Felix Albrigtsen
1c35da0295
Merge pull request 'bekkalokk: add snappymail' ( !39 ) from bekkalokk-snappymail into main
...
Reviewed-on: Drift/pvv-nixos-config#39
2024-05-26 01:52:17 +02:00
Felix Albrigtsen
5fb1b805a8
bekkalokk: add snappymail
2024-05-26 01:07:27 +02:00
Daniel Lovbrotte Olsen
898e362a9f
Merge pull request 'bekkalokk/website: add sp metadata for all domains' ( !34 ) from add-sp-metadata-for-all-website-domains into main
...
Reviewed-on: Drift/pvv-nixos-config#34
2024-05-14 05:27:44 +02:00
Oystein Kristoffer Tveit
bcf2ceed32
gitea: setup mail
2024-05-12 02:26:13 +02:00
Oystein Kristoffer Tveit
200224d2c1
Merge pull request 'bekkalokk: misc gitea cleanup' ( !33 ) from misc-gitea-cleanup into main
...
Reviewed-on: Drift/pvv-nixos-config#33
2024-05-12 02:12:55 +02:00
Daniel Lovbrotte Olsen
dcf29b76b8
bicep/matrix: allow global address of new ildkule to access metrics
2024-04-24 03:03:53 +02:00
Felix Albrigtsen
55e8f01d1d
Upgrade ildkule ( !36 )
...
This PR is made while moving Ildkule from PVE on joshua, to Openstack on stack.it.ntnu.no.
- The main monitoring dashboard is moved from https://ildkule.pvv.ntnu.no to https://grafana.pvv.ntnu.no .
- A new service is added: uptime-kuma on https://uptime.pvv.ntnu.no .
- The (hardware) configuration for ildkule is updated to fit the new virtualization environment, boot loader, network interfaces, etc.
- Metrics exporters on other hosts should be updated to allow connections from the new host
As this is the first proper server running on openstack, and therefore outside our main IP range, we might discover challenges in our network structure. For example, the database servers usually only allow connections from this range, so Ildkule can no longer access it. This should be explored, documented and/or fixed as we move more services.
Reviewed-on: Drift/pvv-nixos-config#36
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
Co-committed-by: Felix Albrigtsen <felix@albrigtsen.it>
2024-04-21 23:36:25 +02:00
Oystein Kristoffer Tveit
b7b1c73bfa
bekkalokk/gitea: use systemd unit for gitea customization
2024-04-16 01:02:21 +02:00
Oystein Kristoffer Tveit
6851879a03
bekkalokk: remove keycloak
2024-04-14 23:59:46 +02:00
Oystein Kristoffer Tveit
70603145cf
bekkalokk/website: add sp metadata for all domains
2024-04-14 17:06:01 +02:00
Felix Albrigtsen
1e4195ea9d
bekkalokk: pvv-nettsiden-gallery: Improve thumbnail generation
2024-04-14 02:04:45 +02:00
Daniel Lovbrotte Olsen
ee335e3712
bicep/synapse: fix registering users via smtp
2024-04-14 01:52:17 +02:00
Oystein Kristoffer Tveit
5bed292a01
bekkalokk/gitea: move user import stuff to separate nix file
2024-04-11 21:47:44 +02:00
Oystein Kristoffer Tveit
36b7087a3f
base.nix: hotfix for hotfix for nginx on bicep ( 3352e48f
)
...
