Commit graph

46 commits

Author SHA1 Message Date
teutat3s 9d9bcf9a15
mas: move to module, add secrets for prod 2024-10-30 18:37:46 +01:00
teutat3s 987c0919ca
style: fix formatting
All checks were successful
Flake checks / Check (pull_request) Successful in 27m37s
2024-10-17 20:31:47 +02:00
teutat3s c39cf9c0b9
mastodon: update to version 4.3.0 from nixos-unstable
https://github.com/mastodon/mastodon/releases/tag/v4.3.0
https://github.com/NixOS/nixpkgs/pull/337545/files
2024-10-17 20:31:47 +02:00
teutat3s 2ca0bd7c3e
style: run treefmt
All checks were successful
Flake checks / Check (pull_request) Successful in 2m36s
2024-05-08 22:57:07 +02:00
Benjamin Yule Bädorf ef94681e11
refactor: Move all apps into modules
All checks were successful
Flake checks / Check (pull_request) Successful in 6m5s
2024-04-28 18:07:28 +02:00
Benjamin Yule Bädorf d280b29394
obs-portal: init obs-portal on nachtigall
This follows the official installation instructions at https://github.com/openbikesensor/portal/blob/main/docs/production-deployment.md

Unfortunately, the postgres database needs to have postgis enabled, so
we'll have to start a second instance. To stay close to the official
deployment instructions, this is running in docker.

The secrets were taken from the old installation instance. During
initial installation, we'll need to import data from the old instance
into this one, which might take a while.
2024-04-27 22:45:07 +02:00
Benjamin Yule Bädorf e618b9f9c2
forgejo: use iptables routing instead of ssh patch
All checks were successful
Flake checks / Check (pull_request) Successful in 8m18s
2024-04-05 17:00:28 +02:00
Benjamin Yule Bädorf d7c9333ff4
forgejo: allow multiple host addresses for SSH
All checks were successful
Flake checks / Check (pull_request) Successful in 9m1s
2024-04-05 14:26:56 +00:00
Benjamin Yule Bädorf 621e9336ed
wireguard: add basic keys 2024-04-05 11:09:31 +00:00
Benjamin Yule Bädorf 0e89b7f210
nginx/miom: init miom.space website
This adds an nginx configuration for https://miom.space/. MiOM is a
creative collective in Cologne that frequently hosts our hakken.irl
hackathons. They're already using our cloud to organize.

This service is a bit more specific than most pub.solar services and falls
into a similar category as the obs-portal.

On the old miom website all logging was turned off, we might want to do
the same thing in nginx here as well then.
2024-02-25 21:41:06 +00:00
teutat3s d67190d175
feat: init tmate-ssh-server
https://tmate.io
2024-02-07 19:01:36 +01:00
teutat3s 815033c764
treewide: apply nixpkgs-fmt
Used command:
nixpkgs-fmt .
2024-01-27 20:29:30 +01:00
teutat3s e3d4f61a42
feat(nachtigall): send logs to loki, https+basic auth
All checks were successful
Flake checks / Check (pull_request) Successful in 4m5s
Use caddy as reverse proxy for loki on flora-6, add basic auth

Add promtail to nachtigall, push logs to flora-6
2023-12-13 19:18:56 +01:00
teutat3s d5b59ea18a
feat(prometheus): add node-exporter to nachtigall,
protect endpoint https://nachtigall.pub.solar/metrics
with TLS and basic auth
2023-12-13 02:12:11 +01:00
teutat3s 2ee4bc5682
feat: NixOS 23.11 Tapir
https://nixos.org/manual/nixos/stable/release-notes#sec-release-23.11-highlights

Track nixos-23.11 branch, remove unstable overlays

This will update our services to the following versions:
nextcloud: 27.1.3 -> 27.1.4
forgejo: 1.20.5-0 -> 1.20.6-0
keycloak: 21.1.2 -> 22.0.5
matrix-synapse: 1.95.1 -> 1.97.0

