Commit graph

1527 commits

Author SHA1 Message Date
teutat3s 80c1a7927a
flora-6: configure more agressive garbage
collection

Reason: it has already happened a few times, that flora-6 ran out of
disk space. With this fix, hopefully the garbage collection should
kick in earlier and prevent this from happening
2023-03-05 18:38:42 +01:00
teutat3s 9fdfc83cc7
Merge pull request 'gitea: re-enable GPG signing' (#176) from fix/gitea-gitconfig into infra
Reviewed-on: pub-solar/os#176
2023-03-05 16:56:52 +01:00
teutat3s f0caf9b5a1
gitea: re-enable serverside GPG signing 2023-03-05 16:55:14 +01:00
teutat3s cc57376e7f Merge pull request 'infra: pull in gitea GPG fix from nixos-unstable' (#175) from bump/infra-flake-lock into infra
Reviewed-on: pub-solar/os#175
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-03-05 15:30:07 +01:00
teutat3s df79b8a3c9
caddy: fix formatting 2023-03-05 15:22:57 +01:00
teutat3s d1175e82b4
Add Tailscale custom OIDC webfinger
See: https://tailscale.com/kb/1240/sso-custom-oidc/#webfinger-setup
2023-03-05 15:13:25 +01:00
teutat3s eaea884351
Bump flake.lock 2023-03-05 15:13:21 +01:00
hensoko 0b03bbe76b Merge pull request 'Add link for satzung in caddy' (#172) from feature/add-caddy-satzung-link into infra
Reviewed-on: pub-solar/os#172
Reviewed-by: teutat3s <teutates@mailbox.org>
2023-03-02 14:10:33 +01:00
Hendrik Sokolowski 354fd593bb
make link for satzung temporary 2023-03-01 22:16:49 +01:00
Hendrik Sokolowski 831c44fceb Add link for satzung in caddy 2023-02-27 23:12:05 +01:00
b12f 359a82a28e Merge pull request 'Mailman nixos module' (#167) from feature/mailman-nixos-module into infra
Reviewed-on: pub-solar/os#167
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-02-26 14:44:30 +01:00
teutat3s 20b70c2481
ci: fix drone.yml signature 2023-02-26 00:24:02 +01:00
teutat3s 648a50c47e
Merge branch 'main' into feature/mailman-nixos-module 2023-02-25 18:37:06 +01:00
teutat3s 078441af96
Bump flake.lock 2023-02-25 18:23:39 +01:00
teutat3s a1cb071773
mailman: trigger postfix reload when caddy renews
TLS Let's Encrypt certificates
2023-02-25 18:21:53 +01:00
teutat3s 94cc00572e
drone: ensure docker starts before trying to
create docker network drone-net with systemd dependencies
2023-02-25 17:58:48 +01:00
teutat3s 1199820574
postfix: use caddy's certs for STARTTLS on port 25 2023-02-25 16:28:10 +01:00
teutat3s 5e5fb64dde
flora-6: postfix should use list.pub.solar as
hostname

