|
7bf1467cb1
|
add albatros
|
2023-03-16 15:52:13 +01:00 |
|
|
fe2eda1702
|
configuration for imap.deuxfleurs.fr & smtp.deuxfleurs.fr as part of email service for d53 + convert tabs into spaces (couldn't help myself)
|
2023-03-16 15:48:52 +01:00 |
|
|
81d3c0e03a
|
d53 for email-in.deuxfleurs.fr (A only, AAAA missing firewall)
|
2023-03-16 14:42:47 +01:00 |
|
|
1c623c796a
|
update garage and let it use more ram
|
2023-03-16 14:18:59 +01:00 |
|
|
e4065dade8
|
added Consul Registration of personal services (for Adrien's personal stuff)
|
2023-03-15 18:55:09 +01:00 |
|
|
f7be968531
|
TODOs in deuxfleurs.nix because the old world is maybe mixing with the new
|
2023-03-15 18:19:01 +01:00 |
|
|
2a0eff07c0
|
fix cleanup of deploypass
|
2023-03-15 17:49:31 +01:00 |
|
|
f6c4576b6c
|
added forgotten new files for scorpio/abricot
|
2023-03-15 17:30:35 +01:00 |
|
|
031d029e10
|
added scorpio site and abricot node
|
2023-03-15 17:10:38 +01:00 |
|
|
c681f63222
|
alloc more mem
|
2023-03-14 18:37:28 +01:00 |
|
|
d2b8b0c517
|
wip homemade ci?
|
2023-03-14 17:32:49 +01:00 |
|
|
385882c74c
|
Changes in prod:
- migrate courgette and concombre to M710q machines with SSD+HDD
- migrate prod/c* to nixos 22.11
|
2023-03-13 19:58:37 +01:00 |
|
|
d56f895a1c
|
integrate turn in matrix
|
2023-03-11 12:37:57 +01:00 |
|
|
6b8a94ba2e
|
wip coturn
|
2023-03-11 11:44:17 +01:00 |
|
|
850ea784e7
|
staging updates
|
2023-03-09 11:08:33 +01:00 |
|
|
6a287ffb57
|
prod: garage v0.8.1
|
2023-03-06 14:39:12 +01:00 |
|
Baptiste Jonglez
|
3eb5e21f9d
|
New IP for piranha
|
2023-03-06 14:30:22 +01:00 |
|
|
49cc83db21
|
use https links
|
2023-02-28 10:51:34 +01:00 |
|
|
4ef04f7971
|
add teabag (for static cms)
|
2023-02-27 18:42:38 +01:00 |
|
|
a4eb0b2b56
|
increased jitsi's priority so that it is above Matrix's
|
2023-02-20 16:43:29 +01:00 |
|
|
0b1fccac1c
|
Prod: guichet with mailing list edition interface
|
2023-02-08 16:58:12 +01:00 |
|
|
69f1950b55
|
bespin
|
2023-02-03 13:39:48 +01:00 |
|
|
87fc43d5e6
|
remove feature flags
|
2023-02-02 16:30:24 +01:00 |
|
|
a3ade938e0
|
update config with some flags, not sure
|
2023-02-02 16:21:43 +01:00 |
|
|
67bcd07056
|
upgrade prod tentative 1
|
2023-02-02 15:37:43 +01:00 |
|
|
a3ca27055d
|
fix integration
|
2023-02-02 15:32:40 +01:00 |
|
|
2d6616195f
|
upgrade the building logic
|
2023-02-02 14:48:59 +01:00 |
|
|
6445d55e3e
|
upgarde jitsi config
|
2023-02-02 08:48:19 +01:00 |
|
|
535b28945d
|
improve jitsi conf
|
2023-02-02 08:24:50 +01:00 |
|
|
2d55b1dfcc
|
updated garage and d53 on staging
|
2023-01-26 17:52:27 +01:00 |
|
|
8e76707c44
|
fix tricot hostname on prod
|
2023-01-11 22:18:52 +01:00 |
|
|
0da378d053
|
staging: remove constraint on im
|
2023-01-05 11:15:30 +01:00 |
|
|
9fabb5844a
|
staging: remove node cariacou, update garage
|
2023-01-04 17:06:39 +01:00 |
|
|
3a8588a1ea
|
Open ports 80 and 443 on all Orion nodes
|
2023-01-04 11:10:10 +01:00 |
|
|
da78f3671e
|
staging: deploy things on bespin
|
2023-01-04 10:06:06 +01:00 |
|
|
26f78872e6
|
staging: add node df-pw5 at bespin
|
2023-01-04 10:02:21 +01:00 |
|
|
c11b6499b8
|
prod: deploy d53
|
2023-01-04 09:35:40 +01:00 |
|
|
6478560087
|
prod: update tricot
|
2023-01-03 21:14:02 +01:00 |
|
|
fe805b6bab
|
Fix prometheus ssl certs
|
