1
0
Commit Graph

407 Commits

Author SHA1 Message Date
01a5bcce57 add custom nixos install iso 2023-02-26 18:55:21 +01:00
c22975bdcd hosts/dn42-ildix-clerie: make publicly reachable 2023-02-26 11:10:08 +01:00
deefb9c312 hosts/clerie-backup: replicate to hetzner storage 2023-02-25 23:24:41 +01:00
2fd7a4c5aa hosts/monitoring-3: add monitoring of mercury 2023-02-24 23:47:46 +01:00
0a2bb76f40 hosts/hydra-1: use nix-serve-ng 2023-02-24 23:11:21 +01:00
ae1f68ac36 hosts/storage-2: add device to syncthing 2023-02-20 10:10:48 +01:00
403a58d266 hosts/storage-2: make music availiable via syncthing 2023-02-18 10:58:43 +01:00
7d04db9809 hosts/web-2: add drop.clerie.de shortlink for sending files 2023-02-17 22:42:13 +01:00
5649fd8b91 hosts/storage-2: prevent youtube-dl downloading tracks again and again and again 2023-02-17 22:02:27 +01:00
4626b87dcb hosts/carbon: make kea retry a couple of time for attaching to interfaces 2023-02-17 20:48:15 +01:00
cc501fc898 hosts/hydra-1: apply workaround for broken nix-serve 2023-02-10 23:32:34 +01:00
39869f4c8b hosts/hydra-2: fix typo in ip address 2023-02-06 14:19:04 +01:00
9849e4868d hosts/monitoring-3: Use solid-xmpp-alarm 2023-02-06 13:38:16 +01:00
8d623692c7 hosts/mail-1: Move monitoring config for manually managed host to config directly 2023-02-06 12:51:20 +01:00
9ee8585716 Replace lib/hosts.nix with an injected special argument containing the nix flake 2023-02-06 12:20:59 +01:00
8748015acc hosts: remove explicit per host configuration/common import 2023-02-05 21:19:05 +01:00
38567829f1 hosts/monitoring-3: alert on out of sync host system 2023-02-04 01:15:07 +01:00
4fffc64c35 hosts/monitoring-3: validate nixos hash versions 2023-02-04 00:57:55 +01:00
6082fb0744 hosts/monitoring-3: split host config to multiple files 2023-02-03 22:28:50 +01:00
0a1311252b hosts/schule: remove mongodb due to license issues 2023-02-03 21:40:51 +01:00
44148007fc hosts/monitoring-3: update changed option names 2023-02-03 21:23:26 +01:00
230cd17208 hosts/carbon: block incoming connections 2023-02-03 01:02:13 +01:00
f05567cbce hosts/carbon: enable mss clamping 2023-02-03 00:41:40 +01:00
5bb88492c2 hosts/storage-2: optimize music scraper 2023-01-18 20:40:45 +01:00
5a387c3c23 hosts/monitoring-3: update dashboard 2023-01-08 15:23:19 +01:00
cfd746fddb Introduce service levels and change alert routing based on this 2023-01-05 23:16:50 +01:00
30e22dff8d hosts/monitoring-3: use primary fqdn for instance label in prometheus 2023-01-05 22:02:48 +01:00
1dfba9663a activate NixOS monitoring in prometheus 2023-01-02 21:43:43 +01:00
1b0b4e2d95 hosts/beryllium: disable firewall 2022-12-30 17:47:12 +01:00
1ba4c66697 hosts/aluminium: use policyrouting for IPv4 too 2022-12-30 17:46:11 +01:00
bba5d8c044 hosts/beryllium: use named routing table 2022-12-29 22:50:34 +01:00
b3ef4e6bde hosts/beryllium: add management tunnel 2022-12-29 17:02:22 +01:00
8e96523837 hosts/beryllium: add host 2022-12-29 16:46:51 +01:00
6d89551808 hosts/storage-2: add bahnansagen 2022-12-29 16:16:13 +01:00
33195da4d7 host/aluminium: assign static management ip 2022-12-28 01:25:12 +01:00
2cfc9f1387 hosts/aluminium: init host 2022-12-28 00:39:35 +01:00
2e9da82d94 hosts/schule: add host 2022-12-09 23:24:09 +01:00
a6b7467aa9 hosts/hydra-1: Propagate own nix-cache when diplaying nix-env commands 2022-12-07 20:19:58 +01:00
91e6a42ea3 hosts/porter: add scholl service proxy 2022-12-05 20:45:00 +01:00
607fdde5fd hosts/web-2: fix data type of meowing 2022-11-29 20:55:48 +01:00
686c587587 hosts/hydra-1: display help page for nix cache 2022-11-18 23:59:00 +01:00
8ddfcf6c17 hosts/hydra-1: add nix-cache.clerie.de 2022-11-13 16:38:18 +01:00
df4e162a9b hosts/web-2: add tap.clerie.de 2022-11-08 17:04:03 +01:00
273e729eba hosts/carbon: add blackbox exporter 2022-11-02 18:46:24 +01:00
