steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions
1239 commits 12 branches 0 tags 4.9 MiB
Commit graph

59 commits

Author SHA1 Message Date
Stefan Junker
f251fa81a1 feat: use kanidm from nixpkgs-unstable 2025-03-29 15:49:54 +01:00
Stefan Junker
27c6c4f9fa feat: introduce treefmt and fmt all 2024-11-15 11:45:00 +01:00
Stefan Junker
9d2311bcac WIP: debug mycelium nixos container on containerd 2024-11-02 22:49:36 +01:00
Stefan Junker
bd8630681b WIP k3s 2024-10-16 23:03:38 +02:00
Stefan Junker
4c71887ea6 feat(router0-dmz0, sj-srv1/containers/webserver): set up kanidm 2024-10-16 23:03:38 +02:00
Stefan Junker
070d3037d2 hedgedoc: add session life and secret 2024-10-13 19:44:54 +02:00
Stefan Junker
84b473d38c feat(sj-srv1): switch to hostBridge set up 
the hostside veth interfaces seem to be buggy and this is more efficient
anyway.
 2024-08-24 00:16:29 +02:00
Stefan Junker
53481414df feat: experimental k3s + nix-snapshotter snippet 2024-08-04 14:40:13 +02:00
Stefan Junker
1533077234 sj-srv1,containers: debug and streamline networking config; update and track forgejo here 
after an update to nixpkgs on sj-srv1 the networking for the `webserver`
container wasn't working. this caused me to debug the situation and
changing lots of things around. the culprit was most likely some impure
state file on the server that caused the `ve-webserver` interface not to
persist its IP. after renaming the webserver container the problem went
away.