2023-01-03 21:00:10 +01:00 |
|
|
606668e25e
|
fill in cname_target and public_ipv4 for prod cluster
|
2023-01-03 19:27:35 +01:00 |
|
|
18eef6e8e7
|
Staging: Reduce resource requirements to pack more things
|
2023-01-03 18:25:32 +01:00 |
|
|
d588764748
|
don't rotate grafana password
|
2023-01-01 20:44:28 +01:00 |
|
|
3847c08181
|
Merge pull request 'updated version of secretmgr' (#5) from new-secretmgr into main
Reviewed-on: Deuxfleurs/nixcfg#5
|
2023-01-01 18:47:34 +00:00 |
|
Baptiste Jonglez
|
08c324f1c4
|
Add new zone to core services
|
2022-12-29 18:26:52 +01:00 |
|
Baptiste Jonglez
|
1c48fd4ae4
|
Add new staging zone and node
|
2022-12-28 16:49:43 +01:00 |
|
|
0d8c6a2d45
|
Remove obsolete Matrix TLS keys
|
2022-12-25 23:54:55 +01:00 |
|
|
0becfc2571
|
Merge branch 'main' into new-secretmgr
|
2022-12-25 23:47:52 +01:00 |
|
|
b63c03f635
|
refactor ssh config and move known_hosts
|
2022-12-25 23:45:53 +01:00 |
|
|
40f5670753
|
Remove old way of doing email certs (self-signed)
|
2022-12-25 23:03:37 +01:00 |
|
|
3b74376191
|
update drone secrets for rotation
|
2022-12-25 22:50:20 +01:00 |
|
|
8cee3b0043
|
Update prod secret files
|
2022-12-25 22:45:05 +01:00 |
|
|
87bb031ed0
|
Migrate prod cluster secrets to new format
|
2022-12-25 22:31:18 +01:00 |
|
|
6d6e48c8fa
|
Improve secretmgr more, update secrets for staging
|
2022-12-25 22:12:38 +01:00 |
|
|
8d0a7a806d
|
New secretmgr
|
2022-12-25 21:03:16 +01:00 |
|
|
7fd81f3470
|
WIP new secretmgr
|
2022-12-25 19:52:28 +01:00 |
|
|
11f87a3cd2
|
staging: add missing secrets, update exiting ones to autogen/autorotate
|
2022-12-24 23:58:38 +01:00 |
|
|
8d17a07c9b
|
reorganize some things
|
2022-12-24 22:59:37 +01:00 |
|
|
912753c7ad
|
remove useless lines in caribou,origan.nix
|
2022-12-22 23:16:15 +01:00 |
|
|
8513003388
|
staging: garage update
|
2022-12-14 17:52:13 +01:00 |
|
|
7ab91a16e9
|
Proper nat on origan
|
2022-12-13 16:01:36 +01:00 |
|
|
3af066397e
|
Replace carcajou by origan for raft server
|
2022-12-11 23:13:04 +01:00 |
|
|
dca2e53442
|
run a bunch of things on new Origan node
|
2022-12-11 23:02:14 +01:00 |
|
|
578075a925
|
Add origan node in staging cluster (+ refactor system.stateVersion)
|
2022-12-11 22:37:28 +01:00 |
|
|
36e6756b3c
|
staging: update D53 tags to new (simpler) syntax
|
2022-12-11 21:27:16 +01:00 |
|
|
a1fc396412
|
Add possible public_ipv4 node tag
|
2022-12-07 17:13:03 +01:00 |
|
|
4c50dd57f1
|
staging: reorganize core services and add D53
|
2022-12-07 16:35:21 +01:00 |
|
|
ab97a7bffd
|
Staging: Add CNAME target meta parameter, will be used for diplonat auto dns update
|
2022-12-07 12:32:21 +01:00 |
|
|
1d4599fc1c
|
prod: update tricot and reduce resource constraints
|
2022-12-07 12:03:15 +01:00 |
|
|
93e66389f7
|
staging: update Tricot
|
2022-12-07 11:21:51 +01:00 |
|
|
4e3db0cd5e
|
staging: correct public IPs through NAT for wireguard
|
2022-12-07 11:21:39 +01:00 |
|
|
5bed1e66db
|
update alps
|
2022-12-06 16:14:57 +01:00 |
|
|
724f0ccfec
|
Tricot: updated with enough bins for histogram data
|
2022-12-06 15:11:35 +01:00 |
|
|
14bea296da
|
prod: enable site load balancing in tricot
|
2022-12-06 14:43:58 +01:00 |
|
|
6036f5a1b7
|
deploy tricot metrics on production
|
2022-12-06 14:41:53 +01:00 |
|
|
e1ddb2d1d3
|
