Commit Graph

232 Commits

Author SHA1 Message Date
Daniel Lovbrotte Olsen 3a0b8e270d bekkalokk/idp: Disallow bots 2024-09-02 23:11:44 +02:00
Daniel Lovbrotte Olsen 201784fa21 bluemap on bekkalokk 💀 2024-09-02 15:11:32 +02:00
Oystein Kristoffer Tveit b48230e811
bekkalokk/btrfs: scrubbalubba dubdub 2024-09-01 01:04:28 +02:00
Daniel Lovbrotte Olsen 914eb35c5a add a route for /_synapse/admin, point mjolnir at it
This is whitelisted to just bicep

As a side-effect it's also much easier to use synapse-admin now
2024-09-01 00:34:42 +02:00
Oystein Kristoffer Tveit 8610a59f35
base.nix: split into multiple files 2024-08-31 22:28:17 +02:00
Oystein Kristoffer Tveit bd42412b94 bekkalokk/gitea/import-users: refactor + add members to groups 2024-08-27 22:07:29 +02:00
Daniel Lovbrotte Olsen ef3b146b58 bekkalokk/gitea: don't autowatch all members to all projects 2024-08-27 09:26:00 +02:00
Oystein Kristoffer Tveit 5b1c04e4b8 bicep/postgres: use snakeoil certs 2024-08-26 20:43:34 +02:00
Oystein Kristoffer Tveit 3fa7f67027 bekkalokk/gitea-web: host pages 2024-08-26 20:36:03 +02:00
Oystein Kristoffer Tveit b0f555667c bekkalokk/gitea: set up gitea-web sync units 2024-08-26 20:36:03 +02:00
Oystein Kristoffer Tveit 945d53cdb4
bekkalokk/vaultwarden: systemd hardening 2024-08-22 22:59:32 +02:00
Oystein Kristoffer Tveit cf3b62e01e
bekkalokk/phpfpm-*: systemd hardening 2024-08-22 22:58:48 +02:00
Oystein Kristoffer Tveit f5c99b58c8
bicep/calendar-bot: reactivate 2024-08-15 23:22:50 +02:00
Oystein Kristoffer Tveit d64d8edd68 bekkalokk/gitea: add some extra tabs 2024-08-14 17:36:19 +02:00
Peder Bergebakken Sundt 9dbf5d56f5 fix whitespacing issues 2024-08-04 04:37:23 +02:00
Peder Bergebakken Sundt 1714681532 `statix fix` 2024-08-04 01:46:00 +02:00
Felix Albrigtsen 2030d4de39 fix-openstack-networking (!47)
Fix networking in Openstack.

This rewrites the systemd-networkd config, fixing both dhcp and manual address/route configurations.
Now, everything should behave predictably, routing NTNU-internal and NTNU-global addresses separately and properly across both ipv4 and ipv6.

