|
|
8f8860390e
|
Increase worker_connections and set worker_processes to auto
|
2023-11-09 23:10:53 +01:00 |
|
|
|
16ec762847
|
Set locations priority for matrix reverse proxy
|
2023-11-09 23:10:53 +01:00 |
|
|
|
c273c7184c
|
Enable sliding-sync for matrix-synapse
|
2023-11-09 23:10:53 +01:00 |
|
|
|
c55d5da5c6
|
flake.lock: Update
Flake lock file updates:
• Updated input 'nixos-generators':
'github:nix-community/nixos-generators/8ee78470029e641cddbd8721496da1316b47d3b4' (2023-09-04)
→ 'github:nix-community/nixos-generators/150f38bd1e09e20987feacb1b0d5991357532fb5' (2023-09-30)
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/53d337b63c8f9d7e0f8709cae0008a9655bee33e' (2023-09-19)
→ 'github:NixOS/nixpkgs/ef8e9997fcb37d5c8372dc1349185bd0d31752a6' (2023-10-05)
• Updated input 'nixpkgs-unstable':
'github:NixOS/nixpkgs/089313d7c7c864b21648d78fb8700062dafab1f2' (2023-09-18)
→ 'github:NixOS/nixpkgs/e462c9172c685f0839baaa54bb5b49276a23dab7' (2023-10-06)
|
2023-11-09 23:10:53 +01:00 |
|
|
|
9a64012393
|
Also listen on "::1"
|
2023-11-09 23:10:53 +01:00 |
|
|
|
ab8a9c39dc
|
Enable dehydrated device feature for element-web client
|
2023-11-09 23:10:53 +01:00 |
|
|
|
35119a2a8e
|
Change Content-Security-Policy "frame-ancestors" from "none" to "self"
Fixes downloads in element-web
|
2023-11-09 23:10:53 +01:00 |
|
|
|
e8427dc81d
|
Set real IP from local proxy
|
2023-11-09 23:10:52 +01:00 |
|
|
|
c1e74a4494
|
Setup paperless host and reverse proxy for acme http challange
|
2023-11-09 23:10:52 +01:00 |
|
|
|
a2855162eb
|
Set resolv.conf file manually for uptime-kuma container due to a bug
|
2023-11-09 23:10:52 +01:00 |
|
|
|
440251d2fc
|
Use only snake case for element-web config since camel case is deprecated
|
2023-11-09 23:10:52 +01:00 |
|
|
|
d036d4a167
|
Configure TLS settings on mail relay
|
2023-11-09 23:10:52 +01:00 |
|
|
|
9815afffdb
|
Enable TLS on mail relay
|
2023-11-09 23:10:52 +01:00 |
|
|
|
91bd9f3c1d
|
Forward port 80 to mail servers for the http acme challange
|
2023-11-09 23:10:52 +01:00 |
|
|
|
215065aa6c
|
Use snat rule instead if masquerade for wireguard nat
|
2023-11-09 23:10:52 +01:00 |
|
|
|
0d820c58af
|
Use a less generic nftables table name
|
2023-11-09 23:10:52 +01:00 |
|
|
|
e3b6c9a2bc
|
Use another subnet for WireGuard tunnel as is conflicts with the openstack internal subnet
|
2023-11-09 23:10:52 +01:00 |
|
|
|
4538bfb375
|
Add tcpdump to default packages
|
2023-11-09 23:10:52 +01:00 |
|
|
|
e7fe3707ee
|
Fix WireGuard nat rules
|
2023-11-09 23:10:52 +01:00 |
|
|
|
f67a75b07d
|
Change mail-1 wireguard port as it is already used for STS setup
|
2023-11-09 23:10:52 +01:00 |
|
|
|
a30fd6d361
|
Use host resolv.conf in container
|
2023-11-09 23:10:52 +01:00 |
|
|
|
ef036a6a18
|
Add missing wireguard-tools dependency
|
2023-11-09 23:10:52 +01:00 |
|
|
|
de66b5931c
|
Pass libnftables.so.1 path into python script
|
2023-11-09 23:10:52 +01:00 |
|
|
|
299d04142f
|
Add wireguard-nat-nftables python script
|
2023-11-09 23:10:52 +01:00 |
|
|
|
667b1c256b
|
Add valkyrie host
|
2023-11-09 23:10:52 +01:00 |
|
|
|
9cf5bd0469
|
Enable firewall
|
2023-11-09 23:10:52 +01:00 |
|
|
|
ba93d164cf
|
Setup mail server and restructure some things
|
2023-11-09 23:10:52 +01:00 |
|
|
|
4c382e629d
|
Update flake.lock
|
2023-11-09 23:10:52 +01:00 |
|
|
|
1d8697b70a
|
Just do the nginx proxy_protocol listen in extraConfig and use stable packages
|
2023-11-09 23:10:52 +01:00 |
|
|
|
cc93674cc4
|
Bump element-web to v1.11.40
|
2023-11-09 23:10:52 +01:00 |
|
|
|
5f61e963a8
|
Bump flake.lock
|
2023-11-09 23:10:52 +01:00 |
|
|
|
e93c605ebb
|
Add matrix-synapse host
|
2023-11-09 23:10:52 +01:00 |
|
|
|
b7864a6798
|
Only run pipeline when specific RUN_JOB variable value is set
|
2023-11-09 23:10:52 +01:00 |
|
|
|
1ab6eb6c94
|
Bump flake.lock
|
2023-11-09 23:10:52 +01:00 |
|
|
|
8b6d09def8
|
Rename nixos-coturn to coturn and finish config
|
2023-11-09 23:10:52 +01:00 |
|
|
|
d625f3f887
|
Add metrics host with Grafana and Prometheus
|
2023-11-09 23:10:52 +01:00 |
|
|
|
b7bae9e9de
|
WIP grafana
|
2023-11-09 23:10:52 +01:00 |
|
|
|
0fa4ca7521
|
Increase opcache.interned_strings_buffer PHP option
|
2023-11-09 23:10:52 +01:00 |
|
|
|
70eb8625bc
|
Enable proxyprotocol for nitter host
|
2023-11-09 23:10:52 +01:00 |
|
|
|
a4f3e68aac
|
Add netbox host
|
2023-11-09 23:10:52 +01:00 |
|
|
|
61f2d8f07e
|
Fix hostname
|
2023-11-09 23:10:52 +01:00 |
|
|
|
ad208c1870
|
Restrict allowedTCPPorts to port 8443
|
2023-11-09 23:10:52 +01:00 |
|
|
|
c1bd4e3529
|
Add SMTP configuration to nextcloud and use an additional disk for the data
|
2023-11-09 23:10:52 +01:00 |
|
|
|
3f9cdc0943
|
Set boot.growPartition = true
|
2023-11-09 23:10:52 +01:00 |
|
|
|
aed6df2954
|
Improve Proxmox backup image generation
|
2023-11-09 23:10:52 +01:00 |
|
|
|
0a5d070773
|
Add nextcloud host
|
2023-11-09 23:10:52 +01:00 |
|
|
|
093a44edf4
|
Remove secret.nix from jellyfin imports
|
2023-11-09 23:10:52 +01:00 |
|
|
|
5c63b5d1a3
|
Enable firewall and migrate Jellyfin to NixOS
|
2023-11-09 23:10:52 +01:00 |
|
|
|
693c6da88a
|
Add jellyfin host
|
2023-11-09 23:10:52 +01:00 |
|
|
|
8a16dd0af2
|
Enable console on serial port and print public ssh host key when booting
|
2023-11-09 23:10:52 +01:00 |
|
