fi/nix-infra
1
1
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
82 commits 3 branches 0 tags 1.1 MiB
Commit graph

30 commits

Author SHA1 Message Date
yuri d18a4ee24b Use OpenSSH config from CCCHH nix-infra repo 2023-11-09 23:10:53 +01:00
yuri 27a6513e84 Use stable channel and use helper function for acme challenge proxy 2023-11-09 23:10:53 +01:00
yuri 9c0398a3c1 Update element-web and clean up configuration 2023-11-09 23:10:53 +01:00
yuri a8ecf3d683 Remove nextcloud.grzb.de mapping 2023-11-09 23:10:53 +01:00
yuri 6b447c40aa Migrate Mastodon to NixOS 2023-11-09 23:10:53 +01:00
yuri 67c5a733ab Increase worker_connections and set worker_processes to auto 2023-11-09 23:10:53 +01:00
yuri f0368c9a61 Set locations priority for matrix reverse proxy 2023-11-09 23:10:53 +01:00
yuri 8bb1c5853b Enable sliding-sync for matrix-synapse 2023-11-09 23:10:53 +01:00
yuri 05883ca9a6 Also listen on "::1" 2023-11-09 23:10:53 +01:00
yuri 5813640e73 Enable dehydrated device feature for element-web client 2023-11-09 23:10:53 +01:00
yuri ffa09f900b Change Content-Security-Policy "frame-ancestors" from "none" to "self" 
Fixes downloads in element-web
 2023-11-09 23:10:53 +01:00
yuri 131fc871b7 Set real IP from local proxy 2023-11-09 23:10:52 +01:00
yuri ce5e907ed8 Setup paperless host and reverse proxy for acme http challange 2023-11-09 23:10:52 +01:00
yuri 4c918ad074 Set resolv.conf file manually for uptime-kuma container due to a bug 2023-11-09 23:10:52 +01:00
yuri eba7c018ed Use only snake case for element-web config since camel case is deprecated 2023-11-09 23:10:52 +01:00
yuri 21c0b67ac2 Configure TLS settings on mail relay 2023-11-09 23:10:52 +01:00
yuri eb84404a10 Enable TLS on mail relay 2023-11-09 23:10:52 +01:00
yuri cae1284094 Forward port 80 to mail servers for the http acme challange 2023-11-09 23:10:52 +01:00
yuri 6c6cfb6da8 Use snat rule instead if masquerade for wireguard nat 2023-11-09 23:10:52 +01:00
yuri cd938d5020 Use another subnet for WireGuard tunnel as is conflicts with the openstack internal subnet 2023-11-09 23:10:52 +01:00
yuri f9971c842e Add tcpdump to default packages 2023-11-09 23:10:52 +01:00
yuri 3723b4edf2 Fix WireGuard nat rules 2023-11-09 23:10:52 +01:00
yuri e0d1e17bbb Change mail-1 wireguard port as it is already used for STS setup 2023-11-09 23:10:52 +01:00
yuri b359ec8644 Use host resolv.conf in container 2023-11-09 23:10:52 +01:00
yuri d1f2b13232 Add missing wireguard-tools dependency 2023-11-09 23:10:52 +01:00
yuri 03719f5bf8 Pass libnftables.so.1 path into python script 2023-11-09 23:10:52 +01:00
yuri ea11e41005 Add wireguard-nat-nftables python script 2023-11-09 23:10:52 +01:00
yuri 34b8dcef9c Add valkyrie host 2023-11-09 23:10:52 +01:00
yuri f3385b48a2 Enable firewall 2023-11-09 23:10:52 +01:00
yuri 4a802ab44d Setup mail server and restructure some things 2023-11-09 23:10:52 +01:00