Turns out the settings were in biceps local nginx config
2024-04-11 20:41:02 +02:00
Oystein Kristoffer Tveit
1919da7a1c
bicep/matrix: remove SAML authentication
2024-04-11 19:55:10 +02:00
Oystein Kristoffer Tveit
0950fedf98
bekkalokk/website: fix some nginx location directives
2024-04-11 13:21:11 +02:00
Oystein Kristoffer Tveit
614c2d624c
bekkalokk/webmail: add redirects for old webmail locations
2024-04-11 10:47:13 +02:00
Daniel Lovbrotte Olsen
db211c2304
bekkalokk/website: don't try to listen for ntnu.org
2024-04-11 05:31:33 +02:00
Felix Albrigtsen
79bf307ef2
bekkalokk: Reconfigure www ingress
2024-04-11 00:48:07 +02:00
Felix Albrigtsen
4d50efc6db
Finalize www/idp/webmail migration from spikkjeposche to bekkalokk
2024-04-10 23:31:04 +02:00
Oystein Kristoffer Tveit
9577477460
bekkalokk/nettsiden: add secrets
2024-04-10 23:04:20 +02:00
Felix Albrigtsen
fc19a8f1e1
bekkalokk: Automatically unpack pvv-nettsiden/gallery and generate thumbnails
2024-04-10 23:04:20 +02:00
Oystein Kristoffer Tveit
8657e77514
bekkalokk: set up pvv-nettsiden
2024-04-10 23:04:18 +02:00
Oystein Kristoffer Tveit
065992620e
treewide: nginx optimizations
2024-04-10 22:06:44 +02:00
Oystein Kristoffer Tveit
fbbc54328b
gitea: add theming module
2024-04-09 01:52:57 +02:00
Oystein Kristoffer Tveit
42fd371c3b
mediawiki: restart phpfpm on updated secrets
2024-04-06 23:57:37 +02:00
Oystein Kristoffer Tveit
6e1b06731f
bekkalokk: add VisualEditor to mediawiki extensions
2024-04-06 21:09:01 +02:00
Felix Albrigtsen
2cb7e06369
bekkalokk/mediawiki: fix path, upgrade security
2024-04-03 08:29:19 +02:00
Oystein Kristoffer Tveit
a55c908fe7
bekkalokk/mediawiki: change domain from wiki2 to wiki
2024-04-02 19:54:28 +02:00
Oystein Kristoffer Tveit
d531419f35
bekkalokk: init mediawiki
...
Co-authored-by: Jørn Åne <yorinad@pvv.ntnu.no>
2024-04-01 23:57:39 +02:00
Oystein Kristoffer Tveit
806b18ede8
bekkalokk: init idp-simplesamlphp
2024-04-01 23:57:39 +02:00
Oystein Kristoffer Tveit
9495682f57
bekkalokk: package mediawiki extensions outside of module
2024-04-01 00:39:12 +02:00
Oystein Kristoffer Tveit
266ce9ed08
bekkalokk: set up kerberos client
2024-04-01 00:38:49 +02:00
Daniel Lovbrotte Olsen
7c6d4d31c7
bicep/matrix/element: update room directories
2024-03-05 05:52:31 +01:00
Daniel Lovbrotte Olsen
9f46be1ca1
bicep/matrix: update element lab flags and room directoriy listings
2024-03-05 05:28:23 +01:00
Jo Vassbotn Remvik
545583cf04
bekkalokk/gitea: Do not change the user visibility
2024-03-03 00:29:24 +01:00
Felix Albrigtsen
62b269637a
bekkalokk/gitea: unset visibility when updating users
2024-02-12 11:24:14 +01:00
Adrian Gunnar Lauterer
7fd9a1e646
started on bikkje container for new loginbox - work in progress
2024-01-07 01:21:11 +01:00
Daniel Lovbrotte Olsen
4ea90380ad
bicep/matrix: use synapse package from stable
...
It's fixed now
2023-12-16 00:22:02 +01:00
Felix Albrigtsen
80ef1ce4fa
Buskerud: Remove OV-link, general cleanup
2023-12-12 15:27:20 +01:00
Felix Albrigtsen
2b834eee14
Buskerud: Comment out openvpn-client
2023-12-12 11:39:33 +01:00
Daniel Lovbrotte Olsen
dd8b677a79
buskerud: bootloader - 3.3TB, OS - 256GB 👍
2023-12-10 05:27:58 +01:00
Daniel Lovbrotte Olsen
eabd8df3d8
bicep/matrix: use package with fixed pythonEnv
2023-12-10 04:32:26 +01:00
Oystein Kristoffer Tveit
0b5e03471f
upgrade to nixpkgs 23.11
2023-12-05 00:36:09 +01:00
Daniel Lovbrotte Olsen
d8031ecca1
Merge pull request 'replace-knakelibrak-nginx-reverse-proxy' ( #18 ) from replace-knakelibrak-nginx-reverse-proxy into main
...
Reviewed-on: Drift/pvv-nixos-config#18
2023-12-03 07:01:13 +01:00
Oystein Kristoffer Tveit
8ced91a285
hosts/buskerud: init
...
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
2023-11-30 19:42:05 +01:00
Daniel Lovbrotte Olsen
1ef033c754
bekkalokk/ingress: proxy matrix well-known files to bicep
2023-11-28 10:24:18 +01:00
Felix Albrigtsen
d900dc1b1b
Redirect subpages like ./well-known, add @-domains
2023-11-28 10:24:18 +01:00
Oystein Kristoffer Tveit
d5985e02f3
Prepare to replace knakelibrak
...
