Commit graph

106 commits

Author SHA1 Message Date
Benjamin Bädorf d69e0350ef
fix: use clean new directory for backups on droppie 2023-11-06 22:59:17 +00:00
Benjamin Bädorf 07df547f33
fix: specify sftp storage for droppie restic backups 2023-11-06 22:59:17 +00:00
teutat3s 428fcab009
fix: store forgejo sessions in DB
See:
https://docs.gitea.com/administration/config-cheat-sheet#session-session
2023-11-06 22:34:51 +01:00
Benjamin Bädorf c8233cf6a7
chore: simplify sudo command for backups 2023-11-06 22:22:36 +01:00
Benjamin Bädorf 052d752d27
feat: add settings_local.json to mailman-web backup 2023-11-06 22:20:29 +01:00
Benjamin Bädorf 841757517f
refactor: small backup refactoring 2023-11-06 21:07:24 +00:00
Benjamin Bädorf 42fbde31e5
feat: droppie backups for all nachtigall services 2023-11-06 21:07:24 +00:00
Benjamin Bädorf e7c70c6cd0
fix: nachtigall root ssh key config fixes 2023-11-06 21:07:24 +00:00
teutat3s 6a96345760
feat: enable gitea actions in forgejo
See: https://docs.gitea.com/usage/actions/quickstart
2023-11-06 22:06:16 +01:00
Benjamin Bädorf e8ad662631
refactor: change file structure to use modules dir
This commit changes the file structure around, so that we have the
following parts:

`/modules` contains reusable logic blocks for hosts.
`/hosts` contains host configurations.
`/lib` contains nix library functions.
`/overlays` contains overlay files.
`/public-keys` contains all information regarding public keys.

This change reduces the complexity of flake.nix, instead delegating this
out to the `default.nix` files in the above directories.
2023-11-06 13:11:30 +01:00
Benjamin Bädorf d011cb04e1
feat: add declarative root ssh key on nachtigall 2023-11-05 19:35:37 +01:00
Benjamin Bädorf 633549159e
fix: keep forgejo email addresses private by default 2023-11-05 15:06:30 +01:00
b12f 90b0fb53e6
Merge pull request 'fix: enable websockets for collabora' (#43) from fix/collabora-websockets into main
Reviewed-on: pub-solar/infra#43
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-11-03 17:12:45 +00:00
teutat3s b9e18a167c
fix: keycloak nginx buffer size
Tune according to
https://www.getpagespeed.com/server-setup/nginx/tuning-proxy_buffer_size-in-nginx
2023-11-03 13:54:11 +01:00
teutat3s cd1fa3daef
fix: enable websockets for collabora
Adopt upstream recommended nginx config
https://sdk.collaboraonline.com/docs/installation/Proxy_settings.html#reverse-proxy-with-nginx-webserver
2023-11-03 12:52:32 +01:00
teutat3s 9fc42c44a8
fix: tune nextcloud / php-fpm pool settings
Calculated on https://spot13.com/pmcalculator/
with 4GiB RAM available, average php-fpm process size 80MiB

