1
0
Commit Graph

553 Commits

Author SHA1 Message Date
3d48949629 hosts/hydra: add http to restricted mode allow urls 2022-10-02 22:12:19 +02:00
f67a810a2b hosts/hydra-1: add hydra service 2022-10-02 17:46:39 +02:00
efe47bacb1 hosts/hydra-1: add new host 2022-10-02 16:51:23 +02:00
e9414209f5 hosts/monitoring-3: alert for hosts that just booted 2022-10-02 11:59:37 +02:00
2f91b7cd75 modules/chisel: Create proper module and lock down service 2022-09-29 19:02:05 +02:00
1d8b007b95 hosts/carbon: Remove from overlay network 2022-09-29 18:15:10 +02:00
ce10724700 hosts/osmium: Set custom garbage collector interval 2022-09-29 17:44:05 +02:00
75f612a857 hosts/porter: Add snowflake 2022-09-29 17:36:16 +02:00
b016e76f09 hosts/porter: Put chisel behind nginx 2022-09-28 22:47:52 +02:00
d54c8a6853 gatekeeper: Remove host from overlay network 2022-09-28 20:07:14 +02:00
c456f09dbf nonat: Remove host from overlay network 2022-09-28 19:55:37 +02:00
9c4672182a porter: Remove node from overlay network 2022-09-28 19:31:22 +02:00
5a46d7662e gatekeeper: Remove unused firewall rule that blocks all IPv4 DNS traffic as a side effect 2022-09-27 12:04:27 +02:00
4a9db34696 Retire world-dev 2022-09-14 19:48:04 +02:00
abd589aa73 Alert for full backup storage 2022-09-14 19:38:10 +02:00
018b04b798 Update renamed gitea options 2022-09-11 20:07:19 +02:00
cdbe62e788 Alert for hosts that are up for too long 2022-09-11 17:01:24 +02:00
6d1e848564 Add VPN for evey 2022-08-26 21:44:37 +02:00
601b5fe8c1 Add ping.clerie.de website 2022-08-25 23:22:05 +02:00
fbc60e98b9 Update web-2 2022-08-25 23:21:41 +02:00
d1c7267119 storage-2: Add directory listing service with DAV file upload 2022-08-14 21:04:21 +02:00
3f3fb0fc19 Add redirect from www. to bula22.de 2022-08-14 12:25:13 +02:00
ebc6771a5c Move data to dedicated disk 2022-08-14 12:24:31 +02:00
56788025f4 Add webcam to bula22.de 2022-07-25 20:25:50 +02:00
cc8abd07b8 Add domain bula22.de to web-2 2022-07-25 19:34:00 +02:00
bd00b1f86d Add VPN tunnel 2022-07-25 19:32:55 +02:00
90df3c62aa Add automatiion script for creating backup disks 2022-07-02 00:00:22 +02:00
57223d02ac Add public IPv6 VPN for Bula 2022-07-01 23:09:27 +02:00
525e83b9fd Remove heimnetz IPv6 tunnel 2022-07-01 21:19:19 +02:00
fd1d9a2252 Fix external backup again 2022-06-12 21:51:19 +02:00
5b6cadecbe Update website clerie.de 2022-06-12 21:49:36 +02:00
fcb7057b9d Renumber public IPv6 address 2022-05-26 10:54:01 +02:00
3e35deb089 Use first link local IPv6 address as gateway 2022-05-26 10:41:27 +02:00
e5d1e11b31 Removed unavailiable source 2022-05-26 01:13:12 +02:00
01c0f82209 Display readable file sizes 2022-05-26 01:04:25 +02:00
bb07c9d88a Restructure unit generation and add more sources 2022-05-26 00:41:57 +02:00
031bd72e17 Provide GPG key using web key directory 2022-04-15 14:03:13 +02:00
5ba4163f95 Adding matrix server to monitoring 2022-04-14 21:12:44 +02:00
