fi/nix-infra
1
1
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
183 commits 3 branches 0 tags 1.1 MiB
Commit graph

183 commits

This branch
This branch
All branches
Author SHA1 Message Date
fi 967c771b3e
Add searx host 2023-11-09 23:10:53 +01:00
fi 3708003da6
Use OpenSSH config from CCCHH nix-infra repo 2023-11-09 23:10:53 +01:00
fi 578abdf26e
flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/8be69c1764f58e07099e4a24b926f49bbada8c7f' (2023-10-09)
  → 'github:NixOS/nixpkgs/22723a1d7deab53e5c1022906089e4247a5d3e77' (2023-10-09)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/5a9c737c587d2c34d63c5b3cb53c6ab0705bdf4f' (2023-10-09)
  → 'github:NixOS/nixpkgs/38aa96fc39c9719994f08100f791c27d31ee7892' (2023-10-09)
 2023-11-09 23:10:53 +01:00
fi 8f63afc43b
Use stable channel and use helper function for acme challenge proxy 2023-11-09 23:10:53 +01:00
fi 15963fd37e
Update element-web and clean up configuration 2023-11-09 23:10:53 +01:00
fi 406a23a01f
flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/de9b8eb55b195f318eb839351b83b3560a990169' (2023-10-07)
  → 'github:NixOS/nixpkgs/8be69c1764f58e07099e4a24b926f49bbada8c7f' (2023-10-09)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/b7a3aaae3859cd1ffd4c4fd850bf45d0304f9033' (2023-10-07)
  → 'github:NixOS/nixpkgs/5a9c737c587d2c34d63c5b3cb53c6ab0705bdf4f' (2023-10-09)
 2023-11-09 23:10:53 +01:00
fi 09a6abcae6
Remove nextcloud.grzb.de mapping 2023-11-09 23:10:53 +01:00
fi c347478e96
Migrate Mastodon to NixOS 2023-11-09 23:10:53 +01:00
fi 7055927848
flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/e49c28b3baa3a93bdadb8966dd128f9985ea0a09' (2023-10-04)
  → 'github:NixOS/nixpkgs/de9b8eb55b195f318eb839351b83b3560a990169' (2023-10-07)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/349bdd9653c42f1793d338b43aefe08883c5ebee' (2023-10-04)
  → 'github:NixOS/nixpkgs/b7a3aaae3859cd1ffd4c4fd850bf45d0304f9033' (2023-10-07)
 2023-11-09 23:10:53 +01:00
fi 52d59ef814
flake.lock: Update 
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/8ee78470029e641cddbd8721496da1316b47d3b4' (2023-09-04)
  → 'github:nix-community/nixos-generators/150f38bd1e09e20987feacb1b0d5991357532fb5' (2023-09-30)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/ce210c81d3677233bedc9b70c70ab6d3e7f828f8' (2023-09-29)
  → 'github:NixOS/nixpkgs/e49c28b3baa3a93bdadb8966dd128f9985ea0a09' (2023-10-04)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/cdd726e1deb44c031ee8975528d6b283ed8cf021' (2023-09-29)
  → 'github:NixOS/nixpkgs/349bdd9653c42f1793d338b43aefe08883c5ebee' (2023-10-04)
 2023-11-09 23:10:53 +01:00
fi 8f8860390e
Increase worker_connections and set worker_processes to auto 2023-11-09 23:10:53 +01:00
fi 16ec762847
Set locations priority for matrix reverse proxy 2023-11-09 23:10:53 +01:00
fi c273c7184c
Enable sliding-sync for matrix-synapse 2023-11-09 23:10:53 +01:00
fi c55d5da5c6
flake.lock: Update 
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/8ee78470029e641cddbd8721496da1316b47d3b4' (2023-09-04)
  → 'github:nix-community/nixos-generators/150f38bd1e09e20987feacb1b0d5991357532fb5' (2023-09-30)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/53d337b63c8f9d7e0f8709cae0008a9655bee33e' (2023-09-19)
