Commit graph

599 commits

Author SHA1 Message Date
teutat3s ece7c42efc
Merge pull request 'maintenance: update element-web, glibc, nextcloud, php, others' (#190) from chore/updates into main
Reviewed-on: pub-solar/infra#190
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-05-15 13:22:24 +00:00
teutat3s f329fbe26d
secrets: rekey for ryzensun
See #188
2024-05-15 00:22:39 +02:00
teutat3s c2df933174
ci: set pipefail
Don't add inputs to gc roots
2024-05-15 00:02:51 +02:00
teutat3s 091256b67a
chore: bump flake inputs
• Updated input 'agenix':
    'github:ryantm/agenix/24a7ea390564ccd5b39b7884f597cfc8d7f6f44e' (2024-04-26)
  → 'github:ryantm/agenix/8d37c5bdeade12b6479c85acd133063ab53187a0' (2024-05-09)
• Updated input 'deploy-rs':
    'github:serokell/deploy-rs/88b3059b020da69cbe16526b8d639bd5e0b51c8b' (2024-04-01)
  → 'github:serokell/deploy-rs/b3ea6f333f9057b77efd9091119ba67089399ced' (2024-05-14)
• Updated input 'home-manager':
    'github:nix-community/home-manager/86853e31dc1b62c6eeed11c667e8cdd0285d4411' (2024-04-25)
  → 'github:nix-community/home-manager/ab5542e9dbd13d0100f8baae2bc2d68af901f4b4' (2024-05-10)
• Updated input 'nix-darwin':
    'github:lnl7/nix-darwin/230a197063de9287128e2c68a7a4b0cd7d0b50a7' (2024-04-24)
  → 'github:lnl7/nix-darwin/de8b0d60d6fd34f35abffc46adc94ebaa6996ce2' (2024-05-14)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/651b4702e27a388f0f18e1b970534162dec09aff' (2024-05-04)
  → 'github:nixos/nixpkgs/44072e24566c5bcc0b7aa9178a0104f4cfffab19' (2024-05-12)
• Updated input 'unstable':
    'github:nixos/nixpkgs/25865a40d14b3f9cf19f19b924e2ab4069b09588' (2024-05-05)
  → 'github:nixos/nixpkgs/2057814051972fa1453ddfb0d98badbea9b83c06' (2024-05-12)
2024-05-14 18:32:04 +02:00
teutat3s 05be0ab39d
Merge pull request 'logins: add ryzensun to teutat3s logins' (#188) from logins/add-ryzensun into main
Reviewed-on: pub-solar/infra#188
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-05-14 12:07:27 +00:00
teutat3s 71f2b70725
Merge pull request 'style: update git-blame-ignore-revs' (#187) from chore/git-blame-ignore-revs into main
Reviewed-on: pub-solar/infra#187
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-05-14 12:07:19 +00:00
teutat3s c856130766
logins: add ryzensun to teutat3s logins 2024-05-09 01:58:15 +02:00
teutat3s 12be57b04e
style: update git-blame-ignore-revs 2024-05-08 23:14:34 +02:00
teutat3s 599e69fcaf
Merge pull request 'style: check formatting using nixpkgs standard and fail early in CI to enforce it' (#183) from ci/check-formatting into main
Reviewed-on: pub-solar/infra#183
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2024-05-08 21:00:50 +00:00
teutat3s 2ca0bd7c3e
style: run treefmt 2024-05-08 22:57:07 +02:00
teutat3s affdc02afe
style: check formatting using nixpkgs standard and
fail early in CI to enforce it
2024-05-08 22:56:28 +02:00
teutat3s 5bfb7de44b
Merge pull request 'docs: add CONTRIBUTING' (#186) from docs/contributing into main
Reviewed-on: pub-solar/infra#186
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2024-05-08 20:38:35 +00:00
teutat3s 1184fcedb3
Merge pull request 'Add AGPL LICENSE' (#185) from init-license into main
Reviewed-on: pub-solar/infra#185
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2024-05-08 20:38:27 +00:00
b12f c7f6810e6c
Merge pull request 'refactor: use options for config parts' (#184) from refactor/config-options into main
Reviewed-on: pub-solar/infra#184
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2024-05-08 20:37:52 +00:00
teutat3s d47e1b9e2e
docs: add CONTRIBUTING 2024-05-08 22:29:11 +02:00
teutat3s a5de110181
Add AGPL LICENSE 2024-05-08 22:28:45 +02:00
Benjamin Yule Bädorf 68278ad983
refactor: use options for config parts
This works towards having reusable modules

* `config.pub-solar-os.networking.domain` is used for the main domain
* `config.pub-solar-os.privacyPolicUrl` links towards the privacy policy
* `config.pub-solar-os.imprintUrl` links towards the imprint
* `config.pub-solar-os.auth.enable` enables the keycloak installation.