17f385aee1 Remove redundant default routes in RAs 2022-04-14 20:59:22 +02:00
c55be6f01a Migrate Heimnetz IPv6 network to native prefix 2022-04-03 13:54:18 +02:00
791c1a8d90 Move DHCP server for gastnetz to carbon too 2022-04-03 13:39:11 +02:00
f93c4a0d11 Enable IPv6 on guest net 2022-04-03 13:28:08 +02:00
82f22ef444 Add lutoma peering 2022-03-22 14:15:46 +01:00
588db80877 Add bird to monitoring 2022-03-22 12:16:28 +01:00
3ff361db44 Add nm check endpoint which simulates a captive portal 2022-03-07 12:30:35 +01:00
8708e02d35 Add more addresses to ping 2022-02-28 16:33:23 +01:00
2a462cb90a Add user that is allowed to edit wetter database 2022-02-28 15:36:40 +01:00
f8d69b1784 Add captive portal detection service 2022-02-26 16:14:07 +01:00
54df2256b9 Allow DNS over TCP 2022-02-12 15:25:56 +01:00
a5f2a58ff0 Enable Kea for Heimnetz 2022-02-12 15:22:57 +01:00
716dfce84d I don't care about industry standarts anymore 2022-02-08 21:03:40 +01:00
8f5a0bad31 Tune unbound cached records a bit to answer faster 2022-02-08 20:56:10 +01:00
2d5f6d6892 Remove rsync from required packages 2022-02-08 20:32:59 +01:00
db4db15086 Fix mount point name for unmount 2022-02-08 20:31:54 +01:00
8127ad8e02 Dirty migration of backup magic to external drive 2022-01-24 19:20:09 +01:00
fca4f238ec Add VoIP Network 2022-01-22 14:13:57 +01:00
2fa35d173e Start backup daily 2022-01-13 13:43:34 +01:00
ebd1aeb05a Introduce new stage 2 backup strategy 2022-01-11 21:31:25 +01:00
9f1d07c119 Assign static IPv6 to palladium 2022-01-11 19:48:43 +01:00
e40273f767 Optimize youtube-dl download options 2022-01-03 20:57:54 +01:00
e6876d95d1 Add mixcloud mirror 2022-01-02 21:55:09 +01:00
3d588080bc Add storage-2 2022-01-02 21:22:05 +01:00
3827c06fdf Add recursive dns server to router 2022-01-02 16:39:27 +01:00
c8884c45bf Do router advertisements right 2022-01-02 00:30:05 +01:00
b37d2bccf9 apply configuration hints to fix my pppoe 2021-12-24 13:15:54 +01:00
bf2aa2ec4f Hotfix: restart more often the broken stuff 2021-12-23 23:12:15 +01:00
c42932db0e Trying out smokeping exporter 2021-12-20 17:49:06 +01:00
835c5e396e Monitor XMPP Notifications 2021-12-20 16:47:57 +01:00
4ea5a21103 Resolve monitoring-3 hostname to loopback 2021-12-20 16:37:31 +01:00
13b12c5286 Yeah, there are cors headers... 2021-12-12 19:06:14 +01:00
2a4f3a2d83 Migrate prediger website to web-2 2021-12-12 18:42:41 +01:00
6df7ca5da6 Migrate radicale config to attribute set 2021-12-12 17:30:08 +01:00
5919287792 Use upstream gitea module now 2021-12-12 17:22:43 +01:00
13f9a3b6a3 Fix changed behaviour of fetchGit 2021-12-12 13:35:13 +01:00
a76916d06d Add backup scripts to version control 2021-12-07 19:48:24 +01:00
f93223a109 Update version string 2021-12-07 19:46:47 +01:00
c8294a848e Tweak backup config 2021-12-07 19:31:17 +01:00
b62198e7a0 Use correct python version 2021-12-07 19:10:14 +01:00
