Benjamin Bädorf
16a5ee93cc
fix: enable SSL for keycloak
2023-10-28 23:06:35 +02:00
Benjamin Bädorf
ce24876f3d
feat: add keycloak secrets and virtualhost
2023-10-28 23:06:35 +02:00
Benjamin Bädorf
5139cbe2db
feat: init keycloak
2023-10-28 23:06:35 +02:00
b12f
a02d1ee5b2
Merge pull request 'fix: nginx mastodon WEB_DOMAIN LOCAL_DOMAIN' ( #26 ) from mastodon-fix-web-domain into main
...
Reviewed-on: pub-solar/infra-new#26
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-10-28 23:04:44 +02:00
teutat3s
347d175a8a
feat: add mastodon redirects for OIDC using keycloak
2023-10-28 23:00:07 +02:00
teutat3s
310723a18c
fix: nginx tls connection to upstream
2023-10-28 22:52:57 +02:00
teutat3s
401baf5900
fix: nginx files.pub.solar proxy_pass host header
2023-10-28 22:15:40 +02:00
teutat3s
e9fc2dabbe
fix: enable recommendedProxySettings for nginx
...
https://search.nixos.org/options?channel=unstable&from=0&size=50&sort=relevance&type=packages&query=recommendedProxySettings
2023-10-28 21:42:01 +02:00
teutat3s
8b09f19add
fix: nginx user needs access to mastodon's unix socket
2023-10-28 21:30:37 +02:00
teutat3s
6f4741fae0
fix: missing nginx proxy cache zone
2023-10-28 21:12:33 +02:00
teutat3s
1983edcc5b
fix: add nginx virtualHost for mastodon
...
We use pub.solar as our LOCAL_DOMAIN and mastodon.pub.solar as our
WEB_DOMAIN. The NixOS module does not support this special use case.
See: https://github.com/NixOS/nixpkgs/issues/202399
2023-10-28 18:56:22 +02:00
teutat3s
b718a29d3a
Merge pull request 'nginx: files.pub.solar' ( #23 ) from feature/nginx-mastodon-files into main
...
Reviewed-on: pub-solar/infra-new#23
Reviewed-by: hensoko <hensoko@gssws.de>
2023-10-28 18:24:40 +02:00
teutat3s
d4ab1756b3
fix: files.pub.solar force TLS, remove default site
2023-10-28 18:24:14 +02:00
Hendrik Sokolowski
1d68ed73c3
add nginx virtual host for files.pub.solar
2023-10-28 18:24:13 +02:00
teutat3s
8a0ac64eac
Merge pull request 'fix: nginx config for pub.solar website' ( #22 ) from fix-nginx into main
...
Reviewed-on: pub-solar/infra-new#22
Reviewed-by: hensoko <hensoko@gssws.de>
2023-10-28 18:22:40 +02:00
teutat3s
f804de372c
Merge pull request 'feat: mastodon + agenix secrets' ( #13 ) from feat-mastodon into main
...
Reviewed-on: pub-solar/infra-new#13
Reviewed-by: hensoko <hensoko@gssws.de>
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
2023-10-28 18:22:31 +02:00
teutat3s
c162d46094
fix: address review comments
2023-10-28 18:18:06 +02:00
teutat3s
1e19efe20e
docs: add comment about streaming processes
2023-10-28 18:07:29 +02:00
teutat3s
5ffc4f67ff
fix: nginx config for pub.solar website
2023-10-28 17:50:37 +02:00
b12f
a35969e8e4
Merge pull request 'fix: ensure directory for website static files gets created' ( #21 ) from nginx-www-website-path into main
...
Reviewed-on: pub-solar/infra-new#21
Reviewed-by: hensoko <hensoko@gssws.de>
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-10-28 17:03:44 +02:00
teutat3s
6408288049
fix: ensure directory for website static files gets created
2023-10-28 17:03:22 +02:00
teutat3s
0944b2d11c
feat: enable nginx for mastodon
...
https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/services/web-apps/mastodon.nix#L762-L785
2023-10-28 17:02:03 +02:00
teutat3s
e43cb021ce
feat: use mastodon version 4.2.1 from our fork
...
This still needs updates in the NixOS module to account for the changes
in https://github.com/mastodon/mastodon/pull/24655 that change how
multiple streaming processes run. Hopefully this is fine for a single
streaming process though.
https://github.com/NixOS/nixpkgs/pull/251950
https://github.com/teutat3s/nixpkgs/tree/mastodon-4.2.1
2023-10-28 16:57:24 +02:00
teutat3s
65689ae524
chore: remove unused nachtigall user keys
2023-10-28 16:57:24 +02:00
teutat3s
2135a5e841
chore: move mastodon + postgres into apps directory
2023-10-28 16:57:23 +02:00
hensoko
0f527e3f41
Merge pull request 'feature/pub-solar-website' ( #20 ) from feature/pub-solar-website into main
...
