fe752495ae
id: allow z9 ipv6 range to access admin interface
2024-08-05 23:32:58 +02:00
70a27ec79c
light: use new combined cert and make server reachable over v6
...
The server being reachable over v6 is needed for the new method of
getting the cert directly via http challenge over v6.
2024-07-30 00:14:09 +02:00
a23c152d8e
nextcloud: configure maintenance window start time
...
See: https://docs.nextcloud.com/server/28/admin_manual/configuration_server/background_jobs_configuration.html#maintenance-window-start
2024-07-29 21:42:48 +02:00
6ad42219c0
Pull nextcloud image from our own image registry
2024-07-29 20:23:17 +02:00
f8ac16f65b
Use our Keycloak custom image
...
We build our custom Keycloak image with our own theme located at https://git.hamburg.ccc.de/CCCHH/oci-images
2024-07-27 01:32:33 +02:00
ea713aa162
Allow members of intern to issue invites
2024-07-23 21:23:11 +02:00
cbb0842539
Add missing parameters
2024-07-16 09:24:46 +02:00
4f5da885ea
Add missing params
2024-07-15 18:52:48 +02:00
94f65f8fe7
Add invite to Keycloak
2024-07-15 12:37:36 +02:00
a990c96eb1
Upgrade to Keycloak 25 and move to new config options
...
https://www.keycloak.org/docs/latest/upgrading/index.html#new-hostname-options
https://www.keycloak.org/docs/latest/upgrading/index.html#deprecated-proxy-option
2024-07-15 01:40:07 +02:00
ad8d27cd6a
Take base wordpress from image
2024-07-04 11:21:46 -04:00
1e25ebf1e9
Add reverse proxy config for woodpecker.hamburg.ccc.de
2024-06-22 02:11:14 +02:00
647c2fc005
Also ensure NGINX repo and install before apt update for nextcloud_hosts
...
Do that because the nextcloud role uses NGINX via the nginx role
internally as well, but nextcloud_hosts aren't necessarily in the
nginx_hosts group then.
2024-06-18 01:37:41 +02:00
11bbf187c6
Ensure NGINX repo and install before apt update, so that it works
...
Ensure NGINX repo and install on nginx_hosts before apt update, so that
the latest NGINX key is deployed and apt update won't fail on an invalid
signature on these hosts.
Also only run the gnupg install if gnupg isn't present in the nginx
repo_setup.yaml to make that work.
2024-06-18 01:14:00 +02:00
fb4aabc772
Add reverse proxy config for hacker.tours and staging.hacker.tours
2024-06-17 22:16:49 +02:00
f67483fa46
Add lists.c3lingo.org
2024-06-16 16:39:19 +02:00
ec400ed7d6
Use new IP for eh22-wiki host
2024-06-13 22:30:29 +02:00
097ddff0a7
Enable expiry
2024-06-04 18:06:58 +02:00
5b5a954547
Adjust networks for successful email submission
2024-05-25 12:36:27 +02:00
7ede6272b7
Workaround for broken Zammad Scheduler database config
2024-05-25 11:03:17 +02:00
2eb18460be
Add pad expiry
2024-05-20 13:49:25 +02:00
182efd44c3
Add reverse proxy config entrys for EH22 Wiki
2024-05-17 20:43:46 +02:00
553bc01df1
add ccchoir
2024-05-10 20:37:47 +02:00
78837e45fe
Use Forgejo instead of Gitlab
2024-05-10 19:18:54 +02:00
d2538e9f5d
Licht für Werkstatt dazu
2024-05-08 21:40:40 +02:00
57c957cd4e
Bump Keycloak to version 24
2024-03-08 01:35:45 +01:00
e96f25cc4d
Add seconf foobazdmx for workshop
2024-02-26 23:07:36 +01:00
0f732833de
Grafana-Config für PVE dazu
2024-02-26 22:29:02 +01:00
65159c2bb8
Add reverse proxy config entrys for old easterhegg pages under hamburg.ccc.de
2024-02-24 22:13:27 +01:00
9649574025
Add reverse proxy config entrys for old easterhegg pages
2024-02-20 23:07:01 +01:00
e2a0b9e74c
grafana: add chaosknoten
2024-01-30 23:23:13 +01:00
2431b455c2
Use prometheus-jitsi-meet-exporter
2024-01-29 21:13:22 +01:00
3184154f7b
Add jitsi video bridge stats
2024-01-29 20:31:12 +01:00
e0ebe2c720
Add jitsi as target
2024-01-28 07:52:46 +01:00
04d74b5c50
nginx: restart nginx on nginx.conf change
...
