Deuxfleurs/nixcfg
17
6
Fork 2
Code Issues 9 Pull requests 3 Projects Releases Wiki Activity
590 commits 8 branches 0 tags 1.8 MiB
Commit graph

377 commits

Author SHA1 Message Date
Alex 102152a14e staging: garage v0.9.1-pre (not yet released nor tagged), diplonat with STUN flapping fix 2024-01-16 16:10:29 +01:00
Quentin 3b34e3c2f5
upgraded postfix to fix smtp smuggling cve 
https://security-tracker.debian.org/tracker/source-package/postfix
https://www.postfix.org/smtp-smuggling.html
 2023-12-25 14:09:57 +01:00
Quentin ac42e95f1a
update smtp server security conf 2023-12-25 14:00:36 +01:00
Baptiste Jonglez 55c9b89cb2 Revert "Revert "garage prod: use dynamically determined ipv6 addresses"" 
Quentin's fix seems to work fine.

This reverts commit e5f3b6ef0a.
 2023-12-19 09:27:40 +01:00
Baptiste Jonglez e5f3b6ef0a Revert "garage prod: use dynamically determined ipv6 addresses" 
This partially reverts commit 47e982b29d.

This leads to invalid config:

    Dec 19 08:23:09 courgette 25f10ae4271c[781]: 2023-12-19T07:23:09.087813Z  INFO garage::server: Loading configuration...
    Dec 19 08:23:09 courgette 25f10ae4271c[781]: Error: TOML decode error: TOML parse error at line 16, column 17
    Dec 19 08:23:09 courgette 25f10ae4271c[781]:    |
    Dec 19 08:23:09 courgette 25f10ae4271c[781]: 16 | rpc_bind_addr = "[<no value>]:3901"
    Dec 19 08:23:09 courgette 25f10ae4271c[781]:    |                 ^^^^^^^^^^^^^^^^^^^
    Dec 19 08:23:09 courgette 25f10ae4271c[781]: invalid socket address syntax
    Dec 19 08:23:09 courgette 25f10ae4271c[781]:
 2023-12-19 08:38:12 +01:00
Quentin 516ab9ad91
stop reloading config file 2023-12-19 08:36:26 +01:00
Quentin 16168b916e
tricot upgrade 2023-12-14 10:59:40 +01:00
Alex 47e982b29d garage prod: use dynamically determined ipv6 addresses 2023-12-13 17:33:56 +01:00
Quentin d694ddbe2c
Move garage's redirections to a dedicated service 
Reason:
 - do not slow down the garage web endpoint
 - required now that we map domain name to a garage bucket
 2023-12-04 12:32:46 +01:00
Quentin 0c3db22de6
fix bagage 2023-12-04 12:19:00 +01:00
Quentin af242486a3
add degrowth 2023-12-04 12:16:41 +01:00
Quentin 23690238c9
add a sftp domain name 2023-12-02 11:52:35 +01:00
Quentin 7da4510ee8
tricot update 2023-12-01 16:02:09 +01:00
Quentin 52044402ac
add some redirections 2023-11-29 17:08:13 +01:00
Quentin d14fc2516c
Upgrade tricot 2023-11-29 16:58:37 +01:00
Alex c1d307d7a9 matrix: add memory to async media upload after oom crash 2023-11-27 13:56:47 +01:00
Alex 9c6f98f4b8 fix cryptpad backup 2023-11-27 13:43:42 +01:00
Alex a2654529c7 prod: update synapse and element 2023-11-15 16:39:11 +01:00
Alex b1e0397265 revert prometheus scraping on openwrt 2023-11-08 16:21:20 +01:00
Alex a46aa03fe2 prod: add monitoring of openwrt router 2023-11-08 16:14:33 +01:00
Quentin a6b84527b0
fix typo 2023-10-30 12:15:30 +01:00
Quentin 3c22659d90
ajout de domaines d'Esther 2023-10-30 12:00:21 +01:00
Quentin 79f380c72d
directory 2023-10-30 11:55:25 +01:00
Baptiste Jonglez a214496d8c [staging] Update known_hosts 2023-10-22 21:28:10 +02:00
