Commit graph

454 commits

Author SHA1 Message Date
teutat3s 3ac327a750
feat: backup matrix-synapse, matrix-appservice-irc,
mautrix-telegram to storagebox
2023-12-03 13:11:25 +01:00
teutat3s 790848ef69
fix: update keycloak pub.solar theme
1ee87a1884
2023-12-03 12:14:47 +01:00
Akshay Mankar 75270321d5
fix: Allow matrix-appservice-irc to chown things
@chown is part of @privileged. It is used by sed which is used to manage the
registration.yaml
2023-12-02 17:22:28 +01:00
teutat3s becaa9d649
fix: revert mautrix-telegram changes 2023-12-02 16:09:15 +01:00
teutat3s 37528c0874
fix: mautrix-telegram ExecStart missing \ 2023-12-02 15:44:40 +01:00
teutat3s 1cfe140e77
fix: mkForce mautrix-telegram ExecStart 2023-12-02 15:43:52 +01:00
teutat3s 038d80a801
feat: DNS updates
Fix turn domain used by coturn
2023-12-02 15:36:03 +01:00
teutat3s f911ac7bad
fix(matrix-synapse): needs to defince oidc extras
after NixOS module updates
https://nixos.org/manual/nixos/stable/release-notes#sec-release-23.11-highlights
2023-12-02 15:35:02 +01:00
teutat3s 904a73b51d
fix(mautrix-telegram): should not try to update config
See: https://github.com/mautrix/python/pull/152
2023-12-02 15:33:58 +01:00
teutat3s 35a4ac5619
Merge pull request 'feat: NixOS 23.11 Tapir' (#74) from feat/nixos-23.11 into main
Reviewed-on: pub-solar/infra#74
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
2023-12-02 12:53:18 +00:00
teutat3s 3e7af270c1
Merge pull request 'nextcloud: add skeleton directory that adds a good readme for new users' (#73) from feat/nextcloud-improved-skeleton into main
Reviewed-on: pub-solar/infra#73
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2023-12-02 12:53:08 +00:00
teutat3s 7cf6f51516
fix: nextcloud interned strings buffer defaults to 23 now 2023-12-02 11:58:48 +01:00
teutat3s 2ee4bc5682
feat: NixOS 23.11 Tapir
https://nixos.org/manual/nixos/stable/release-notes#sec-release-23.11-highlights

Track nixos-23.11 branch, remove unstable overlays

This will update our services to the following versions:
nextcloud: 27.1.3 -> 27.1.4
forgejo: 1.20.5-0 -> 1.20.6-0
keycloak: 21.1.2 -> 22.0.5
matrix-synapse: 1.95.1 -> 1.97.0

