21:35:56 +02:00
Max
41aad67a83 cluster/services/ipfs: init from modules/ipfs 2022-10-19 20:33:36 +02:00
Max
b7cf168ada VEGAS/monitoring: revert semantically wrong statix fix 2022-10-17 15:03:08 +02:00
Max
142a640154 treewide: apply deadnix fixes 2022-10-17 14:54:48 +02:00
Max
dbbf2330fd treewide: apply statix fixes 2022-10-17 14:47:11 +02:00
c8eb3fc8be VEGAS/minecraft: disable num server 2022-10-17 10:15:56 +02:00
Max
94e69da757 hosts/VEGAS: expose some networks via hyprspace 2022-10-08 12:12:09 +02:00
Max
d1d4651ed7 VEGAS/minecraft/0fyy6ksf: allow flight 2022-10-04 17:19:59 +02:00
Max
54a362965b VEGAS/minecraft: add instance 0fyy6ksf 2022-10-02 18:19:54 +02:00
Max
a464843680 VEGAS/wireguard-server: switch port 2022-09-24 14:19:58 +02:00
Max
b06fa54537 hosts/prophet: switch hyprspace port 2022-09-24 13:25:00 +02:00
Max
2a8366a781 hosts/VEGAS: switch hyprspace port 2022-09-24 13:04:43 +02:00
Max
8962c1072e cleanup 2022-09-01 23:05:39 +02:00
Max
3e804e48d0 VEGAS/mail: update admins alias 2022-09-01 13:02:21 +02:00
Max
bee83b5ced VEGAS/mail: discard unsolicited messages from trypioneer 2022-08-31 21:37:08 +02:00
Max
dac9c2fb3c VEGAS/websites: add back custom Soda error pages 2022-08-28 22:32:47 +02:00
Max
5fb0285de2 VEGAS/fbi: use local mediamanagers group 2022-08-26 23:44:17 +02:00
Max
4ae3618c0f VEGAS/sso: remove expensive check 2022-08-25 23:04:41 +02:00
Max
187a77b1e8 VEGAS/matrix: work around inaccurate assertions 2022-08-10 01:09:22 +02:00
Max
5035bdaa09 VEGAS/database: disable postgres 2022-08-10 01:02:24 +02:00
Max
2d9e5462a7 VEGAS/nextcloud: remove leftover postgres config 2022-08-10 01:01:49 +02:00
Max
e038d8180d VEGAS/matrix: use Patroni database, move dataDir 2022-08-10 00:31:17 +02:00
Max
35189ed6de VEGAS/gitlab: use Patroni database 2022-08-09 22:33:05 +02:00
Max
0689f5586c VEGAS/hydra: rekey DB credentials, use Patroni database 2022-08-09 22:03:48 +02:00
Max
175d3c8b13 cluster/services/websites: init 2022-08-09 20:10:25 +02:00
Max
3e1041ed85 VEGAS/fbi: start mediamanagement.slice after nss-user-lookup 2022-08-09 19:07:48 +02:00
Max
5b4c240c80 VEGAS/nextcloud: restart setup service on failure 2022-08-08 23:15:08 +02:00
Max
88b214bce1 VEGAS/matrix: fix CORS policy 2022-08-08 20:32:13 +02:00
Max
50f689c2ec VEGAS/matrix: switch to Cinny web client 2022-08-08 20:31:22 +02:00
Max
0614be7afb VEGAS/nextcloud: rekey secrets and move to Patroni database 2022-08-07 23:38:56 +02:00
Max
df62cbfe93 VEGAS/sso: use Patroni database 2022-08-07 22:54:59 +02:00
Max
06e2f36f5e VEGAS/websites: remove unused 2022-08-07 21:59:54 +02:00
Max
52459c42c1 cluster/services/acme-client: init 2022-08-07 21:06:17 +02:00
Max
5356ba97c6 cluster/services/dns: init 2022-08-07 20:01:48 +02:00
Max
bc2118ed45 VEGAS/websites: host stop-using-nix-env 2022-08-06 16:18:10 +02:00