staging: tricot do load balancing of garage requests to local nodes
|
2022-12-06 12:41:12 +01:00 |
|
|
27b23e15ec
|
Staging: tricot with metrics
|
2022-12-05 23:42:53 +01:00 |
|
|
b260b01915
|
staging garage: use new health check endpoint
|
2022-12-05 16:25:46 +01:00 |
|
|
a1a2a83727
|
Staging: let nodes use each other as Nix caches (only inside same site)
|
2022-12-02 11:59:32 +01:00 |
|
|
88ddfea4d5
|
staging: run grafana from nixpkgs
|
2022-12-02 00:14:31 +01:00 |
|
|
2482a2f819
|
staging: run prometheus from nixpkgs
|
2022-12-01 23:48:46 +01:00 |
|
|
b0405d47a6
|
staging: remove hcl file for garage on docker
|
2022-12-01 23:33:16 +01:00 |
|
|
db8638223f
|
staging: also run Guichet from nix
|
2022-12-01 23:30:12 +01:00 |
|
|
e67b460ae2
|
staging: run bottin as nix job
|
2022-12-01 22:49:55 +01:00 |
|
|
bc88622ea2
|
Staging: run diplonat as nix job
|
2022-12-01 22:32:02 +01:00 |
|
|
d3fac34e63
|
staging: simplify litestream config on nix
|
2022-12-01 17:35:19 +01:00 |
|
|
18ab08a86c
|
staging: run node_exporter from nixos; run synapse as non-root
|
2022-12-01 17:25:53 +01:00 |
|
|
195e340f56
|
prod: more agressive restart on core services
|
2022-12-01 17:03:20 +01:00 |
|
|
9d0a2d8914
|
Run Tricot as Nix flake instead of Docker image
|
2022-12-01 16:04:47 +01:00 |
|
|
e4684ae169
|
staging: reduce litestream memory_max because it uses it all
|
2022-11-30 10:04:42 +01:00 |
|
|
6db4ec5311
|
staging: update garage
|
2022-11-29 22:59:55 +01:00 |
|
|
1ac9790806
|
Staging: remove Docker-based synapse config
|
2022-11-29 22:03:48 +01:00 |
|
|
ab7a770168
|
Synapse on Nix works great
|
2022-11-29 22:02:21 +01:00 |
|
|
55e407a3a4
|
First version of Matrix-synapse in Nix
|
2022-11-29 21:19:57 +01:00 |
|
|
4036a2d951
|
Clean stuff up and update nix driver
|
2022-11-29 16:21:38 +01:00 |
|
|
fb4c2ef55a
|
Remove old nomad-driver-nix
|
2022-11-29 15:41:35 +01:00 |
|
|
14e3e6deff
|
Staging: cleanup garage job
|
2022-11-29 14:42:53 +01:00 |
|
|
c9f9ed4c71
|
Deploy garage on staging using nix2 driver
|
2022-11-29 14:21:12 +01:00 |
|
|
105c081728
|
Staging: ability to run Nix jobs using exec2 driver
|
2022-11-28 22:58:39 +01:00 |
|
|
a327876e25
|
Remove root, add wg-quick-wg0 after unbound
|
2022-11-28 10:19:48 +01:00 |
|
|
6659deb544
|
Add Baptiste ; fix wireguard
|
2022-11-22 12:09:28 +01:00 |
|
|
945dd4fa9a
|
Run Garage as a Nomad Nix job on staging cluster
|
2022-11-17 00:17:56 +01:00 |
|
|
3c5f4b55e6
|
fix typo
|
2022-11-17 00:00:13 +01:00 |
|
|
78440a03d2
|
add+cleanup config
|
2022-11-16 16:52:38 +01:00 |
|
|
49b0dc2d5b
|
poc 2 for nix containers: use nomad-driver-nix
|
2022-11-16 16:28:18 +01:00 |
|
|
eac950c47f
|
Upgrade to garage v0.8.0-rc2
|
2022-11-16 11:57:11 +01:00 |
|
|
7df8162913
|
nix volumes RO
|
2022-11-16 00:12:14 +01:00 |
|
|
2cd4bf1ee7
|
Demo running directly a service from the nix store
|
2022-11-15 23:13:55 +01:00 |
|
|
9e19b2b5a2
|
Update ssh keys
|
2022-11-09 18:35:17 +01:00 |
|
|
cade21aa24
|
Give more resources to core stuff
|
2022-11-04 12:29:43 +01:00 |
|
|
7587024ff5
|
staging: change resources for im job
|
2022-11-04 11:22:54 +01:00 |
|
|
cc945340a1
|
update telemetry config on staging
|
2022-11-04 11:09:37 +01:00 |
|
|
b37c4b3196
|
Updated drone version
|
2022-11-04 11:09:19 +01:00 |
|
|
ea8185d7e6
