Alex
6c07a42978
different wgautomesh gossip ports for prod and staging
2023-05-04 13:39:33 +02:00
e23b523467
Add infinite restart policy for postgresql
2023-05-03 08:53:59 +02:00
Quentin
3befdea206
nix: allow wireguard + logs
2023-04-28 09:26:32 +02:00
Alex
607add3161
make specifying an ipv6 fully optionnal
2023-04-21 14:36:10 +02:00
Alex
c4598bd84f
Diplonat on bespin, ipv6-only
2023-04-21 12:03:35 +02:00
Alex
0b3332fd32
break out core services into separate files
2023-04-21 11:55:24 +02:00
Alex
a9e9149739
Fix unbound; remove Nixos firewall (use only diplonat)
2023-04-21 11:29:15 +02:00
Alex
529480b133
Merge branch 'main' into simplify-network-config
2023-04-21 10:31:05 +02:00
Alex
b4e82e37e4
diplonat with fixed iptables thing
2023-04-20 15:13:13 +02:00
Alex
af82308e84
Garage backup to SFTP target hosted by Max
2023-04-20 12:10:07 +02:00
Alex
e5f9f3c849
increase diplonat ram
2023-04-19 21:05:47 +02:00
Alex
0372df95b5
staging: fix consul server addresses
2023-04-19 20:36:24 +02:00
Alex
9737c661a4
Merge branch 'main' into simplify-network-config
2023-04-19 20:15:03 +02:00
Quentin
57aa2ce1d2
interface gestion site web guichet
2023-04-19 15:20:49 +02:00
Quentin
a614f495ad
allow memory overprovisionning
2023-04-08 10:43:42 +02:00
Alex
07f50f297a
D53 with addresses from DiploNAT autodiscovery; diplonat fw opening for tricot
2023-04-05 16:30:28 +02:00
Quentin
0e4c641db7
redeploy bagage
2023-04-05 15:50:53 +02:00
Alex
c08bc17cc0
Adapt prod config to new parameters
2023-04-05 14:09:04 +02:00
Alex
16422d2809
introduce back static ipv4 prefix lenght but with default value
2023-04-05 14:04:11 +02:00
Alex
bb25797d2f
make script clearer and add documentation
2023-04-05 13:44:38 +02:00
Alex
dec4ea479d
Allow for IPv6 with RA disabled by manually providing gateway
2023-04-05 13:27:18 +02:00
Alex
cb8d7e92d2
staging: ipv6-only diplonat for automatic address discovery
2023-04-05 10:25:22 +02:00
Alex
c9f122bcd3
diplonat with ipv6 firewall support; email ipv6 addresses in dns
2023-04-04 14:13:57 +02:00
Alex
a31c6d109e
remove obsolete directives
2023-03-31 16:27:08 +02:00
Adrien
d83d230aee
added luxeylab to dkim signingtable
2023-03-30 18:09:12 +02:00
Quentin
3a883b51df
better classification
2023-03-27 12:26:01 +02:00
Quentin
3ce25b880a
update descriptios
2023-03-27 12:24:12 +02:00
Quentin
4c903a2447
update readme
2023-03-27 12:22:00 +02:00
Quentin
2de291e9b7
upgrade bottin + remove bespin
2023-03-26 10:14:04 +02:00
Alex
ecfab3c628
Merge branch 'main' into simplify-network-config
2023-03-24 15:35:27 +01:00
Alex
96566ae523
refactor configuration syntax
2023-03-24 15:26:39 +01:00
Alex
e2aea648cf
greatly simplify ipv4 and ipv6 configuration
2023-03-24 14:42:36 +01:00
8ae9ec6514
Update piranha IP again
2023-03-24 13:01:24 +01:00
Alex
a0db30ca26
Sanitize DNS configuration
...
- get rid of outside nameserver, unbound does the recursive resolving
itself (and it checks DNSSEC)
- remove CAP_NET_BIND_SERVICE for Consul as it is no longer binding on
port 53 (was already obsolete)
- make unbound config independant of LAN IPv4 address
2023-03-24 12:58:44 +01:00
Alex
76c8e8f0b0
Merge pull request 'Passer wgautomesh en prod' ( #9 ) from wgautomesh into main
...
Reviewed-on: #9
2023-03-24 11:05:29 +00:00
Alex
53b9cfd838
wgautomesh actually on prod
2023-03-24 12:01:38 +01:00
Alex
5cd69a9ba1
Merge branch 'main' into wgautomesh
2023-03-24 11:29:14 +01:00
Alex
8e29ee3b0b
backup memory
2023-03-24 11:29:07 +01:00
Quentin
4a56b3360f
upgrade matrix
2023-03-22 22:23:37 +01:00
Alex
b7c4f94ebd
Add Garage backup script running on Abricot
2023-03-20 16:47:22 +01:00
Alex
6ffaa0ed91
use nix enum type
2023-03-20 11:17:38 +01:00
Quentin
eec09724fe
socat proxy
2023-03-20 10:45:40 +01:00
Quentin
bebbf5bd8b
wip rsa-ecc proxy
2023-03-20 09:45:05 +01:00
Alex
90efd9155b
wgautomesh variable log level (debug for staging)
2023-03-17 18:21:50 +01:00
Alex
39254cca0e
keep wg-quick code as reference
2023-03-17 18:18:25 +01:00
Alex
f629f4c171
wgautomesh from static binary hosted on gitea
2023-03-17 18:01:35 +01:00
Alex
f9b94f0b47
update wgautomesh
2023-03-17 17:17:56 +01:00
Alex
bb2660792f
wgautomesh persist state to file
2023-03-17 17:17:56 +01:00
Alex
6664affaa0
wgautomesh gossip secret file
2023-03-17 17:17:56 +01:00
Alex
a3edbb4100
document wgautomesh port
2023-03-17 17:17:56 +01:00
Alex
Baptiste Jonglez
Quentin
Adrien