Commit graph

659 commits

Author SHA1 Message Date
teutat3s e52324209f
alertmanager: fix SMTP secret 2024-05-15 17:15:46 +02:00
teutat3s bd4241e71d
caddy: use alerts.pub.solar domain for vhost 2024-05-15 16:17:54 +02:00
teutat3s d1a68a7c13
secrets: fix too open permissions 2024-05-15 16:01:44 +02:00
teutat3s 9245fa6797
alertmanager: finalize init 2024-05-15 16:01:44 +02:00
teutat3s a8a8155114
style: treefmt with nixfmt-rfc-style 2024-05-15 16:01:44 +02:00
Pablo Ovelleiro Corral 11f5557a7a
Add reverseproxy for alerts.pub.solar
Co-authored-by: teutat3s <teutat3s@noreply.git.pub.solar>
2024-05-15 16:01:43 +02:00
Pablo Ovelleiro Corral 2679b897a0
Autoformat dns.tf 2024-05-15 16:01:43 +02:00
Pablo Ovelleiro Corral 8b7f547276
Add dns entry 2024-05-15 16:01:43 +02:00
Pablo Ovelleiro Corral 7e2bcfc5cf
Add alertmanager config 2024-05-15 16:01:42 +02:00
teutat3s f9f2b45611
Merge pull request 'secrets: rekey for ryzensun' (#191) from chore/secrets-rekey into main
Reviewed-on: pub-solar/infra#191
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-05-15 14:00:54 +00:00
teutat3s ece7c42efc
Merge pull request 'maintenance: update element-web, glibc, nextcloud, php, others' (#190) from chore/updates into main
Reviewed-on: pub-solar/infra#190
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-05-15 13:22:24 +00:00
teutat3s f329fbe26d
secrets: rekey for ryzensun
See #188
2024-05-15 00:22:39 +02:00
teutat3s c2df933174
ci: set pipefail
Don't add inputs to gc roots
2024-05-15 00:02:51 +02:00
teutat3s 091256b67a
chore: bump flake inputs
• Updated input 'agenix':
    'github:ryantm/agenix/24a7ea390564ccd5b39b7884f597cfc8d7f6f44e' (2024-04-26)
  → 'github:ryantm/agenix/8d37c5bdeade12b6479c85acd133063ab53187a0' (2024-05-09)
• Updated input 'deploy-rs':
    'github:serokell/deploy-rs/88b3059b020da69cbe16526b8d639bd5e0b51c8b' (2024-04-01)
  → 'github:serokell/deploy-rs/b3ea6f333f9057b77efd9091119ba67089399ced' (2024-05-14)
• Updated input 'home-manager':
    'github:nix-community/home-manager/86853e31dc1b62c6eeed11c667e8cdd0285d4411' (2024-04-25)
  → 'github:nix-community/home-manager/ab5542e9dbd13d0100f8baae2bc2d68af901f4b4' (2024-05-10)
• Updated input 'nix-darwin':
    'github:lnl7/nix-darwin/230a197063de9287128e2c68a7a4b0cd7d0b50a7' (2024-04-24)
  → 'github:lnl7/nix-darwin/de8b0d60d6fd34f35abffc46adc94ebaa6996ce2' (2024-05-14)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/651b4702e27a388f0f18e1b970534162dec09aff' (2024-05-04)
  → 'github:nixos/nixpkgs/44072e24566c5bcc0b7aa9178a0104f4cfffab19' (2024-05-12)
• Updated input 'unstable':
    'github:nixos/nixpkgs/25865a40d14b3f9cf19f19b924e2ab4069b09588' (2024-05-05)
  → 'github:nixos/nixpkgs/2057814051972fa1453ddfb0d98badbea9b83c06' (2024-05-12)
2024-05-14 18:32:04 +02:00
teutat3s 05be0ab39d
Merge pull request 'logins: add ryzensun to teutat3s logins' (#188) from logins/add-ryzensun into main
Reviewed-on: pub-solar/infra#188
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-05-14 12:07:27 +00:00
teutat3s 71f2b70725
Merge pull request 'style: update git-blame-ignore-revs' (#187) from chore/git-blame-ignore-revs into main
Reviewed-on: pub-solar/infra#187
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-05-14 12:07:19 +00:00
teutat3s c856130766
logins: add ryzensun to teutat3s logins 2024-05-09 01:58:15 +02:00
teutat3s 12be57b04e
style: update git-blame-ignore-revs 2024-05-08 23:14:34 +02:00
teutat3s 599e69fcaf
Merge pull request 'style: check formatting using nixpkgs standard and fail early in CI to enforce it' (#183) from ci/check-formatting into main
Reviewed-on: pub-solar/infra#183
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2024-05-08 21:00:50 +00:00
teutat3s 2ca0bd7c3e
style: run treefmt 2024-05-08 22:57:07 +02:00
teutat3s affdc02afe
style: check formatting using nixpkgs standard and
fail early in CI to enforce it
2024-05-08 22:56:28 +02:00
teutat3s 5bfb7de44b
Merge pull request 'docs: add CONTRIBUTING' (#186) from docs/contributing into main
Reviewed-on: pub-solar/infra#186
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2024-05-08 20:38:35 +00:00
teutat3s 1184fcedb3
Merge pull request 'Add AGPL LICENSE' (#185) from init-license into main
Reviewed-on: pub-solar/infra#185
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2024-05-08 20:38:27 +00:00
b12f c7f6810e6c
Merge pull request 'refactor: use options for config parts' (#184) from refactor/config-options into main
Reviewed-on: pub-solar/infra#184
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2024-05-08 20:37:52 +00:00
teutat3s d47e1b9e2e
docs: add CONTRIBUTING 2024-05-08 22:29:11 +02:00
teutat3s a5de110181
Add AGPL LICENSE 2024-05-08 22:28:45 +02:00
Benjamin Yule Bädorf 68278ad983
refactor: use options for config parts
This works towards having reusable modules