  This is needed because `config.pub-solar-os.auth` has to be available
  everywhere, but we do not want to install keycloak everywhere.
* `config.pub-solar-os.auth.realm` sets the keycloak realm name
2024-05-08 19:47:47 +02:00
teutat3s aa7ab4bc6b
Merge pull request 'matrix: init stickerpicker' (#181) from feat/matrix-stickerpicker into main
Reviewed-on: pub-solar/infra#181
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-05-07 18:57:41 +00:00
teutat3s ff9703e542
matrix: init stickerpicker 2024-05-07 17:47:55 +02:00
teutat3s 9a3a00d25f
Merge pull request 'chore: update element-web, matrix-synapse and others' (#180) from chore/update-flake into main
Reviewed-on: pub-solar/infra#180
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
2024-05-06 18:31:55 +00:00
teutat3s a91ff24a7d
chore: add results to gitignore 2024-05-06 19:39:30 +02:00
teutat3s 5ffde90324
chore: bump flake inputs
• Updated input 'agenix':
    'github:ryantm/agenix/1381a759b205dff7a6818733118d02253340fd5e?narHash=sha256-/JdiT9t%2BzzjChc5qQiF%2BjhrVhRt8figYH29rZO7pFe4%3D' (2024-04-02)
  → 'github:ryantm/agenix/24a7ea390564ccd5b39b7884f597cfc8d7f6f44e?narHash=sha256-BtWQ2Th/jamO1SlD%2B2ASSW5Jaf7JhA/JLpQHk0Goqpg%3D' (2024-04-26)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/9126214d0a59633752a136528f5f3b9aa8565b7d?narHash=sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm%2BGpZNw%3D' (2024-04-01)
  → 'github:hercules-ci/flake-parts/e5d10a24b66c3ea8f150e47dfdb0416ab7c3390e?narHash=sha256-yzcRNDoyVP7%2BSCNX0wmuDju1NUCt8Dz9%2BlyUXEI0dbI%3D' (2024-05-02)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/d8fe5e6c92d0d190646fb9f1056741a229980089?dir=lib&narHash=sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk%3D' (2024-03-29)
  → '50eb7ecf4c.tar.gz?narHash=sha256-QBx10%2Bk6JWz6u7VsohfSw8g8hjdBZEf8CFzXH1/1Z94%3D' (2024-05-02)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/dd37924974b9202f8226ed5d74a252a9785aedf8?narHash=sha256-fFE3M0vCoiSwCX02z8VF58jXFRj9enYUSTqjyHAjrds%3D' (2024-04-24)
  → 'github:nixos/nixpkgs/651b4702e27a388f0f18e1b970534162dec09aff?narHash=sha256-tbg0MEuKaPcUrnmGCu4xiY5F%2B7LW2%2BECPKVAJd2HLwM%3D' (2024-05-04)
• Updated input 'unstable':
    'github:nixos/nixpkgs/572af610f6151fd41c212f897c71f7056e3fb518?narHash=sha256-cfh1hi%2B6muQMbi9acOlju3V1gl8BEaZBXBR9jQfQi4U%3D' (2024-04-23)
  → 'github:nixos/nixpkgs/25865a40d14b3f9cf19f19b924e2ab4069b09588?narHash=sha256-UlRZtrCnhPFSJlDQE7M0eyhgvuuHBTe1eJ9N9AQlJQ0%3D' (2024-05-05)
2024-05-06 19:39:16 +02:00
teutat3s def76f8776
Merge pull request 'Put modules into uniform folders - part 2' (#179) from auto-modules into main
Reviewed-on: pub-solar/infra#179
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2024-05-06 16:57:41 +00:00
teutat3s c738f2d41f
modules: remove leftover apps dir 2024-04-30 00:57:46 +02:00
Pablo Ovelleiro Corral 512ab12de1
Put modules into uniform folders 2024-04-28 19:17:09 +02:00
teutat3s 477e419312
Merge pull request 'refactor: Move all apps into modules' (#175) from refactor/modules into main
Reviewed-on: pub-solar/infra#175