0f62e84479 Make status page public availiable 2021-12-07 19:09:50 +01:00
5b4d3bca76 Use correct python environment 2021-12-07 18:29:16 +01:00
1540443a5b ppp freeze hotfix 2021-12-07 18:15:59 +01:00
bd558481be Enable PPPoE debugging 2021-12-04 10:52:58 +01:00
b0d64acb33 Increased monitoring rule wait for host down 2021-10-23 18:26:08 +02:00
3ea21db30b Improve monitoring rules 2021-10-23 18:14:51 +02:00
00caae0ed3 Move rules to dedicated file 2021-10-22 23:53:42 +02:00
4392302eb4 Add alerting to monitoring 2021-10-22 23:21:26 +02:00
cdcf21427a Add vpn access 2021-10-22 22:00:27 +02:00
e327d80263 Fix module import 2021-08-31 19:16:53 +02:00
b25f5e9411 Remove ard erothek 2021-08-30 21:22:57 +02:00
f01337ee3a Updated papermc version 2021-08-30 21:22:07 +02:00
b3df6d4032 Fix firewall for guest network 2021-08-29 17:43:04 +02:00
2d7483e6fe Use DSL now 2021-08-28 18:01:49 +02:00
c55c0d7367 Restrict guest network 2021-08-19 19:03:34 +02:00
222d538de6 Block IP4 traffic from and to guest network 2021-08-01 14:50:31 +02:00
008a51702a Change to new networking setup and add guest network 2021-08-01 13:32:48 +02:00
6cec90bdfa Deploy chisel on porter 2021-07-23 23:33:03 +02:00
b7798bf8ee Workaround for shitty pulic wifi firewalls 2021-07-11 16:21:35 +02:00
2525c506fc Add debian host mail-1 to monitoring 2021-06-20 16:06:42 +02:00
1cb3143096 Let prometheus scrape temperature values from iot data 2021-06-20 16:05:37 +02:00
4707c565b1 Deploy iot-data 2021-06-19 12:51:38 +02:00
d4d0a5b274 Change minecraft server edition to get current version 2021-06-18 12:38:14 +02:00
c02faca6fc Add minecraft-2 to backup 2021-06-18 12:25:41 +02:00
6ee3387680 Add status page to monitoring-3 2021-05-15 18:43:15 +02:00
1caff12782 Switch from gre tunnel to wireguard for heimnetz transport 2021-05-12 10:04:04 +02:00
a3002d2455 Add carbon to monitoring 2021-05-07 21:58:30 +02:00
d8547c2a98 Change monitoring scraping interval to 15s 2021-05-07 16:51:15 +02:00
3a17ce19f9 Add palladium to backup cluster 2021-05-07 16:26:24 +02:00
de13ca0b79 Silence HDDs on palladium 2021-05-01 13:01:08 +02:00
47ebac55cd Enable monitorng on palladium 2021-04-30 23:54:43 +02:00
17e3d37989 Add host palladium 2021-04-30 23:36:48 +02:00
db37daab95 Add ard erothek to web-2 2021-04-30 23:36:26 +02:00
7c13997caa Enable local workadventure backend on world-dev 2021-04-21 22:30:17 +02:00
83467d3f90 Serve workadventure front 2021-04-20 22:28:46 +02:00
c07c8a92c2 tweaking rsync opts 2021-04-11 17:37:27 +02:00
e55c86a037 Prepare clerie-backup for replication 2021-04-11 12:17:47 +02:00
548004b1a1 Add host backup-4 2021-04-11 12:13:41 +02:00
b1b57a97ad Add host world-dev 2021-03-27 12:41:14 +01:00
209c0a5477 Add frainz to ildix 2021-03-22 23:20:15 +01:00
8467002912 Add dn42-il-gw6 to monitoring 2021-02-25 17:18:00 +01:00
69fe8fedc7 Add backup repo terra 2021-02-25 17:17:31 +01:00
93f02bf055 Add dn42-il-gw5 to mon+itoring 2021-02-24 13:22:32 +01:00
