forked from pub-solar/infra
teutat3s
d5922ff2b8
systemd https://github.com/systemd/systemd/issues/10579 Without this change, there are random SERVFAIL responses with Greenbaum DNS when using allow-downgrade. Fixes DNS queries for lev-1.int.greenbaum.zone ❯ dig obs-portal.svc.e5756d08-36fd-424b-f8bc-acdb92ca7b82.lev-1.int.greenbaum.zone ; <<>> DiG 9.18.19 <<>> obs-portal.svc.e5756d08-36fd-424b-f8bc-acdb92ca7b82.lev-1.int.greenbaum.zone ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1871 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;obs-portal.svc.e5756d08-36fd-424b-f8bc-acdb92ca7b82.lev-1.int.greenbaum.zone. IN A ;; ANSWER SECTION: obs-portal.svc.e5756d08-36fd-424b-f8bc-acdb92ca7b82.lev-1.int.greenbaum.zone. 22 IN A 192.168.128.82 ;; Query time: 105 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP) ;; WHEN: Thu Nov 09 10:38:02 UTC 2023 ;; MSG SIZE rcvd: 121 |
||
|---|---|---|
| .forgejo/workflows | ||
| docs | ||
| hosts | ||
| lib | ||
| modules | ||
| overlays | ||
| public-keys | ||
| secrets | ||
| terraform | ||
| .envrc | ||
| .gitignore | ||
| flake.lock | ||
| flake.nix | ||
| README.md | ||
The pub.solar infrastructure
This repository contains all almost all of the configuration for the whole pub.solar infrastructure. Our goal is to have everything, from host configurations to Terraform DNS in this repository.
The architecture we are working towards is a vast simplification of what it was before: one dedicated Hetzner server running NixOS with all services. Offsite backups go to several different locations with restic.
Contributing
If you'd like to contribute, it makes sense to talk to the crew on Matrix via #hakken. We can help figuring out how things work and can make sure your ideas fit the pub.solar philosophy. Of course popping a pull request is always celebrated.
To start, see how to get a development shell.