fi/nix-infra
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
167 commits 3 branches 0 tags 1.4 MiB
Commit graph

80 commits

Author SHA1 Message Date
yuri
d18a4ee24b Use OpenSSH config from CCCHH nix-infra repo 2023-11-09 23:10:53 +01:00
yuri
27a6513e84 Use stable channel and use helper function for acme challenge proxy 2023-11-09 23:10:53 +01:00
yuri
9c0398a3c1 Update element-web and clean up configuration 2023-11-09 23:10:53 +01:00
yuri
a8ecf3d683 Remove nextcloud.grzb.de mapping 2023-11-09 23:10:53 +01:00
yuri
6b447c40aa Migrate Mastodon to NixOS 2023-11-09 23:10:53 +01:00
yuri
67c5a733ab Increase worker_connections and set worker_processes to auto 2023-11-09 23:10:53 +01:00
yuri
f0368c9a61 Set locations priority for matrix reverse proxy 2023-11-09 23:10:53 +01:00
yuri
8bb1c5853b Enable sliding-sync for matrix-synapse 2023-11-09 23:10:53 +01:00
yuri
05883ca9a6 Also listen on "::1" 2023-11-09 23:10:53 +01:00
yuri
5813640e73 Enable dehydrated device feature for element-web client 2023-11-09 23:10:53 +01:00
yuri
ffa09f900b Change Content-Security-Policy "frame-ancestors" from "none" to "self" 
Fixes downloads in element-web
 2023-11-09 23:10:53 +01:00
yuri
131fc871b7 Set real IP from local proxy 2023-11-09 23:10:52 +01:00
yuri
ce5e907ed8 Setup paperless host and reverse proxy for acme http challange 2023-11-09 23:10:52 +01:00
yuri
4c918ad074 Set resolv.conf file manually for uptime-kuma container due to a bug 2023-11-09 23:10:52 +01:00
yuri
eba7c018ed Use only snake case for element-web config since camel case is deprecated 2023-11-09 23:10:52 +01:00
yuri
21c0b67ac2 Configure TLS settings on mail relay 2023-11-09 23:10:52 +01:00
yuri
eb84404a10 Enable TLS on mail relay 2023-11-09 23:10:52 +01:00
yuri
cae1284094 Forward port 80 to mail servers for the http acme challange 2023-11-09 23:10:52 +01:00
yuri
6c6cfb6da8 Use snat rule instead if masquerade for wireguard nat 2023-11-09 23:10:52 +01:00
yuri
cd938d5020 Use another subnet for WireGuard tunnel as is conflicts with the openstack internal subnet 2023-11-09 23:10:52 +01:00
yuri
f9971c842e Add tcpdump to default packages 2023-11-09 23:10:52 +01:00
yuri
3723b4edf2 Fix WireGuard nat rules 2023-11-09 23:10:52 +01:00
yuri
e0d1e17bbb Change mail-1 wireguard port as it is already used for STS setup 2023-11-09 23:10:52 +01:00
yuri
b359ec8644 Use host resolv.conf in container 2023-11-09 23:10:52 +01:00
yuri
d1f2b13232 Add missing wireguard-tools dependency 2023-11-09 23:10:52 +01:00
yuri
03719f5bf8 Pass libnftables.so.1 path into python script 2023-11-09 23:10:52 +01:00
yuri
ea11e41005 Add wireguard-nat-nftables python script 2023-11-09 23:10:52 +01:00
yuri
34b8dcef9c Add valkyrie host 2023-11-09 23:10:52 +01:00
yuri
f3385b48a2 Enable firewall 2023-11-09 23:10:52 +01:00
yuri
4a802ab44d Setup mail server and restructure some things 2023-11-09 23:10:52 +01:00