Armaël Guéneau
e0385b0456
make the list of IPs sorted and without duplicates for robustness
2024-11-20 13:04:41 +01:00
Armaël Guéneau
c66bff55f4
postfix: add rate-limiting exceptions for our own nodes
2024-11-19 20:24:09 +01:00
Armaël Guéneau
3f51534e03
guichet: augmentation de la limite de mémoire
...
Guichet s'est fait OOM-killed par Nomad en utilisation normale (nouvel
utilisateur qui clique sur un lien d'invitation).
2024-11-19 20:21:44 +01:00
Armaël Guéneau
fe7725b49e
prod: tricot (build musl)
2024-11-09 23:28:57 +01:00
Armaël Guéneau
d0341caf77
cryptpad: repassage en 2024.9.0, pour tester l'ajout des headers
2024-11-08 19:11:10 +01:00
Armaël Guéneau
1a739636ca
cryptpad: relax the CORS headers further to allow for onlyoffice fonts
2024-11-07 23:45:49 +01:00
Armaël Guéneau
f32c0c34f3
cryptpad-debug: essai avec un Dockerfile basique plutôt que construit par nix
2024-11-07 23:26:12 +01:00
Armaël Guéneau
bc49f33d65
cryptpad: ajout de headers CORS manquants pour le domaine de sandbox
2024-11-07 23:19:37 +01:00
Armaël Guéneau
00c56a4dda
cryptpad-debug: rollback to 2024.6.1 + add some admins
2024-11-07 20:37:31 +01:00
Baptiste Jonglez
3053f7998f
cryptpad: add admin
2024-11-07 20:33:41 +01:00
Baptiste Jonglez
bbfd630d58
cryptpad: revert prod to known working version
2024-11-07 20:33:27 +01:00
Baptiste Jonglez
1477417aa8
d53: allow to schedule on corrin
2024-11-07 00:34:15 +01:00
Baptiste Jonglez
0288aefda4
jitsi: allow to schedule on corrin
2024-11-07 00:29:55 +01:00
Baptiste Jonglez
ba27b2f2c2
prod: Schedule some basic services on corrin
2024-11-07 00:17:30 +01:00
Baptiste Jonglez
9c712b0d78
telemetry: update node-exporter (somebody forgot to commit)
2024-11-06 23:50:45 +01:00
Armaël Guéneau
8743e9b69b
cryptpad: add armael to admins
2024-11-06 19:06:31 +01:00
Baptiste Jonglez
87e3ef93e3
email: ensure email and email-android7 run on different sites to avoid port conflicts
2024-10-25 09:58:53 +02:00
Baptiste Jonglez
99c031dfc4
email-android7: allocate more memory to avoid OOM killer
2024-10-17 00:51:49 +02:00
9467dfea2a
Add cryptad-debug instance with cloned data
2024-10-16 21:08:25 +02:00
d568dea939
Merge pull request 'Upgrade crytptpad to 2024.9.0' ( #35 ) from KokaKiwi/nixcfg:crytptpad-upgrade-2024.9.0 into main
...
Reviewed-on: #35
Reviewed-by: maximilien <me@mricher.fr>
2024-10-04 07:49:55 +00:00
Baptiste Jonglez
c6ce1628f9
woodpecker: update to 2.7.1
2024-10-03 23:18:22 +02:00
Baptiste Jonglez
10d9528d91
woodpecker: make sure grpc proxy gets up-to-date IP address of backend
2024-10-03 23:18:11 +02:00
Baptiste Jonglez
8b10a0f539
Add SSH host key for pamplemousse
2024-10-03 23:07:15 +02:00
Baptiste Jonglez
e79e5470fb
Update bespin endpoints
2024-10-03 23:07:05 +02:00
e344a1d560
cluster(prod): Upgrade crytptpad to 2024.9.0
...
Signed-off-by: KokaKiwi <kokakiwi+deuxfleurs@kokakiwi.net>
2024-10-02 18:00:05 +02:00
a560763a41
cluster(prod): cryptpad, update pinned sources
...