Max
90ac208ae7 VEGAS/websites: host landing page from packages 2022-08-06 00:46:37 +02:00
Max
dc1cee54b6 VEGAS/monitoring: fix Prometheus targets 2022-08-04 01:10:11 +02:00
Max
0ee7b151b3 hosts/prophet: enable SSS 2022-08-04 00:39:55 +02:00
Max
232ff31ded VEGAS/monitoring: adjust loki for new monitoring clients 2022-08-03 23:36:50 +02:00
Max
c001885bab VEGAS/fbi: use dedicated service accounts 2022-08-01 22:49:55 +02:00
Max
ad9ccc5ff3 VEGAS/mail: postfix-setup: wait for networking 2022-08-01 22:21:24 +02:00
Max
f1f819e92c VEGAS/ipfs: fix typo 2022-08-01 21:52:35 +02:00
Max
b4f6cdd697 VEGAS/ipfs: set IOSchedulingPriority 2022-08-01 21:52:19 +02:00
Max
0304498986 VEGAS/ipfs: raise LimitNOFILE 2022-08-01 21:22:50 +02:00
Max
52cff6f0c7 VEGAS/matrix: less log spam 2022-08-01 21:10:44 +02:00
Max
0a4dd13316 Revert "packages/oauth2-proxy: patch keycloak token bug" and "modules/oauth2-proxy: use patched package"
Fix merged in version 7.3.0 upstream.
This reverts commit 1fb7853b52.
This reverts commit e847db9dc0.
2022-08-01 17:51:58 +02:00
Max
453bca08b3 VEGAS/mc-num: use standard JRE 2022-07-31 22:57:46 +02:00
Max
8d4fabf934 meta: reduce overlay usage 2022-07-31 22:36:07 +02:00
Max
0178038278 VEGAS/database: disable unused MariaDB 2022-07-31 20:37:43 +02:00
Max
e11484050d VEGAS/blog: drop 2022-07-31 20:35:57 +02:00
Max
06fb64bd9d VEGAS/peering: switch to es1, rekey 2022-07-24 23:06:27 +02:00
Max
d905231a6a services/cdn-shield: optimize wttr.in caching 2022-07-11 21:51:13 +02:00
Max
2fee49cf71 services/cdn-shield: provide wttr.in cache 2022-07-11 21:35:02 +02:00
Max
183cd53e84 VEGAS/hydra: allow access to Sourcehut 2022-07-01 16:41:05 +02:00
Max
80936c5694
services/searxng: enable JSON response format 2022-06-22 18:39:01 +02:00
Max
91a29e5255 services/dns: add DNS-over-TLS resolver 2022-06-19 14:04:46 +02:00
Max
303532b2fb services/sso: add tracing 2022-06-19 00:16:25 +02:00
Max
60fca938fb services/monitoring: enable node graph and service graph 2022-06-18 23:24:12 +02:00
Max
b39418084f services/monitoring: enable experimental Grafana tracing features 2022-06-18 22:33:30 +02:00
Max
929262f400 services/monitoring: loki-grpc on localhost 2022-06-18 22:10:57 +02:00
Max
4ab8e32e94 packages/grafana: 8.5.6 -> 9.0.0 2022-06-18 21:50:27 +02:00
Max
6458dd76ef services/monitoring: enable trace searching 2022-06-18 21:03:04 +02:00
Max
b16fbed8a3 services/monitoring: tempo: run as tempo user 2022-06-18 20:53:08 +02:00
Max
cefabc1e93 services/{monitoring,ipfs}: tracing: use port-magic v2 2022-06-18 20:21:13 +02:00
Max
4a00c891af Merge branch 'tracing' 2022-06-18 20:11:51 +02:00
Max
df43950cb7 VEGAS/containers@soda: wait for the vmdefault interface 2022-06-18 19:48:22 +02:00
Max
cf9afa3042 services/mail: postfix: wait for primary interface 2022-06-18 19:42:27 +02:00