- Send postmaster and root mails to admins@pub.solar
- Add TODO comment about django-keycloak
2023-02-25 15:55:44 +01:00
teutat3s 008e14482f
flora-6: clean up unneeded postfix config file 2023-02-25 15:55:44 +01:00
teutat3s bea032ad99
flora-6: init mailman with NixOS module
Docker containers were too complicated to setup
2023-02-25 15:55:44 +01:00
teutat3s 8f948f70c7
mailman wip 2023-02-25 15:55:43 +01:00
b12f 820e322313 Merge pull request 'drone: use official drone-scp image again' (#165) from fix/use-official-drone-scp-image into main
Reviewed-on: pub-solar/os#165
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-02-24 21:38:55 +01:00
b12f 837a2e1685 Merge pull request 'nvim: fix file preview for names containing spaces' (#168) from fix/neovim-preview-filenames-with-spaces into main
Reviewed-on: pub-solar/os#168
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-02-24 21:38:29 +01:00
b12f b1d2bfef98 Merge pull request 'Update flake inputs in infra branch' (#169) from update/flora-6-flake-inputs into infra
Reviewed-on: pub-solar/os#169
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-02-24 21:38:11 +01:00
teutat3s 6582d3142d
Bump flake.lock 2023-02-24 21:01:50 +01:00
teutat3s c8435976eb
nvim: fix file preview for names containing spaces 2023-02-24 18:11:09 +01:00
teutat3s 4ef40b5971
drone: use official drone-scp image again
Our PR got accepted and the flag we needed is available now:
https://github.com/appleboy/drone-scp/pull/102
2023-02-02 17:39:14 +01:00
b12f 1772e20e2e Merge pull request 'mailman: fix directory permissions' (#164) from fix/infra-mailman-dir-permissions into infra
Reviewed-on: pub-solar/os#164
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-02-01 13:42:56 +01:00
teutat3s 93b5eab0ea
mailman: fix directory permissions 2023-02-01 13:38:10 +01:00
teutat3s f05a1191b9 Merge pull request 'flora-6: move docker data-root to /data' (#163) from fix/infra-move-docker-root into infra
Reviewed-on: pub-solar/os#163
2023-02-01 13:30:00 +01:00
teutat3s c1dcea11fa
flora-6: move docker data-root to /data 2023-02-01 13:28:49 +01:00
teutat3s 34c59a3010 Merge pull request 'feature/mailman' (#160) from feature/mailman into infra
Reviewed-on: pub-solar/os#160
Reviewed-by: teutat3s <teutates@mailbox.org>
2023-02-01 13:23:03 +01:00
teutat3s 3c422fee62
mailmain: fix postfix main.cf path 2023-02-01 13:17:04 +01:00
teutat3s b6ebd71c61
keycloak: use version 20.0.3 from nixos-22.11
It's the same version as on nixos-unstable
2023-02-01 13:15:30 +01:00
teutat3s 8fb6ba33b2
ci: check build of flora-6 in infra branch 2023-02-01 12:27:05 +01:00
teutat3s f00a009115
Merge branch 'main' into feature/mailman 2023-02-01 12:26:18 +01:00
b12f df569f3215 Merge pull request 'Really fix nvfetcher always rebuilding, fix agenix overlay, bump flake.lock' (#162) from fix/nvfetcher-agenix-bump-flake into main
Reviewed-on: pub-solar/os#162
Reviewed-by: b12f <hello@benjaminbaedorf.eu>
2023-02-01 12:13:47 +01:00
teutat3s 2ed21e3b94
flake: make digga, deploy, agenix follow existing
inputs

This should reduce merge conflicts in the flake.lock file by reducing
the number of locked inputs
2023-02-01 11:29:34 +01:00
teutat3s edc7335d48
Use nix version from 22.11, prevent nvfetcher from
rebuilding so much: it has nix as a dependency and won't find its hash
in the binary cache if we override our nix version with the one from
nixos-unstable. 22.11 has 2.11.1 which should be recent enough for us.
2023-02-01 11:21:46 +01:00
teutat3s 8ef0827565
Bump flake.lock, fix agenix overlay
agenix now uses overlays.default to export its overlay
See: 64b0574514
2023-02-01 11:20:35 +01:00
teutat3s 9f0dcb8ed8
Use nix version from 22.11, prevent nvfetcher from
rebuilding so much: it has nix as a dependency and won't find its hash
in the binary cache if we override our nix version with the one from
nixos-unstable. 22.11 has 2.11.1 which should be recent enough for us.
2023-02-01 11:15:58 +01:00
teutat3s f49bc2b4b2
Bump flake.lock, fix agenix overlay
agenix now uses overlays.default to export its overlay
2023-02-01 11:14:50 +01:00
teutat3s 2a756869e3
Merge branch 'main' into feature/mailman 2023-02-01 10:10:28 +01:00
Benjamin Bädorf a8279af631
Merge branch 'feature/mailman' of git.pub.solar:pub-solar/os into feature/mailman 2023-01-31 22:44:12 +01:00
Benjamin Bädorf 61afca41e5
Add postfix to flora-6 2023-01-31 22:43:59 +01:00
teutat3s db7f5c5254
secrets: rekey for b12f-bbcom 2023-01-31 21:35:29 +01:00
Benjamin Bädorf 5ade1c028f
Build works 2023-01-31 21:32:16 +01:00
Benjamin Bädorf 8f0cde4c3d
Remove broken semicolon 2023-01-31 21:30:43 +01:00
Benjamin Bädorf 6c736b8684
Remove broken semicolon 2023-01-31 21:29:02 +01:00
Benjamin Bädorf 26318bcafc
feat/mailman: Add flora-6 config for mailman 2023-01-31 21:25:45 +01:00