d14fc2516c
Upgrade tricot
2023-11-29 16:58:37 +01:00
c1d307d7a9
matrix: add memory to async media upload after oom crash
2023-11-27 13:56:47 +01:00
9c6f98f4b8
fix cryptpad backup
2023-11-27 13:43:42 +01:00
a2654529c7
prod: update synapse and element
2023-11-15 16:39:11 +01:00
b1e0397265
revert prometheus scraping on openwrt
2023-11-08 16:21:20 +01:00
a46aa03fe2
prod: add monitoring of openwrt router
2023-11-08 16:14:33 +01:00
a6b84527b0
fix typo
2023-10-30 12:15:30 +01:00
3c22659d90
ajout de domaines d'Esther
2023-10-30 12:00:21 +01:00
79f380c72d
directory
2023-10-30 11:55:25 +01:00
Baptiste Jonglez
a214496d8c
[staging] Update known_hosts
2023-10-22 21:28:10 +02:00
Baptiste Jonglez
b1630cfa8e
[staging] Update garage to v0.9.0
2023-10-22 21:27:55 +02:00
Baptiste Jonglez
d396f35235
Update IP for piranha.corrin
2023-10-22 20:17:33 +02:00
78ed3864d7
update bagage version with cors allow all
2023-10-16 16:16:18 +02:00
ea8b2e8c82
màj garage prod
2023-10-16 14:54:16 +02:00
fbffe1f0dc
staging: update guichet with website management
2023-10-05 18:51:13 +02:00
c790f6f3e1
staging: reaffect raft leaders
2023-10-05 13:48:29 +02:00
e94cb54661
prod: add matrix syncv3 daemon
2023-10-04 11:51:04 +02:00
525f04515e
staging: deploy garage v0.9.0-rc1
2023-10-04 10:44:17 +02:00
2e3725e8a2
staging: disable jaeger; update diplonat
2023-10-03 22:56:41 +02:00
56e19ff2e5
remove default HTTP CSP, put your CSP in your HTML
2023-10-03 16:00:11 +02:00
9e113416ac
fix update guichet
2023-10-03 15:58:20 +02:00
7c7adc76b4
Set sogo as debug
2023-10-03 08:33:29 +02:00
c4f3dece14
update tricot
2023-10-02 16:59:01 +02:00
4e20eb43b3
cryptpad: ajout alex admin
2023-09-22 15:42:02 +02:00
f139238c17
staging: update garage to 0.8.4
2023-09-11 23:28:29 +02:00
ba3e24c41e
added Adrien in admins for CryptPad
2023-09-08 11:31:49 +02:00
9b8882c250
add missing d53 tags for sogo and alps
2023-09-04 19:15:09 +02:00
a490f082bc
prod: remove all apps from orion, add some missing in scorpio
2023-09-04 19:05:18 +02:00
e42ed08788
fix Jitsi public IPv4 config
2023-08-31 18:08:46 +02:00
1340fb6962
upgraded backups
2023-08-29 11:51:18 +02:00
3d925a4505
move emails to lille
2023-08-29 11:43:45 +02:00
b688a1bbb9
increase sogo RAM
2023-08-28 09:50:46 +02:00
7dd8153653
màj tricot
2023-08-27 18:07:30 +02:00
ecb4cabcf0
prod garage: add health check using admin api's '/health'
2023-08-27 13:56:51 +02:00
8e304e8f5f
staging im-nix: add sqlite
2023-08-27 13:36:36 +02:00
be8484b494
[tricot] warmup memory store on boot
2023-08-09 10:40:08 +02:00
ca3283d6a7
upgrade matrix
2023-08-07 12:13:56 +02:00
0c9ea6bc56
disable network fingerprinting in nomad
2023-08-07 11:17:40 +02:00
e7a3582c4e
Update telemetry stack to grafana 10.0.3 & co
2023-08-06 13:45:46 +02:00
aaa80ae678
final csp
2023-07-23 14:36:04 +02:00
233556e9ef
Simpler IPv6 config for Garage
2023-07-23 14:06:36 +02:00
132ad670a1
lines
2023-07-23 13:59:35 +02:00
1048456fbf
switch postfix to ipv4 as we have no reverse dns on ipv6
2023-07-08 14:48:34 +02:00
919004ae79
albatros 0.9-rc3
2023-07-08 14:38:00 +02:00
03658e8f7b
ajout pointecouteau
2023-06-28 15:35:37 +02:00
8ebd35730c
added estherbouquet.com to DKIM signing table
2023-06-24 18:02:29 +02:00
effe155248
Add armael to staging and ssh key for max
2023-06-24 17:14:34 +02:00
6c12a71ecb
Deploy nixos 23.05 on staging and other staging fixes
2023-06-13 11:56:10 +02:00
1d19bae7a1
remove postgres replica on concombre
2023-06-12 19:58:03 +02:00
3fcda94aa0
undo remove postgres from diplotaxis
2023-06-12 16:19:57 +02:00
3e40bfcca9
add stolon replica on abricot instead of diplotaxis
2023-06-12 13:41:42 +02:00
e06d6b14a3
add ananas, set it raft server instead of dahlia
2023-06-12 13:41:34 +02:00
1a11ff4202
staging: updated garage with new consul registration
2023-06-02 16:37:13 +02:00
14b59ba4b0
màj config gitea
2023-06-02 15:40:43 +02:00
c31de0e94f
tricot passthrough of external services at neptune
2023-05-24 10:18:02 +02:00
ff13616887
staging: dev garage with fixed k2v double-urlencoding
2023-05-19 12:53:10 +02:00
efd5ec3323
Remove plume backup job (not usefull anymore)
2023-05-16 15:39:36 +02:00
8a75be4d43
Merge pull request 'prod: Plume with S3 storage backend' ( #13 ) from plume-s3 into main
...
