b12f
acc537decd
hosts: use correct wireguardDevices option
2024-11-20 16:49:39 +01:00
teutat3s
7ba5a7bdd6
matrix: disable sliding-sync proxy, it's built into
...
synapse now, update synapse config to use matrix-authentication-service
2024-10-30 20:31:29 +01:00
b12f
041d311bb2
modules/matrix: rename used config options
2024-10-30 18:37:47 +01:00
teutat3s
9d9bcf9a15
mas: move to module, add secrets for prod
2024-10-30 18:37:46 +01:00
b12f
4434a90136
modules/matrix: rename secrets to not include hostnames
2024-10-30 18:37:46 +01:00
teutat3s
9d7d251369
style: fix formatting
2024-10-30 18:37:46 +01:00
teutat3s
7775ad332e
matrix: do not change paths for nachtigall secrets
2024-10-30 18:37:46 +01:00
teutat3s
d6cc9c8164
matrix-authentication-service: init host underground
...
to test mas, related to #242
2024-10-30 18:37:45 +01:00
teutat3s
2c29d27ce7
style: remove redundant brackets
2024-10-23 20:18:03 +02:00
teutat3s
31a885926b
trinkgenossin: fix network in initrd, virtio_net
...
kernel module was missing. Also this is a QEMU host, hyperV is not
required.
2024-10-23 20:17:32 +02:00
teutat3s
987c0919ca
style: fix formatting
2024-10-17 20:31:47 +02:00
teutat3s
c39cf9c0b9
mastodon: update to version 4.3.0 from nixos-unstable
...
https://github.com/mastodon/mastodon/releases/tag/v4.3.0
https://github.com/NixOS/nixpkgs/pull/337545/files
2024-10-17 20:31:47 +02:00
teutat3s
df2f0d4442
flake: refactor, bye srid
...
Refactor flake to work without nixos-flake and use native NixOS module
system. This is because of recent changes to nixos-flake, like renaming it
to nixos-unified and changing the API without a changelog or guide how
to update.
2024-10-05 14:03:40 +02:00
teutat3s
8600fc64c5
wireguard: fix trinkgenossin IPv4 address
2024-10-05 13:03:40 +02:00
teutat3s
21a1ae15cb
trinkgenossin: fix duplicate promtail, prometheus-exporter
2024-09-10 16:02:26 +02:00
teutat3s
19723f3812
monitoring: add prometheus-exporter, promtail to
...
delite, blue-shell
add instance labels to garage scrape jobs
2024-09-10 16:02:26 +02:00
teutat3s
ec5e9896fd
delite: use static IP in initrd, DHCP not working
2024-09-10 16:02:25 +02:00
b12f
1ec5bafa30
flora-6: remove
...
This commit removes the flora-6 host. All services are moved to
trinkgenossin, with the drone service being removed completely in favour
of forgejo actions.
2024-09-10 16:02:24 +02:00
teutat3s
2e16c77956
secrets: rename restic-repo-storagebox{,-nachtigall}
...
To use a restic repository per host
2024-08-29 16:22:58 +02:00
teutat3s
e2ba1aacf4
mail: add backups to garage bucket + storagebox
...
Restic backups to garage S3 bucket metronom-backups
2024-08-29 16:19:24 +02:00
teutat3s
d2389497c2
Merge pull request 'garage: initial cluster' ( #222 ) from garage-cluster into main
...
Reviewed-on: pub-solar/infra#222
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-08-28 15:55:16 +00:00
teutat3s
4626fd85c0
mediawiki: add backups to garage bucket + storagebox
...
Restic backups to garage S3 bucket nachtigall-backups
https://garagehq.deuxfleurs.fr/documentation/connect/backup/#restic
2024-08-28 17:13:34 +02:00
teutat3s
88b76beb5c
keycloak: use backups module
...
