1
0
Commit Graph

583 Commits

Author SHA1 Message Date
2ae649af80 configuration/gpg-ssh: Move GPG and SSH integration to seperate module 2024-04-15 08:44:09 +02:00
128f2360c7 hosts/hydra-1,hosts/hydra-2: Allow git via http in restricted mode 2024-04-08 08:16:29 +02:00
0b7f25e017 hosts/hydra-1,hosts/hydra-2: Allow http as schema in restricted mode and not only as prefix 2024-04-07 20:36:50 +02:00
5aac90a1fa hosts/hydra-1,hosts/hydra-2: Allow github uri in restricted mode 2024-04-07 20:03:10 +02:00
f0d82c45fb hosts/web-2: Add md.clerie.de 2024-04-02 22:14:17 +02:00
df6a540281 hosts/monitoring-3: Fix IPv6 listen addr for Grafana 2024-03-27 19:11:02 +01:00
50066d1122 hosts/web-2: postgresql migrate to ensureDBOwnership 2024-03-24 14:35:31 +01:00
db58f552b2 hosts/web-2: fix systemd service dependencies for chaosevents 2024-03-24 14:20:34 +01:00
0cd3c05a25 hosts/web-2: migrate renamed options for gitea 2024-03-24 14:08:34 +01:00
fe85ab718a hosts/storage-2: migrate renamed options 2024-03-24 13:26:26 +01:00
4f96034838 hosts/monitoring-3: add prometheus job for high frequency pings 2024-03-24 13:03:23 +01:00
3c42d25ecd hosts/monitoring-3: migrate renamed options 2024-03-24 13:01:32 +01:00
62dd3b7471 hosts: remove deprecated grub version option 2024-03-19 19:37:43 +01:00
9bc4ba3b77 pkgs/print-afra: Add script for printing pdf in AfRA 2024-03-19 17:51:59 +01:00
7a4177f360 pkgs/nixfiles: rename nixfiles-updated-inputs to clerie-update-nixfiles 2024-03-17 16:14:54 +01:00
5b8b8f8cab pkgs/chromium-incognito: add package 2024-03-17 14:24:06 +01:00
f011e3fc9e modules/nixfiles/nixfiles-system-upgrade.nix,modules/clerie-system-upgrade: rename module 2024-03-14 20:30:37 +01:00
f34337159d pkgs/wetter: remove package 2024-03-14 20:12:41 +01:00
07609fb02d hosts/storage-2: add firmware.clerie.de 2024-03-02 16:28:45 +01:00
ffdc95da84 hosts/astatine: Isolate ppp interface 2024-03-01 22:02:36 +01:00
a5c2009bfd hosts/astatine: remove mtu option so client uses mru sent by provider 2024-03-01 22:02:36 +01:00
991b4d6bd1 hosts/astatine: enable remote wireshark capture 2024-03-01 22:02:36 +01:00
70a663b633 hosts/astatine: ppp test 2024-03-01 22:02:36 +01:00
d33293e00a hosts/krypton: Add fractal 2024-02-19 21:16:41 +01:00
a84ae9372e hosts/minecraft-2,hosts/storage-2: Enable auto update 2024-02-18 16:47:54 +01:00
15670ff541 hosts/storage-2: Replace prepare script with tmpfiles 2024-02-18 14:58:45 +01:00
692da961d8 hosts/web-2: Remove znc 2024-02-18 14:40:26 +01:00
0118788e82 hosts/web-2: Update chaosevents 2024-02-17 18:55:30 +01:00
0cf25afdc7 hosts/krypton: Remove archroot mount point 2024-02-13 11:12:11 +01:00
2fe4da7c4a hosts/krypton: add okular 2024-02-12 19:12:03 +01:00
bf7205f2be hosts/web-2: Update clerie.de 2024-02-09 21:28:20 +01:00
204303beee hosts/zinc: add cryptsetup-askpass to .ash_history for faster access 2024-02-07 18:52:14 +01:00
bfdfc7ee68 hosts/zinc: custom network setup in initrd 2024-02-07 18:42:30 +01:00
bdb78d60c1 hosts/zinc: add cura slicer 2024-02-07 17:36:00 +01:00
022fabb0f7 hosts/zinc: Add programs 2024-02-07 17:35:28 +01:00
7f6bfafbcf hosts/carbon: Set correct MTU 2024-02-07 12:25:52 +01:00
5b3933937e hosts/krypton: add network debug tools 2024-01-30 15:03:06 +01:00