be5b1c1baf hosts/monitoring-3: move to blackbox monitoring 2022-10-31 22:54:06 +01:00
eefd8af665 hosts/storage-2: add share service 2022-10-31 21:46:54 +01:00
02c05983e6 hosts/hydra-1: pin buildmachine user 2022-10-18 07:11:20 +02:00
6dc04a8581 replace fetchGit with pkgs.fetchgit 2022-10-17 23:03:09 +02:00
ecd2885037 hosts/hydra-1: make ssh key accessible to hydra and pin hydra-2 host key 2022-10-17 21:09:58 +02:00
a48547445a hosts/hydra-1: ping remote builder host key 2022-10-16 12:50:16 +02:00
63d0f4b42f hosts/hydra-2: remove ssh command, because it doesn't work 2022-10-15 17:58:59 +02:00
fa025a7a65 hosts/hydra-*: enable distributed builds 2022-10-15 16:04:40 +02:00
701f8bd41f hosts/hydra-2: add host 2022-10-15 13:09:48 +02:00
4027b812a2 hosts/hydra-1: allow hydra to utilize cache 2022-10-14 14:53:39 +02:00
3d48949629 hosts/hydra: add http to restricted mode allow urls 2022-10-02 22:12:19 +02:00
f67a810a2b hosts/hydra-1: add hydra service 2022-10-02 17:46:39 +02:00
efe47bacb1 hosts/hydra-1: add new host 2022-10-02 16:51:23 +02:00
e9414209f5 hosts/monitoring-3: alert for hosts that just booted 2022-10-02 11:59:37 +02:00
2f91b7cd75 modules/chisel: Create proper module and lock down service 2022-09-29 19:02:05 +02:00
1d8b007b95 hosts/carbon: Remove from overlay network 2022-09-29 18:15:10 +02:00
ce10724700 hosts/osmium: Set custom garbage collector interval 2022-09-29 17:44:05 +02:00
75f612a857 hosts/porter: Add snowflake 2022-09-29 17:36:16 +02:00
b016e76f09 hosts/porter: Put chisel behind nginx 2022-09-28 22:47:52 +02:00
d54c8a6853 gatekeeper: Remove host from overlay network 2022-09-28 20:07:14 +02:00
c456f09dbf nonat: Remove host from overlay network 2022-09-28 19:55:37 +02:00
9c4672182a porter: Remove node from overlay network 2022-09-28 19:31:22 +02:00
5a46d7662e gatekeeper: Remove unused firewall rule that blocks all IPv4 DNS traffic as a side effect 2022-09-27 12:04:27 +02:00
4a9db34696 Retire world-dev 2022-09-14 19:48:04 +02:00
abd589aa73 Alert for full backup storage 2022-09-14 19:38:10 +02:00
018b04b798 Update renamed gitea options 2022-09-11 20:07:19 +02:00
cdbe62e788 Alert for hosts that are up for too long 2022-09-11 17:01:24 +02:00
6d1e848564 Add VPN for evey 2022-08-26 21:44:37 +02:00
601b5fe8c1 Add ping.clerie.de website 2022-08-25 23:22:05 +02:00
fbc60e98b9 Update web-2 2022-08-25 23:21:41 +02:00
d1c7267119 storage-2: Add directory listing service with DAV file upload 2022-08-14 21:04:21 +02:00
3f3fb0fc19 Add redirect from www. to bula22.de 2022-08-14 12:25:13 +02:00
ebc6771a5c Move data to dedicated disk 2022-08-14 12:24:31 +02:00
56788025f4 Add webcam to bula22.de 2022-07-25 20:25:50 +02:00
cc8abd07b8 Add domain bula22.de to web-2 2022-07-25 19:34:00 +02:00
bd00b1f86d Add VPN tunnel 2022-07-25 19:32:55 +02:00
90df3c62aa Add automatiion script for creating backup disks 2022-07-02 00:00:22 +02:00
57223d02ac Add public IPv6 VPN for Bula 2022-07-01 23:09:27 +02:00
525e83b9fd Remove heimnetz IPv6 tunnel 2022-07-01 21:19:19 +02:00
fd1d9a2252 Fix external backup again 2022-06-12 21:51:19 +02:00
5b6cadecbe Update website clerie.de 2022-06-12 21:49:36 +02:00
fcb7057b9d Renumber public IPv6 address 2022-05-26 10:54:01 +02:00
3e35deb089 Use first link local IPv6 address as gateway 2022-05-26 10:41:27 +02:00
e5d1e11b31 Removed unavailiable source 2022-05-26 01:13:12 +02:00
01c0f82209 Display readable file sizes 2022-05-26 01:04:25 +02:00
bb07c9d88a Restructure unit generation and add more sources 2022-05-26 00:41:57 +02:00
031bd72e17 Provide GPG key using web key directory 2022-04-15 14:03:13 +02:00
5ba4163f95 Adding matrix server to monitoring 2022-04-14 21:12:44 +02:00
17f385aee1 Remove redundant default routes in RAs 2022-04-14 20:59:22 +02:00
c55be6f01a Migrate Heimnetz IPv6 network to native prefix 2022-04-03 13:54:18 +02:00
791c1a8d90 Move DHCP server for gastnetz to carbon too 2022-04-03 13:39:11 +02:00