1e2112bcc0 Add dn42-il-gw1 to monitoring 2021-02-24 13:22:11 +01:00
cbdcfb59f9 Add nonat to monitoring 2021-02-24 12:09:44 +01:00
a23bec7792 Add gatekeeper to monitoring 2021-02-24 02:20:38 +01:00
74d07737b9 Add clerie-backup to monitoring 2021-02-24 02:12:53 +01:00
3b4cffdd0f Add web-2 to monitoring 2021-02-24 01:50:42 +01:00
1d9fe9fc6b Add minecraft-2 to monitoring 2021-02-24 01:50:23 +01:00
61ed39ebd7 Add osmium to monitoring 2021-02-24 00:17:26 +01:00
0ec7c48f7b Add monitoring pubkey 2021-02-24 00:16:54 +01:00
79dc192662 Feed prometheus from hostconfigs 2021-02-24 00:16:30 +01:00
7682e01479 Connect porter to monitoring 2021-02-21 22:39:57 +01:00
6e60e839bb Add host monitoring-3 and init monitoring 2021-02-21 21:39:01 +01:00
a960592f76 Minecraft port forward 2021-02-10 21:05:06 +01:00
097ea51d2d Migrate to new minecraft-server module 2021-02-10 19:10:26 +01:00
7a23f36b7d Move to better performing minecraft server implementation 2021-02-10 17:49:47 +01:00
c276157090 Forward minecraft port 2021-02-10 17:48:56 +01:00
a1be8c31ac Add proxy for minecraft 2021-02-06 18:54:51 +01:00
b4a84e866d Add host minecraft-2 2021-02-06 18:53:21 +01:00
1bae1d1b33 Removed raspberrypi 2021-02-04 18:53:06 +01:00
c83a72f955 Implement direct link between porter and gatekeeper 2021-02-03 20:14:59 +01:00
b214a237fd Pin tunnel ips on gatekeeper 2021-02-03 19:47:12 +01:00
882385b6dd Pin tunnel ips on nonat 2021-02-03 19:37:15 +01:00
e64e66ecd2 Pin tunnel ips 2021-02-03 18:50:17 +01:00
6fa28acff8 Move porter to another location 2021-02-03 18:46:20 +01:00
ec835f30da meowing emojis 2021-02-02 13:35:52 +01:00
8dc29cf3e7 Add backup repo for mail-1 2021-02-02 13:35:30 +01:00
43164566fe Add service wetter on web-2 2021-01-28 16:44:51 +01:00
a29b9c648a Move clerie.de to web-2 2021-01-23 13:27:43 +01:00
7337e2100b carbon pin wireguard to ipv4 2021-01-23 13:27:06 +01:00
166b35700a Enable roa for ildix 2021-01-15 18:10:40 +01:00
f3f27b9e5f Add reichartstrasse.de to web-2 2021-01-14 14:53:27 +01:00
4752725b67 Add milchinsel.de to web-2 2021-01-14 14:36:20 +01:00
1bb0450f6f Allow unecrypted ip address requests 2021-01-14 13:45:15 +01:00
31b5abf7ec Transport public net to different location ans source route backtraffic via gre 2021-01-13 13:52:04 +01:00
fff74fed87 Fix ipv6 support for gre module 2021-01-13 13:45:26 +01:00
5f95721f3d Remove pbr leftover from bgp experiment 2021-01-12 13:42:20 +01:00
18ccdbf288 Configure gre between carbon an gatekeeper 2021-01-10 22:28:24 +01:00
337f5824f0 Special headers for workadventure map 2021-01-10 21:30:06 +01:00
ab70ee9a51 Connect gatekeeper to internal network 2021-01-10 18:47:11 +01:00
c8e98afaae Move gitea to web-2 2021-01-06 22:02:11 +01:00
12b4d595d6 Enable local http server on web-2 2021-01-05 20:27:05 +01:00
faa4251d3d Install dav server on web-2 2021-01-05 20:25:16 +01:00
