Commit graph

242 commits

Author SHA1 Message Date
a23c152d8e
nextcloud: configure maintenance window start time
See: https://docs.nextcloud.com/server/28/admin_manual/configuration_server/background_jobs_configuration.html#maintenance-window-start
2024-07-29 21:42:48 +02:00
6ad42219c0
Pull nextcloud image from our own image registry 2024-07-29 20:23:17 +02:00
f8ac16f65b
Use our Keycloak custom image
We build our custom Keycloak image with our own theme located at https://git.hamburg.ccc.de/CCCHH/oci-images
2024-07-27 01:32:33 +02:00
ea713aa162 Allow members of intern to issue invites 2024-07-23 21:23:11 +02:00
cbb0842539 Add missing parameters 2024-07-16 09:24:46 +02:00
4f5da885ea Add missing params 2024-07-15 18:52:48 +02:00
94f65f8fe7 Add invite to Keycloak 2024-07-15 12:37:36 +02:00
a990c96eb1
Upgrade to Keycloak 25 and move to new config options
https://www.keycloak.org/docs/latest/upgrading/index.html#new-hostname-options
https://www.keycloak.org/docs/latest/upgrading/index.html#deprecated-proxy-option
2024-07-15 01:40:07 +02:00
ad8d27cd6a Take base wordpress from image 2024-07-04 11:21:46 -04:00
1e25ebf1e9
Add reverse proxy config for woodpecker.hamburg.ccc.de 2024-06-22 02:11:14 +02:00
647c2fc005
Also ensure NGINX repo and install before apt update for nextcloud_hosts
Do that because the nextcloud role uses NGINX via the nginx role
internally as well, but nextcloud_hosts aren't necessarily in the
nginx_hosts group then.
2024-06-18 01:37:41 +02:00
11bbf187c6
Ensure NGINX repo and install before apt update, so that it works
Ensure NGINX repo and install on nginx_hosts before apt update, so that
the latest NGINX key is deployed and apt update won't fail on an invalid
signature on these hosts.
Also only run the gnupg install if gnupg isn't present in the nginx
repo_setup.yaml to make that work.
2024-06-18 01:14:00 +02:00
fb4aabc772
Add reverse proxy config for hacker.tours and staging.hacker.tours 2024-06-17 22:16:49 +02:00
f67483fa46 Add lists.c3lingo.org 2024-06-16 16:39:19 +02:00
ec400ed7d6
Use new IP for eh22-wiki host 2024-06-13 22:30:29 +02:00
097ddff0a7 Enable expiry 2024-06-04 18:06:58 +02:00
5b5a954547 Adjust networks for successful email submission 2024-05-25 12:36:27 +02:00
7ede6272b7 Workaround for broken Zammad Scheduler database config 2024-05-25 11:03:17 +02:00
2eb18460be Add pad expiry 2024-05-20 13:49:25 +02:00
182efd44c3
Add reverse proxy config entrys for EH22 Wiki 2024-05-17 20:43:46 +02:00
553bc01df1 add ccchoir 2024-05-10 20:37:47 +02:00
78837e45fe Use Forgejo instead of Gitlab 2024-05-10 19:18:54 +02:00
d2538e9f5d Licht für Werkstatt dazu 2024-05-08 21:40:40 +02:00
57c957cd4e
Bump Keycloak to version 24 2024-03-08 01:35:45 +01:00
e96f25cc4d Add seconf foobazdmx for workshop 2024-02-26 23:07:36 +01:00
0f732833de Grafana-Config für PVE dazu 2024-02-26 22:29:02 +01:00
65159c2bb8
Add reverse proxy config entrys for old easterhegg pages under hamburg.ccc.de 2024-02-24 22:13:27 +01:00
9649574025
Add reverse proxy config entrys for old easterhegg pages 2024-02-20 23:07:01 +01:00
e2a0b9e74c grafana: add chaosknoten 2024-01-30 23:23:13 +01:00
2431b455c2 Use prometheus-jitsi-meet-exporter 2024-01-29 21:13:22 +01:00
3184154f7b Add jitsi video bridge stats 2024-01-29 20:31:12 +01:00
e0ebe2c720 Add jitsi as target 2024-01-28 07:52:46 +01:00
04d74b5c50
nginx: restart nginx on nginx.conf change
This also fixes the problem mentioned in the README.