Signed-off-by: KokaKiwi <kokakiwi+deuxfleurs@kokakiwi.net>
2024-10-02 17:49:04 +02:00
aac2019d27
modif de Synapse parce que ça buguait + update Matrix syncv3 to v0.99.16
2024-09-26 19:37:02 +02:00
fabf31a720
update Synapse to v1.104.0 & Riot to v1.11.78
2024-09-26 18:58:51 +02:00
c044078a6e
finalize jitsi
2024-09-20 11:04:49 +02:00
ac4ca90eca
fix listen videobridge management
2024-09-20 10:45:11 +02:00
e204c3e563
activate management in jitsi
2024-09-20 10:39:36 +02:00
8ca33f3136
ready to deploy jitsi
2024-09-12 20:00:09 +02:00
9742ec34da
add NODE_MAJOR_VERSION as argument of jitsi-meet container instead of hard-coded
2024-09-12 19:12:34 +02:00
64195db879
upgrade jitsi build recipes
2024-09-12 19:02:57 +02:00
dabfbc981b
remove notice message
2024-09-12 18:06:20 +02:00
8f4c78f39c
update woodpecker to 2.7.0
2024-08-25 09:56:03 +02:00
093951af05
cluster(prod): cryptpad, update pinned sources
2024-07-28 20:26:31 +02:00
e83f12f6a2
cluster(prod): Upgrade crytptpad to 2024.6.1
2024-07-28 20:26:31 +02:00
6c88813e8d
Merge pull request 'Update CryptPad to 2024.6.0' ( #31 ) from KokaKiwi/nixcfg:crytptpad-upgrade-2024.6.0 into main
...
Reviewed-on: #31
2024-07-22 17:04:09 +00:00
Baptiste Jonglez
7c9fed9e99
Temporary access to pamplemousse
2024-07-14 21:08:24 +02:00
Baptiste Jonglez
aebc4b900f
prod: Add new node pamplemousse
2024-07-14 17:51:25 +02:00
0cc08a1f2b
cluster(prod/app/cryptpad): Update CryptPad to 2024.6.0
2024-07-02 20:22:04 +02:00
1bcfc26c62
cluster(prod/app/cryptpad): Update pinned channel from nixos-23.11 to nixos-24.05
2024-07-02 20:21:22 +02:00
47d94b1ad0
intervention Jitsi
2024-07-02 19:09:34 +02:00
be88b5d274
cluster(prod): Add new ortie node
2024-06-27 16:27:09 +02:00
fa510688d7
update guichet
2024-06-24 13:52:18 +02:00
Baptiste Jonglez
fc83048b02
staging: move bottin and guichet to docker, sync with prod config
2024-06-23 22:29:14 +02:00
86026c5642
cluster(prod/cryptpad): Update cryptpad image on Nomad cluster
2024-06-23 11:55:16 +02:00
2f8b2c74f4
Merge pull request 'Upgrade cryptpad from 2024.3.0 to 2024.3.1' ( #27 ) from KokaKiwi/nixcfg:update-cryptpad-2024.3.1 into main
...
Reviewed-on: #27
Reviewed-by: maximilien <me@mricher.fr>
2024-06-23 09:05:41 +00:00
Baptiste Jonglez
7e88a88e04
prod: garage: Enable on-demand-tls check for *.garage S3 endpoint
...
We were hitting Let's Encrypt rate limits because we were generating
thousands of non-sense certificates like "foo.bar.baz.garage.deuxfleurs.fr"
See https://crt.sh
Subdomains of garage.deuxfleurs.fr only make sense when accessing buckets
through S3 with vhost-style, so let's enable the on-demand-tls check to
make sure that the bucket exists in Garage.
In the long term, we might want to have a wildcard certificate for this
usage, or simply stop supporting vhost-style S3 access.
2024-06-08 17:14:48 +02:00