Original settings are
pm = dynamic
pm.max_children = 32
pm.max_requests = 500
pm.max_spare_servers = 4
pm.min_spare_servers = 2
pm.start_servers = 2
2023-10-31 21:24:27 +01:00
Benjamin Bädorf cb26fa3d00
chore: disable uwsgi logging on searx 2023-10-29 23:51:28 +01:00
Benjamin Bädorf 1db27813dd
fix: Searx is running 2023-10-29 23:49:45 +01:00
teutat3s a7b3490c15
Merge pull request 'fix: owncast websockets, forgejo max body size in nginx' (#38) from fix-owncast into main
Reviewed-on: pub-solar/infra#38
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-10-29 22:12:21 +00:00
teutat3s 505602bd73
fix: set max body size to 1G for forgejo 2023-10-29 23:04:33 +01:00
teutat3s 9898e35208
fix: enable websockets in nginx for owncast 2023-10-29 23:04:11 +01:00
Benjamin Bädorf edc76ebb1b
chore: add search.pub.solar dns entry 2023-10-29 22:14:13 +01:00
teutat3s e28cedb274
fix: owncast missing import, enable websockets 2023-10-29 22:10:29 +01:00
Benjamin Bädorf fe6edd54b1
feat: searx 2023-10-29 20:57:26 +01:00
teutat3s 94c7b6d7db
fix: postgresql service should always wait for ZFS mount 2023-10-29 20:53:16 +01:00
Benjamin Bädorf f013c6e3f8
feat: make docker run on zfs, add unlocking docs 2023-10-29 19:39:48 +00:00
Benjamin Bädorf a10d77dcf6
fix: increase php strings cache size for nextcloud
https://github.com/nextcloud/server/issues/31223
2023-10-29 19:39:48 +00:00
Benjamin Bädorf 13d46c22c5
fix: nextcloud connections to other applications 2023-10-29 19:39:48 +00:00
Benjamin Bädorf 2c2d77456e
chore: update nextcloud to v27 2023-10-29 19:39:48 +00:00
Benjamin Bädorf 7b4b79f5d4
fix: add host header to collabora nginx proxy_pass 2023-10-29 19:39:48 +00:00
Benjamin Bädorf 8ad19f72fc
fix: small nextcloud fixes
* Add admin pass
* Increase max post size
* Fix secret owner
2023-10-29 19:39:48 +00:00
teutat3s 4897317f4f
feat: add more nginx recommended settings 2023-10-29 15:40:35 +00:00
teutat3s f48782e987
feat: owncast initial commit
https://owncast.online/
2023-10-29 15:40:35 +00:00
Benjamin Bädorf 4d50282ab3
Merge branch 'feat/nextcloud' of git.pub.solar:pub-solar/infra-new into feat/nextcloud 2023-10-29 13:52:50 +01:00
Benjamin Bädorf 42879bde05
fix: don't set maintenance mode in nix config 2023-10-29 13:52:11 +01:00
Benjamin Bädorf 569ff3ee03
fix: fix php package name 2023-10-29 12:49:36 +00:00
Benjamin Bädorf d2c6756371
chore: use php8.2 for nextcloud 2023-10-29 12:49:36 +00:00
Benjamin Bädorf a14af74d82
fix: don't global bind collabora 2023-10-29 12:49:36 +00:00
Benjamin Bädorf f33a7c48e7
feat: add collabora 2023-10-29 12:49:36 +00:00
Hendrik Sokolowski 1577462c94
add virtualhost for nextcloud 2023-10-29 12:49:36 +00:00
Benjamin Bädorf c187b59bd7
feat: add nextcloud secrets 2023-10-29 12:49:36 +00:00
Benjamin Bädorf 422b1ba33e
feat: add complete nextcloud config without secrets 2023-10-29 12:49:36 +00:00
Benjamin Bädorf 41c5f1797c
feat: nextcloud initial commit 2023-10-29 12:49:36 +00:00
Benjamin Bädorf c6453f2631
feat: add complete nextcloud config without secrets 2023-10-29 12:49:36 +00:00
Benjamin Bädorf 8a2889fd46
feat: nextcloud initial commit 2023-10-29 12:49:36 +00:00
Benjamin Bädorf b42917de78
fix: fix php package name 2023-10-29 13:46:52 +01:00
Benjamin Bädorf ac817a7ca2
chore: use php8.2 for nextcloud 2023-10-29 13:46:06 +01:00
Benjamin Bädorf 25f4c8d296
fix: don't global bind collabora 2023-10-29 13:43:41 +01:00
Benjamin Bädorf 3cb548d77a
feat: add collabora 2023-10-29 13:42:50 +01:00
Hendrik Sokolowski ea7996ce0a
add virtualhost for nextcloud 2023-10-29 13:42:23 +01:00