Co-authored-by: b12f <b12f@noreply.git.pub.solar>
Co-authored-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-08-27 10:09:07 +02:00
teutat3s
e857c6198b
modules/backup: init
...
Co-authored-by: b12f <b12f@noreply.git.pub.solar>
Co-authored-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-08-27 10:04:10 +02:00
teutat3s
a0b52d51e5
nachtigall: make postgres wait for zfs mount
...
Co-authored-by: b12f <b12f@noreply.git.pub.solar>
Co-authored-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-08-27 10:00:42 +02:00
teutat3s
f236962e17
garage: add monitoring, connect to grafana + loki
...
https://garagehq.deuxfleurs.fr/documentation/reference-manual/monitoring/
2024-08-25 00:18:09 +02:00
teutat3s
d32abd7a7f
wireguard: add trinkgenossin, delite, blue-shell
2024-08-25 00:13:53 +02:00
teutat3s
15b507904f
garage: init buckets.pub.solar, use nginx as reverse proxy
...
https://garagehq.deuxfleurs.fr/documentation/cookbook/reverse-proxy/
2024-08-24 21:48:48 +02:00
teutat3s
b0790876ec
style: format using nixfmt-rfc-style
2024-08-24 17:39:49 +02:00
teutat3s
83b7e3e11e
hosts: init blue-shell
2024-08-24 03:02:15 +02:00
teutat3s
4ef9781d10
hosts: init delite
2024-08-24 03:01:46 +02:00
teutat3s
ca8e578b11
hosts: init trinkgenossin
2024-08-24 03:00:01 +02:00
Benjamin Yule Bädorf
8ce50bb73b
tt-rss: add pub.solar specific configuration
2024-07-17 15:22:58 +02:00
teutat3s
153ef69daf
metronom: enable ZFS auto scrub once per month
2024-06-23 15:16:04 +02:00
teutat3s
af5abfc712
nachtigall: enable ZFS auto scrub once per month
2024-06-23 15:14:30 +02:00
teutat3s
e127c668f6
metronom, tankstelle: cleanup for SSH only via wireguard
2024-06-08 23:52:08 +02:00
teutat3s
6ea916603c
networking: set networking.domain in core module
2024-06-06 19:30:11 +02:00
teutat3s
4350cbf7c4
tankstelle: add promtail, prometheus node-exporter
...
for monitoring, configure wireguard between flora-6 and tankstelle
2024-06-06 12:53:49 +02:00
teutat3s
b93608a8fa
metronom: add promtail, prometheus node-exporter
...
configure wireguard to push logs to and scrape metrics from flora-6
open firewall for node-exporter port on wg-ssh interface
2024-06-06 12:52:55 +02:00
teutat3s
008e14f2d2
mail: add missing NixOS module to metronom
2024-06-06 12:49:58 +02:00
teutat3s
0038be3d2c
metronom: use wireguard IP for SSH, lock down SSH
...
port access to wireguard only
2024-05-31 16:52:04 +02:00
teutat3s
9a9dccf5bb
mail: move NixOS module to modules
2024-05-31 16:52:04 +02:00
teutat3s
c5dfb472f8
style: treefmt
2024-05-31 16:52:04 +02:00
teutat3s
1ca1168d7a
mail: switch to mail.pub.solar
2024-05-31 16:52:04 +02:00
teutat3s
b6f64a1e04
mail: add more @pub.solar mail accounts
2024-05-31 16:52:03 +02:00
Hendrik Sokolowski
af233793fb
initial work on mail
2024-05-31 16:52:01 +02:00
teutat3s
941eff6d87
tankstelle: configure wireguard
2024-05-30 19:17:21 +02:00
teutat3s
5aa1276e85
ci: add nix to PATH
2024-05-30 19:04:40 +02:00
teutat3s
cc70a740a1
ci: run actions runner as normal user
2024-05-30 19:04:40 +02:00
teutat3s
866785ef47
style: format using treefmt
2024-05-30 19:04:40 +02:00