Internal:
postgresql: 14.9 -> 15.5

Flake inputs diff:
• Updated input 'home-manager':
    'github:nix-community/home-manager/28535c3a34d79071f2ccb68671971ce0c0984d7e' (2023-11-19)
  → 'github:nix-community/home-manager/aeb2232d7a32530d3448318790534d196bf9427a' (2023-11-24)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/d2332963662edffacfddfad59ff4f709dde80ffe' (2023-11-30)
  → 'github:nixos/nixpkgs/5de0b32be6e85dc1a9404c75131316e4ffbc634c' (2023-12-01)
2023-12-02 11:13:56 +01:00
Benjamin Bädorf 1d3934693b
nextcloud: add skeleton directory that adds a good readme for new users
Co-authored-by: teutat3s <teutates@mailbox.org>
2023-12-02 11:11:16 +01:00
teutat3s 4d7e1c3c94
chore: bump flake inputs
• Updated input 'agenix':
    'github:ryantm/agenix/daf42cb35b2dc614d1551e37f96406e4c4a2d3e4' (2023-10-08)
  → 'github:ryantm/agenix/13ac9ac6d68b9a0896e3d43a082947233189e247' (2023-11-29)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/8c9fa2545007b49a5db5f650ae91f227672c3877' (2023-11-01)
  → 'github:hercules-ci/flake-parts/34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5' (2023-12-01)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/0cbe9f69c234a7700596e943bfae7ef27a31b735?dir=lib' (2023-10-29)
  → 'github:NixOS/nixpkgs/e92039b55bcd58469325ded85d4f58dd5a4eaf58?dir=lib' (2023-11-29)
• Updated input 'home-manager':
    'github:nix-community/home-manager/04bac349d585c9df38d78e0285b780a140dc74a4' (2023-11-12)
  → 'github:nix-community/home-manager/28535c3a34d79071f2ccb68671971ce0c0984d7e' (2023-11-19)
• Updated input 'nix-darwin':
    'github:lnl7/nix-darwin/e67f2bf515343da378c3f82f098df8ca01bccc5f' (2023-11-13)
  → 'github:lnl7/nix-darwin/4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d' (2023-11-24)
• Updated input 'nixos-flake':
    'github:srid/nixos-flake/40010feda1ac1afdcc2571ef550ef3de44926b0e' (2023-11-12)
  → 'github:srid/nixos-flake/7c9168884128ed4634751b3e2f5553b09d7b8cb0' (2023-11-28)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/9fb122519e9cd465d532f736a98c1e1eb541ef6f' (2023-11-16)
  → 'github:nixos/nixpkgs/d2332963662edffacfddfad59ff4f709dde80ffe' (2023-11-30)
• Updated input 'unstable':
    'github:nixos/nixpkgs/c757e9bd77b16ca2e03c89bf8bc9ecb28e0c06ad' (2023-11-17)
  → 'github:nixos/nixpkgs/e92039b55bcd58469325ded85d4f58dd5a4eaf58' (2023-11-29)
2023-12-02 10:58:38 +01:00
teutat3s 46861d61a2
Merge pull request 'docs: update link to git repo' (#67) from docs/update-link into main
Reviewed-on: pub-solar/infra#67
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
2023-12-01 18:03:55 +00:00
teutat3s ad2eb1fa16
Merge pull request 'Production config for matrix' (#72) from feat/matrix-prod into main
Reviewed-on: pub-solar/infra#72
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2023-11-28 12:58:54 +00:00
Akshay Mankar 2cbc46c154
matrix: Move the whole email section into the secret
Matrix doesn't deep merge the secrets, so this is necessary
2023-11-25 23:37:58 +01:00
teutat3s 9f633582d1
feat: add well-known for matrix support contacts 2023-11-25 14:28:23 +01:00
Akshay Mankar ccbfb211fd
matrix: Point DNS to nachtigall 2023-11-19 18:21:45 +01:00
Akshay Mankar 8a2d946206
matrix: Use production domains 2023-11-19 18:17:58 +01:00
Akshay Mankar 35afcd9682
matrix: Make public rooms discoverable over federation 2023-11-19 18:12:08 +01:00
Akshay Mankar fe284a20d9
matrix: Fix typo 2023-11-19 18:12:08 +01:00
Akshay Mankar f0c3178b4d
matrix: Use greenbaum cloud for sending emails 2023-11-19 18:12:07 +01:00
Akshay Mankar 7fcefe4b85
matrix: Use chat.pub.solar as invite_client_location 2023-11-19 18:12:07 +01:00
Akshay Mankar 8a2f83c96a
nachtigall: Deploy coturn and configure matrix to use it 2023-11-19 18:08:15 +01:00
Akshay Mankar 6d39ccc6d4
Merge pull request 'element: Add themes' (#70) from feat/element-themes into main
Reviewed-on: pub-solar/infra#70
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2023-11-19 16:22:03 +00:00
Akshay Mankar a2e7adbc79
element: Add themes 2023-11-19 16:03:24 +01:00
Akshay Mankar 569bb5f875
Merge pull request 'matrix: Import config for IRC' (#69) from feat/matrix-irc into main
Reviewed-on: pub-solar/infra#69
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
2023-11-19 14:52:58 +00:00
Akshay Mankar e12b3d5c40
matrix: Import config for IRC 2023-11-19 14:53:14 +01:00
teutat3s a9ac74efc6