|
Reinstall caribou
|
2022-11-03 19:25:28 +01:00 |
|
|
40d5665ffe
|
Upgrade Matrix but disable URL preview
|
2022-10-28 09:45:00 +02:00 |
|
|
859813440c
|
Automatic garage node discover on staging through consul
|
2022-10-18 22:09:55 +02:00 |
|
|
4584b39639
|
Update celeri config
|
2022-10-18 15:44:15 +02:00 |
|
|
afc368421d
|
Rebalance ressource attribution on staging
|
2022-10-18 10:40:59 +02:00 |
|
|
2592dcaa2d
|
Update telemetry on staging as well
|
2022-10-18 10:32:41 +02:00 |
|
|
27214332e9
|
IPv6 by FDN
|
2022-10-16 19:10:51 +02:00 |
|
|
5613ed9908
|
Complete telemetry configuration
|
2022-10-16 18:12:57 +02:00 |
|
|
42409de1b1
|
Deploy garage on bespin
|
2022-10-16 14:17:12 +00:00 |
|
|
a69a71ca00
|
Add mounts on bespin + tlsproxy
|
2022-10-16 14:17:12 +00:00 |
|
|
e6f118adb0
|
Celeri is no more a raft server
|
2022-10-16 14:17:12 +00:00 |
|
|
2eecece831
|
Fix typo on IP, add keys
|
2022-10-16 14:17:12 +00:00 |
|
mricher
|
c48a7e80c3
|
Fix key
|
2022-10-16 14:17:12 +00:00 |
|
mricher
|
8797d4450a
|
Add cluster configuration
|
2022-10-16 14:17:12 +00:00 |
|
mricher
|
6bafa20bf6
|
Add bespin machines
|
2022-10-16 14:17:12 +00:00 |
|
|
6942355d43
|
update readme.md
|
2022-10-16 11:04:46 +02:00 |
|
|
3247bf69cf
|
move grafana-new. to grafana.
|
2022-10-13 11:01:45 +02:00 |
|
|
f4689d25de
|
Change email address for let's encrypt expiry notifications
|
2022-10-09 22:57:55 +02:00 |
|
|
b4e737afdf
|
Rotate ssh key
|
2022-10-09 17:46:59 +02:00 |
|
|
c239e34a25
|
IPv6 prefix at Neptune changed again
|
2022-10-09 17:07:47 +02:00 |
|
|
e8cdd6864a
|
Split garage deployments in 2 categories
- The ones that will receive some traffic from tricot
- The ones "only for storage" that will not receive traffic from tricot
|
2022-10-08 22:23:19 +02:00 |
|
|
32658ff4d3
|
Add jaeger service to staging to view Garage traces
|
2022-09-26 15:53:32 +02:00 |
|
|
711b788eb4
|
Fix restic forget commands
|
2022-09-26 13:05:53 +02:00 |
|
|
5b88919746
|
Move cryptpad backup job to backup-daily.hcl
|
2022-09-26 13:02:38 +02:00 |
|
|
535c90b38e
|
Replace Adrien's SSH key
|
2022-09-26 11:37:48 +02:00 |
|
|
f22e242700
|
SSB experiment
|
2022-09-21 19:29:08 +02:00 |
|
|
4e939f55fc
|
Update garage staging
|
2022-09-21 19:28:54 +02:00 |
|
|
56ff4c5cfd
|
Prod-like telemetry into staging
|
2022-09-20 17:13:46 +02:00 |
|
|
9b6bdc7092
|
Update to garage config
|
2022-09-20 17:13:36 +02:00 |
|
|
72606368bf
|
Force Garage to use ipv6 connectivity
|
2022-09-15 11:57:24 +02:00 |
|
|
2dad5700d3
|
garage v0.8.0-beta1 on staging
|
2022-09-13 23:32:12 +02:00 |
|
|
39fbbbe863
|
Change ipv6 tunnel server
|
2022-09-09 17:23:23 +02:00 |
|
|
a90de2cfb9
|
Update garage staging
|
2022-09-09 12:24:29 +02:00 |
|
|
be0d7a7ccc
|
Drone integration files for new version (Nix runners)
|
2022-09-09 12:24:11 +02:00 |
|
|
2695fe4ae8
|
Force IPv4 when sending to gmail
Because Free does not provide rDNS on IPv6
so GMail complains that it does not find a PTR record
for our IPv6 address
|
2022-09-07 08:13:15 +02:00 |
|
|
02c65de5fe
|
Restart backups
|
2022-09-01 18:05:50 +02:00 |
|
|
1749a98e86
|
Update LDAP configuration
|
2022-08-31 10:25:58 +02:00 |
|
|
e81716e41e
|
Update drone config and add drone monitoring to prometheus
|
2022-08-30 15:48:32 +02:00 |
|