6baadff06d Backups for web-2 2021-01-03 16:26:33 +01:00
d1fd780e79 Enable znc server 2021-01-03 15:19:40 +01:00
fd730f837c Add ip tool to web-2 2021-01-02 22:17:51 +01:00
e0f8f4d79a web-2 meows 2021-01-02 21:35:21 +01:00
d4499ed056 Serve bubblesort on web-2 2021-01-02 18:19:11 +01:00
ddb41ac8cd Add host web-2 2021-01-02 16:48:53 +01:00
ea5739ae2a Correct port and open firewall 2020-12-26 10:17:31 +01:00
93a35d021b Add gatekeeper hardware configuration 2020-12-26 09:54:21 +01:00
a4e1bb74cf Active nat for vpn 2020-12-26 01:50:50 +01:00
4bdc98598c Configure port forwards 2020-12-26 01:49:13 +01:00
9a7939dcc7 Add host gatekeeper 2020-12-26 00:30:20 +01:00
778ceb55e6 Set system architecture for drain 2020-12-25 23:11:40 +01:00
7f01f83114 Add more backup users 2020-12-25 23:10:04 +01:00
c459929d2d Add new host clerie-backup 2020-12-25 11:09:59 +01:00
389b2a2e07 Add host drain 2020-12-19 22:51:16 +01:00
0f40720ce7 Allow osmium building arm systems 2020-12-19 22:48:33 +01:00
9e7a395187 Remove iBGP 2020-12-17 23:43:52 +01:00
28c585cd57 Enable NAT on carbon 2020-12-17 10:41:11 +01:00
eaffd00919 Enable IPv6 nat 2020-12-17 03:56:06 +01:00
288307a4f6 Enable policy routing on carbon 2020-12-17 03:39:17 +01:00
87e4a629d8 Add policy based routing 2020-12-17 03:04:30 +01:00
9f8282e83b Use vars instead of redundant defintion 2020-12-17 01:41:45 +01:00
872fbea418 Init ibgp routing 2020-12-17 01:35:27 +01:00
23747424da Add local interface to carbon 2020-12-17 01:21:50 +01:00
35eb5a521a Fix spacing 2020-12-16 18:58:03 +01:00
f93e2e7b93 Route everything for FeM to nonat 2020-12-16 13:33:35 +01:00
d9dd5e6d77 Allow to NAT whole network 2020-12-16 13:06:14 +01:00
fb5cfd9d81 Import Nat Netz Mercury to OSPF 2020-12-16 12:59:41 +01:00
88e6f0d54e Include carbon to OSPF network 2020-12-16 12:30:38 +01:00
3935e055df No anycast subnet needed, use only single IPs 2020-12-16 11:17:11 +01:00
21f2235964 Add IPv4 Tunnel Support 2020-12-16 11:15:59 +01:00
3c2de6bc17 Activate OSPF on nonat and porter 2020-12-15 20:22:07 +01:00
f39aa5037b Wireguard between nonat and porter 2020-12-15 18:13:56 +01:00
e8797c6ad0 Add host porter 2020-12-15 12:59:27 +01:00
8ab0ecf4c7 Add max as ildix peer 2020-12-15 12:41:00 +01:00
dcc370c9e7 Add host dn42-ildix-clerie 2020-12-14 19:11:20 +01:00
832ad41743 Add second ildix route server to dn42-il-gw6 2020-12-11 10:50:39 +01:00
0767df085c Add second ildix route server 2020-12-11 10:45:46 +01:00
2997262349 Rollback direct link 2020-12-10 13:06:43 +01:00
115aa93d2a Import loopdevice prefixes to ospf 2020-12-10 13:02:01 +01:00
0772160af9 Add local prefix to loopdevice 2020-12-10 12:59:30 +01:00
2bf649367e Use pointopoint link for ospf 2020-12-10 12:55:37 +01:00
fc1653d8ef Use broadcast again 2020-12-10 12:42:51 +01:00
5d3285db87 Try out nonbroadcast for ospf 2020-12-10 12:31:32 +01:00
72421459e6 Fix ospf broadcast statement 2020-12-10 12:20:12 +01:00