Reviewed-on: Deuxfleurs/nixcfg#13
2023-05-16 13:38:07 +00:00
4ca45cf1d4
updated d53 on prod
2023-05-16 15:35:06 +02:00
aee3a09471
Merge pull request 'Simplify network configuration' ( #11 ) from simplify-network-config into main
...
Reviewed-on: Deuxfleurs/nixcfg#11
2023-05-16 13:19:33 +00:00
76b7f86d22
use RA on orion as well
2023-05-16 14:14:27 +02:00
560486bc50
prod plume with s3 backend
2023-05-15 17:30:41 +02:00
2488ad0ac2
staging plume: cleanup and update
2023-05-15 13:36:38 +02:00
9cef48a6c2
Merge branch 'main' into simplify-network-config
2023-05-12 18:45:58 +02:00
5c7a8c72d8
first plume on staging with S3 backend
2023-05-12 18:45:20 +02:00
258d27c566
deploy tricot at bespin, register gitea (not accessed yet)
2023-05-09 15:12:03 +02:00
04464f632f
Export all Grafana dashboards
2023-05-09 12:29:37 +02:00
24cf7ddd91
Merge branch 'main' into simplify-network-config
2023-05-09 12:20:35 +02:00
24192cc61a
Update telemetry stack apps
2023-05-07 23:46:48 +02:00
b73c39c7c1
multi-zone matrix
2023-05-04 17:00:31 +02:00
e375304c38
orient SoGo and Synapse to closest psql-proxy; psql backup anywhere
2023-05-04 16:48:22 +02:00
f3cd2e98b4
multisite postgres, orient plume to correct db
2023-05-04 16:39:25 +02:00
6c07a42978
different wgautomesh gossip ports for prod and staging
2023-05-04 13:39:33 +02:00
Baptiste Jonglez
e23b523467
Add infinite restart policy for postgresql
2023-05-03 08:53:59 +02:00
607add3161
make specifying an ipv6 fully optionnal
2023-04-21 14:36:10 +02:00
c4598bd84f
Diplonat on bespin, ipv6-only
2023-04-21 12:03:35 +02:00
0b3332fd32
break out core services into separate files
2023-04-21 11:55:24 +02:00
a9e9149739
Fix unbound; remove Nixos firewall (use only diplonat)
2023-04-21 11:29:15 +02:00
529480b133
Merge branch 'main' into simplify-network-config
2023-04-21 10:31:05 +02:00
b4e82e37e4
diplonat with fixed iptables thing
2023-04-20 15:13:13 +02:00
af82308e84
Garage backup to SFTP target hosted by Max
2023-04-20 12:10:07 +02:00
e5f9f3c849
increase diplonat ram
2023-04-19 21:05:47 +02:00
0372df95b5
staging: fix consul server addresses
2023-04-19 20:36:24 +02:00
9737c661a4
Merge branch 'main' into simplify-network-config
2023-04-19 20:15:03 +02:00
57aa2ce1d2
interface gestion site web guichet
2023-04-19 15:20:49 +02:00
a614f495ad
allow memory overprovisionning
2023-04-08 10:43:42 +02:00
07f50f297a
D53 with addresses from DiploNAT autodiscovery; diplonat fw opening for tricot
2023-04-05 16:30:28 +02:00
0e4c641db7
redeploy bagage
2023-04-05 15:50:53 +02:00
c08bc17cc0
Adapt prod config to new parameters
2023-04-05 14:09:04 +02:00
16422d2809
introduce back static ipv4 prefix lenght but with default value
2023-04-05 14:04:11 +02:00
dec4ea479d
Allow for IPv6 with RA disabled by manually providing gateway
2023-04-05 13:27:18 +02:00
cb8d7e92d2
staging: ipv6-only diplonat for automatic address discovery
2023-04-05 10:25:22 +02:00
c9f122bcd3
diplonat with ipv6 firewall support; email ipv6 addresses in dns
2023-04-04 14:13:57 +02:00
d83d230aee
added luxeylab to dkim signingtable
2023-03-30 18:09:12 +02:00
2de291e9b7
upgrade bottin + remove bespin
2023-03-26 10:14:04 +02:00
ecfab3c628
Merge branch 'main' into simplify-network-config
2023-03-24 15:35:27 +01:00
96566ae523
refactor configuration syntax
2023-03-24 15:26:39 +01:00
e2aea648cf
greatly simplify ipv4 and ipv6 configuration
2023-03-24 14:42:36 +01:00
Baptiste Jonglez
8ae9ec6514
Update piranha IP again
2023-03-24 13:01:24 +01:00
a0db30ca26
Sanitize DNS configuration
...
- get rid of outside nameserver, unbound does the recursive resolving
itself (and it checks DNSSEC)
- remove CAP_NET_BIND_SERVICE for Consul as it is no longer binding on
port 53 (was already obsolete)
- make unbound config independant of LAN IPv4 address
2023-03-24 12:58:44 +01:00