teutat3s
|
d990db5bf0
|
wip: allow traffic from br-+ interfaces
Flake checks / Check (pull_request) Successful in 4m4s
|
2023-12-13 02:00:51 +01:00 |
|
teutat3s
|
d492147220
|
wip: revert try to declare trusted actions runner network
|
2023-12-13 02:00:51 +01:00 |
|
teutat3s
|
dc9cd2e4f4
|
fix(flora-6): add br-* docker interfaces to firewall's
trusted interfaces
|
2023-12-13 02:00:51 +01:00 |
|
teutat3s
|
d46900d481
|
wip: try to declare trusted actions runner network
|
2023-12-13 02:00:51 +01:00 |
|
teutat3s
|
595a9e2857
|
fix(flora-6): add docker0 to firewall trusted interfaces
|
2023-12-13 02:00:51 +01:00 |
|
teutat3s
|
01ef6990da
|
fix: don't ignore interfaces that can change
|
2023-12-13 02:00:51 +01:00 |
|
teutat3s
|
a349573b2d
|
fix: add 4 logs retention for loki
|
2023-12-13 02:00:51 +01:00 |
|
teutat3s
|
66c0d7620a
|
feat(prometheus): add job to scrape nachtigall.pub.solar
|
2023-12-13 02:00:51 +01:00 |
|
teutat3s
|
85393913e4
|
feat(prometheus): add node-exporter to nachtigall,
protect endpoint https://nachtigall.pub.solar/metrics
with TLS and basic auth
|
2023-12-13 02:00:51 +01:00 |
|
teutat3s
|
52d4223e55
|
feat: init loki
|
2023-12-13 02:00:50 +01:00 |
|
teutat3s
|
54b48e1bdc
|
feat(grafana): provision node-exporter dashboard
|
2023-12-13 02:00:50 +01:00 |
|
teutat3s
|
8f089613be
|
fix: systemd-networkd-wait-online timing out
|
2023-12-13 02:00:50 +01:00 |
|
teutat3s
|
153d424380
|
fix: DNS record for grafana.pub.solar
|
2023-12-13 02:00:50 +01:00 |
|
teutat3s
|
084cc2027a
|
fix: grafana root_url needs https://, role mapping
|
2023-12-13 02:00:50 +01:00 |
|
teutat3s
|
76568f7f42
|
fix: remove DNS ttl until we need it again
|
2023-12-13 02:00:50 +01:00 |
|
teutat3s
|
e15cf221e3
|
feat(flora-6): init grafana + prometheus on
grafana.pub.solar
|
2023-12-13 02:00:50 +01:00 |
|
teutat3s
|
efe31cadd9
|
Merge pull request 'ci: cache nix-store using nix-community/cache-nix-action' (#65) from ci/enable-cache into main
Reviewed-on: #65
Reviewed-by: b12f <b12f@noreply.git.pub.solar>
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
|
2023-12-13 00:59:09 +00:00 |
|
teutat3s
|
ebc7abf685
|
ci: dependencies now included in actions-base-image
Flake checks / Check (pull_request) Successful in 3m24s
https://git.pub.solar/pub-solar/actions-base-image
|
2023-12-13 01:52:01 +01:00 |
|
teutat3s
|
e4c4644a8e
|
ci: cache using nix-community/cache-nix-action
Flake checks / Check (pull_request) Successful in 3m30s
https://github.com/nix-community/cache-nix-action
|
2023-12-13 01:42:15 +01:00 |
|
teutat3s
|
a3ce107c73
|
Merge pull request 'feat: backup matrix-synapse, matrix-appservice-irc, mautrix-telegram to storagebox' (#76) from feat/matrix-backups into main
Reviewed-on: #76
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
|
2023-12-08 15:36:10 +00:00 |
|
teutat3s
|
ac582d3f6f
|
Merge pull request 'docs: add how to manage DNS records with terraform' (#79) from docs-terraform-dns into main
Reviewed-on: #79
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
|
2023-12-08 15:35:55 +00:00 |
|
teutat3s
|
75e4179f42
|
Merge pull request 'fix: new Greenbaum mail hostname is mail.greenbaum.zone' (#78) from fix/mail-server into main
Reviewed-on: #78
|
2023-12-06 18:19:18 +00:00 |
|
teutat3s
|
21e620a12c
|
docs: add how to manage DNS records with terraform
Flake checks / Check (pull_request) Successful in 20m8s
|
2023-12-06 18:41:23 +01:00 |
|
teutat3s
|
caaab0e14d
|