da76595558 hosts/osmium: Polkit test 2024-01-30 09:53:27 +01:00
2ac1cc6fed hosts/krypton: enable wireshark 2024-01-20 20:58:51 +01:00
bc35fbb0d6 host/monitoring: Use correct variable in alerting rule description 2024-01-15 18:08:23 +01:00
568d3f8d89 hosts/krypton: Turn on keyboard backlight and display battery levels at cryptsetup askpass 2024-01-08 15:44:28 +01:00
9284723eae hosts/storage-2: Deactivate kraftfuttermischwerk sync 2024-01-05 19:47:37 +01:00
b17c444ae2 hosts/carbon: make router usable without a switch 2023-12-20 18:33:12 +01:00
98de6489f3 modules/nixfiles: Deploy system upgrade unit everywhere so updates can get startet remotely 2023-12-15 20:20:53 +01:00
d05f74ece9 modules/nixfiles: Specify dedicated system update times per host 2023-12-15 18:58:01 +01:00
0ea664287b users/isa: Move to users directory 2023-12-07 20:21:44 +01:00
01b1ce3caa pkgs/nixfiles: rename nixfiles-system-sync-to-hydra to nixfiles-system-upgrade 2023-12-01 18:02:44 +01:00
cff95863fd hosts/monitoring-3: Add alert for Synapse 2023-12-01 17:50:54 +01:00
2e68d00ca4 hosts/gatekeeper: update pubkey amy 2023-11-23 17:21:45 +01:00
203032d9f3 hosts/gatekeeper: add amy to wg-clrie 2023-11-22 21:38:31 +01:00
572fb59903 hosts/dn42-il-gw5,hosts/dn42-il-gw6: export routes to looking glass 2023-11-21 15:16:16 +01:00
5ad39391cf hosts/schule: remove host 2023-11-07 19:27:01 +01:00
9f77f2594c hosts/dn42-il-gw1,hosts/dn42-il-gw5,hosts/dn42-il-gw6,hosts/nonat: enable auto update 2023-11-05 22:30:31 +01:00
5fc75da28c hosts/zinc: enforce password for sudo 2023-11-05 13:41:46 +01:00
226e4198e0 hosts/monitoring-3: add synapse monitoring 2023-11-05 13:36:58 +01:00
4d4c5eed8c hosts/monitoring-3: add matrix server ping targets 2023-11-04 14:10:51 +01:00
43335679ed hosts/astatine: add user criese-nethinks 2023-10-29 20:06:30 +01:00
c013c4323a hosts/web-2: add install.nix.clerie.de 2023-10-25 21:45:38 +02:00
36e6d96d2c hosts/krypton: enable binfmt virt for aarch64-linux 2023-10-25 18:25:15 +02:00
5d870740b6 hosts/web-2: return known_hosts with proper mime type 2023-10-22 21:58:54 +02:00
24b8e750b5 pkgs/nixfiles: move nixfiles-auto-install to pkg 2023-10-20 23:45:43 +02:00
219c356e83 hosts/krypton: Update system 2023-10-17 16:45:09 +02:00
2e390e9ef9 hosts/web-2: update clerie.de 2023-10-12 22:16:44 +02:00
7ca735fa6d hosts/zinc: make sudo not require a password 2023-09-23 19:36:27 +02:00
9d310e9e8f hosts/zinc: enable gnome desktop 2023-09-23 17:55:26 +02:00
c2b1697fb5 hosts/zinc: move initrd stuff to seperate file 2023-09-22 21:00:43 +02:00
ac40659050 hosts/zinc: enable 5g modem via usb 2023-09-22 20:55:43 +02:00
3fb56cd9f3 host/zinc: rotate ssh host key 2023-09-22 20:30:35 +02:00
c46a031b39 modules/wireguard-initrd: add module for wireguard in initrd 2023-09-22 16:56:09 +02:00
08600173b9 hosts/krypton: add fractal-next 2023-09-22 16:32:57 +02:00
975e24b31a hosts/gatekeeper: add VPN connection for zinc initrd 2023-09-22 16:24:46 +02:00
2f22810091 hosts/gatekeeper: add wg-clerie zinc 2023-09-20 21:03:12 +02:00
ef3c2c0174 hosts/zinc: enable wg-clerie 2023-09-20 21:01:40 +02:00
eef227d45a hosts/zinc: add host 2023-09-20 20:35:47 +02:00