Baptiste Jonglez b1630cfa8e [staging] Update garage to v0.9.0 2023-10-22 21:27:55 +02:00
Baptiste Jonglez d396f35235 Update IP for piranha.corrin 2023-10-22 20:17:33 +02:00
Alex 78ed3864d7 update bagage version with cors allow all 2023-10-16 16:16:18 +02:00
Alex ea8b2e8c82 màj garage prod 2023-10-16 14:54:16 +02:00
Alex fbffe1f0dc staging: update guichet with website management 2023-10-05 18:51:13 +02:00
Alex c790f6f3e1 staging: reaffect raft leaders 2023-10-05 13:48:29 +02:00
Alex e94cb54661 prod: add matrix syncv3 daemon 2023-10-04 11:51:04 +02:00
Alex 525f04515e staging: deploy garage v0.9.0-rc1 2023-10-04 10:44:17 +02:00
Alex 2e3725e8a2 staging: disable jaeger; update diplonat 2023-10-03 22:56:41 +02:00
Quentin 56e19ff2e5
remove default HTTP CSP, put your CSP in your HTML 2023-10-03 16:00:11 +02:00
Quentin 9e113416ac
fix update guichet 2023-10-03 15:58:20 +02:00
Quentin 7c7adc76b4
Set sogo as debug 2023-10-03 08:33:29 +02:00
Alex c4f3dece14 update tricot 2023-10-02 16:59:01 +02:00
Alex 4e20eb43b3 cryptpad: ajout alex admin 2023-09-22 15:42:02 +02:00
Alex f139238c17 staging: update garage to 0.8.4 2023-09-11 23:28:29 +02:00
ADRN ba3e24c41e added Adrien in admins for CryptPad 2023-09-08 11:31:49 +02:00
Alex 9b8882c250 add missing d53 tags for sogo and alps 2023-09-04 19:15:09 +02:00
Alex a490f082bc prod: remove all apps from orion, add some missing in scorpio 2023-09-04 19:05:18 +02:00
Quentin e42ed08788
fix Jitsi public IPv4 config 2023-08-31 18:08:46 +02:00
Quentin 1340fb6962
upgraded backups 2023-08-29 11:51:18 +02:00
Quentin 3d925a4505
move emails to lille 2023-08-29 11:43:45 +02:00
Quentin b688a1bbb9
increase sogo RAM 2023-08-28 09:50:46 +02:00
Alex 7dd8153653 màj tricot 2023-08-27 18:07:30 +02:00
Alex ecb4cabcf0 prod garage: add health check using admin api's '/health' 2023-08-27 13:56:51 +02:00
Alex 8e304e8f5f staging im-nix: add sqlite 2023-08-27 13:36:36 +02:00
Quentin be8484b494
[tricot] warmup memory store on boot 2023-08-09 10:40:08 +02:00
Quentin ca3283d6a7
upgrade matrix 2023-08-07 12:13:56 +02:00
Quentin 0c9ea6bc56
disable network fingerprinting in nomad 2023-08-07 11:17:40 +02:00
Maximilien Richer e7a3582c4e
Update telemetry stack to grafana 10.0.3 & co 2023-08-06 13:45:46 +02:00
Quentin aaa80ae678
final csp 2023-07-23 14:36:04 +02:00
Quentin 233556e9ef
Simpler IPv6 config for Garage 2023-07-23 14:06:36 +02:00
Quentin 132ad670a1
lines 2023-07-23 13:59:35 +02:00
Quentin 1048456fbf
switch postfix to ipv4 as we have no reverse dns on ipv6 2023-07-08 14:48:34 +02:00
Quentin 919004ae79
albatros 0.9-rc3 2023-07-08 14:38:00 +02:00
Quentin 03658e8f7b
ajout pointecouteau 2023-06-28 15:35:37 +02:00
ADRN 8ebd35730c added estherbouquet.com to DKIM signing table 2023-06-24 18:02:29 +02:00
Alex effe155248 Add armael to staging and ssh key for max 2023-06-24 17:14:34 +02:00
Alex 6c12a71ecb Deploy nixos 23.05 on staging and other staging fixes 2023-06-13 11:56:10 +02:00
Alex 1d19bae7a1 remove postgres replica on concombre 2023-06-12 19:58:03 +02:00
Alex 3fcda94aa0 undo remove postgres from diplotaxis 2023-06-12 16:19:57 +02:00
Alex 3e40bfcca9 add stolon replica on abricot instead of diplotaxis 2023-06-12 13:41:42 +02:00