2024-01-28 04:11:27 +01:00
0fb059e6bf
Add nginx reload command on new cert for all VMs with certbot and nginx 2024-01-28 04:01:06 +01:00
95a3901935
certbot: add possibility to specify commands to run on new certs
This makes it possible to e.g. reload nginx when new certificates are
present.
2024-01-28 03:29:39 +01:00
e53da90160 Enable standalone nginx/certbox config 2024-01-26 20:46:26 +01:00
880e77575a Sort list alphabetically 2024-01-26 19:33:46 +01:00
79ac891c30 Add metrics for club OPNsense 2024-01-26 19:28:09 +01:00
0307ad6c9f proxy access to metrics through nginx 2024-01-24 19:36:21 +01:00
a68edb81c4 Add Grafana/Prometheus config 2024-01-24 19:12:43 +01:00
946b35efab Grafana-Daten auch speichern 2024-01-24 17:22:35 +01:00
ebcde5433c nginx mit redirect auf wiki 2024-01-23 22:36:15 +01:00
5c4ee01e71 certbot für mumble dazu 2024-01-23 21:24:31 +01:00
4363b3d040 Redirect properly from wikis old to new domain
Make use of $request_uri redirect to the correct sub-page.
2024-01-22 22:43:52 +01:00
81c8bfe16b Actually keep using $uri for DokuWiki stuff since otherwise it breaks
To be investigated if the $uri issue also applies for try_files.
2024-01-22 22:41:12 +01:00
6787c7c0d7 Use $request_uri instead of $uri, since $uri allows for injection
Thanks NixOS for pointing that out! :3
Also see here for an explanation:
https://reversebrain.github.io/2021/03/29/The-story-of-Nginx-and-uri-variable/
2024-01-22 22:37:10 +01:00
98906db4bf Configure reverse proxy for hamburg.ccc.de, staging and www
This replaces next, since the new website is now live.
2024-01-22 22:35:38 +01:00
2659796e8b Migrate to wiki.hamburg.ccc.de 2024-01-22 22:02:33 +01:00
586254c147 Actually use an IP, which isn't already in use by another service 2024-01-14 02:33:59 +01:00
009de7d398 Actually use correct IP for git.hamburg.ccc.de 2024-01-14 01:22:24 +01:00
422330f48c Add git.hamburg.ccc.de 2024-01-14 01:12:04 +01:00
f265390c33 Bump Keycloak version to 23.0 2024-01-13 20:48:04 +01:00
ca08cf693b Actually make spaceapi.hamburg.ccc.de work 2024-01-13 18:44:21 +01:00
f5af6c2074 Add c3cat.de 2023-12-29 14:40:50 +01:00
ec7c9b9b86 Document restart issue 2023-12-19 23:20:03 +01:00
5fcbe5cfab Add grafana 2023-12-19 18:37:24 +01:00
3cb72d8b81 enforce https 2023-12-10 14:03:53 +01:00
9f4d1464bd add de & en path prefixes for websdite 2023-12-10 00:29:49 +01:00
ab429df4dd Add Zammad 2023-12-09 12:28:28 +01:00
53ba5b9561 Website dazu 2023-12-07 23:54:22 +01:00
e630ffdf46 Small fixes
* fix ACME setup
* use correct port number
* use correct email sender
2023-12-03 20:34:31 +01:00
f238182302 Pretix für Hackertours 2023-12-03 13:14:34 +01:00
b94cb009ad Config fuer lists dazu 2023-11-13 11:32:56 -05:00
a9fac907d5 stbe darf von zuhause Keycloak admin 2023-11-13 11:32:56 -05:00
bb95923807 Add a role for deploying infrastructure authorized keys and use it 2023-11-11 00:23:20 +01:00
89f1b1b299 Remove call to send_only_mailserver role 2023-11-09 19:27:35 +01:00
7da6549727 Remove send_only_mailserver role, since its not needed anymore 2023-11-09 19:27:03 +01:00
b29eaba5f9 Remove hacky override for send-only-mailserver 2023-11-09 19:26:36 +01:00
66370eceda Remove hacky override for send-only-mailserver
Remove it, since its not needed anymore.
