Daniel Lovbrotte Olsen
c56d157c3f
add registration secret
2024-10-12 23:49:10 +02:00
Daniel Lovbrotte Olsen
cd23e35aac
bicep/matrix: update module and remove deprecated options
2024-09-27 06:38:12 +02:00
Daniel Lovbrotte Olsen
201784fa21
bluemap on bekkalokk 💀
2024-09-02 15:11:32 +02:00
Oystein Kristoffer Tveit
bd42412b94
bekkalokk/gitea/import-users: refactor + add members to groups
2024-08-27 22:07:29 +02:00
Oystein Kristoffer Tveit
b0f555667c
bekkalokk/gitea: set up gitea-web sync units
2024-08-26 20:36:03 +02:00
Oystein Kristoffer Tveit
f5c99b58c8
bicep/calendar-bot: reactivate
2024-08-15 23:22:50 +02:00
Oystein Kristoffer Tveit
95a5603f27
secrets: run `sops updatekeys` on everything
2024-08-04 02:04:29 +02:00
Felix Albrigtsen
35d745b156
bekkalokk: add vaultwarden
2024-05-26 04:19:17 +02:00
Oystein Kristoffer Tveit
bcf2ceed32
gitea: setup mail
2024-05-12 02:26:13 +02:00
Felix Albrigtsen
55e8f01d1d
Upgrade ildkule ( !36 )
...
Eval nix flake / evals (push) Failing after 3h12m29s
Details
This PR is made while moving Ildkule from PVE on joshua, to Openstack on stack.it.ntnu.no.
- The main monitoring dashboard is moved from https://ildkule.pvv.ntnu.no to https://grafana.pvv.ntnu.no .
- A new service is added: uptime-kuma on https://uptime.pvv.ntnu.no .
- The (hardware) configuration for ildkule is updated to fit the new virtualization environment, boot loader, network interfaces, etc.
- Metrics exporters on other hosts should be updated to allow connections from the new host
As this is the first proper server running on openstack, and therefore outside our main IP range, we might discover challenges in our network structure. For example, the database servers usually only allow connections from this range, so Ildkule can no longer access it. This should be explored, documented and/or fixed as we move more services.
Reviewed-on: #36
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
Co-committed-by: Felix Albrigtsen <felix@albrigtsen.it>
2024-04-21 23:36:25 +02:00
Oystein Kristoffer Tveit
6851879a03
bekkalokk: remove keycloak
Eval nix flake / evals (pull_request) Failing after 1m39s
Details
Eval nix flake / evals (push) Failing after 1m41s
Details
2024-04-14 23:59:46 +02:00
Oystein Kristoffer Tveit
9577477460
bekkalokk/nettsiden: add secrets
2024-04-10 23:04:20 +02:00
Oystein Kristoffer Tveit
8657e77514
bekkalokk: set up pvv-nettsiden
2024-04-10 23:04:18 +02:00
Oystein Kristoffer Tveit
d531419f35
bekkalokk: init mediawiki
...
Eval nix flake / evals (pull_request) Failing after 1m46s
Details
Eval nix flake / evals (push) Failing after 1m53s
Details
Co-authored-by: Jørn Åne <yorinad@pvv.ntnu.no>
2024-04-01 23:57:39 +02:00
Oystein Kristoffer Tveit
806b18ede8
bekkalokk: init idp-simplesamlphp
2024-04-01 23:57:39 +02:00
Daniel Lovbrotte Olsen
b458801f95
Revert "bekkalokk: add wackattack ctf systemd service"
...
Eval nix flake / evals (push) Successful in 2m49s
Details
CTF is over
This reverts commit fa843c4a59
.
2023-10-30 09:03:27 +01:00
Oystein Kristoffer Tveit
fa843c4a59
bekkalokk: add wackattack ctf systemd service
Eval nix flake / evals (push) Successful in 4m9s
Details
2023-10-26 22:10:30 +02:00
Daniel Lovbrotte Olsen
e07945d49c
bicep/matrix: enable sliding sync
Eval nix flake / evals (push) Successful in 2m39s
Details
2023-10-22 02:33:40 +02:00
Oystein Kristoffer Tveit
5c529a0233
Fix gitea runners, add 2 more
...
The gitea runners are now activated correctly,
has support for both debian and ubuntu based systems,
and can will connect to the gitea server through the
loopback interface
2023-09-17 04:05:08 +02:00
Oystein Kristoffer Tveit
b9388a31cf
bekkalokk/gitea-runners: fix token env file
2023-09-17 00:28:28 +02:00
Oystein Kristoffer Tveit
5c37b71646
Merge pull request 'Setup gitea action runner' ( #10 ) from add-gitea-ci into main
...