Max
cf713a6a9e services/sips: remove 2022-06-18 18:51:27 +02:00
Max
6c3b268306 Merge branch 'updates-20220618' 2022-06-18 18:51:27 +02:00
Max
35e3bb3e49 services/gitlab: gitlab-runner: wait for gitlab.target 2022-06-18 18:51:27 +02:00
Max
ed8e11c6f4 services/dns: coredns: wait for vstub 2022-06-18 18:51:27 +02:00
Max
376697ecae services/monitoring: loki: wait for hyprspace 2022-06-18 18:51:27 +02:00
Max
9911767ec1 VEGAS/containers@soda: wait for libvirtd 2022-06-18 18:51:27 +02:00
Max
5a3d67e6da services/mail: postfix: wait for vstub 2022-06-18 18:18:39 +02:00
Max
26ab120eaa services/mail: use addresses from hosts config 2022-06-18 17:26:32 +02:00
Max
59d5f9d884 treewide: implement port-magic v2 2022-06-18 02:44:51 +02:00
Max
3ff51f2f13 VEGAS/ipfs: log traces to Tempo 2022-06-17 21:29:22 +02:00
Max
a6f613dc31 services/monitoring: add tracing via Grafana Tempo 2022-06-17 21:22:47 +02:00
Max
12bec01363 services/fbi: add fbi-index 2022-06-08 21:03:18 +02:00
Max
282d2666cc services/meet: disable video by default 2022-06-07 19:10:33 +02:00
Max
e847db9dc0 modules/oauth2-proxy: use patched package 2022-06-07 18:39:37 +02:00
Max
8c72443ab1 services/monitoring: Reduce Loki log spam 2022-05-31 21:28:03 +02:00
Max
0c8612149e services/monitoring: Fix Loki frontend address 2022-05-31 21:27:31 +02:00
Max
21730a2365 services/matrix: log to main journal namespace 2022-05-31 21:17:22 +02:00
Max
a43f3fda01 services/sso: check keycloak 2022-05-31 11:48:07 +02:00
Max
4c45c05465 modules/redis: listen on default port 2022-05-31 10:23:57 +02:00
Max
90387c419d services/blog: wait for mysql 2022-05-31 10:17:53 +02:00
Max
3d64a7e429 services/dns: remove dnssec-enable 2022-05-31 09:38:48 +02:00
Max
e8fdf82b9a modules/redis: modify config for 22.05 2022-05-31 09:19:10 +02:00
Max
39c7d1acf6 services/nextcloud: nextcloud23 -> nextcloud24 2022-05-31 09:19:10 +02:00
Max
2ba609fdb5 services/api: modify config for 22.05 2022-05-31 09:19:10 +02:00
Max
45351f77da modules/nginx: modify config for 22.05 2022-05-31 09:19:10 +02:00
Max
27826f48e0 modules/mysql: modify config for 22.05 2022-05-31 09:19:10 +02:00
Max
399fb4b5d8 services/matrix: modify config for 22.05 2022-05-31 09:19:10 +02:00
Max
e223885972 services/sso: modify config for 22.05 2022-05-31 09:19:10 +02:00
Max
a496f5311b services/meet: log to main journal namespace 2022-05-29 14:44:34 +02:00
Max
551c6739a4 soda: fix package installation 2022-05-28 22:00:08 +02:00
Max
37258071e7 services/backbone-routing: forward soda container 2022-05-28 21:56:37 +02:00
Max
2abaa859ab soda: add all the ASCII art 2022-05-28 21:54:50 +02:00
Max
8d56f4aeb2 soda: custom shell profile 2022-05-28 21:54:12 +02:00
Max
bcf8a9ba96 hosts/VEGAS: run soda container 2022-05-28 21:53:15 +02:00
Max
5b01d00114 hosts/soda: init 2022-05-28 21:53:03 +02:00
