teutat3s
9f633582d1
feat: add well-known for matrix support contacts
2023-11-25 14:28:23 +01:00
Akshay Mankar
ccbfb211fd
matrix: Point DNS to nachtigall
2023-11-19 18:21:45 +01:00
Akshay Mankar
8a2d946206
matrix: Use production domains
2023-11-19 18:17:58 +01:00
Akshay Mankar
35afcd9682
matrix: Make public rooms discoverable over federation
2023-11-19 18:12:08 +01:00
Akshay Mankar
fe284a20d9
matrix: Fix typo
2023-11-19 18:12:08 +01:00
Akshay Mankar
f0c3178b4d
matrix: Use greenbaum cloud for sending emails
2023-11-19 18:12:07 +01:00
Akshay Mankar
7fcefe4b85
matrix: Use chat.pub.solar as invite_client_location
2023-11-19 18:12:07 +01:00
Akshay Mankar
8a2f83c96a
nachtigall: Deploy coturn and configure matrix to use it
2023-11-19 18:08:15 +01:00
Akshay Mankar
6d39ccc6d4
Merge pull request 'element: Add themes' ( #70 ) from feat/element-themes into main
...
Reviewed-on: pub-solar/infra#70
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2023-11-19 16:22:03 +00:00
Akshay Mankar
a2e7adbc79
element: Add themes
2023-11-19 16:03:24 +01:00
Akshay Mankar
569bb5f875
Merge pull request 'matrix: Import config for IRC' ( #69 ) from feat/matrix-irc into main
...
Reviewed-on: pub-solar/infra#69
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2023-11-19 14:52:58 +00:00
Akshay Mankar
e12b3d5c40
matrix: Import config for IRC
2023-11-19 14:53:14 +01:00
teutat3s
a9ac74efc6
Merge pull request 'fix: forgejo needs module from nixos-unstable for SSH access to work' ( #68 ) from fix/forgejo-ssh into main
...
Reviewed-on: pub-solar/infra#68
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-19 12:58:56 +00:00
teutat3s
7037abb8f3
fix: forgejo needs module from nixos-unstable
...
for SSH access
2023-11-19 02:23:34 +01:00
teutat3s
8bc731da6e
Merge pull request 'feat: backups to hetzner storagebox' ( #66 ) from feat/backups-to-storagebox into main
...
Reviewed-on: pub-solar/infra#66
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-18 22:13:17 +00:00
teutat3s
40ed46b05b
Merge pull request 'feat: pull in forgejo + mastodon updates early' ( #64 ) from feat/early-forgejo-mastodon-updates into main
...
Reviewed-on: pub-solar/infra#64
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-18 22:13:06 +00:00
teutat3s
e41127593b
Merge pull request 'fix(nextcloud): push server is not a trusted proxy' ( #62 ) from fix/nextcloud-trusted-proxies into main
...
Reviewed-on: pub-solar/infra#62
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-18 22:12:50 +00:00
b12f
7d58094d23
Merge pull request 'fix: add nix registry setting to speed up ad-hoc flake usage' ( #61 ) from fix/nix-registries into main
...
Reviewed-on: pub-solar/infra#61
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-18 22:08:12 +00:00
teutat3s
a461fc72f6
feat(backups): start backups in 5 minute interval
2023-11-18 22:41:48 +01:00
b12f
62d751e7bd
Merge pull request 'feat: add docs for deletion requests and keycloak tasks' ( #60 ) from feat/keycloak-and-deletion-docs into main
...
Reviewed-on: pub-solar/infra#60
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-18 21:35:22 +00:00
b12f
aa23765ff3
Merge pull request 'feat: add back matrix test domain' ( #63 ) from feat/add-back-matrix-test-domain into main
...
Reviewed-on: pub-solar/infra#63
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-18 21:33:40 +00:00
teutat3s
2195b7ed0a
feat: backups to hetzner storagebox
2023-11-18 22:30:23 +01:00
teutat3s
37176a52ce
feat: mastodon module updates from nixos-unstable
...
