Commit Graph

46 Commits

Author SHA1 Message Date
Oystein Kristoffer Tveit 08fc48cf87
bekkalokk/gitea/import-users: refactor + add members to groups 2024-08-26 21:39:01 +02:00
Oystein Kristoffer Tveit b0f555667c bekkalokk/gitea: set up gitea-web sync units 2024-08-26 20:36:03 +02:00
Oystein Kristoffer Tveit f5c99b58c8
bicep/calendar-bot: reactivate 2024-08-15 23:22:50 +02:00
Oystein Kristoffer Tveit 95a5603f27
secrets: run `sops updatekeys` on everything 2024-08-04 02:04:29 +02:00
Felix Albrigtsen 35d745b156 bekkalokk: add vaultwarden 2024-05-26 04:19:17 +02:00
Oystein Kristoffer Tveit bcf2ceed32
gitea: setup mail 2024-05-12 02:26:13 +02:00
Felix Albrigtsen 55e8f01d1d Upgrade ildkule (!36)
Eval nix flake / evals (push) Failing after 3h12m29s Details
This PR is made while moving Ildkule from PVE on joshua, to Openstack on stack.it.ntnu.no.

- The main monitoring dashboard is moved from https://ildkule.pvv.ntnu.no to https://grafana.pvv.ntnu.no.
- A new service is added: uptime-kuma on https://uptime.pvv.ntnu.no.
- The (hardware) configuration for ildkule is updated to fit the new virtualization environment, boot loader, network interfaces, etc.
- Metrics exporters on other hosts should be updated to allow connections from the new host

As this is the first proper server running on openstack, and therefore outside our main IP range, we might discover challenges in our network structure. For example, the database servers usually only allow connections from this range, so Ildkule can no longer access it. This should be explored, documented and/or fixed as we move more services.

Reviewed-on: #36
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
Co-committed-by: Felix Albrigtsen <felix@albrigtsen.it>
2024-04-21 23:36:25 +02:00
Oystein Kristoffer Tveit 6851879a03
bekkalokk: remove keycloak
Eval nix flake / evals (pull_request) Failing after 1m39s Details
Eval nix flake / evals (push) Failing after 1m41s Details
2024-04-14 23:59:46 +02:00
Oystein Kristoffer Tveit 9577477460 bekkalokk/nettsiden: add secrets 2024-04-10 23:04:20 +02:00
Oystein Kristoffer Tveit 8657e77514 bekkalokk: set up pvv-nettsiden 2024-04-10 23:04:18 +02:00
Oystein Kristoffer Tveit d531419f35 bekkalokk: init mediawiki
Eval nix flake / evals (pull_request) Failing after 1m46s Details
Eval nix flake / evals (push) Failing after 1m53s Details
Co-authored-by: Jørn Åne <yorinad@pvv.ntnu.no>
2024-04-01 23:57:39 +02:00
Oystein Kristoffer Tveit 806b18ede8 bekkalokk: init idp-simplesamlphp 2024-04-01 23:57:39 +02:00
Daniel Lovbrotte Olsen b458801f95 Revert "bekkalokk: add wackattack ctf systemd service"
Eval nix flake / evals (push) Successful in 2m49s Details
CTF is over