i reverted all the IP changes and am keeping the other changes as opporunistic
improvements
 2024-07-26 18:02:52 +02:00
Stefan Junker
786d789082 chore: cleanup prev container 2024-06-13 16:41:58 +02:00
Stefan Junker
ef016ac70a feat(webserver/forgejo): set up SSH 2024-06-12 22:26:19 +02:00
Stefan Junker
93cf777ce7 feat(webserver): add forgejo 2024-06-02 23:26:07 +02:00
Stefan Junker
4c18f0a7ab fix(*): adapt to nixos-24.05 changes 2024-06-01 21:47:09 +02:00
Stefan Junker
26f0bde4b3 WIP everything 2024-01-18 19:06:42 +01:00
Stefan Junker
55e6cdafda webserver: enable jitsi-meet, not properly working yet 2023-11-23 11:27:20 +01:00
Stefan Junker
6a2993b665 feat(router0-dmz0): init bpir3 based router 2023-10-01 11:29:16 +02:00
Stefan Junker
9988e3e969 [BROKEN DYNDNS] feat(containers): switch to hetzner for primary domain 2023-08-08 17:54:11 +02:00
Stefan Junker
c49a077711 feat(webserver): switch to caddy, add authelia, lldap, switch hedgedoc to LDAP auth 2023-07-15 21:21:49 +02:00
Stefan Junker
ea7caae226 feat: migrate all containers and hosts to sops 
nix/os/devices/sj-vps-htz0: bump versions
nix/os/devices/elias-e525: bump versions
nix/os/devices/steveej-t14: bump versions
nix/os/devices/justyna-p300: bump versions
 2023-07-10 12:28:49 +02:00
Stefan Junker
b481126ae2 feat: start migrating steveej-t14 and sj-vps-htz-0 to sops 2023-07-05 15:55:04 +02:00
Stefan Junker
6befc79c8e nix fmt 2023-03-21 13:38:22 +01:00
Stefan Junker
7a10782170 feat(167.233.1.14): migrate all containers here 2023-03-09 13:09:51 +01:00
Stefan Junker
89f5f65f2d chore: format with alejandra 2023-02-07 18:24:28 +01:00
Stefan Junker
76c64678ae [WIP] feat: migrate containers to vmd102066 2022-11-03 20:50:59 +01:00
Stefan Junker
7cd97ca6d9 chore: nixfmt * 2022-11-03 20:49:15 +01:00
Stefan Junker
d039179898 chore: nixfmt * 2022-11-03 20:46:14 +01:00
Stefan Junker
dc761a5271 nix/os/devices/srv0.home-ch.stefanjunker.de: bump nixos 21.11 -> 22.05 2022-11-03 20:44:26 +01:00
Stefan Junker
5905f98b07 webserver: make hedgedoc notes private by default 2022-02-01 13:33:02 +01:00
Stefan Junker
9ae50a8275 vmd32387: update to nixos 21.11 2021-12-06 21:39:14 +01:00
Stefan Junker
f32ead9343 update webserver cfg; use unstable kotatogram 2021-12-06 20:23:00 +01:00
Stefan Junker
008c122e28 webserver/hedgedoc: fix upload path 2021-09-16 13:55:16 +02:00
Stefan Junker
fbb7d5dd50 vmd32387: update to nixos 21.05 2021-08-21 02:43:54 +02:00
Stefan Junker
b3a7ef71d9 webserver: configure hedgedoc 2021-05-25 10:23:12 +02:00
Stefan Junker
6eb4e96b09 containers/backup-target: init 
This container is used as a backup target for backing up the other
container volumes.
 2021-02-09 14:16:34 +01:00
Stefan Junker
650da98422 containers/bkp: always preserve latest backup on target 2021-02-08 12:41:23 +01:00
Stefan Junker
8bff26c5e8 srv0,webserver: expose port 80 so ACME can verify the certificate 2021-02-07 17:01:17 +01:00
Stefan Junker
d742a504f0 containers/webserver: use ACME for cert generation 2021-01-07 19:40:17 +01:00
Stefan Junker
406ab7be7e run most containers and back them up at home 
* switch backup from wasabi-s3 to btrfs via ssh
* add srv0 at home
* run webserver and syncthing at home
 2021-01-07 19:40:17 +01:00
Stefan Junker
405ca2ade4 nixos: adjust to 20.09 changes 
Most notably the php5 expression needed to be reworked.
 2020-10-18 21:54:48 +02:00
Stefan Junker
08ac53533d WIP: reconfigure backup 2020-10-17 00:14:36 +02:00
Stefan Junker
0836c22881 containers: make all variables explicit 
Instead of merging the argument set just make all arguments explicit.
 2020-09-15 17:22:38 +02:00
Stefan Junker
4c66c73024 containers: make all host ports configurable 2020-09-15 16:53:25 +02:00
Stefan Junker
d340e3f7f9 containers/mailserver/dovecot: increase max concurrent connections 2020-07-16 10:59:05 +02:00
Stefan Junker
89d62000fd vmd32387/containers: pass resolv.conf to containers 2020-03-16 22:24:46 +01:00
Stefan Junker
1b36ecea3d nix/os/containers/backup: add gargabe-collection 
This adds instructions to remove all older backups.
 2020-03-16 17:32:14 +01:00
Stefan Junker
ebe3167f5b nix/os/devices/vmd32387.contaboserver.net: update to NixOS 20.03 2020-03-16 17:32:14 +01:00
Stefan Junker
0ea2593e9c nix/os/containers/backup: add common safety options to shell script 2020-03-15 09:55:59 +01:00
Stefan Junker
cb1e77940a containers/mailserver: run getmail jobs as group dovecot2 
Necessary due to this error:
```
Mar 06 16:18:44 mailserver 3afdapvhkdmv2df2hc3lrnwd21ai0hmj-unit-script-steveej-getmail-stefanjunker-start[342]:   msg 2117/2118 (3008 bytes), delivery error (command dovecot-lda 358 wrote to stderr: lda(steveej,)Error: net_connect_unix(/run/dovecot2/stats-writer) failed: Permission denied)
```
 2019-03-06 17:23:19 +01:00
Stefan Junker
f7338eb289 containers/syncthing: expose GUI port 2019-03-06 13:53:37 +01:00
Stefan Junker
a34f461905 nix/os/containers/mailserver: enable sieve for LDA 2019-02-17 19:26:00 +01:00