Pull in changes from https://github.com/NixOS/nixpkgs/pull/251950 early
2023-11-18 18:46:23 +01:00
teutat3s
eeb15c93fc
feat: update forgejo to version 1.20.5-0
...
https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#1-20-5-0
2023-11-18 18:45:58 +01:00
teutat3s
b7657db2cb
chore: bump flake inputs, remove mastodon-fork input
...
• Removed input 'mastodon-fork'
• Updated input 'nixpkgs':
'github:nixos/nixpkgs/d4b5a67bbe9ef750bd2fdffd4cad400dd5553af8' (2023-11-14)
→ 'github:nixos/nixpkgs/9fb122519e9cd465d532f736a98c1e1eb541ef6f' (2023-11-16)
• Updated input 'unstable':
'github:nixos/nixpkgs/e44462d6021bfe23dfb24b775cc7c390844f773d' (2023-11-12)
→ 'github:nixos/nixpkgs/c757e9bd77b16ca2e03c89bf8bc9ecb28e0c06ad' (2023-11-17)
2023-11-18 18:43:32 +01:00
teutat3s
4861593b25
fix: auth.pub.solar now runs on nachtigall
2023-11-18 18:19:34 +01:00
teutat3s
d26b3c12f4
fix(nextcloud): push server is not a trusted proxy
...
The nextcloud push service would fail with the following error message
when deploying a new version:
please add '2a01:4f8:172:1c25::1' to the list of trusted proxies or
configure any existing reverse proxy to forward the 'x-forwarded-for'
send by the push server
The following x-forwarded-for header was received by Nextcloud: 1.2.3.4
The following trusted proxies are currently configured: "127.0.0.1", "::1"
https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/reverse_proxy_configuration.html#defining-trusted-proxies
2023-11-18 18:12:38 +01:00
teutat3s
c88a0608f6
fix: matrix delegation via well-known for test domain
...
We use pub.solar as our server_name and matrix.pub.solar:8448 for matrix
federation traffic. The well-known record served at
https://pub.solar/.well-known/matrix/server should point to
matrix.pub.solar:8448. The same is true for test.pub.solar and
matrix.test.pub.solar:8448.
https://matrix-org.github.io/synapse/latest/delegate.html
2023-11-18 17:46:56 +01:00
teutat3s
f213f93085
fix: remove nix from devshell
...
This caused nix version 2.13 being using in the devshell instead of
recent version 2.18, which we use by default in PubSolarOS
2023-11-18 17:33:28 +01:00
Benjamin Bädorf
33e003d4b4
feat: add wellknown for matrix test domain
2023-11-18 17:32:56 +01:00
teutat3s
38a6e5e084
fix: add nix registry setting to speed up ad-hoc flake
...
usage, e.g. via nix shell nixpkgs#<flake-name>
2023-11-16 22:05:04 +01:00
teutat3s
50e84225c3
feat: add various keycloak docs
2023-11-16 22:04:29 +01:00
teutat3s
7d68dec709
feat: add docs for deletion requests
2023-11-16 22:04:09 +01:00
b12f
0e83deff1b
Merge pull request 'chore: update flake inputs' ( #57 ) from update-flake-inputs into main
...
Reviewed-on: pub-solar/infra#57
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-15 23:25:38 +00:00
teutat3s
da393fa1ed
chore: update flake inputs
...
• Updated input 'deploy-rs':
'github:serokell/deploy-rs/e3f41832680801d0ee9e2ed33eb63af398b090e9' (2023-09-18)
→ 'github:serokell/deploy-rs/660180bbbeae7d60dad5a92b30858306945fd427' (2023-11-02)
• Updated input 'home-manager':
'github:nix-community/home-manager/07682fff75d41f18327a871088d20af2710d4744' (2023-09-19)
→ 'github:nix-community/home-manager/04bac349d585c9df38d78e0285b780a140dc74a4' (2023-11-12)
• Updated input 'nix-darwin':
'github:lnl7/nix-darwin/afe83cbc2e673b1f08d32dd0f70df599678ff1e7' (2023-10-27)
→ 'github:lnl7/nix-darwin/e67f2bf515343da378c3f82f098df8ca01bccc5f' (2023-11-13)
• Updated input 'nixos-flake':
'github:srid/nixos-flake/2c25190ceacdaaae7e8afbecfa87096bb499a431' (2023-08-22)
→ 'github:srid/nixos-flake/40010feda1ac1afdcc2571ef550ef3de44926b0e' (2023-11-12)
• Updated input 'nixpkgs':
'github:nixos/nixpkgs/60b9db998f71ea49e1a9c41824d09aa274be1344' (2023-10-26)
→ 'github:nixos/nixpkgs/d4b5a67bbe9ef750bd2fdffd4cad400dd5553af8' (2023-11-14)
• Updated input 'unstable':
'github:nixos/nixpkgs/63678e9f3d3afecfeafa0acead6239cdb447574c' (2023-10-26)
→ 'github:nixos/nixpkgs/e44462d6021bfe23dfb24b775cc7c390844f773d' (2023-11-12)
2023-11-15 21:54:38 +01:00
teutat3s
3104253b89
Merge pull request 'mediawiki' ( #51 ) from mediawiki into main
...