This reverts commit fa843c4a59.
2023-10-30 09:03:27 +01:00
Oystein Kristoffer Tveit fa843c4a59
bekkalokk: add wackattack ctf systemd service
Eval nix flake / evals (push) Successful in 4m9s Details
2023-10-26 22:10:30 +02:00
Daniel Lovbrotte Olsen e07945d49c bicep/matrix: enable sliding sync
Eval nix flake / evals (push) Successful in 2m39s Details
2023-10-22 02:33:40 +02:00
Oystein Kristoffer Tveit 5c529a0233 Fix gitea runners, add 2 more
The gitea runners are now activated correctly,
has support for both debian and ubuntu based systems,
and can will connect to the gitea server through the
loopback interface
2023-09-17 04:05:08 +02:00
Oystein Kristoffer Tveit b9388a31cf
bekkalokk/gitea-runners: fix token env file 2023-09-17 00:28:28 +02:00
Oystein Kristoffer Tveit 5c37b71646 Merge pull request 'Setup gitea action runner' (#10) from add-gitea-ci into main
Reviewed-on: #10
2023-09-16 22:31:22 +02:00
Amalie Erdal Mansaker 76f18b459c Setup gitea action runner 2023-09-16 22:26:44 +02:00
Daniel Lovbrotte Olsen f53c0c6eb5 bicep/synapse: Move database configuration out of secrets 2023-09-16 21:38:39 +02:00
Daniel Lovbrotte Olsen 7cd5b42f12 bicep/matrix/synapse: use fewer connections 2023-09-13 11:02:52 +02:00
Daniel Lovbrotte Olsen f92ebbee16 bicep/synapse: use postgres unix socket 2023-09-13 04:16:22 +02:00
Daniel Lovbrotte Olsen 201e3d306b bicep: Revert postgres socket stuff 2023-09-13 03:58:29 +02:00
Daniel Lovbrotte Olsen b5075f48c6 bicep/matrix/synapse: switch database connection to socket 2023-09-13 00:17:10 +02:00
Daniel Lovbrotte Olsen cfcd230678 Merge pull request 'Fix gitea on bekkalokk' (#7) from configure-gitea into main
Reviewed-on: #7
2023-09-07 18:54:24 +02:00
Oystein Kristoffer Tveit f567199604
bekkalokk/gitea: update API key for import-user-script 2023-09-07 18:41:41 +02:00
Oystein Kristoffer Tveit b52753987d
bicep: use mysql on bicep as production server 2023-09-07 18:40:13 +02:00
Felix Albrigtsen 3beb76e411 Add pvv-calendar-bot to bicep 2023-08-27 02:36:01 +02:00
Oystein Kristoffer Tveit 34a16149f8 ildkule: add config for prometheus_mysqld_exporter
There's a PR waiting to add this module to nixpkgs,
so we should enable this once it gets merged.
2023-07-10 00:06:27 +02:00
Felix Albrigtsen 8f55ef3193 Bekkalokk: Configure Gitea, clean web services
Update bekkalokk secrets format

Update gitea keys and firewall rules

Create gitea-user-import script

Fix SSH host key verification

Gitea-import-users bug squashification

Fix Gitea-import SSH problems
2023-06-05 19:41:25 +02:00
Felix Albrigtsen 8ccf9e9298 Update keys and re-enable web services 2023-05-21 02:29:14 +02:00
Daniel Lovbrotte Olsen ee73a964be move matrix to bicep 2023-05-08 03:38:59 +02:00
Oystein Kristoffer Tveit dcbe6871da
bekkalokk: setup keycloak 2023-05-07 00:34:42 +02:00
Daniel Lovbrotte Olsen bddd7e438d update jokum sops secrets 2023-03-26 13:14:55 +02:00
Daniel Lovbrotte Olsen 7a9759ef71 matrix: Add mjolnir as a moderation bot 2023-02-13 02:34:11 +01:00
Daniel Lovbrotte Olsen 4684cd239a matrix: enable shared secret registration 2023-02-13 00:58:15 +01:00
Oystein Kristoffer Tveit 796155481f
Add host `bekkalokk`
`bekkalokk` is a new machine, meant to host web services and eventually
miscellaneous services.
2023-01-29 01:51:35 +01:00
Oystein Kristoffer Tveit efc8eb7ffc
ildkule: add postgres exporter for knakelibrak 2023-01-26 02:16:52 +01:00
Oystein Kristoffer Tveit 171fea39bc
ildkule: switch grafana db from sqlite to postgres 2023-01-22 02:18:21 +01:00
Daniel Lovbrotte Olsen e7786fee0c
add felix to jokum secrets 2023-01-22 00:47:23 +01:00
Oystein Kristoffer Tveit 5d50a9807e
sops: reencrypt jokum secrets with felixalb keys 2023-01-22 00:47:22 +01:00
Oystein Kristoffer Tveit 2bc5d7d91e
ildkule: set up postgres metrics exporter 2023-01-22 00:47:22 +01:00
Daniel Lovbrotte Olsen 57ff1fa17a Add oysteikt to secrets 2022-12-18 00:05:26 +01:00
Felix Albrigtsen 6b1f0eb090 Add host ildkule 2022-12-17 21:51:43 +01:00
Daniel Lovbrotte Olsen 8b73e54beb Add signing key to secrets
Less state to manage is always good
2022-12-09 06:24:28 +01:00
Daniel Lovbrotte Olsen 4a9efb0d5c Finally comitting matrix-configuration now that we have secret-management 2022-12-07 10:16:15 +01:00