Commit Graph

237 Commits

Author SHA1 Message Date
ca287b95c9 Ildkule/openstack: fix networking
Removes systemd-networkd, and configures proper ipv4 and ipv6 in
openstack.
2024-09-05 00:24:22 +02:00
669733309b ildkule: get systemd stats from more machines 2024-09-03 13:10:36 +02:00
4ed12573ff ildkule: fix system activation by disabling smartd 2024-09-03 13:07:58 +02:00
8418cc016c fix biceps systemd units failing on activation 2024-09-03 13:00:12 +02:00
b4c602e31c metrics: install systemd exporter 2024-09-02 23:12:24 +02:00
3a0b8e270d bekkalokk/idp: Disallow bots 2024-09-02 23:11:44 +02:00
201784fa21 bluemap on bekkalokk 💀 2024-09-02 15:11:32 +02:00
b48230e811
bekkalokk/btrfs: scrubbalubba dubdub 2024-09-01 01:04:28 +02:00
914eb35c5a add a route for /_synapse/admin, point mjolnir at it
This is whitelisted to just bicep

As a side-effect it's also much easier to use synapse-admin now
2024-09-01 00:34:42 +02:00
8610a59f35
base.nix: split into multiple files 2024-08-31 22:28:17 +02:00
bd42412b94 bekkalokk/gitea/import-users: refactor + add members to groups 2024-08-27 22:07:29 +02:00
ef3b146b58 bekkalokk/gitea: don't autowatch all members to all projects 2024-08-27 09:26:00 +02:00
5b1c04e4b8 bicep/postgres: use snakeoil certs 2024-08-26 20:43:34 +02:00
3fa7f67027 bekkalokk/gitea-web: host pages 2024-08-26 20:36:03 +02:00
b0f555667c bekkalokk/gitea: set up gitea-web sync units 2024-08-26 20:36:03 +02:00
945d53cdb4
bekkalokk/vaultwarden: systemd hardening 2024-08-22 22:59:32 +02:00
cf3b62e01e
bekkalokk/phpfpm-*: systemd hardening 2024-08-22 22:58:48 +02:00
f5c99b58c8
bicep/calendar-bot: reactivate 2024-08-15 23:22:50 +02:00
d64d8edd68 bekkalokk/gitea: add some extra tabs 2024-08-14 17:36:19 +02:00
9dbf5d56f5 fix whitespacing issues 2024-08-04 04:37:23 +02:00
1714681532 statix fix 2024-08-04 01:46:00 +02:00
2030d4de39 fix-openstack-networking (!47)
Fix networking in Openstack.

This rewrites the systemd-networkd config, fixing both dhcp and manual address/route configurations.
Now, everything should behave predictably, routing NTNU-internal and NTNU-global addresses separately and properly across both ipv4 and ipv6.

Reviewed-on: #47
2024-07-31 11:23:00 +02:00
615b5fc1f1 SimpleSAMLPHP/MediaWiki: Update deprecated --replace 2024-07-28 23:28:33 +02:00
8f3013dc00 bekkalokk/gitea: direct non-logged-in users to the explore tab
This is a much more interesting page rather than trying to sell gitea
2024-07-19 21:19:06 +02:00
868764e0cd bekkalokk/mediawiki: misc configuration 2024-07-10 19:04:55 +02:00
7c3ff2068d bekkalokk/mediawiki: add some more extensions 2024-07-10 19:04:36 +02:00
f3a29429aa bekkalokk/gitea: set default email notification preference to 'onmention' 2024-07-10 00:18:01 +02:00
1591fdb7cc bekkalokk/mediawiki: re-enable DeleteBatch extension 2024-07-08 19:56:43 +02:00
ed28ba28f3 bekkalokk/mediawiki: leave togglable debug flags for future use 2024-07-08 19:55:52 +02:00
0301691b1c
gitea: enable notification mails 2024-07-04 20:41:46 +02:00
946555e408
gitea: add subject prefix to mail 2024-07-04 20:36:44 +02:00
e02062417a
gitea: move state back to /var/lib 2024-07-04 20:31:51 +02:00
b2806d78af
gitea: enable lfs 2024-07-04 20:30:55 +02:00
de2c7ea6f1
gitea: install custom images to correct dir 2024-07-04 20:29:50 +02:00
ca2deed668 WIP: all: Update to nixos-24.05 2024-06-30 01:55:25 +02:00
bb2f7899db Merge pull request 'bekkalokk/gitea: set default licenses and repo units' (!44) from gitea-set-misc-repo-settings into main
Reviewed-on: #44
2024-06-29 23:16:17 +02:00
c2b35a7ae4
bekkalokk/gitea: set default licenses and repo units 2024-06-29 23:14:41 +02:00
c88c3f87e0 buskerud: add libvirtd 2024-06-22 17:36:30 +02:00
71479d5ca0 quickfix: bekkalokk/mediawiki: remove DeleteBatch 2024-05-27 11:02:35 +02:00
cf01792269 bekkalokk/vaultarden: Add kTLS 2024-05-26 10:50:29 +02:00
35d745b156 bekkalokk: add vaultwarden 2024-05-26 04:19:17 +02:00
1c35da0295 Merge pull request 'bekkalokk: add snappymail' (!39) from bekkalokk-snappymail into main
Reviewed-on: #39
2024-05-26 01:52:17 +02:00
5fb1b805a8 bekkalokk: add snappymail 2024-05-26 01:07:27 +02:00
898e362a9f Merge pull request 'bekkalokk/website: add sp metadata for all domains' (!34) from add-sp-metadata-for-all-website-domains into main
Reviewed-on: #34
2024-05-14 05:27:44 +02:00
bcf2ceed32
gitea: setup mail 2024-05-12 02:26:13 +02:00
200224d2c1 Merge pull request 'bekkalokk: misc gitea cleanup' (!33) from misc-gitea-cleanup into main
Reviewed-on: #33
2024-05-12 02:12:55 +02:00
dcf29b76b8 bicep/matrix: allow global address of new ildkule to access metrics
All checks were successful
Eval nix flake / evals (push) Successful in 1h30m46s
2024-04-24 03:03:53 +02:00
55e8f01d1d Upgrade ildkule (!36)
Some checks failed
Eval nix flake / evals (push) Failing after 3h12m29s
This PR is made while moving Ildkule from PVE on joshua, to Openstack on stack.it.ntnu.no.

- The main monitoring dashboard is moved from https://ildkule.pvv.ntnu.no to https://grafana.pvv.ntnu.no.
- A new service is added: uptime-kuma on https://uptime.pvv.ntnu.no.
- The (hardware) configuration for ildkule is updated to fit the new virtualization environment, boot loader, network interfaces, etc.
- Metrics exporters on other hosts should be updated to allow connections from the new host

As this is the first proper server running on openstack, and therefore outside our main IP range, we might discover challenges in our network structure. For example, the database servers usually only allow connections from this range, so Ildkule can no longer access it. This should be explored, documented and/or fixed as we move more services.

Reviewed-on: #36
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
Co-committed-by: Felix Albrigtsen <felix@albrigtsen.it>
2024-04-21 23:36:25 +02:00
b7b1c73bfa
bekkalokk/gitea: use systemd unit for gitea customization
Some checks failed
Eval nix flake / evals (pull_request) Failing after 47s
Eval nix flake / evals (push) Failing after 14m41s
2024-04-16 01:02:21 +02:00
6851879a03
bekkalokk: remove keycloak
Some checks failed
Eval nix flake / evals (pull_request) Failing after 1m39s
Eval nix flake / evals (push) Failing after 1m41s
2024-04-14 23:59:46 +02:00