Reviewed-on: pub-solar/infra#51
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2023-11-15 20:54:05 +00:00
teutat3s
31002fbf11
fix: rebase leftover
2023-11-15 21:44:11 +01:00
teutat3s
f2364b314a
fix: keycloak secret file permissions
2023-11-15 21:43:44 +01:00
b12f
f5185e5c15
feat: add mediawiki
...
Co-authored-by: @teutat3s <teutates@mailbox.org>
2023-11-15 21:40:29 +01:00
b12f
6642a69ca4
Merge pull request 'fix: link to our statutes / satzung' ( #56 ) from fix/nextcloud-link-satzung into main
...
Reviewed-on: pub-solar/infra#56
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-15 18:54:54 +00:00
teutat3s
25549fdc53
fix: link to our statutes / satzung
2023-11-15 18:54:47 +00:00
b12f
e3650e2ecd
Merge pull request 'feat: flora-6' ( #48 ) from feat/flora-6 into main
...
Reviewed-on: pub-solar/infra#48
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-15 18:54:38 +00:00
teutat3s
d5922ff2b8
fix: disable DNSSEC for now because of an issue in
...
systemd https://github.com/systemd/systemd/issues/10579
Without this change, there are random SERVFAIL responses with Greenbaum DNS
when using allow-downgrade. Fixes DNS queries for lev-1.int.greenbaum.zone
❯ dig obs-portal.svc.e5756d08-36fd-424b-f8bc-acdb92ca7b82.lev-1.int.greenbaum.zone
; <<>> DiG 9.18.19 <<>> obs-portal.svc.e5756d08-36fd-424b-f8bc-acdb92ca7b82.lev-1.int.greenbaum.zone
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1871
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;obs-portal.svc.e5756d08-36fd-424b-f8bc-acdb92ca7b82.lev-1.int.greenbaum.zone. IN A
;; ANSWER SECTION:
obs-portal.svc.e5756d08-36fd-424b-f8bc-acdb92ca7b82.lev-1.int.greenbaum.zone. 22 IN A 192.168.128.82
;; Query time: 105 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Thu Nov 09 10:38:02 UTC 2023
;; MSG SIZE rcvd: 121
2023-11-15 18:54:32 +00:00
teutat3s
3e0af35c75
wip: actions runner
2023-11-15 18:54:32 +00:00
teutat3s
9c1d19d49f
nachtigall: move SSH private key from user to host
2023-11-15 18:54:32 +00:00
teutat3s
43512ae6e7
forgejo-actions-runner: use Node.js docker images
...
Regenerate auth token
2023-11-15 18:54:32 +00:00
teutat3s
1bd7e5c0e7
docs: clean up
2023-11-15 18:54:32 +00:00
teutat3s
f24a29196c
secrets: add drone, forgejo-actions-runner secrets and rekey
2023-11-15 18:54:32 +00:00
teutat3s
7be3567e6d
flora-6: refactor to use flake.parts
2023-11-15 18:54:32 +00:00
b12f
7cc7517d9c
Merge pull request 'ci: run flake checks only on pull requests' ( #55 ) from ci-on-pr-only into main
...
Reviewed-on: pub-solar/infra#55
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-15 18:47:13 +00:00