2023-11-09 19:24:19 +01:00
6ae47b32f3 Configure new mailserver for Nextcloud 2023-11-09 19:16:45 +01:00
b6f316254f Add Reverse Proxy config for spaceapi.hamburg.ccc.de 2023-11-05 00:57:36 +01:00
6a023f5433
Remove esphome host and role since it has been migrated to NixOS 2023-11-04 22:46:01 +01:00
ed74a88734 Domains don't work (anymore?), so just use IPs 2023-10-28 02:14:44 +02:00
95d5ed2ca9 Add Reverse Proxy config for next.hamburg.ccc.de 2023-10-25 02:19:53 +02:00
d99874935f comment out another instance of non-working code 2023-10-23 21:40:46 +02:00
16a5d35fb0 comment out non-working code 2023-10-23 21:40:03 +02:00
26181f7759
Add Redirect on id.hamburg.ccc.de to the account management page 2023-10-23 21:16:32 +02:00
505a2ba9f9 Add Public-Reverse-Proxy configuration for new branding-resources site 2023-10-07 05:17:25 +02:00
3828b8d500 Add Public-Reverse-Proxy configuration for new Element Web hosting 2023-10-07 05:17:01 +02:00
9b6d909d11 Add Public-Reverse-Proxy configuration for new Matrix server 2023-10-06 05:06:56 +02:00
856cc74d90 Make Public-Reverse-Proxy handle IPv6 2023-10-06 05:06:15 +02:00
ce75ba0f70 Fix smtpd.conf. listen on 127.0.0.1 and 0.0.0.0 doesn't work 2023-09-25 20:12:13 +02:00
718b6906c5 Allow uploading of stl files to dokuwiki 2023-09-25 18:29:06 +02:00
2b1a2c599b Add link to dokuwiki docs on uploadsize 2023-09-25 18:22:31 +02:00
7468b4d8f6 Fix OpenSMTPD annoyingness
Co-authored-by: yuri <yuri@nekover.se>
2023-09-25 03:03:14 +02:00
fdae96fbc1 Migrate to NixOS: Remove Z9 Audio host from this repo 2023-09-25 02:59:41 +02:00
b295690ad5 Add playbook and accompanying role for doing maintenance 2023-09-25 02:57:30 +02:00
de97436706 Migrate to NixOS: Remove Z9 Public-Reverse-Proxy host from this repo 2023-09-25 02:48:56 +02:00
c5eae99a7f Add reverse proxy configuration for netbox 2023-09-21 19:13:56 +02:00
804becdd31 Wiki: Fix oauth, create role from playbook 2023-09-15 22:06:46 +02:00
73db1dd077 Introduce onlyoffice 2023-08-27 20:02:53 +02:00
c2964e1707 Remove note regarding encryption and add link to wiki 2023-08-25 22:48:56 +02:00
62b4f93218 Introduce Nextcloud role and deploy Cloud on Chaosknoten
Co-authored-by: Max <max@mlem.cloud>
2023-08-25 20:50:46 +02:00
112f1990b9 Introduce Uptime-Kuma 2023-08-12 01:47:55 +02:00
69621e3d7f Add cursed override for the aes as well :S 2023-08-11 02:17:30 +02:00
12a1e5dc22 Move Engelsystem MAIL_PASSWORD secret to appropriate place 2023-08-11 02:05:40 +02:00
dd5e37fb68 Add restart: unless-stopped to Engelsystem compose 2023-08-11 02:05:20 +02:00
d16da59fd7 Migrate Wiki from ThinkCCCluster to Chaosknoten
Also do the redirect for DNS cache stuff like with aes.
2023-08-11 01:59:34 +02:00
d256082221 Proxy AES in Club to new location for cached DNS records
Do that so that cached DNS records don't make problems. (We had a TTL of
1 week for some reason, so people having that in their cache might still
resolve to the Club. This shouldn't be a problem anymore at
~14.08.2023.)
2023-08-11 00:55:47 +02:00
dc89d33e33 Remove acme challenge entry for aes.ccchh.net 2023-08-11 00:42:05 +02:00