Internal:
postgresql: 14.9 -> 15.5

Flake inputs diff:
• Updated input 'home-manager':
    'github:nix-community/home-manager/28535c3a34d79071f2ccb68671971ce0c0984d7e' (2023-11-19)
  → 'github:nix-community/home-manager/aeb2232d7a32530d3448318790534d196bf9427a' (2023-11-24)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/d2332963662edffacfddfad59ff4f709dde80ffe' (2023-11-30)
  → 'github:nixos/nixpkgs/5de0b32be6e85dc1a9404c75131316e4ffbc634c' (2023-12-01)
2023-12-02 11:13:56 +01:00
Akshay Mankar 8a2f83c96a
nachtigall: Deploy coturn and configure matrix to use it
All checks were successful
Flake checks / Check (pull_request) Successful in 19m20s
2023-11-19 18:08:15 +01:00
Akshay Mankar e12b3d5c40
matrix: Import config for IRC
All checks were successful
Flake checks / Check (pull_request) Successful in 18m13s
2023-11-19 14:53:14 +01:00
teutat3s 7037abb8f3
fix: forgejo needs module from nixos-unstable
All checks were successful
Flake checks / Check (pull_request) Successful in 17m50s
for SSH access
2023-11-19 02:23:34 +01:00
teutat3s 37176a52ce
feat: mastodon module updates from nixos-unstable
All checks were successful
Flake checks / Check (pull_request) Successful in 18m34s
Pull in changes from https://github.com/NixOS/nixpkgs/pull/251950 early
2023-11-18 18:46:23 +01:00
b12f f5185e5c15
feat: add mediawiki
Some checks reported warnings
Flake checks / Check (pull_request) Has been cancelled
Co-authored-by: @teutat3s <teutates@mailbox.org>
2023-11-15 21:40:29 +01:00
Benjamin Bädorf 42fbde31e5
feat: droppie backups for all nachtigall services 2023-11-06 21:07:24 +00:00
Benjamin Bädorf e8ad662631
refactor: change file structure to use modules dir
This commit changes the file structure around, so that we have the
following parts:

`/modules` contains reusable logic blocks for hosts.
`/hosts` contains host configurations.
`/lib` contains nix library functions.
`/overlays` contains overlay files.
`/public-keys` contains all information regarding public keys.

This change reduces the complexity of flake.nix, instead delegating this
out to the `default.nix` files in the above directories.
2023-11-06 13:11:30 +01:00
teutat3s a7b3490c15
Merge pull request 'fix: owncast websockets, forgejo max body size in nginx' (#38) from fix-owncast into main
Reviewed-on: #38
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-10-29 22:12:21 +00:00
teutat3s e28cedb274
fix: owncast missing import, enable websockets 2023-10-29 22:10:29 +01:00
Benjamin Bädorf fe6edd54b1
feat: searx 2023-10-29 20:57:26 +01:00
Benjamin Bädorf f33a7c48e7
feat: add collabora 2023-10-29 12:49:36 +00:00
Benjamin Bädorf 8a2889fd46
feat: nextcloud initial commit 2023-10-29 12:49:36 +00:00
Akshay Mankar eaf99a2d78
nachtigall: Add nginx config for serving matrix-synapse 2023-10-29 13:39:20 +01:00
teutat3s f168a5393f
Merge pull request 'nachtigall: Configure matrix-synapse with telegram integration' (#7) from feat/matrix into main
Reviewed-on: pub-solar/infra-new#7
Reviewed-by: teutat3s <teutates@mailbox.org>
2023-10-29 00:56:00 +00:00
teutat3s 688f9279d1
feat: move matrix related files into subdir 2023-10-29 02:55:35 +02:00
Benjamin Bädorf b8431f595e
nachtigall: Configure matrix-synapse with telegram integration 2023-10-29 01:37:44 +02:00
teutat3s 2916ca4cd3
feat: mailman initial commit 2023-10-29 00:31:09 +02:00
Benjamin Bädorf cda39f5e2a
feat: add forgejo 2023-10-28 23:36:04 +02:00
teutat3s 620c1715b4
fix: import keycloak module 2023-10-28 23:33:07 +02:00
teutat3s 1983edcc5b
fix: add nginx virtualHost for mastodon
We use pub.solar as our LOCAL_DOMAIN and mastodon.pub.solar as our
WEB_DOMAIN. The NixOS module does not support this special use case.
See: https://github.com/NixOS/nixpkgs/issues/202399
2023-10-28 18:56:22 +02:00
Hendrik Sokolowski 1d68ed73c3
add nginx virtual host for files.pub.solar 2023-10-28 18:24:13 +02:00
teutat3s c162d46094
fix: address review comments 2023-10-28 18:18:06 +02:00
hensoko 0f527e3f41
Merge pull request 'feature/pub-solar-website' (#20) from feature/pub-solar-website into main
Reviewed-on: pub-solar/infra-new#20
2023-10-28 16:56:49 +02:00
Hendrik Sokolowski 6630dd8ce6 Add nginx configuration for pub.solar website 2023-10-28 16:26:02 +02:00
Hendrik Sokolowski 710b81c94c use nginx 2023-10-28 15:34:31 +02:00
Benjamin Bädorf 8aee160fd1
fix: import networking and nix modules 2023-10-28 14:00:32 +02:00
Benjamin Bädorf b921201645
feat: caddy 2023-10-28 14:00:32 +02:00
Akshay Mankar d8e0bbb43b
hosts/nachtigall: Move config to configuration.nix 2023-10-28 11:28:41 +02:00
Akshay Mankar d935c946b5
nachtigall: Disable debug info 2023-10-28 00:58:13 +02:00
Akshay Mankar de553e6c7b
nachtigall: Better DNS servers 2023-10-28 00:58:13 +02:00
Akshay Mankar 5554b5191e
Add NixOS config for nachtigall 2023-10-28 00:58:13 +02:00