Reviewed-on: #10
2023-09-16 22:31:22 +02:00
Amalie Erdal Mansaker
76f18b459c
Setup gitea action runner
2023-09-16 22:26:44 +02:00
Daniel Lovbrotte Olsen
f53c0c6eb5
bicep/synapse: Move database configuration out of secrets
2023-09-16 21:38:39 +02:00
Daniel Lovbrotte Olsen
7cd5b42f12
bicep/matrix/synapse: use fewer connections
2023-09-13 11:02:52 +02:00
Daniel Lovbrotte Olsen
f92ebbee16
bicep/synapse: use postgres unix socket
2023-09-13 04:16:22 +02:00
Daniel Lovbrotte Olsen
201e3d306b
bicep: Revert postgres socket stuff
2023-09-13 03:58:29 +02:00
Daniel Lovbrotte Olsen
b5075f48c6
bicep/matrix/synapse: switch database connection to socket
2023-09-13 00:17:10 +02:00
Daniel Lovbrotte Olsen
cfcd230678
Merge pull request 'Fix gitea on bekkalokk' ( #7 ) from configure-gitea into main
...
Reviewed-on: #7
2023-09-07 18:54:24 +02:00
Oystein Kristoffer Tveit
f567199604
bekkalokk/gitea: update API key for import-user-script
2023-09-07 18:41:41 +02:00
Oystein Kristoffer Tveit
b52753987d
bicep: use mysql on bicep as production server
2023-09-07 18:40:13 +02:00
Felix Albrigtsen
3beb76e411
Add pvv-calendar-bot to bicep
2023-08-27 02:36:01 +02:00
Oystein Kristoffer Tveit
34a16149f8
ildkule: add config for prometheus_mysqld_exporter
...
There's a PR waiting to add this module to nixpkgs,
so we should enable this once it gets merged.
2023-07-10 00:06:27 +02:00
Felix Albrigtsen
8f55ef3193
Bekkalokk: Configure Gitea, clean web services
...
Update bekkalokk secrets format
Update gitea keys and firewall rules
Create gitea-user-import script
Fix SSH host key verification
Gitea-import-users bug squashification
Fix Gitea-import SSH problems
2023-06-05 19:41:25 +02:00
Felix Albrigtsen
8ccf9e9298
Update keys and re-enable web services
2023-05-21 02:29:14 +02:00
Daniel Lovbrotte Olsen
ee73a964be
move matrix to bicep
2023-05-08 03:38:59 +02:00
Oystein Kristoffer Tveit
dcbe6871da
bekkalokk: setup keycloak
2023-05-07 00:34:42 +02:00
Daniel Lovbrotte Olsen
bddd7e438d
update jokum sops secrets
2023-03-26 13:14:55 +02:00
Daniel Lovbrotte Olsen
7a9759ef71
matrix: Add mjolnir as a moderation bot
2023-02-13 02:34:11 +01:00
Daniel Lovbrotte Olsen
4684cd239a
matrix: enable shared secret registration
2023-02-13 00:58:15 +01:00
Oystein Kristoffer Tveit
796155481f
Add host `bekkalokk`
...
`bekkalokk` is a new machine, meant to host web services and eventually
miscellaneous services.
2023-01-29 01:51:35 +01:00
Oystein Kristoffer Tveit
efc8eb7ffc
ildkule: add postgres exporter for knakelibrak
2023-01-26 02:16:52 +01:00
Oystein Kristoffer Tveit
171fea39bc
ildkule: switch grafana db from sqlite to postgres
2023-01-22 02:18:21 +01:00
Daniel Lovbrotte Olsen
e7786fee0c
add felix to jokum secrets
2023-01-22 00:47:23 +01:00
Oystein Kristoffer Tveit
5d50a9807e
sops: reencrypt jokum secrets with felixalb keys
2023-01-22 00:47:22 +01:00
Oystein Kristoffer Tveit
2bc5d7d91e
ildkule: set up postgres metrics exporter
2023-01-22 00:47:22 +01:00
Daniel Lovbrotte Olsen
57ff1fa17a
Add oysteikt to secrets
2022-12-18 00:05:26 +01:00
Felix Albrigtsen
6b1f0eb090
Add host ildkule
2022-12-17 21:51:43 +01:00
Daniel Lovbrotte Olsen
8b73e54beb
Add signing key to secrets
...
Less state to manage is always good
2022-12-09 06:24:28 +01:00
Daniel Lovbrotte Olsen
4a9efb0d5c
Finally comitting matrix-configuration now that we have secret-management
2022-12-07 10:16:15 +01:00