fi/nix-infra
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
60 commits 3 branches 0 tags 1.4 MiB
Commit graph

60 commits

This branch
This branch
All branches
Author SHA1 Message Date
yuri
cae1284094 Forward port 80 to mail servers for the http acme challange 2023-11-09 23:10:52 +01:00
yuri
6c6cfb6da8 Use snat rule instead if masquerade for wireguard nat 2023-11-09 23:10:52 +01:00
yuri
74d5abdfe2 Use a less generic nftables table name 2023-11-09 23:10:52 +01:00
yuri
cd938d5020 Use another subnet for WireGuard tunnel as is conflicts with the openstack internal subnet 2023-11-09 23:10:52 +01:00
yuri
f9971c842e Add tcpdump to default packages 2023-11-09 23:10:52 +01:00
yuri
3723b4edf2 Fix WireGuard nat rules 2023-11-09 23:10:52 +01:00
yuri
e0d1e17bbb Change mail-1 wireguard port as it is already used for STS setup 2023-11-09 23:10:52 +01:00
yuri
b359ec8644 Use host resolv.conf in container 2023-11-09 23:10:52 +01:00
yuri
d1f2b13232 Add missing wireguard-tools dependency 2023-11-09 23:10:52 +01:00
yuri
03719f5bf8 Pass libnftables.so.1 path into python script 2023-11-09 23:10:52 +01:00
yuri
ea11e41005 Add wireguard-nat-nftables python script 2023-11-09 23:10:52 +01:00
yuri
34b8dcef9c Add valkyrie host 2023-11-09 23:10:52 +01:00
yuri
f3385b48a2 Enable firewall 2023-11-09 23:10:52 +01:00
yuri
4a802ab44d Setup mail server and restructure some things 2023-11-09 23:10:52 +01:00
yuri
fa3db3bad6 Update flake.lock 2023-11-09 23:10:52 +01:00
yuri
1c268bbea6 Just do the nginx proxy_protocol listen in extraConfig and use stable packages 2023-11-09 23:10:52 +01:00
yuri
7283b50b39 Bump element-web to v1.11.40 2023-11-09 23:10:52 +01:00
yuri
685daabdd2 Bump flake.lock 2023-11-09 23:10:52 +01:00
yuri
4d7c667c45 Add matrix-synapse host 2023-11-09 23:10:52 +01:00
yuri
b50f8c615c Only run pipeline when specific RUN_JOB variable value is set 2023-11-09 23:10:52 +01:00
yuri
fd9952e9f2 Bump flake.lock 2023-11-09 23:10:52 +01:00
yuri
909a2ac6c1 Rename nixos-coturn to coturn and finish config 2023-11-09 23:10:52 +01:00
yuri
fc2c69dbb7 Add metrics host with Grafana and Prometheus 2023-11-09 23:10:52 +01:00
yuri
acdff7a0cc WIP grafana 2023-11-09 23:10:52 +01:00
yuri
b1015f627a Increase opcache.interned_strings_buffer PHP option 2023-11-09 23:10:52 +01:00
yuri
dc7c5225ad Enable proxyprotocol for nitter host 2023-11-09 23:10:52 +01:00
yuri
d314976135 Add netbox host 2023-11-09 23:10:52 +01:00
yuri
8968d11075 Fix hostname 2023-11-09 23:10:52 +01:00
yuri
fec32d5549 Restrict allowedTCPPorts to port 8443 2023-11-09 23:10:52 +01:00
yuri
86a2bf0395 Add SMTP configuration to nextcloud and use an additional disk for the data 2023-11-09 23:10:52 +01:00
yuri
a57c5183d8 Set boot.growPartition = true 2023-11-09 23:10:52 +01:00
yuri
09abf3bee9 Improve Proxmox backup image generation 2023-11-09 23:10:52 +01:00
yuri
5c0f7dd6b8 Add nextcloud host 2023-11-09 23:10:52 +01:00
yuri
5691e65bf3 Remove secret.nix from jellyfin imports 2023-11-09 23:10:52 +01:00
yuri
39bc88eb0f Enable firewall and migrate Jellyfin to NixOS 2023-11-09 23:10:52 +01:00
yuri
def599be28 Add jellyfin host 2023-11-09 23:10:52 +01:00
yuri
e122ca0006 Enable console on serial port and print public ssh host key when booting 2023-11-09 23:10:52 +01:00
yuri
4b18856559 Use hacky workaround for enableACME check with a proxyProtocol listener 2023-11-09 23:10:52 +01:00
yuri
e60e96c88b Set binary cache hint 2023-11-09 23:10:52 +01:00
yuri
ea78e90875 Bump flake.lock 2023-11-09 23:10:51 +01:00
yuri
a1e39754f9 Generate colmena and hydraJobs outputs from the same hosts attribute set 2023-11-09 23:10:51 +01:00
yuri
29fe1fbeca Test host specific nixpkgs 2023-11-09 23:10:51 +01:00
yuri
361f5ef709 Generate hosts for hydra 2023-11-09 23:10:51 +01:00
yuri
2673483143 Add iperf host 2023-11-09 23:10:51 +01:00
yuri
fc50e78610 Add output for nixos-generators 2023-11-09 23:10:51 +01:00
yuri
bff3ca1445 Serve element-web directly from web-public-2 2023-11-09 23:10:51 +01:00
yuri
bd159f7535 Enable localhost as buld machine for hydra 2023-11-09 23:10:51 +01:00
yuri
2f7620458b Add janky nginx config with workaround for proxy protocol 2023-11-09 23:10:51 +01:00
yuri
85f427edf0 Add config for public reverse proxy 2023-11-09 23:10:51 +01:00
yuri
e8afd2b667 Work on hydra config, fix tor relay config, prepare web-public-2 host 2023-07-18 17:23:46 +02:00