141 commits

Author	SHA1	Message	Date
lilly	983584a510	configure reverse proxy map explicitly for hostnames	2026-02-27 21:51:09 +01:00
June	7ca446457a	onlyoffice: support custom fonts and add di.day fonts	2026-02-26 23:13:30 +01:00
lilly	fcc0d615a7	configure diday.org on public-reverse-proxy	2026-02-26 18:01:52 +01:00
lilly	41dc9c8529	configure www2 nginx	2026-02-26 17:44:24 +01:00
Stefan Bethke	ac013ca8a1	Fix template syntax	2026-02-22 18:37:16 +01:00
Stefan Bethke	7a1ea7d40e	Override base.html template to brand site	2026-02-22 18:22:12 +01:00
lilly	bb06f21c53	configure diday website deployment	2026-02-18 11:57:21 +01:00
June	fe647da3bf	mjolnir: deploy mjolnir using docker compose ... Moving from mjolnir from nix-infra to ansible-infra. Also using native encryption now instead of the deprecated pantalaimon and having protectAllJoinedRooms set to true for easier and quicker usage.	2026-02-11 03:10:43 +01:00
Stefan Bethke	3086c2b60c	Use new name for sqlite driver	2026-02-08 14:19:02 +01:00
Stefan Bethke	196f1d70cf	downgrade acme-dns to v1.0	2026-02-08 11:37:14 +01:00
chris	c1e1897cda	grafana: more alertmanager config	2026-02-06 17:17:26 +01:00
June	17ba7c04f2	acmdns(host): expose and monitor health endpoint	2026-02-01 23:14:15 +01:00
June	9c2fe5ea9b	public-reverse-proxy(host): remove cpuccc.hamburg.ccc.de alias	2026-01-28 15:32:29 +01:00
Stefan Bethke	06ae220857	Remove spaceapiccc.hamburg.ccc.de	2026-01-27 22:35:28 +01:00
Stefan Bethke	1f2a08cf15	Spell stuff correctly	2026-01-27 20:16:57 +01:00
Stefan Bethke	3bba747dab	Configure seperate server for spaceapi.ccc.de	2026-01-27 16:30:00 +01:00
June	200e8019ed	public-reverse-proxy: add config for local/lokal.ccc.de ... local/lokal.ccc.de points to cpu.ccc.de.	2026-01-27 15:49:38 +01:00
Stefan Bethke	c8edde4d11	Pretty up	2026-01-26 00:20:27 +01:00
Stefan Bethke	0f3cd2c70a	amcedns to enable Let's Encrypt DNS-01 challenges	2026-01-25 22:41:42 +01:00
chris	c7d51af5b4	rollout Alloy to replace prometheus_node_exporter ... With the new network we need to deploy a push based solution in order to get metrics into prometheus	2026-01-25 21:44:49 +01:00
chris	11779ab21d	grafana: get alertmanager to be more chill ... a bit of help to deal with alert fatigue	2026-01-25 21:41:20 +01:00
June	0939771d08	public-reverse-proxy(host): add entries for cpu.ccc.de	2026-01-25 20:22:44 +01:00
Stefan Bethke	cee1fe970a	Add spaceapiccc as a replacement for erfafoo	2026-01-25 14:03:54 +01:00
June	d514688574	systemd_networkd(role),router(host): support global config to fix forw. ... With the router upgrade to Debian 13 the systemd version got upgraded as well breaking the current configuration for IP forwarding. Add a variable for global systemd-networkd configuration and use that to enable IPv4 and IPv6 forwarding on the router. The systemd_networkd role could be a bit nicer, not deploying/deleting the global configuration, if the variable is empty and reloading/restarting systemd-networkd at appropriate times. But as is works for now.	2026-01-18 19:21:33 +01:00
June	428b5c70bc	pretalx(host): roll back to pretalx v2025.1.0 for celery as well	2026-01-13 14:19:57 +01:00
June	3e0fdfa8de	pretalx(host): roll back to pretalx v2025.1.0 as v2025.2.2 doesn't work	2026-01-13 03:43:28 +01:00
Renovate	c638790819	Update all stable non-major dependencies	2026-01-12 02:30:47 +00:00
June	968e29ccb8	do v6-only for internal proxy protocol communication ... Since we want to do v6-only internally, only listen on v6 for proxy protocol. This is also needed as we only have set_real_ip_from pointing to a v6.	2026-01-12 03:02:09 +01:00
June	255327952e	ntfy(host): move to new network and hostname	2026-01-11 03:57:11 +01:00
June	1971598e71	pretalx(host): move to new network and hostname	2026-01-11 03:23:18 +01:00
June	372f264bcb	ccchoir(host): move to new network and hostname	2026-01-11 03:23:14 +01:00
June	2fbb37db18	grafana(host): move to new network and hostname	2026-01-11 03:23:01 +01:00
June	bb30e88404	router(host): allowlist only certain icmpv6 types	2026-01-11 00:29:16 +01:00
June	a41b07949c	zammad(host): move to new network and hostname	2026-01-11 00:22:37 +01:00
June	ff550cbd8a	tickets(host): move to new network and hostname	2026-01-11 00:00:18 +01:00
June	49e3ecb986	netbox(host): move to new network and hostname	2026-01-09 03:05:29 +01:00
June	40b67c6bc3	sunders(host): move to new network and hostname	2026-01-07 18:46:16 +01:00
June	80ddb2efc9	router: enable a DHCP server for the v4-NAT network as well ... As the hosts don't really need a static v4, just do DHCP.	2026-01-07 17:25:27 +01:00
June	944c8cde82	onlyoffice(host): move to new network and hostname	2025-12-17 03:34:39 +01:00
June	366456eff8	keycloak(host): move to new network and hostname ... Also just listen on port 8443 for keycloak-admin proxy protocol.	2025-12-16 21:50:40 +01:00
June	1ca71a053e	pad(host): move to new network and hostname	2025-12-16 21:12:21 +01:00
June	570600fce3	eh22-wiki(host): move to new network and hostname	2025-12-16 20:58:05 +01:00
June	5a476f2103	cloud(host): move to new network and hostname	2025-12-16 20:47:44 +01:00
June	b72dee0d6d	wiki(host): actually have nginx listen on v6	2025-12-16 19:52:24 +01:00
June	8b94a49f5e	wiki(host): move to new network and internal hostname	2025-12-16 19:23:33 +01:00
June	5f98dca56c	router(host): expose public v6 networks ... Also prepare for exposing public v4 networks later.	2025-12-16 19:03:36 +01:00
jtbx	66ee44366b	public-reverse-proxy: New IP of wiki VM	2025-12-14 15:39:03 +01:00
June	183b91b9f2	router(host): add nftables config for basic router functionality	2025-12-13 22:07:38 +01:00
June	a9e394da06	router(host): add systemd-networkd-based network config	2025-12-13 22:07:37 +01:00
Renovate	0eaaf9227c	Update all stable non-major dependencies	2025-11-19 13:30:39 +00:00