Commit graph

73 commits

Author SHA1 Message Date
fi 611d6a1031 Increase worker_connections and set worker_processes to auto 2024-11-20 05:46:40 +01:00
fi 50a28738ae Set locations priority for matrix reverse proxy 2024-11-20 05:46:40 +01:00
fi 6fcdfe2a84 Enable sliding-sync for matrix-synapse 2024-11-20 05:46:40 +01:00
fi 40bcd7ae4f flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/8ee78470029e641cddbd8721496da1316b47d3b4' (2023-09-04)
  → 'github:nix-community/nixos-generators/150f38bd1e09e20987feacb1b0d5991357532fb5' (2023-09-30)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/53d337b63c8f9d7e0f8709cae0008a9655bee33e' (2023-09-19)
  → 'github:NixOS/nixpkgs/ef8e9997fcb37d5c8372dc1349185bd0d31752a6' (2023-10-05)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/089313d7c7c864b21648d78fb8700062dafab1f2' (2023-09-18)
  → 'github:NixOS/nixpkgs/e462c9172c685f0839baaa54bb5b49276a23dab7' (2023-10-06)
2024-11-20 05:46:40 +01:00
fi acff45ec6b Also listen on "::1" 2024-11-20 05:46:40 +01:00
fi b5c2206a4e Enable dehydrated device feature for element-web client 2024-11-20 05:46:40 +01:00
fi 2ac5dd8b5d Change Content-Security-Policy "frame-ancestors" from "none" to "self"
Fixes downloads in element-web
2024-11-20 05:46:40 +01:00
fi 16bff59994 Set real IP from local proxy 2024-11-20 05:46:40 +01:00
fi 894694229a Setup paperless host and reverse proxy for acme http challange 2024-11-20 05:46:40 +01:00
fi e7259ca980 Set resolv.conf file manually for uptime-kuma container due to a bug 2024-11-20 05:46:40 +01:00
fi d18fe31991 Use only snake case for element-web config since camel case is deprecated 2024-11-20 05:46:40 +01:00
fi f941aa1c01 Configure TLS settings on mail relay 2024-11-20 05:46:40 +01:00
fi d0b153d112 Enable TLS on mail relay 2024-11-20 05:46:40 +01:00
fi b4df0351c5 Forward port 80 to mail servers for the http acme challange 2024-11-20 05:46:40 +01:00
fi 6da99baf6b Use snat rule instead if masquerade for wireguard nat 2024-11-20 05:46:40 +01:00
fi 8e4202f579 Use a less generic nftables table name 2024-11-20 05:46:40 +01:00
fi f835277ef0 Use another subnet for WireGuard tunnel as is conflicts with the openstack internal subnet 2024-11-20 05:46:40 +01:00
fi ebc5b0bb29 Add tcpdump to default packages 2024-11-20 05:46:40 +01:00
fi 5b8d0943fc Fix WireGuard nat rules 2024-11-20 05:46:40 +01:00
fi 8e153de225 Change mail-1 wireguard port as it is already used for STS setup 2024-11-20 05:46:40 +01:00
fi bbe382c0f2 Use host resolv.conf in container 2024-11-20 05:46:40 +01:00
fi fec97bb146 Add missing wireguard-tools dependency 2024-11-20 05:46:40 +01:00
fi 0f3e7771a5 Pass libnftables.so.1 path into python script 2024-11-20 05:46:40 +01:00
fi 93924044c4 Add wireguard-nat-nftables python script 2024-11-20 05:46:40 +01:00
fi e35df8b0f1 Add valkyrie host 2024-11-20 05:46:40 +01:00
fi fd7b411ee4 Enable firewall 2024-11-20 05:46:40 +01:00
fi ba43f2ed5c Setup mail server and restructure some things 2024-11-20 05:46:40 +01:00
fi 502e5194dc Update flake.lock 2024-11-20 05:46:40 +01:00
fi 6baf116c50 Just do the nginx proxy_protocol listen in extraConfig and use stable packages 2024-11-20 05:46:40 +01:00
fi 3b04399847 Bump element-web to v1.11.40 2024-11-20 05:46:40 +01:00
fi 8ca3fb0ae2 Bump flake.lock 2024-11-20 05:46:40 +01:00
fi a81093890c Add matrix-synapse host 2024-11-20 05:46:40 +01:00
fi 2c160015e6 Only run pipeline when specific RUN_JOB variable value is set 2024-11-20 05:46:40 +01:00
fi 221a596e27 Bump flake.lock 2024-11-20 05:46:40 +01:00
fi 3f36a01a5a Rename nixos-coturn to coturn and finish config 2024-11-20 05:46:40 +01:00
fi 001a710903 Add metrics host with Grafana and Prometheus 2024-11-20 05:46:40 +01:00
fi a63d5661b6 WIP grafana 2024-11-20 05:46:40 +01:00
fi 1ba819ed85 Increase opcache.interned_strings_buffer PHP option 2024-11-20 05:46:40 +01:00
fi f22ccdad10 Enable proxyprotocol for nitter host 2024-11-20 05:46:40 +01:00
fi 19bd3a2112 Add netbox host 2024-11-20 05:46:40 +01:00
fi 1b62b6b7a5 Fix hostname 2024-11-20 05:46:40 +01:00
fi 742b5e69e9 Restrict allowedTCPPorts to port 8443 2024-11-20 05:46:40 +01:00
fi 9712f9a9d2 Add SMTP configuration to nextcloud and use an additional disk for the data 2024-11-20 05:46:39 +01:00
fi aac12a22fd Set boot.growPartition = true 2024-11-20 05:46:39 +01:00
fi 31edbd4ca4 Improve Proxmox backup image generation 2024-11-20 05:46:39 +01:00
fi 1aab87a1fe Add nextcloud host 2024-11-20 05:46:39 +01:00
fi d7136d577f Remove secret.nix from jellyfin imports 2024-11-20 05:46:39 +01:00
fi 07e6a8a597 Enable firewall and migrate Jellyfin to NixOS 2024-11-20 05:46:39 +01:00
fi 826c3ff28b Add jellyfin host 2024-11-20 05:46:39 +01:00
fi 92eb5d7385 Enable console on serial port and print public ssh host key when booting 2024-11-20 05:46:39 +01:00