  → 'github:NixOS/nixpkgs/ef8e9997fcb37d5c8372dc1349185bd0d31752a6' (2023-10-05)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/089313d7c7c864b21648d78fb8700062dafab1f2' (2023-09-18)
  → 'github:NixOS/nixpkgs/e462c9172c685f0839baaa54bb5b49276a23dab7' (2023-10-06)
 2023-11-09 23:10:53 +01:00
fi 9a64012393
Also listen on "::1" 2023-11-09 23:10:53 +01:00
fi ab8a9c39dc
Enable dehydrated device feature for element-web client 2023-11-09 23:10:53 +01:00
fi 35119a2a8e
Change Content-Security-Policy "frame-ancestors" from "none" to "self" 
Fixes downloads in element-web
 2023-11-09 23:10:53 +01:00
fi e8427dc81d
Set real IP from local proxy 2023-11-09 23:10:52 +01:00
fi c1e74a4494
Setup paperless host and reverse proxy for acme http challange 2023-11-09 23:10:52 +01:00
fi a2855162eb
Set resolv.conf file manually for uptime-kuma container due to a bug 2023-11-09 23:10:52 +01:00
fi 440251d2fc
Use only snake case for element-web config since camel case is deprecated 2023-11-09 23:10:52 +01:00
fi d036d4a167
Configure TLS settings on mail relay 2023-11-09 23:10:52 +01:00
fi 9815afffdb
Enable TLS on mail relay 2023-11-09 23:10:52 +01:00
fi 91bd9f3c1d
Forward port 80 to mail servers for the http acme challange 2023-11-09 23:10:52 +01:00
fi 215065aa6c
Use snat rule instead if masquerade for wireguard nat 2023-11-09 23:10:52 +01:00
fi 0d820c58af
Use a less generic nftables table name 2023-11-09 23:10:52 +01:00
fi e3b6c9a2bc
Use another subnet for WireGuard tunnel as is conflicts with the openstack internal subnet 2023-11-09 23:10:52 +01:00
fi 4538bfb375
Add tcpdump to default packages 2023-11-09 23:10:52 +01:00
fi e7fe3707ee
Fix WireGuard nat rules 2023-11-09 23:10:52 +01:00
fi f67a75b07d
Change mail-1 wireguard port as it is already used for STS setup 2023-11-09 23:10:52 +01:00
fi a30fd6d361
Use host resolv.conf in container 2023-11-09 23:10:52 +01:00
fi ef036a6a18
Add missing wireguard-tools dependency 2023-11-09 23:10:52 +01:00
fi de66b5931c
Pass libnftables.so.1 path into python script 2023-11-09 23:10:52 +01:00
fi 299d04142f
Add wireguard-nat-nftables python script 2023-11-09 23:10:52 +01:00
fi 667b1c256b
Add valkyrie host 2023-11-09 23:10:52 +01:00
fi 9cf5bd0469
Enable firewall 2023-11-09 23:10:52 +01:00
fi ba93d164cf
Setup mail server and restructure some things 2023-11-09 23:10:52 +01:00
fi 4c382e629d
Update flake.lock 2023-11-09 23:10:52 +01:00
fi 1d8697b70a
Just do the nginx proxy_protocol listen in extraConfig and use stable packages 2023-11-09 23:10:52 +01:00
fi cc93674cc4
Bump element-web to v1.11.40 2023-11-09 23:10:52 +01:00
fi 5f61e963a8
Bump flake.lock 2023-11-09 23:10:52 +01:00
fi e93c605ebb
Add matrix-synapse host 2023-11-09 23:10:52 +01:00
fi b7864a6798
Only run pipeline when specific RUN_JOB variable value is set 2023-11-09 23:10:52 +01:00
fi 1ab6eb6c94
Bump flake.lock 2023-11-09 23:10:52 +01:00
fi 8b6d09def8
Rename nixos-coturn to coturn and finish config 2023-11-09 23:10:52 +01:00
fi d625f3f887
Add metrics host with Grafana and Prometheus 2023-11-09 23:10:52 +01:00
fi b7bae9e9de
WIP grafana 2023-11-09 23:10:52 +01:00
fi 0fa4ca7521
Increase opcache.interned_strings_buffer PHP option 2023-11-09 23:10:52 +01:00
fi 70eb8625bc
Enable proxyprotocol for nitter host 2023-11-09 23:10:52 +01:00
fi a4f3e68aac
Add netbox host 2023-11-09 23:10:52 +01:00