nix-infra

Author	SHA1	Message	Date
fi	9815afffdb	Enable TLS on mail relay	2023-11-09 23:10:52 +01:00
fi	91bd9f3c1d	Forward port 80 to mail servers for the http acme challange	2023-11-09 23:10:52 +01:00
fi	215065aa6c	Use snat rule instead if masquerade for wireguard nat	2023-11-09 23:10:52 +01:00
fi	0d820c58af	Use a less generic nftables table name	2023-11-09 23:10:52 +01:00
fi	e3b6c9a2bc	Use another subnet for WireGuard tunnel as is conflicts with the openstack internal subnet	2023-11-09 23:10:52 +01:00
fi	4538bfb375	Add tcpdump to default packages	2023-11-09 23:10:52 +01:00
fi	e7fe3707ee	Fix WireGuard nat rules	2023-11-09 23:10:52 +01:00
fi	f67a75b07d	Change mail-1 wireguard port as it is already used for STS setup	2023-11-09 23:10:52 +01:00
fi	a30fd6d361	Use host resolv.conf in container	2023-11-09 23:10:52 +01:00
fi	ef036a6a18	Add missing wireguard-tools dependency	2023-11-09 23:10:52 +01:00
fi	de66b5931c	Pass libnftables.so.1 path into python script	2023-11-09 23:10:52 +01:00
fi	299d04142f	Add wireguard-nat-nftables python script	2023-11-09 23:10:52 +01:00
fi	667b1c256b	Add valkyrie host	2023-11-09 23:10:52 +01:00
fi	9cf5bd0469	Enable firewall	2023-11-09 23:10:52 +01:00
fi	ba93d164cf	Setup mail server and restructure some things	2023-11-09 23:10:52 +01:00
fi	4c382e629d	Update flake.lock	2023-11-09 23:10:52 +01:00
fi	1d8697b70a	Just do the nginx proxy_protocol listen in extraConfig and use stable packages	2023-11-09 23:10:52 +01:00
fi	cc93674cc4	Bump element-web to v1.11.40	2023-11-09 23:10:52 +01:00
fi	5f61e963a8	Bump flake.lock	2023-11-09 23:10:52 +01:00
fi	e93c605ebb	Add matrix-synapse host	2023-11-09 23:10:52 +01:00
fi	b7864a6798	Only run pipeline when specific RUN_JOB variable value is set	2023-11-09 23:10:52 +01:00
fi	1ab6eb6c94	Bump flake.lock	2023-11-09 23:10:52 +01:00
fi	8b6d09def8	Rename nixos-coturn to coturn and finish config	2023-11-09 23:10:52 +01:00
fi	d625f3f887	Add metrics host with Grafana and Prometheus	2023-11-09 23:10:52 +01:00
fi	b7bae9e9de	WIP grafana	2023-11-09 23:10:52 +01:00
fi	0fa4ca7521	Increase opcache.interned_strings_buffer PHP option	2023-11-09 23:10:52 +01:00
fi	70eb8625bc	Enable proxyprotocol for nitter host	2023-11-09 23:10:52 +01:00
fi	a4f3e68aac	Add netbox host	2023-11-09 23:10:52 +01:00
fi	61f2d8f07e	Fix hostname	2023-11-09 23:10:52 +01:00
fi	ad208c1870	Restrict allowedTCPPorts to port 8443	2023-11-09 23:10:52 +01:00
fi	c1bd4e3529	Add SMTP configuration to nextcloud and use an additional disk for the data	2023-11-09 23:10:52 +01:00
fi	3f9cdc0943	Set boot.growPartition = true	2023-11-09 23:10:52 +01:00
fi	aed6df2954	Improve Proxmox backup image generation	2023-11-09 23:10:52 +01:00
fi	0a5d070773	Add nextcloud host	2023-11-09 23:10:52 +01:00
fi	093a44edf4	Remove secret.nix from jellyfin imports	2023-11-09 23:10:52 +01:00
fi	5c63b5d1a3	Enable firewall and migrate Jellyfin to NixOS	2023-11-09 23:10:52 +01:00
fi	693c6da88a	Add jellyfin host	2023-11-09 23:10:52 +01:00
fi	8a16dd0af2	Enable console on serial port and print public ssh host key when booting	2023-11-09 23:10:52 +01:00
fi	6885c40c10	Use hacky workaround for enableACME check with a proxyProtocol listener	2023-11-09 23:10:52 +01:00
fi	2c23fb92c9	Set binary cache hint	2023-11-09 23:10:52 +01:00
fi	d9f6e2f51c	Bump flake.lock	2023-11-09 23:10:51 +01:00
fi	59a7e36838	Generate colmena and hydraJobs outputs from the same hosts attribute set	2023-11-09 23:10:51 +01:00
fi	5856edeb47	Test host specific nixpkgs	2023-11-09 23:10:51 +01:00
fi	c1a2aa1d63	Generate hosts for hydra	2023-11-09 23:10:51 +01:00
fi	10de1e428a	Add iperf host	2023-11-09 23:10:51 +01:00
fi	c4795cdef9	Add output for nixos-generators	2023-11-09 23:10:51 +01:00
fi	389632748c	Serve element-web directly from web-public-2	2023-11-09 23:10:51 +01:00
fi	f213e05e46	Enable localhost as buld machine for hydra	2023-11-09 23:10:51 +01:00
fi	ecfe325c9c	Add janky nginx config with workaround for proxy protocol	2023-11-09 23:10:51 +01:00
fi	ade955bdf4	Add config for public reverse proxy	2023-11-09 23:10:51 +01:00

1 2 3 4 5

211 commits