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-04-28 16:28:28 +00:00
b12f 667824928b
Merge pull request 'Add official formatter to flake' (#176) from pinpox/infra:add-nixfmt into main
Reviewed-on: pub-solar/infra#176
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-04-28 16:15:25 +00:00
Benjamin Yule Bädorf ef94681e11
refactor: Move all apps into modules 2024-04-28 18:07:28 +02:00
Pablo Ovelleiro Corral c7b743e4dd
Add official formatter to flake
Allows running `nix fmt`, which will format using the official style as
agreed upon in nixpkgs
2024-04-28 17:54:09 +02:00
teutat3s f18fee25e4
Merge pull request 'Add .editorconfig file with tabs as indentation' (#172) from feat/add-editorconfig into main
Reviewed-on: pub-solar/infra#172
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2024-04-28 15:26:59 +00:00
Hendrik Sokolowski fee6ce74c7
Merge pull request 'docs: add rough documentation about obs-portal' (#173) from feat/obs-portal-nachtigall into main
Reviewed-on: pub-solar/infra#173
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2024-04-28 12:13:09 +00:00
Hendrik Sokolowski a278c178b0
docs: obs-portal: add prosaic sugar 2024-04-28 02:03:03 +02:00
Hendrik Sokolowski 75c7e2dcf5
docs: add rough documentation about obs-portal 2024-04-28 01:23:42 +02:00
teutat3s 41798a1cd6
Merge pull request 'obs-portal: init obs-portal on nachtigall' (#115) from feat/obs-portal-nachtigall into main
Reviewed-on: pub-solar/infra#115
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2024-04-27 23:14:50 +00:00
Hendrik Sokolowski 10c86c6b20
nachtigall: obs-portal: remove tiles mount 2024-04-28 01:07:49 +02:00
Hendrik Sokolowski 1d6c5003e8
nachtigall: obs-portal: fix dependencies of docker network unit and portal 2024-04-28 01:05:43 +02:00
Hendrik Sokolowski fef1874938
update obs-portal dns target 2024-04-27 22:45:26 +02:00
Hendrik Sokolowski c74394449d
remove git conflict heading 2024-04-27 22:45:21 +02:00
Benjamin Yule Bädorf d280b29394
obs-portal: init obs-portal on nachtigall
This follows the official installation instructions at https://github.com/openbikesensor/portal/blob/main/docs/production-deployment.md

Unfortunately, the postgres database needs to have postgis enabled, so
we'll have to start a second instance. To stay close to the official
deployment instructions, this is running in docker.

The secrets were taken from the old installation instance. During
initial installation, we'll need to import data from the old instance
into this one, which might take a while.
2024-04-27 22:45:07 +02:00
Benjamin Yule Bädorf c49e47dc30
Add .editorconfig file with tabs as indentation
Just use tabs guys
2024-04-27 20:47:07 +02:00
teutat3s 5e34acd765
Merge pull request 'Revert "matrix-appservice-irc: remove unneeded syscall override"' (#171) from fix/matrix-appservice-irc into main
Reviewed-on: pub-solar/infra#171
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
2024-04-27 13:50:46 +00:00
teutat3s 2fa3ccf28e
Revert "matrix-appservice-irc: remove unneeded syscall override"
This reverts commit a11255b433.