* `config.pub-solar-os.networking.domain` is used for the main domain
* `config.pub-solar-os.privacyPolicUrl` links towards the privacy policy
* `config.pub-solar-os.imprintUrl` links towards the imprint
* `config.pub-solar-os.auth.enable` enables the keycloak installation.
  This is needed because `config.pub-solar-os.auth` has to be available
  everywhere, but we do not want to install keycloak everywhere.
* `config.pub-solar-os.auth.realm` sets the keycloak realm name
2024-05-08 19:47:47 +02:00
teutat3s aa7ab4bc6b
Merge pull request 'matrix: init stickerpicker' (#181) from feat/matrix-stickerpicker into main
Reviewed-on: pub-solar/infra#181
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-05-07 18:57:41 +00:00
teutat3s ff9703e542
matrix: init stickerpicker 2024-05-07 17:47:55 +02:00
teutat3s 9a3a00d25f
Merge pull request 'chore: update element-web, matrix-synapse and others' (#180) from chore/update-flake into main
Reviewed-on: pub-solar/infra#180
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
2024-05-06 18:31:55 +00:00
teutat3s a91ff24a7d
chore: add results to gitignore 2024-05-06 19:39:30 +02:00
teutat3s 5ffde90324
chore: bump flake inputs
• Updated input 'agenix':
    'github:ryantm/agenix/1381a759b205dff7a6818733118d02253340fd5e?narHash=sha256-/JdiT9t%2BzzjChc5qQiF%2BjhrVhRt8figYH29rZO7pFe4%3D' (2024-04-02)
  → 'github:ryantm/agenix/24a7ea390564ccd5b39b7884f597cfc8d7f6f44e?narHash=sha256-BtWQ2Th/jamO1SlD%2B2ASSW5Jaf7JhA/JLpQHk0Goqpg%3D' (2024-04-26)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/9126214d0a59633752a136528f5f3b9aa8565b7d?narHash=sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm%2BGpZNw%3D' (2024-04-01)
  → 'github:hercules-ci/flake-parts/e5d10a24b66c3ea8f150e47dfdb0416ab7c3390e?narHash=sha256-yzcRNDoyVP7%2BSCNX0wmuDju1NUCt8Dz9%2BlyUXEI0dbI%3D' (2024-05-02)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/d8fe5e6c92d0d190646fb9f1056741a229980089?dir=lib&narHash=sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk%3D' (2024-03-29)
  → '50eb7ecf4c.tar.gz?narHash=sha256-QBx10%2Bk6JWz6u7VsohfSw8g8hjdBZEf8CFzXH1/1Z94%3D' (2024-05-02)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/dd37924974b9202f8226ed5d74a252a9785aedf8?narHash=sha256-fFE3M0vCoiSwCX02z8VF58jXFRj9enYUSTqjyHAjrds%3D' (2024-04-24)
  → 'github:nixos/nixpkgs/651b4702e27a388f0f18e1b970534162dec09aff?narHash=sha256-tbg0MEuKaPcUrnmGCu4xiY5F%2B7LW2%2BECPKVAJd2HLwM%3D' (2024-05-04)
• Updated input 'unstable':
    'github:nixos/nixpkgs/572af610f6151fd41c212f897c71f7056e3fb518?narHash=sha256-cfh1hi%2B6muQMbi9acOlju3V1gl8BEaZBXBR9jQfQi4U%3D' (2024-04-23)
  → 'github:nixos/nixpkgs/25865a40d14b3f9cf19f19b924e2ab4069b09588?narHash=sha256-UlRZtrCnhPFSJlDQE7M0eyhgvuuHBTe1eJ9N9AQlJQ0%3D' (2024-05-05)
2024-05-06 19:39:16 +02:00
teutat3s def76f8776
Merge pull request 'Put modules into uniform folders - part 2' (#179) from auto-modules into main
Reviewed-on: pub-solar/infra#179
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2024-05-06 16:57:41 +00:00