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
2023-11-28 10:23:02 +01:00
Daniel Lovbrotte Olsen
2c42b120a6
Merge branch 'extend_smtp'
2023-11-28 08:39:15 +01:00
Daniel Lovbrotte Olsen
27ba3f7a7f
bicep/matrix: serve server well-known
2023-11-28 08:36:56 +01:00
Daniel Lovbrotte Olsen
c1c58122ea
bicep/matrix: Improve flexibility of username login
...
It should be possible to log in with @username:pvv.ntnu.no now
That way client well-known in third party clients will work
it might also fix the weird logout of session issues in element
2023-11-28 05:14:04 +01:00
Oystein Kristoffer Tveit
54a54ad0f5
Merge pull request 'Roundcube testing on bekkalokk now working.' ( #14 ) from roundcube into main
...
Reviewed-on: https://bekkalokk.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/14
2023-11-26 05:17:28 +01:00
Oystein Kristoffer Tveit
2a1e649eed
bekkalokk: fix roundcube, and move to webmail2.pvv.ntnu.no/roundcube
2023-11-26 05:05:15 +01:00
Daniel Lovbrotte Olsen
d7638138ed
brzeczyszczykiewicz: add bokhylle as alias for the grzegorz service
2023-11-26 02:36:23 +01:00
Adrian Gunnar Lauterer
c8d383c9ab
bekkalokk-roundcube init at roundcube.pvv.ntnu.no
2023-11-25 21:23:06 +01:00
Daniel Lovbrotte Olsen
c4df999058
bob: init
...
Cool beeg nix builder
for now anyways
2023-11-05 06:06:57 +01:00
Oystein Kristoffer Tveit
3caa66fb64
rename input: unstable -> nixpkgs-unstable
2023-11-05 01:22:48 +01:00
Daniel Lovbrotte Olsen
b458801f95
Revert "bekkalokk: add wackattack ctf systemd service"
...
CTF is over
This reverts commit fa843c4a59
.
2023-10-30 09:03:27 +01:00
Oystein Kristoffer Tveit
fa843c4a59
bekkalokk: add wackattack ctf systemd service
2023-10-26 22:10:30 +02:00
Daniel Lovbrotte Olsen
e07945d49c
bicep/matrix: enable sliding sync
2023-10-22 02:33:40 +02:00
Daniel Lovbrotte Olsen
32885891fe
bicep/matrix: enable smtp auth
...
yolo lmao
2023-10-22 01:59:25 +02:00
Daniel Lovbrotte Olsen
9b44087693
bekkalokk/gitea: make import user script run by default
...
Systemd stuff are generally turned on by default but need to be wanted
Much like me
2023-10-14 22:47:56 +02:00
Daniel Lovbrotte Olsen
be341622fe
georg: init
2023-09-17 04:57:30 +02:00
Daniel Lovbrotte Olsen
87a7b17b49
brzeczyszczykiewicz: init
2023-09-17 04:57:30 +02:00
Oystein Kristoffer Tveit
5c529a0233
Fix gitea runners, add 2 more
...
The gitea runners are now activated correctly,
has support for both debian and ubuntu based systems,
and can will connect to the gitea server through the
loopback interface
2023-09-17 04:05:08 +02:00
Oystein Kristoffer Tveit
bc678b5d51
Merge pull request 'Bekkalokk: Enable podman' ( #11 ) from add-gitea-ci into main
...
Reviewed-on: Drift/pvv-nixos-config#11
2023-09-16 22:38:23 +02:00
Amalie Erdal Mansaker
ade2f6f5c9
Bekkalokk: Enable podman
2023-09-16 22:38:15 +02:00
Oystein Kristoffer Tveit
5c37b71646
Merge pull request 'Setup gitea action runner' ( #10 ) from add-gitea-ci into main
...
Reviewed-on: Drift/pvv-nixos-config#10
2023-09-16 22:31:22 +02:00
Amalie Erdal Mansaker
76f18b459c
Setup gitea action runner
2023-09-16 22:26:44 +02:00
Oystein Kristoffer Tveit
97cd5a235f
Merge pull request 'Gitea enabled actions' ( #9 ) from add-gitea-ci into main
...
Reviewed-on: Drift/pvv-nixos-config#9
2023-09-16 21:51:43 +02:00
Amalie Erdal Mansaker
e5fac39ce8
Enabled actions
2023-09-16 21:51:13 +02:00
Daniel Lovbrotte Olsen
f53c0c6eb5
bicep/synapse: Move database configuration out of secrets
2023-09-16 21:38:39 +02:00
Daniel Lovbrotte Olsen
816997b74f
bicep/nginx: increase workers and enable modern compression
...