362a6fcf7f hosts/web-2: remove prediger workadventure map 2023-09-15 20:44:05 +02:00
1e22756876 hosts/web-2: host fieldpoc documentation 2023-09-15 20:43:09 +02:00
6fced94cb5 hosts/aluminium: enable new wg-clerie module 2023-09-15 20:24:25 +02:00
33b6731c59 hosts/hydra-1: Migrate from nix-serve to harmonia 2023-09-10 10:55:46 +02:00
e2f58fd25c hosts/web-2: Publish mitel-ommclient2 documentation using update-from-hydra 2023-09-09 14:15:24 +02:00
e515212708 hosts/web-2: deactive wetter.clerie.de because it requires nodejs that takes ages to build 2023-09-09 14:13:58 +02:00
553542071d hosts/osmium: deploy nixfiles inputs update script 2023-09-01 16:38:34 +02:00
e2dbc5244c hosts/krypton: add krita 2023-08-05 16:19:50 +02:00
deea08e0f9 hosts/krypton: update hardware configuration 2023-07-25 21:31:53 +02:00
6a3043d883 hosts/krypton: fix hibernate 2023-07-10 23:57:49 +02:00
fcc3f61fbd hosts/hydra-1: use localhost as builder too 2023-07-08 23:29:55 +02:00
c6a1e2531e hosts/krypton: add onlyoffice 2023-07-08 23:01:48 +02:00
25677a9e03 hosts/krypton: add xournalpp 2023-07-02 14:59:50 +02:00
9dae541043 modules/clerie-gc-dir: regularly clean up downloads directory 2023-07-01 11:59:12 +02:00
176075485f hosts/krypton: do not show systemd-boot selector on boot 2023-07-01 00:10:22 +02:00
1ff45a9068 hosts/monitoring-3: remove mail-1 from monitoring 2023-06-28 18:48:44 +02:00
942d226099 modules/backup: support excluding paths 2023-06-28 18:09:03 +02:00
80cc6522da hosts/krypton: enable backup 2023-06-20 20:36:53 +02:00
5ef293448d hosts/aluminium: add fieldpoc 2023-06-20 18:58:55 +02:00
14bc3b6fe8 hosts/aluminium: add ssh host key 2023-06-20 18:53:01 +02:00
dff3768ef3 hosts/krypton: add wg-clerie 2023-06-20 18:39:28 +02:00
376068a8e0 hosts/krypton: add ssh hostkey 2023-06-20 18:37:42 +02:00
11a5a520d8 modules/wg-clerie: migrate to age secrets 2023-06-20 18:36:28 +02:00
f07dbd3c53 hosts/krypton: do not dare using swap 2023-06-20 11:48:12 +02:00
cf3e4085b9 hosts/clerie: enable serial devices 2023-06-20 11:07:59 +02:00
3ec434470a configuration/desktop: cleanup config 2023-06-19 22:24:36 +02:00
417a739547 hosts/krypton,configuration/desktop: setup basic gnome environment 2023-06-19 22:20:47 +02:00
b481941eb2 hosts/krypton: add host 2023-06-19 19:45:28 +02:00
8936e6a8b5 hosts/web-2: add chaosevent.clerie.de 2023-06-13 17:53:45 +02:00
4715a5340e hosts/astatine: add guest user 2023-05-30 17:34:06 +02:00
5270f493b8 hosts/monitoring-3: Make alerting rules more relsilient against missing scrapes 2023-05-28 12:10:45 +02:00
ad137204c3 hosts/monitoring-3: tune altering rules for backups to reduce false positives 2023-05-25 04:33:43 +02:00
b77e9016d7 host/monitoring-3: add rule for backups that are behind 2023-05-24 08:41:35 +02:00
2205429088 hosts/mail-2: add to backup 2023-05-22 07:46:11 +02:00
eb611f9c57 hosts/mail-2: add to monitoring 2023-05-22 07:02:45 +02:00
22ed8fff6e hosts/mail-2: enable IPv6 in docker 2023-05-21 09:41:32 +02:00
dd20c29c70 hosts/mail-2: enable docker 2023-05-20 17:52:03 +02:00
196fcf30a0 hosts/mail-2: add ssh pubkey 2023-05-20 17:35:39 +02:00
919e054d6f host/mail-2: add host 2023-05-20 17:20:33 +02:00