teutat3s c738f2d41f
modules: remove leftover apps dir 2024-04-30 00:57:46 +02:00
Pablo Ovelleiro Corral 512ab12de1
Put modules into uniform folders 2024-04-28 19:17:09 +02:00
teutat3s 477e419312
Merge pull request 'refactor: Move all apps into modules' (#175) from refactor/modules into main
Reviewed-on: pub-solar/infra#175
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-04-28 16:28:28 +00:00
b12f 667824928b
Merge pull request 'Add official formatter to flake' (#176) from pinpox/infra:add-nixfmt into main
Reviewed-on: pub-solar/infra#176
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-04-28 16:15:25 +00:00
Benjamin Yule Bädorf ef94681e11
refactor: Move all apps into modules 2024-04-28 18:07:28 +02:00
Pablo Ovelleiro Corral c7b743e4dd
Add official formatter to flake
Allows running `nix fmt`, which will format using the official style as
agreed upon in nixpkgs
2024-04-28 17:54:09 +02:00
teutat3s f18fee25e4
Merge pull request 'Add .editorconfig file with tabs as indentation' (#172) from feat/add-editorconfig into main
Reviewed-on: pub-solar/infra#172
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2024-04-28 15:26:59 +00:00
Hendrik Sokolowski fee6ce74c7
Merge pull request 'docs: add rough documentation about obs-portal' (#173) from feat/obs-portal-nachtigall into main
Reviewed-on: pub-solar/infra#173
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2024-04-28 12:13:09 +00:00
Hendrik Sokolowski a278c178b0
docs: obs-portal: add prosaic sugar 2024-04-28 02:03:03 +02:00
Hendrik Sokolowski 75c7e2dcf5
docs: add rough documentation about obs-portal 2024-04-28 01:23:42 +02:00
teutat3s 41798a1cd6
Merge pull request 'obs-portal: init obs-portal on nachtigall' (#115) from feat/obs-portal-nachtigall into main
Reviewed-on: pub-solar/infra#115
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2024-04-27 23:14:50 +00:00
Hendrik Sokolowski 10c86c6b20
nachtigall: obs-portal: remove tiles mount 2024-04-28 01:07:49 +02:00
Hendrik Sokolowski 1d6c5003e8
nachtigall: obs-portal: fix dependencies of docker network unit and portal 2024-04-28 01:05:43 +02:00
Hendrik Sokolowski fef1874938
update obs-portal dns target 2024-04-27 22:45:26 +02:00
Hendrik Sokolowski c74394449d
remove git conflict heading 2024-04-27 22:45:21 +02:00
Benjamin Yule Bädorf d280b29394
obs-portal: init obs-portal on nachtigall
This follows the official installation instructions at https://github.com/openbikesensor/portal/blob/main/docs/production-deployment.md

Unfortunately, the postgres database needs to have postgis enabled, so
we'll have to start a second instance. To stay close to the official
deployment instructions, this is running in docker.

The secrets were taken from the old installation instance. During
initial installation, we'll need to import data from the old instance
into this one, which might take a while.
2024-04-27 22:45:07 +02:00
Benjamin Yule Bädorf c49e47dc30
Add .editorconfig file with tabs as indentation
Just use tabs guys
2024-04-27 20:47:07 +02:00