Should decrease latency
2023-09-13 11:01:09 +02:00
Daniel Lovbrotte Olsen
06322a26fc
bicep/postgres: enable jit again, make more memory available
2023-09-13 05:22:23 +02:00
Daniel Lovbrotte Olsen
a58101bfbc
Remove deprecated hosts and clean up
2023-09-13 05:03:57 +02:00
Daniel Lovbrotte Olsen
d3b363b028
bicep: Remove deprecated grub version option
2023-09-13 04:54:46 +02:00
Daniel Lovbrotte Olsen
4a6ea9be2d
bicep/synapse: define registration secret properly
2023-09-13 04:53:56 +02:00
Daniel Lovbrotte Olsen
f92ebbee16
bicep/synapse: use postgres unix socket
2023-09-13 04:16:22 +02:00
Daniel Lovbrotte Olsen
201e3d306b
bicep: Revert postgres socket stuff
2023-09-13 03:58:29 +02:00
Daniel Lovbrotte Olsen
437219bb68
bicep/postgres: Enable unix socket auth
2023-09-13 00:52:27 +02:00
Felix Albrigtsen
d96c30bbd5
Fix calendar-bot timer
2023-09-12 18:23:20 +02:00
Felix Albrigtsen
36b768b3b2
( ͡° ͜ʖ ͡°)
2023-09-08 02:33:22 +02:00
Felix Albrigtsen
9f36bd86a8
Update calendar bot details
2023-09-08 02:25:23 +02:00
Felix Albrigtsen
1370ccddf8
Initialize host: shark
2023-09-08 02:11:02 +02:00
Daniel Lovbrotte Olsen
cfcd230678
Merge pull request 'Fix gitea on bekkalokk' ( #7 ) from configure-gitea into main
...
Reviewed-on: Drift/pvv-nixos-config#7
2023-09-07 18:54:24 +02:00
Oystein Kristoffer Tveit
1afc8841a9
bekkalokk/nginx: remove commented virtualhost for mediawiki
2023-09-07 18:53:05 +02:00
Oystein Kristoffer Tveit
b4b6b4971a
bekkalokk/gitea: misc changes
...
- change domain from git2 to git1
- enable internal SSH serer
- enable code search
- add custom logos
- update import-user-script to ignore GECOS fields
2023-09-07 18:53:05 +02:00
Oystein Kristoffer Tveit
b52753987d
bicep: use mysql on bicep as production server
2023-09-07 18:40:13 +02:00
Felix Albrigtsen
3beb76e411
Add pvv-calendar-bot to bicep
2023-08-27 02:36:01 +02:00
Daniel Lovbrotte Olsen
bfe94003c4
bicep/matrix/discord: enable legacy authorization because old mx-puppet-discord 😭
2023-08-18 00:54:06 +02:00
Oystein Kristoffer Tveit
a5c83866ca
bicep: setup ACME cert for postgres
2023-08-12 02:55:20 +02:00
Oystein Kristoffer Tveit
34a16149f8
ildkule: add config for prometheus_mysqld_exporter
...
There's a PR waiting to add this module to nixpkgs,
so we should enable this once it gets merged.
2023-07-10 00:06:27 +02:00
Oystein Kristoffer Tveit
998e66db65
bicep: enable mysql
2023-07-10 00:06:09 +02:00
Daniel Lovbrotte Olsen
699569249a
ildkule: adjust matrix version annotations for nixos matrix module
2023-06-20 14:01:44 +02:00
Daniel Lovbrotte Olsen
e73b7d2cd1
ildule: fix upstream dashboard variables
2023-06-20 13:46:00 +02:00
Daniel Lovbrotte Olsen
ff30477e86
ildule: Update matrix dashboard from upstream
2023-06-20 13:20:42 +02:00
Felix Albrigtsen
8f55ef3193
Bekkalokk: Configure Gitea, clean web services
...
Update bekkalokk secrets format
Update gitea keys and firewall rules
Create gitea-user-import script
Fix SSH host key verification
Gitea-import-users bug squashification
Fix Gitea-import SSH problems
2023-06-05 19:41:25 +02:00
Daniel Lovbrotte Olsen
d694724f5c
bicep/synapse: Set event cache to 20K
...
This is double the cache from default
changed because we're seeing periodic cpu spikes
with this cache beeing the main one missing
2023-05-26 02:22:18 +02:00
Daniel Lovbrotte Olsen
68ce7acebb
Revert "bicep: Emergency fix for matrix postgres auth"
...
This reverts commit fdbcd8c884
.
This was not it
2023-05-23 05:12:46 +02:00