Reviewed-on: pub-solar/infra-new#20
2023-10-28 16:56:49 +02:00
hensoko
5dcbb8e526
Merge pull request 'feature/pub-solar-website' ( #20 ) from feature/pub-solar-website into main
...
Reviewed-on: pub-solar/infra-new#20
2023-10-28 16:45:30 +02:00
Benjamin Bädorf
c56f11a034
chore: remove link for PubsolarOS downloads
2023-10-28 16:31:16 +02:00
Hendrik Sokolowski
6630dd8ce6
Add nginx configuration for pub.solar website
2023-10-28 16:26:02 +02:00
Hendrik Sokolowski
05b880da4b
Update to new standards
2023-10-28 16:25:48 +02:00
hensoko
1fde142895
Merge pull request 'use nginx' ( #19 ) from feature/switch-from-caddy-to-nginx into main
...
Reviewed-on: pub-solar/infra-new#19
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-10-28 15:35:17 +02:00
Hendrik Sokolowski
710b81c94c
use nginx
2023-10-28 15:34:31 +02:00
b12f
f0eb3fd4f4
Merge pull request 'fix: mount zfs datasets declaratively' ( #18 ) from fix-zfs-mount into main
...
Reviewed-on: pub-solar/infra-new#18
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-10-28 15:20:56 +02:00
teutat3s
3690b3cf9d
fix: mount zfs datasets declaratively
2023-10-28 15:19:48 +02:00
b12f
14c647e8f7
Merge pull request 'Use deploy-rs from nixpkgs, use caddy module from nixos-unstable' ( #17 ) from deploy-rs-from-nixpkgs into main
...
Reviewed-on: pub-solar/infra-new#17
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-10-28 15:07:29 +02:00
teutat3s
a5b32302c1
fix: use caddy module from nixos-unstable
2023-10-28 15:06:57 +02:00
teutat3s
3c9f9c9fc7
fix: use deploy-rs overlay to force usage of nixpkgs
2023-10-28 15:06:57 +02:00
Akshay Mankar
49890bc53d
Merge pull request 'nachtigall: Mount /var/lib as a separate ZFS dataset' ( #16 ) from var-lib-is-zfs into main
...
Reviewed-on: pub-solar/infra-new#16
Reviewed-by: hensoko <hensoko@gssws.de>
2023-10-28 14:18:27 +02:00
Akshay Mankar
fcc2115c0b
Merge pull request 'nachtigall/apps/caddy: Remove option from nixos-unstable' ( #15 ) from fix-caddy into main
...
Reviewed-on: pub-solar/infra-new#15
Reviewed-by: hensoko <hensoko@gssws.de>
2023-10-28 14:17:13 +02:00
Akshay Mankar
c42fadab6d
nachtigall: Mount /var/lib as a separate ZFS dataset
...
This would help keep all application data out of the root partion by default
2023-10-28 14:14:29 +02:00
Akshay Mankar
bdc5033bf4
nachtigall/apps/caddy: Remove option from nixos-unstable
...
It is anyway enabled by default
2023-10-28 14:10:25 +02:00
b12f
44f301c772
Merge pull request 'feat: caddy' ( #11 ) from feat/caddy into main
...
Reviewed-on: pub-solar/infra-new#11
Reviewed-by: teutat3s <teutates@mailbox.org>
2023-10-28 14:00:40 +02:00
Benjamin Bädorf
8aee160fd1
fix: import networking and nix modules
2023-10-28 14:00:32 +02:00
Benjamin Bädorf
b921201645
feat: caddy
2023-10-28 14:00:32 +02:00
Akshay Mankar
41d6c334bc
Merge pull request 'Use nixos-23.05 instead of unstable' ( #14 ) from use-nixos-stable into main
...
Reviewed-on: pub-solar/infra-new#14
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-10-28 14:00:29 +02:00
teutat3s
b6f75c2c27
Merge pull request 'chore: remove darwin systems from flake' ( #12 ) from flake-update-systems into main
...
Reviewed-on: pub-solar/infra-new#12
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
2023-10-28 13:51:18 +02:00
teutat3s
e7febf5403
chore: remove darwin systems
2023-10-28 13:48:56 +02:00
Akshay Mankar
c23bc00f19
Use nixos-23.05 instead of unstable
2023-10-28 13:47:10 +02:00
Akshay Mankar
5a7d81d787
flake.nix: Fix usage of self.nixos-flake.lib.mkLinuxSystem
2023-10-28 13:46:05 +02:00
Akshay Mankar
c9beea7f82
Merge pull request 'Add dev shell' ( #10 ) from dev-shell into main
...
Reviewed-on: pub-solar/infra-new#10
Reviewed-by: teutat3s <teutates@mailbox.org>
2023-10-28 13:38:05 +02:00