fix: new Greenbaum mail server is mail.greenbaum.zone
Flake checks / Check (pull_request) Successful in 19m16s
|
2023-12-05 20:57:26 +01:00 |
|
teutat3s
|
5c664a0401
|
Merge pull request 'NixOS 23.11 fixes' (#75) from fix/nixos-23.11-fixes into main
Reviewed-on: #75
|
2023-12-03 13:20:51 +00:00 |
|
teutat3s
|
3ac327a750
|
feat: backup matrix-synapse, matrix-appservice-irc,
Flake checks / Check (pull_request) Successful in 17m55s
mautrix-telegram to storagebox
|
2023-12-03 13:11:25 +01:00 |
|
teutat3s
|
790848ef69
|
fix: update keycloak pub.solar theme
Flake checks / Check (pull_request) Successful in 19m14s
1ee87a1884
|
2023-12-03 12:14:47 +01:00 |
|
Akshay Mankar
|
75270321d5
|
fix: Allow matrix-appservice-irc to chown things
Flake checks / Check (pull_request) Successful in 16m20s
@chown is part of @privileged. It is used by sed which is used to manage the
registration.yaml
|
2023-12-02 17:22:28 +01:00 |
|
teutat3s
|
becaa9d649
|
fix: revert mautrix-telegram changes
Flake checks / Check (pull_request) Successful in 16m9s
|
2023-12-02 16:09:15 +01:00 |
|
teutat3s
|
37528c0874
|
fix: mautrix-telegram ExecStart missing \
Flake checks / Check (pull_request) Successful in 16m3s
|
2023-12-02 15:44:40 +01:00 |
|
teutat3s
|
1cfe140e77
|
fix: mkForce mautrix-telegram ExecStart
Flake checks / Check (pull_request) Has been cancelled
|
2023-12-02 15:43:52 +01:00 |
|
teutat3s
|
038d80a801
|
feat: DNS updates
Flake checks / Check (pull_request) Failing after 2m13s
Fix turn domain used by coturn
|
2023-12-02 15:36:03 +01:00 |
|
teutat3s
|
f911ac7bad
|
fix(matrix-synapse): needs to defince oidc extras
after NixOS module updates
https://nixos.org/manual/nixos/stable/release-notes#sec-release-23.11-highlights
|
2023-12-02 15:35:02 +01:00 |
|
teutat3s
|
904a73b51d
|
fix(mautrix-telegram): should not try to update config
See: https://github.com/mautrix/python/pull/152
|
2023-12-02 15:33:58 +01:00 |
|
teutat3s
|
35a4ac5619
|
Merge pull request 'feat: NixOS 23.11 Tapir' (#74) from feat/nixos-23.11 into main
Reviewed-on: #74
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
|
2023-12-02 12:53:18 +00:00 |
|
teutat3s
|
3e7af270c1
|
Merge pull request 'nextcloud: add skeleton directory that adds a good readme for new users' (#73) from feat/nextcloud-improved-skeleton into main
Reviewed-on: #73
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
|
2023-12-02 12:53:08 +00:00 |
|
teutat3s
|
7cf6f51516
|
fix: nextcloud interned strings buffer defaults to 23 now
Flake checks / Check (pull_request) Successful in 22m24s
|
2023-12-02 11:58:48 +01:00 |
|
teutat3s
|
2ee4bc5682
|
feat: NixOS 23.11 Tapir
https://nixos.org/manual/nixos/stable/release-notes#sec-release-23.11-highlights
Track nixos-23.11 branch, remove unstable overlays
This will update our services to the following versions:
nextcloud: 27.1.3 -> 27.1.4
forgejo: 1.20.5-0 -> 1.20.6-0
keycloak: 21.1.2 -> 22.0.5
matrix-synapse: 1.95.1 -> 1.97.0
Internal:
postgresql: 14.9 -> 15.5
Flake inputs diff:
• Updated input 'home-manager':
'github:nix-community/home-manager/28535c3a34d79071f2ccb68671971ce0c0984d7e' (2023-11-19)
→ 'github:nix-community/home-manager/aeb2232d7a32530d3448318790534d196bf9427a' (2023-11-24)
• Updated input 'nixpkgs':
'github:nixos/nixpkgs/d2332963662edffacfddfad59ff4f709dde80ffe' (2023-11-30)
→ 'github:nixos/nixpkgs/5de0b32be6e85dc1a9404c75131316e4ffbc634c' (2023-12-01)
|
2023-12-02 11:13:56 +01:00 |
|
Benjamin Bädorf
|
1d3934693b
|