4f01b4a8a1 hosts/clerie-backup,host/backup-4: restore missing htpasswd entries 2023-05-19 20:57:44 +02:00
628cc524a7 hosts/web-2: migrate to clerie-backup 2023-05-19 20:40:14 +02:00
05a2742a91 modules/backup: add backup module using restic 2023-05-16 12:21:11 +02:00
5fa2b58c3d hosts/backup-4: fix path to backup htpasswd 2023-05-16 09:28:44 +02:00
d241370821 hosts/clerie-backup,hosts/backup-4: change backup credentials for minecraft-2 2023-05-16 09:27:44 +02:00
98705a218c hosts/storage-2: set secrets permissions for nginx htpasswd 2023-05-16 08:13:12 +02:00
0393d26e71 flake.nix: update nixos-exporter and use provided modules 2023-05-09 11:56:53 +02:00
b4c5dc7c25 hosts/minecraft-2: test restic backup 2023-05-06 18:24:52 +02:00
2feb1b2b4c modules/monitoring: specify custom privateKeyFile path for wg-monitoring 2023-05-06 16:11:49 +02:00
f8328936b9 hosts/astatine: add monitoring secret 2023-05-06 15:40:42 +02:00
398067f533 hosts/monitoring-3: alert on averaged metrics 2023-05-04 14:43:14 +02:00
4834e5b91d hosts/dn42-ildix-service: add lookingglass 2023-05-04 14:35:30 +02:00
e9de141316 hosts/monioring-3: add more ping targets 2023-05-03 16:20:02 +02:00
a2deec6dfb hosts/web-2: radicale use secrets 2023-05-02 20:52:00 +02:00
bf0a8a31c3 hosts/storage-2: use secrets for basic auth 2023-05-02 20:40:30 +02:00
b60824e796 hosts/monitoring-3: use xmpp password from secrets 2023-05-02 20:27:03 +02:00
9982a4d710 hosts/hydra: use secrets for nix-cache 2023-05-02 20:14:02 +02:00
9d6a7b1c88 hosts/gatekeeper: add vpn secret 2023-05-02 19:57:21 +02:00
a34a637f48 hosts/dn42-il-gw1: migrate peering secrets to age 2023-05-02 19:52:02 +02:00
dcf8bc4035 modules/monitoring: migrate monitoring vpn secrets to age 2023-05-02 19:42:46 +02:00
cb12fb64cb hosts/web-2: expose know_hosts 2023-05-02 18:01:39 +02:00
d068fea2ce Add ssh public host keys 2023-05-02 10:33:56 +02:00
1cd9f1e52d hosts/backup-4: use secrets 2023-05-01 15:34:43 +02:00
1b8b074dc5 secrets: automatically detect and configure secrets 2023-05-01 15:08:54 +02:00
d2472c79ee lib/flake-helper.nix: Automatically load secrets from hosts secrets directory 2023-05-01 12:09:47 +02:00
09b043c26c Introduce agenix secrets management 2023-05-01 11:37:33 +02:00
f2d91c9820 hosts/dn42-il-gw1: e1mo endpoind changed 2023-04-30 19:25:02 +02:00
56a34de0cb hosts/clerie-backup,hosts/backup-4: add restic server backup nodes 2023-04-30 19:24:18 +02:00
f8ab76d163 hosts/storage-2: expose media directory via http 2023-04-29 21:03:02 +02:00
c2786dbeb3 hosts/storage-2: cleanup unused services 2023-04-29 18:56:50 +02:00
7570974a67 hosts/clerie-backup: swap backup storage 2023-04-25 14:46:49 +02:00
4647bf8d48 hosts/nonat: add blackbox exporter 2023-04-24 21:00:35 +02:00
c8acc39d8d modules/wg-clerie: add module for public IPv6 vpn 2023-04-23 15:31:54 +02:00
93f1fa77e0 hosts/palladium: prevent borg filling up root partition 2023-04-23 15:00:42 +02:00
882df0098f hosts/monitoring-3: alert for all storage drives when they are full 2023-04-22 18:30:51 +02:00
dcd8c37014 hosts/hydra-1,hosts/hydra-2,hosts/schule: migrate ssh settings 2023-04-21 22:07:54 +02:00
de8a485779 hosts/monitoring: use correct instance for backup storage monitoring rule 2023-04-18 22:52:52 +02:00