Reviewed-on: #47
2024-07-31 11:23:00 +02:00
Felix Albrigtsen 615b5fc1f1 SimpleSAMLPHP/MediaWiki: Update deprecated --replace 2024-07-28 23:28:33 +02:00
Daniel Lovbrotte Olsen 8f3013dc00 bekkalokk/gitea: direct non-logged-in users to the explore tab
This is a much more interesting page rather than trying to sell gitea
2024-07-19 21:19:06 +02:00
Oystein Kristoffer Tveit 868764e0cd bekkalokk/mediawiki: misc configuration 2024-07-10 19:04:55 +02:00
Oystein Kristoffer Tveit 7c3ff2068d bekkalokk/mediawiki: add some more extensions 2024-07-10 19:04:36 +02:00
Oystein Kristoffer Tveit f3a29429aa bekkalokk/gitea: set default email notification preference to 'onmention' 2024-07-10 00:18:01 +02:00
Oystein Kristoffer Tveit 1591fdb7cc bekkalokk/mediawiki: re-enable DeleteBatch extension 2024-07-08 19:56:43 +02:00
Oystein Kristoffer Tveit ed28ba28f3 bekkalokk/mediawiki: leave togglable debug flags for future use 2024-07-08 19:55:52 +02:00
Oystein Kristoffer Tveit 0301691b1c
gitea: enable notification mails 2024-07-04 20:41:46 +02:00
Oystein Kristoffer Tveit 946555e408
gitea: add subject prefix to mail 2024-07-04 20:36:44 +02:00
Oystein Kristoffer Tveit e02062417a
gitea: move state back to /var/lib 2024-07-04 20:31:51 +02:00
Oystein Kristoffer Tveit b2806d78af
gitea: enable lfs 2024-07-04 20:30:55 +02:00
Oystein Kristoffer Tveit de2c7ea6f1
gitea: install custom images to correct dir 2024-07-04 20:29:50 +02:00
Felix Albrigtsen ca2deed668 WIP: all: Update to nixos-24.05 2024-06-30 01:55:25 +02:00
Oystein Kristoffer Tveit bb2f7899db Merge pull request 'bekkalokk/gitea: set default licenses and repo units' (!44) from gitea-set-misc-repo-settings into main
Reviewed-on: #44
2024-06-29 23:16:17 +02:00
Oystein Kristoffer Tveit c2b35a7ae4
bekkalokk/gitea: set default licenses and repo units 2024-06-29 23:14:41 +02:00
Felix Albrigtsen c88c3f87e0 buskerud: add libvirtd 2024-06-22 17:36:30 +02:00
Felix Albrigtsen 71479d5ca0 quickfix: bekkalokk/mediawiki: remove DeleteBatch 2024-05-27 11:02:35 +02:00
Felix Albrigtsen cf01792269 bekkalokk/vaultarden: Add kTLS 2024-05-26 10:50:29 +02:00
Felix Albrigtsen 35d745b156 bekkalokk: add vaultwarden 2024-05-26 04:19:17 +02:00
Felix Albrigtsen 1c35da0295 Merge pull request 'bekkalokk: add snappymail' (!39) from bekkalokk-snappymail into main
Reviewed-on: #39
2024-05-26 01:52:17 +02:00
Felix Albrigtsen 5fb1b805a8 bekkalokk: add snappymail 2024-05-26 01:07:27 +02:00
Daniel Lovbrotte Olsen 898e362a9f Merge pull request 'bekkalokk/website: add sp metadata for all domains' (!34) from add-sp-metadata-for-all-website-domains into main
Reviewed-on: #34
2024-05-14 05:27:44 +02:00
Oystein Kristoffer Tveit bcf2ceed32
gitea: setup mail 2024-05-12 02:26:13 +02:00
Oystein Kristoffer Tveit 200224d2c1 Merge pull request 'bekkalokk: misc gitea cleanup' (!33) from misc-gitea-cleanup into main
Reviewed-on: #33
2024-05-12 02:12:55 +02:00
Daniel Lovbrotte Olsen dcf29b76b8 bicep/matrix: allow global address of new ildkule to access metrics
Eval nix flake / evals (push) Successful in 1h30m46s Details
2024-04-24 03:03:53 +02:00
Felix Albrigtsen 55e8f01d1d Upgrade ildkule (!36)
Eval nix flake / evals (push) Failing after 3h12m29s Details
This PR is made while moving Ildkule from PVE on joshua, to Openstack on stack.it.ntnu.no.

- The main monitoring dashboard is moved from https://ildkule.pvv.ntnu.no to https://grafana.pvv.ntnu.no.
- A new service is added: uptime-kuma on https://uptime.pvv.ntnu.no.
- The (hardware) configuration for ildkule is updated to fit the new virtualization environment, boot loader, network interfaces, etc.
- Metrics exporters on other hosts should be updated to allow connections from the new host

As this is the first proper server running on openstack, and therefore outside our main IP range, we might discover challenges in our network structure. For example, the database servers usually only allow connections from this range, so Ildkule can no longer access it. This should be explored, documented and/or fixed as we move more services.

Reviewed-on: #36
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
Co-committed-by: Felix Albrigtsen <felix@albrigtsen.it>
2024-04-21 23:36:25 +02:00
Oystein Kristoffer Tveit b7b1c73bfa
bekkalokk/gitea: use systemd unit for gitea customization
Eval nix flake / evals (pull_request) Failing after 47s Details
Eval nix flake / evals (push) Failing after 14m41s Details
2024-04-16 01:02:21 +02:00
Oystein Kristoffer Tveit 6851879a03
bekkalokk: remove keycloak
Eval nix flake / evals (pull_request) Failing after 1m39s Details
Eval nix flake / evals (push) Failing after 1m41s Details
2024-04-14 23:59:46 +02:00
Oystein Kristoffer Tveit 70603145cf
bekkalokk/website: add sp metadata for all domains
Eval nix flake / evals (pull_request) Failing after 1m49s Details
Eval nix flake / evals (push) Failing after 41s Details
2024-04-14 17:06:01 +02:00
Felix Albrigtsen 1e4195ea9d bekkalokk: pvv-nettsiden-gallery: Improve thumbnail generation
Eval nix flake / evals (push) Failing after 1m46s Details
2024-04-14 02:04:45 +02:00
Daniel Lovbrotte Olsen ee335e3712 bicep/synapse: fix registering users via smtp
Eval nix flake / evals (push) Failing after 2m0s Details
2024-04-14 01:52:17 +02:00
Oystein Kristoffer Tveit 5bed292a01
bekkalokk/gitea: move user import stuff to separate nix file 2024-04-11 21:47:44 +02:00
Oystein Kristoffer Tveit 36b7087a3f
base.nix: hotfix for hotfix for nginx on bicep (3352e48f)
Eval nix flake / evals (push) Failing after 1m49s Details
Turns out the settings were in biceps local nginx config
2024-04-11 20:41:02 +02:00