nextcloud: add skeleton directory that adds a good readme for new users
Flake checks / Check (pull_request) Successful in 16m18s
Co-authored-by: teutat3s <teutates@mailbox.org>
|
2023-12-02 11:11:16 +01:00 |
|
teutat3s
|
4d7e1c3c94
|
chore: bump flake inputs
• Updated input 'agenix':
'github:ryantm/agenix/daf42cb35b2dc614d1551e37f96406e4c4a2d3e4' (2023-10-08)
→ 'github:ryantm/agenix/13ac9ac6d68b9a0896e3d43a082947233189e247' (2023-11-29)
• Updated input 'flake-parts':
'github:hercules-ci/flake-parts/8c9fa2545007b49a5db5f650ae91f227672c3877' (2023-11-01)
→ 'github:hercules-ci/flake-parts/34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5' (2023-12-01)
• Updated input 'flake-parts/nixpkgs-lib':
'github:NixOS/nixpkgs/0cbe9f69c234a7700596e943bfae7ef27a31b735?dir=lib' (2023-10-29)
→ 'github:NixOS/nixpkgs/e92039b55bcd58469325ded85d4f58dd5a4eaf58?dir=lib' (2023-11-29)
• Updated input 'home-manager':
'github:nix-community/home-manager/04bac349d585c9df38d78e0285b780a140dc74a4' (2023-11-12)
→ 'github:nix-community/home-manager/28535c3a34d79071f2ccb68671971ce0c0984d7e' (2023-11-19)
• Updated input 'nix-darwin':
'github:lnl7/nix-darwin/e67f2bf515343da378c3f82f098df8ca01bccc5f' (2023-11-13)
→ 'github:lnl7/nix-darwin/4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d' (2023-11-24)
• Updated input 'nixos-flake':
'github:srid/nixos-flake/40010feda1ac1afdcc2571ef550ef3de44926b0e' (2023-11-12)
→ 'github:srid/nixos-flake/7c9168884128ed4634751b3e2f5553b09d7b8cb0' (2023-11-28)
• Updated input 'nixpkgs':
'github:nixos/nixpkgs/9fb122519e9cd465d532f736a98c1e1eb541ef6f' (2023-11-16)
→ 'github:nixos/nixpkgs/d2332963662edffacfddfad59ff4f709dde80ffe' (2023-11-30)
• Updated input 'unstable':
'github:nixos/nixpkgs/c757e9bd77b16ca2e03c89bf8bc9ecb28e0c06ad' (2023-11-17)
→ 'github:nixos/nixpkgs/e92039b55bcd58469325ded85d4f58dd5a4eaf58' (2023-11-29)
|
2023-12-02 10:58:38 +01:00 |
|
teutat3s
|
46861d61a2
|
Merge pull request 'docs: update link to git repo' (#67) from docs/update-link into main
Reviewed-on: #67
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
|
2023-12-01 18:03:55 +00:00 |
|
teutat3s
|
ad2eb1fa16
|
Merge pull request 'Production config for matrix' (#72) from feat/matrix-prod into main
Reviewed-on: #72
Reviewed-by: teutat3s <teutat3s@noreply.git.pub.solar>
|
2023-11-28 12:58:54 +00:00 |
|
Akshay Mankar
|
2cbc46c154
|
matrix: Move the whole email section into the secret
Flake checks / Check (pull_request) Successful in 15m27s
Matrix doesn't deep merge the secrets, so this is necessary
|
2023-11-25 23:37:58 +01:00 |
|
teutat3s
|
9f633582d1
|
feat: add well-known for matrix support contacts
Flake checks / Check (pull_request) Successful in 16m52s
|
2023-11-25 14:28:23 +01:00 |
|
Akshay Mankar
|
ccbfb211fd
|
matrix: Point DNS to nachtigall
Flake checks / Check (pull_request) Successful in 15m47s
|
2023-11-19 18:21:45 +01:00 |
|
Akshay Mankar
|
8a2d946206
|
matrix: Use production domains
Flake checks / Check (pull_request) Successful in 18m59s
|
2023-11-19 18:17:58 +01:00 |
|
Akshay Mankar
|
35afcd9682
|
matrix: Make public rooms discoverable over federation
|
2023-11-19 18:12:08 +01:00 |
|
Akshay Mankar
|
fe284a20d9
|
matrix: Fix typo
|
2023-11-19 18:12:08 +01:00 |
|
Akshay Mankar
|
f0c3178b4d
|
matrix: Use greenbaum cloud for sending emails
|
2023-11-19 18:12:07 +01:00 |
|
Akshay Mankar
|
7fcefe4b85
|
matrix: Use chat.pub.solar as invite_client_location
|
2023-11-19 18:12:07 +01:00 |
|