f93c4a0d11 Enable IPv6 on guest net 2022-04-03 13:28:08 +02:00
82f22ef444 Add lutoma peering 2022-03-22 14:15:46 +01:00
588db80877 Add bird to monitoring 2022-03-22 12:16:28 +01:00
3ff361db44 Add nm check endpoint which simulates a captive portal 2022-03-07 12:30:35 +01:00
8708e02d35 Add more addresses to ping 2022-02-28 16:33:23 +01:00
2a462cb90a Add user that is allowed to edit wetter database 2022-02-28 15:36:40 +01:00
f8d69b1784 Add captive portal detection service 2022-02-26 16:14:07 +01:00
54df2256b9 Allow DNS over TCP 2022-02-12 15:25:56 +01:00
a5f2a58ff0 Enable Kea for Heimnetz 2022-02-12 15:22:57 +01:00
716dfce84d I don't care about industry standarts anymore 2022-02-08 21:03:40 +01:00
8f5a0bad31 Tune unbound cached records a bit to answer faster 2022-02-08 20:56:10 +01:00
2d5f6d6892 Remove rsync from required packages 2022-02-08 20:32:59 +01:00
db4db15086 Fix mount point name for unmount 2022-02-08 20:31:54 +01:00
8127ad8e02 Dirty migration of backup magic to external drive 2022-01-24 19:20:09 +01:00
fca4f238ec Add VoIP Network 2022-01-22 14:13:57 +01:00
2fa35d173e Start backup daily 2022-01-13 13:43:34 +01:00
ebd1aeb05a Introduce new stage 2 backup strategy 2022-01-11 21:31:25 +01:00
9f1d07c119 Assign static IPv6 to palladium 2022-01-11 19:48:43 +01:00
e40273f767 Optimize youtube-dl download options 2022-01-03 20:57:54 +01:00
e6876d95d1 Add mixcloud mirror 2022-01-02 21:55:09 +01:00
3d588080bc Add storage-2 2022-01-02 21:22:05 +01:00
3827c06fdf Add recursive dns server to router 2022-01-02 16:39:27 +01:00
c8884c45bf Do router advertisements right 2022-01-02 00:30:05 +01:00
b37d2bccf9 apply configuration hints to fix my pppoe 2021-12-24 13:15:54 +01:00
bf2aa2ec4f Hotfix: restart more often the broken stuff 2021-12-23 23:12:15 +01:00
c42932db0e Trying out smokeping exporter 2021-12-20 17:49:06 +01:00
835c5e396e Monitor XMPP Notifications 2021-12-20 16:47:57 +01:00
4ea5a21103 Resolve monitoring-3 hostname to loopback 2021-12-20 16:37:31 +01:00
13b12c5286 Yeah, there are cors headers... 2021-12-12 19:06:14 +01:00
2a4f3a2d83 Migrate prediger website to web-2 2021-12-12 18:42:41 +01:00
6df7ca5da6 Migrate radicale config to attribute set 2021-12-12 17:30:08 +01:00
5919287792 Use upstream gitea module now 2021-12-12 17:22:43 +01:00
13f9a3b6a3 Fix changed behaviour of fetchGit 2021-12-12 13:35:13 +01:00
a76916d06d Add backup scripts to version control 2021-12-07 19:48:24 +01:00
f93223a109 Update version string 2021-12-07 19:46:47 +01:00
c8294a848e Tweak backup config 2021-12-07 19:31:17 +01:00
b62198e7a0 Use correct python version 2021-12-07 19:10:14 +01:00
0f62e84479 Make status page public availiable 2021-12-07 19:09:50 +01:00
5b4d3bca76 Use correct python environment 2021-12-07 18:29:16 +01:00
1540443a5b ppp freeze hotfix 2021-12-07 18:15:59 +01:00
bd558481be Enable PPPoE debugging 2021-12-04 10:52:58 +01:00
b0d64acb33 Increased monitoring rule wait for host down 2021-10-23 18:26:08 +02:00
3ea21db30b Improve monitoring rules 2021-10-23 18:14:51 +02:00
00caae0ed3 Move rules to dedicated file 2021-10-22 23:53:42 +02:00
4392302eb4 Add alerting to monitoring 2021-10-22 23:21:26 +02:00
cdcf21427a Add vpn access 2021-10-22 22:00:27 +02:00
e327d80263 Fix module import 2021-08-31 19:16:53 +02:00
b25f5e9411 Remove ard erothek 2021-08-30 21:22:57 +02:00
f01337ee3a Updated papermc version 2021-08-30 21:22:07 +02:00
b3df6d4032 Fix firewall for guest network 2021-08-29 17:43:04 +02:00
2d7483e6fe Use DSL now 2021-08-28 18:01:49 +02:00
c55c0d7367 Restrict guest network 2021-08-19 19:03:34 +02:00
222d538de6 Block IP4 traffic from and to guest network 2021-08-01 14:50:31 +02:00
008a51702a Change to new networking setup and add guest network 2021-08-01 13:32:48 +02:00
6cec90bdfa Deploy chisel on porter 2021-07-23 23:33:03 +02:00