Merge pull request 'fix: forgejo needs module from nixos-unstable for SSH access to work' (#68) from fix/forgejo-ssh into main
Reviewed-on: pub-solar/infra#68
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-19 12:58:56 +00:00
teutat3s 7037abb8f3
fix: forgejo needs module from nixos-unstable
for SSH access
2023-11-19 02:23:34 +01:00
teutat3s 353d24e643
docs: fix typo in README 2023-11-18 23:17:28 +01:00
teutat3s 5f7e8108c2
docs: update devshell docs with new link 2023-11-18 23:17:05 +01:00
teutat3s 8bc731da6e
Merge pull request 'feat: backups to hetzner storagebox' (#66) from feat/backups-to-storagebox into main
Reviewed-on: pub-solar/infra#66
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-18 22:13:17 +00:00
teutat3s 40ed46b05b
Merge pull request 'feat: pull in forgejo + mastodon updates early' (#64) from feat/early-forgejo-mastodon-updates into main
Reviewed-on: pub-solar/infra#64
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-18 22:13:06 +00:00
teutat3s e41127593b
Merge pull request 'fix(nextcloud): push server is not a trusted proxy' (#62) from fix/nextcloud-trusted-proxies into main
Reviewed-on: pub-solar/infra#62
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-18 22:12:50 +00:00
b12f 7d58094d23
Merge pull request 'fix: add nix registry setting to speed up ad-hoc flake usage' (#61) from fix/nix-registries into main
Reviewed-on: pub-solar/infra#61
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-18 22:08:12 +00:00
teutat3s a461fc72f6
feat(backups): start backups in 5 minute interval 2023-11-18 22:41:48 +01:00
b12f 62d751e7bd
Merge pull request 'feat: add docs for deletion requests and keycloak tasks' (#60) from feat/keycloak-and-deletion-docs into main
Reviewed-on: pub-solar/infra#60
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-18 21:35:22 +00:00
b12f aa23765ff3
Merge pull request 'feat: add back matrix test domain' (#63) from feat/add-back-matrix-test-domain into main
Reviewed-on: pub-solar/infra#63
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
2023-11-18 21:33:40 +00:00
teutat3s 2195b7ed0a
feat: backups to hetzner storagebox 2023-11-18 22:30:23 +01:00
teutat3s 37176a52ce
feat: mastodon module updates from nixos-unstable
Pull in changes from https://github.com/NixOS/nixpkgs/pull/251950 early
2023-11-18 18:46:23 +01:00
teutat3s eeb15c93fc
feat: update forgejo to version 1.20.5-0
https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#1-20-5-0
2023-11-18 18:45:58 +01:00
teutat3s b7657db2cb
chore: bump flake inputs, remove mastodon-fork input
• Removed input 'mastodon-fork'
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/d4b5a67bbe9ef750bd2fdffd4cad400dd5553af8' (2023-11-14)
  → 'github:nixos/nixpkgs/9fb122519e9cd465d532f736a98c1e1eb541ef6f' (2023-11-16)
• Updated input 'unstable':
    'github:nixos/nixpkgs/e44462d6021bfe23dfb24b775cc7c390844f773d' (2023-11-12)
  → 'github:nixos/nixpkgs/c757e9bd77b16ca2e03c89bf8bc9ecb28e0c06ad' (2023-11-17)
2023-11-18 18:43:32 +01:00
teutat3s 4861593b25
fix: auth.pub.solar now runs on nachtigall 2023-11-18 18:19:34 +01:00
teutat3s d26b3c12f4
fix(nextcloud): push server is not a trusted proxy
The nextcloud push service would fail with the following error message
when deploying a new version:

please add '2a01:4f8:172:1c25::1' to the list of trusted proxies or
configure any existing reverse proxy to forward the 'x-forwarded-for'
send by the push server
The following x-forwarded-for header was received by Nextcloud: 1.2.3.4
The following trusted proxies are currently configured: "127.0.0.1", "::1"

https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/reverse_proxy_configuration.html#defining-trusted-proxies
2023-11-18 18:12:38 +01:00
teutat3s c88a0608f6
fix: matrix delegation via well-known for test domain
We use pub.solar as our server_name and matrix.pub.solar:8448 for matrix
federation traffic. The well-known record served at
https://pub.solar/.well-known/matrix/server should point to
matrix.pub.solar:8448. The same is true for test.pub.solar and
matrix.test.pub.solar:8448.

https://matrix-org.github.io/synapse/latest/delegate.html
2023-11-18 17:46:56 +01:00
teutat3s f213f93085
fix: remove nix from devshell
This caused nix version 2.13 being using in the devshell instead of
recent version 2.18, which we use by default in PubSolarOS
2023-11-18 17:33:28 +01:00
Benjamin Bädorf 33e003d4b4
feat: add wellknown for matrix test domain 2023-11-18 17:32:56 +01:00