This also fixes the problem mentioned in the README.
2024-01-28 04:11:27 +01:00
0fb059e6bf
Add nginx reload command on new cert for all VMs with certbot and nginx
2024-01-28 04:01:06 +01:00
95a3901935
certbot: add possibility to specify commands to run on new certs
...
This makes it possible to e.g. reload nginx when new certificates are
present.
2024-01-28 03:29:39 +01:00
e53da90160
Enable standalone nginx/certbox config
2024-01-26 20:46:26 +01:00
880e77575a
Sort list alphabetically
2024-01-26 19:33:46 +01:00
79ac891c30
Add metrics for club OPNsense
2024-01-26 19:28:09 +01:00
0307ad6c9f
proxy access to metrics through nginx
2024-01-24 19:36:21 +01:00
a68edb81c4
Add Grafana/Prometheus config
2024-01-24 19:12:43 +01:00
946b35efab
Grafana-Daten auch speichern
2024-01-24 17:22:35 +01:00
ebcde5433c
nginx mit redirect auf wiki
2024-01-23 22:36:15 +01:00
5c4ee01e71
certbot für mumble dazu
2024-01-23 21:24:31 +01:00
4363b3d040
Redirect properly from wikis old to new domain
...
Make use of $request_uri redirect to the correct sub-page.
2024-01-22 22:43:52 +01:00
81c8bfe16b
Actually keep using $uri for DokuWiki stuff since otherwise it breaks
...
To be investigated if the $uri issue also applies for try_files.
2024-01-22 22:41:12 +01:00
6787c7c0d7
Use $request_uri instead of $uri, since $uri allows for injection
...
Thanks NixOS for pointing that out! :3
Also see here for an explanation:
https://reversebrain.github.io/2021/03/29/The-story-of-Nginx-and-uri-variable/
2024-01-22 22:37:10 +01:00
98906db4bf
Configure reverse proxy for hamburg.ccc.de, staging and www
...
This replaces next, since the new website is now live.
2024-01-22 22:35:38 +01:00
2659796e8b
Migrate to wiki.hamburg.ccc.de
2024-01-22 22:02:33 +01:00
586254c147
Actually use an IP, which isn't already in use by another service
2024-01-14 02:33:59 +01:00
009de7d398
Actually use correct IP for git.hamburg.ccc.de
2024-01-14 01:22:24 +01:00
422330f48c
Add git.hamburg.ccc.de
2024-01-14 01:12:04 +01:00
f265390c33
Bump Keycloak version to 23.0
2024-01-13 20:48:04 +01:00
ca08cf693b
Actually make spaceapi.hamburg.ccc.de work
2024-01-13 18:44:21 +01:00
f5af6c2074
Add c3cat.de
2023-12-29 14:40:50 +01:00
ec7c9b9b86
Document restart issue
2023-12-19 23:20:03 +01:00
5fcbe5cfab
Add grafana
2023-12-19 18:37:24 +01:00
3cb72d8b81
enforce https
2023-12-10 14:03:53 +01:00
9f4d1464bd
add de & en path prefixes for websdite
2023-12-10 00:29:49 +01:00
ab429df4dd
Add Zammad
2023-12-09 12:28:28 +01:00
53ba5b9561
Website dazu
2023-12-07 23:54:22 +01:00
e630ffdf46
Small fixes
...