2024-04-27 01:44:20 +02:00
teutat3s 505d0f34ea
Merge pull request 'nachtigall: synapse security update' (#153) from chore/synapse-security-update into main
Reviewed-on: pub-solar/infra#153
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-04-26 20:48:19 +00:00
teutat3s ddc5c65bf7
chore: bump flake inputs
• Updated input 'home-manager':
    'github:nix-community/home-manager/d6bb9f934f2870e5cbc5b94c79e9db22246141ff?narHash=sha256-dA82pOMQNnCJMAsPG7AXG35VmCSMZsJHTFlTHizpKWQ%3D' (2024-04-06)
  → 'github:nix-community/home-manager/86853e31dc1b62c6eeed11c667e8cdd0285d4411?narHash=sha256-Xn2r0Jv95TswvPlvamCC46wwNo8ALjRCMBJbGykdhcM%3D' (2024-04-25)
• Updated input 'nix-darwin':
    'github:lnl7/nix-darwin/9e7c20ffd056e406ddd0276ee9d89f09c5e5f4ed?narHash=sha256-olEWxacm1xZhAtpq%2BZkEyQgR4zgfE7ddpNtZNvubi3g%3D' (2024-04-19)
  → 'github:lnl7/nix-darwin/230a197063de9287128e2c68a7a4b0cd7d0b50a7?narHash=sha256-lc75rgRQLdp4Dzogv5cfqOg6qYc5Rp83oedF2t0kDp8%3D' (2024-04-24)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/bc194f70731cc5d2b046a6c1b3b15f170f05999c?narHash=sha256-YguPZpiejgzLEcO36/SZULjJQ55iWcjAmf3lYiyV1Fo%3D' (2024-04-19)
  → 'github:nixos/nixpkgs/dd37924974b9202f8226ed5d74a252a9785aedf8?narHash=sha256-fFE3M0vCoiSwCX02z8VF58jXFRj9enYUSTqjyHAjrds%3D' (2024-04-24)
• Updated input 'unstable':
    'github:nixos/nixpkgs/5c24cf2f0a12ad855f444c30b2421d044120c66f?narHash=sha256-XtTSSIB2DA6tOv%2Bl0FhvfDMiyCmhoRbNB%2B0SeInZkbk%3D' (2024-04-19)
  → 'github:nixos/nixpkgs/572af610f6151fd41c212f897c71f7056e3fb518?narHash=sha256-cfh1hi%2B6muQMbi9acOlju3V1gl8BEaZBXBR9jQfQi4U%3D' (2024-04-23)
2024-04-25 19:21:05 +02:00
teutat3s a11255b433
matrix-appservice-irc: remove unneeded syscall override
PR was merged and backported:
https://github.com/NixOS/nixpkgs/pull/271740
2024-04-25 12:37:58 +02:00
teutat3s d62b6cda92
Merge pull request 'ci: update forgejo runner to fix cache' (#152) from ci/update-forgejo-runner into main
Reviewed-on: pub-solar/infra#152
Reviewed-by: Hendrik Sokolowski <hensoko@noreply.git.pub.solar>
2024-04-23 18:18:39 +00:00
teutat3s c580fe0fbb
ci: prevent flake inputs from GC as well 2024-04-23 19:10:20 +02:00
teutat3s 60aef1d038
ci: prevent nix garbage collection 2024-04-23 16:00:16 +02:00
teutat3s fa9ce9d435
gitea-actions-runner: don't run as systemd DynamicUser
to enable usage of cache outside of /var/lib/private
2024-04-23 15:42:33 +02:00
teutat3s 9541e5029e
flora-6: move forgejo-runner cache directory to /data 2024-04-23 15:12:11 +02:00