23ec07c136 Force ospf broadcast 2020-12-10 12:18:08 +01:00
d381529488 Disable bgp route publication while backbone is not working properly 2020-12-10 11:57:28 +01:00
7742cbf385 Remove redundant import 2020-12-10 10:50:13 +01:00
322d15b14e Fix more interface names 2020-12-09 23:12:47 +01:00
a68525f595 Fix interface names 2020-12-09 23:07:22 +01:00
d41c95056a Add host dn42-il-gw6 2020-12-09 22:55:56 +01:00
362b9b6bb8 Add module import magic 2020-12-09 22:49:42 +01:00
fb42564cb0 Add peer perflyst 2020-12-09 19:06:34 +01:00
cfedde1adb New public key for e1mo 2020-12-08 20:30:02 +01:00
ae5aa34724 Placeholder %i not supportet in nixos 2020-12-08 19:06:37 +01:00
93b4b7c9ef Fix interface template 2020-12-08 18:56:18 +01:00
7b34157278 Fix wireguard to work with link local addr 2020-12-08 18:51:58 +01:00
1c5efc4e03 Fix ip address 2020-12-08 18:43:04 +01:00
64aafe0d77 Fix typo 2020-12-08 18:25:03 +01:00
8553667208 Fix interface name 2020-12-08 18:23:54 +01:00
810001bb13 Add host dn42-il-gw1 2020-12-08 18:21:21 +01:00
26cae76337 Move generic config for dn42 routers to special module 2020-12-08 14:09:09 +01:00
dd7bdf8efa Fix path 2020-12-08 13:50:32 +01:00
1b7c2c1b99 Use pbb policy routing module 2020-12-08 13:49:46 +01:00
0be2b84fdc Get the syntax right :/ 2020-12-08 13:41:37 +01:00
fe6791d424 Open Firewall for bgp and ospf 2020-12-08 13:37:00 +01:00
aff98955f3 Don't use ip rules for now 2020-12-08 13:36:42 +01:00
525a799c5f Add ip rules 2020-12-07 21:26:41 +01:00
3a3b72ef40 Auto generated link local IPv6 for OSPF 2020-12-07 21:01:03 +01:00
c0d36f9c91 Use autoconf ipv6 for ospf 2020-12-07 18:56:04 +01:00
cfcd3f8b01 Fix include path 2020-12-07 18:35:44 +01:00
7052a406b1 Use useDHCP correctly 2020-12-07 18:34:56 +01:00
e50f5b4bde Exclude dn42 config for testing 2020-12-07 18:34:31 +01:00
3fd897fe9e Load lib 2020-12-07 18:31:21 +01:00
52e5bdf81e Add host dn42-il-gw5 2020-12-07 18:27:38 +01:00
dedf409805 InternalIPs are the ips on the host, not a range or other 2020-12-07 17:16:42 +01:00
6dab4dc41d Another misspelled filename :c 2020-12-07 17:10:05 +01:00
6866f510c9 Rename misspelled filename 2020-12-07 17:08:52 +01:00
da7d367f5e Add IPv6 dns servers 2020-12-07 17:03:56 +01:00
64d9609d49 Add host nonat 2020-12-07 16:57:50 +01:00
1859541f49 Fix IPv6 prefix 2020-12-07 15:29:42 +01:00
2ad516b8d3 Fix option location 2020-12-07 15:26:35 +01:00
c9c31b5114 Fix typo 2020-12-07 15:25:14 +01:00
4a9ef35167 Add wireguard to carbon 2020-12-07 15:24:04 +01:00
3ba7defdd0 Init router configuration to carbon 2020-12-07 15:14:33 +01:00
f7233b661e Remove sops 2020-12-06 20:25:53 +01:00
b6d1716a8a Add niv to osmium 2020-12-06 19:15:28 +01:00
82887a871a Add qemu guest agent 2020-12-06 19:02:35 +01:00
c17940be89 Git is only used on osmium 2020-12-06 18:41:10 +01:00
53581b621a Add host osmium 2020-12-06 17:40:06 +01:00
1b9fc87e77 Initial commit 2020-12-06 16:40:47 +01:00