Commit graph

85 commits

Author SHA1 Message Date
fi a689aae656
Add vapid public key 2023-11-15 12:18:23 +01:00
fi 687ba97c6e
Open firewall for jellyfin http port 2023-11-15 11:54:11 +01:00
fi 2c369c1c8c
Update mastodon-nekoverse-patches 2023-11-09 23:10:53 +01:00
fi 3277d6048f
Bump element-web to v1.11.47 2023-11-09 23:10:53 +01:00
fi 967c771b3e
Add searx host 2023-11-09 23:10:53 +01:00
fi 3708003da6
Use OpenSSH config from CCCHH nix-infra repo 2023-11-09 23:10:53 +01:00
fi 8f63afc43b
Use stable channel and use helper function for acme challenge proxy 2023-11-09 23:10:53 +01:00
fi 15963fd37e
Update element-web and clean up configuration 2023-11-09 23:10:53 +01:00
fi 09a6abcae6
Remove nextcloud.grzb.de mapping 2023-11-09 23:10:53 +01:00
fi c347478e96
Migrate Mastodon to NixOS 2023-11-09 23:10:53 +01:00
fi 8f8860390e
Increase worker_connections and set worker_processes to auto 2023-11-09 23:10:53 +01:00
fi 16ec762847
Set locations priority for matrix reverse proxy 2023-11-09 23:10:53 +01:00
fi c273c7184c
Enable sliding-sync for matrix-synapse 2023-11-09 23:10:53 +01:00
fi 9a64012393
Also listen on "::1" 2023-11-09 23:10:53 +01:00
fi ab8a9c39dc
Enable dehydrated device feature for element-web client 2023-11-09 23:10:53 +01:00
fi 35119a2a8e
Change Content-Security-Policy "frame-ancestors" from "none" to "self"
Fixes downloads in element-web
2023-11-09 23:10:53 +01:00
fi e8427dc81d
Set real IP from local proxy 2023-11-09 23:10:52 +01:00
fi c1e74a4494
Setup paperless host and reverse proxy for acme http challange 2023-11-09 23:10:52 +01:00
fi a2855162eb
Set resolv.conf file manually for uptime-kuma container due to a bug 2023-11-09 23:10:52 +01:00
fi 440251d2fc
Use only snake case for element-web config since camel case is deprecated 2023-11-09 23:10:52 +01:00
fi d036d4a167
Configure TLS settings on mail relay 2023-11-09 23:10:52 +01:00
fi 9815afffdb
Enable TLS on mail relay 2023-11-09 23:10:52 +01:00
fi 91bd9f3c1d
Forward port 80 to mail servers for the http acme challange 2023-11-09 23:10:52 +01:00
fi 215065aa6c
Use snat rule instead if masquerade for wireguard nat 2023-11-09 23:10:52 +01:00
fi e3b6c9a2bc
Use another subnet for WireGuard tunnel as is conflicts with the openstack internal subnet 2023-11-09 23:10:52 +01:00
fi 4538bfb375
Add tcpdump to default packages 2023-11-09 23:10:52 +01:00
fi e7fe3707ee
Fix WireGuard nat rules 2023-11-09 23:10:52 +01:00
fi f67a75b07d
Change mail-1 wireguard port as it is already used for STS setup 2023-11-09 23:10:52 +01:00
fi a30fd6d361
Use host resolv.conf in container 2023-11-09 23:10:52 +01:00
fi ef036a6a18
Add missing wireguard-tools dependency 2023-11-09 23:10:52 +01:00
fi de66b5931c
Pass libnftables.so.1 path into python script 2023-11-09 23:10:52 +01:00
fi 299d04142f
Add wireguard-nat-nftables python script 2023-11-09 23:10:52 +01:00
fi 667b1c256b
Add valkyrie host 2023-11-09 23:10:52 +01:00
fi 9cf5bd0469
Enable firewall 2023-11-09 23:10:52 +01:00
fi ba93d164cf
Setup mail server and restructure some things 2023-11-09 23:10:52 +01:00