Max
63eaced3a7 services/sso: use standard JRE 2022-05-27 18:31:00 +02:00
Max
afe2fd64ed services/warehouse: only use required OpenGL drivers 2022-05-27 18:15:34 +02:00
Max
a1d67266ca modules/virtualisation: use qemu_kvm package 2022-05-27 18:15:34 +02:00
Max
6a588b3853 services/minecraft/num: use standard JRE 2022-05-27 18:13:34 +02:00
Max
1872b092ec services/dns: use stevenblack-hosts package 2022-05-27 01:15:21 +02:00
Max
a547aa2fdd services/object-storage: fix console redirect 2022-05-26 23:59:29 +02:00
Max
77759e449c services/object-storage: use OpenID 2022-05-26 23:59:29 +02:00
Max
bcc2f53914 services/object-storage: use built-in console 2022-05-26 23:59:29 +02:00
Max
a370fd5436 services/searxng: use dark theme by default 2022-05-26 20:16:24 +02:00
Max
bb566a7b27 services/searxng: disable engines by default: bing, brave 2022-05-26 19:14:25 +02:00
Max
2052458c5c services/searxng: use Mullvad SOCKS proxies 2022-05-26 18:12:01 +02:00
Max
349bd0d307 services/backbone-routing: add Mullvad connection 2022-05-26 18:09:26 +02:00
Max
70dcacf828 hosts/VEGAS: load dm-raid1 2022-05-26 00:13:09 +02:00
Max
99a011514f services/searxng: disable logging 2022-05-25 20:50:55 +02:00
Max
09f3f85a6b services/searxng: init 2022-05-25 20:50:55 +02:00
Max
54116aafea services/websites: host ky.rip 2022-05-21 13:56:56 +02:00
Max
31b8a989fa modules/fail2ban: increase findtime to 12h 2022-05-18 22:39:40 +02:00
Max
b012ca1964 modules/fail2ban: global dynamic bantime 2022-05-17 10:40:35 +02:00
Max
256118c2b4 enable nix-builder 2022-05-16 23:13:57 +02:00
Max
5f13c5eb49 services/mail: use dynamically increasing fail2ban bantime for postfix 2022-05-16 19:11:53 +02:00
Max
917aec5b3a services/monitoring: allow WebSocket connections 2022-05-16 00:11:36 +02:00
Max
0cd40f0f47 VEGAS/ipfs: expose metrics 2022-05-16 00:10:58 +02:00
Max
1d32eb782e modules/nginx: log to syslog in logfmt format 2022-05-16 00:10:14 +02:00
Max
0249ecdcc3 services/monitoring: add Loki 2022-05-16 00:09:07 +02:00
Max
243b91babf services/meet: enable monitoring 2022-05-15 00:35:02 +02:00
Max
7c72acee59 hosts/VEGAS: add monitoring service 2022-05-15 00:34:09 +02:00
Max
e3887d0573 service/wireguard-server: bypass firewalls 2022-05-03 09:16:21 +02:00
Max
3268921a92 hosts/VEGAS: replace OpenVPN with WireGuard 2022-04-28 23:47:23 +02:00
Max
fd7ae38e66 hosts/VEGAS: add uptime-kuma 2022-04-27 22:08:49 +02:00
Max
f81493f0c8 hosts/prophet: Oracle VCN fuckup 2022-04-14 19:13:46 +02:00
Max
b2175bd0dc services/meet: bypass firewalls yet again 2022-04-08 14:42:14 +02:00
Max
e6070763fc hosts/prophet: add hercules-ci-agent 2022-03-31 19:43:17 +02:00
Max
2a3725af7a hosts/VEGAS: add hercules-ci-agent 2022-03-31 19:42:49 +02:00
Max
6555133984 VEGAS/minecraft: add instance for num 2022-03-25 21:32:30 +01:00