Alex e06d6b14a3 add ananas, set it raft server instead of dahlia 2023-06-12 13:41:34 +02:00
Alex 1a11ff4202 staging: updated garage with new consul registration 2023-06-02 16:37:13 +02:00
Alex 14b59ba4b0 màj config gitea 2023-06-02 15:40:43 +02:00
Alex c31de0e94f tricot passthrough of external services at neptune 2023-05-24 10:18:02 +02:00
Alex ff13616887 staging: dev garage with fixed k2v double-urlencoding 2023-05-19 12:53:10 +02:00
Alex efd5ec3323 Remove plume backup job (not usefull anymore) 2023-05-16 15:39:36 +02:00
Alex 8a75be4d43 Merge pull request 'prod: Plume with S3 storage backend' (#13) from plume-s3 into main 
Reviewed-on: #13
 2023-05-16 13:38:07 +00:00
Alex 4ca45cf1d4 updated d53 on prod 2023-05-16 15:35:06 +02:00
Alex aee3a09471 Merge pull request 'Simplify network configuration' (#11) from simplify-network-config into main 
Reviewed-on: #11
 2023-05-16 13:19:33 +00:00
Alex 76b7f86d22 use RA on orion as well 2023-05-16 14:14:27 +02:00
Alex 560486bc50 prod plume with s3 backend 2023-05-15 17:30:41 +02:00
Alex 2488ad0ac2 staging plume: cleanup and update 2023-05-15 13:36:38 +02:00
Alex 9cef48a6c2 Merge branch 'main' into simplify-network-config 2023-05-12 18:45:58 +02:00
Alex 5c7a8c72d8 first plume on staging with S3 backend 2023-05-12 18:45:20 +02:00
Alex 258d27c566 deploy tricot at bespin, register gitea (not accessed yet) 2023-05-09 15:12:03 +02:00
Alex 04464f632f Export all Grafana dashboards 2023-05-09 12:29:37 +02:00
Alex 24cf7ddd91 Merge branch 'main' into simplify-network-config 2023-05-09 12:20:35 +02:00
Maximilien Richer 24192cc61a
Update telemetry stack apps 2023-05-07 23:46:48 +02:00
Alex b73c39c7c1 multi-zone matrix 2023-05-04 17:00:31 +02:00
Alex e375304c38 orient SoGo and Synapse to closest psql-proxy; psql backup anywhere 2023-05-04 16:48:22 +02:00
Alex f3cd2e98b4 multisite postgres, orient plume to correct db 2023-05-04 16:39:25 +02:00
Alex 6c07a42978 different wgautomesh gossip ports for prod and staging 2023-05-04 13:39:33 +02:00
Baptiste Jonglez e23b523467 Add infinite restart policy for postgresql 2023-05-03 08:53:59 +02:00
Alex 607add3161 make specifying an ipv6 fully optionnal 2023-04-21 14:36:10 +02:00
Alex c4598bd84f Diplonat on bespin, ipv6-only 2023-04-21 12:03:35 +02:00
Alex 0b3332fd32 break out core services into separate files 2023-04-21 11:55:24 +02:00
Alex a9e9149739 Fix unbound; remove Nixos firewall (use only diplonat) 2023-04-21 11:29:15 +02:00
Alex 529480b133 Merge branch 'main' into simplify-network-config 2023-04-21 10:31:05 +02:00
Alex b4e82e37e4 diplonat with fixed iptables thing 2023-04-20 15:13:13 +02:00
Alex af82308e84 Garage backup to SFTP target hosted by Max 2023-04-20 12:10:07 +02:00
Alex e5f9f3c849 increase diplonat ram 2023-04-19 21:05:47 +02:00
Alex 0372df95b5 staging: fix consul server addresses 2023-04-19 20:36:24 +02:00
Alex 9737c661a4 Merge branch 'main' into simplify-network-config 2023-04-19 20:15:03 +02:00
Quentin 57aa2ce1d2
interface gestion site web guichet 2023-04-19 15:20:49 +02:00
Quentin a614f495ad
allow memory overprovisionning 2023-04-08 10:43:42 +02:00