* fix ACME setup
* use correct port number
* use correct email sender
2023-12-03 20:34:31 +01:00
f238182302
Pretix für Hackertours
2023-12-03 13:14:34 +01:00
b94cb009ad
Config fuer lists dazu
2023-11-13 11:32:56 -05:00
a9fac907d5
stbe darf von zuhause Keycloak admin
2023-11-13 11:32:56 -05:00
bb95923807
Add a role for deploying infrastructure authorized keys and use it
2023-11-11 00:23:20 +01:00
89f1b1b299
Remove call to send_only_mailserver role
2023-11-09 19:27:35 +01:00
7da6549727
Remove send_only_mailserver role, since its not needed anymore
2023-11-09 19:27:03 +01:00
b29eaba5f9
Remove hacky override for send-only-mailserver
2023-11-09 19:26:36 +01:00
66370eceda
Remove hacky override for send-only-mailserver
...
Remove it, since its not needed anymore.
2023-11-09 19:24:19 +01:00
6ae47b32f3
Configure new mailserver for Nextcloud
2023-11-09 19:16:45 +01:00
b6f316254f
Add Reverse Proxy config for spaceapi.hamburg.ccc.de
2023-11-05 00:57:36 +01:00
6a023f5433
Remove esphome host and role since it has been migrated to NixOS
2023-11-04 22:46:01 +01:00
ed74a88734
Domains don't work (anymore?), so just use IPs
2023-10-28 02:14:44 +02:00
95d5ed2ca9
Add Reverse Proxy config for next.hamburg.ccc.de
2023-10-25 02:19:53 +02:00
d99874935f
comment out another instance of non-working code
2023-10-23 21:40:46 +02:00
16a5d35fb0
comment out non-working code
2023-10-23 21:40:03 +02:00
26181f7759
Add Redirect on id.hamburg.ccc.de to the account management page
2023-10-23 21:16:32 +02:00
505a2ba9f9
Add Public-Reverse-Proxy configuration for new branding-resources site
2023-10-07 05:17:25 +02:00
3828b8d500
Add Public-Reverse-Proxy configuration for new Element Web hosting
2023-10-07 05:17:01 +02:00
9b6d909d11
Add Public-Reverse-Proxy configuration for new Matrix server
2023-10-06 05:06:56 +02:00
856cc74d90
Make Public-Reverse-Proxy handle IPv6
2023-10-06 05:06:15 +02:00
ce75ba0f70
Fix smtpd.conf. listen on 127.0.0.1 and 0.0.0.0 doesn't work
2023-09-25 20:12:13 +02:00
718b6906c5
Allow uploading of stl files to dokuwiki
2023-09-25 18:29:06 +02:00
2b1a2c599b
Add link to dokuwiki docs on uploadsize
2023-09-25 18:22:31 +02:00
7468b4d8f6
Fix OpenSMTPD annoyingness
...
Co-authored-by: yuri <yuri@nekover.se>
2023-09-25 03:03:14 +02:00
fdae96fbc1
Migrate to NixOS: Remove Z9 Audio host from this repo
2023-09-25 02:59:41 +02:00
b295690ad5
Add playbook and accompanying role for doing maintenance
2023-09-25 02:57:30 +02:00
de97436706
Migrate to NixOS: Remove Z9 Public-Reverse-Proxy host from this repo
2023-09-25 02:48:56 +02:00
c5eae99a7f
Add reverse proxy configuration for netbox
2023-09-21 19:13:56 +02:00
804becdd31
Wiki: Fix oauth, create role from playbook
2023-09-15 22:06:46 +02:00
73db1dd077
Introduce onlyoffice
2023-08-27 20:02:53 +02:00
c2964e1707
Remove note regarding encryption and add link to wiki
2023-08-25 22:48:56 +02:00
62b4f93218
Introduce Nextcloud role and deploy Cloud on Chaosknoten
...
Co-authored-by: Max <max@mlem.cloud>
2023-08-25 20:50:46 +02:00
112f1990b9
Introduce Uptime-Kuma
2023-08-12 01:47:55 +02:00
69621e3d7f
Add cursed override for the aes as well :S
2023-08-11 02:17:30 +02:00
12a1e5dc22
Move Engelsystem MAIL_PASSWORD secret to appropriate place
2023-08-11 02:05:40 +02:00
dd5e37fb68
Add restart: unless-stopped to Engelsystem compose
2023-08-11 02:05:20 +02:00
d16da59fd7
Migrate Wiki from ThinkCCCluster to Chaosknoten
...
Also do the redirect for DNS cache stuff like with aes.
2023-08-11 01:59:34 +02:00
