CCCHH/nix-infra
CCCHH/nix-infra
2
3
Fork 2
Code Issues 1 Pull requests 1 Wiki Activity
202 commits 7 branches 0 tags 807 KiB
Commit graph

126 commits

Author SHA1 Message Date
June
de04bc09f6
 		public-web-static: remove irc from spaceapi response as it's deprecated 2025-01-19 20:28:05 +01:00
June
50e5e78968
 		yate: clean up and nicely format nix configuration 2025-01-19 19:05:15 +01:00
echtnurich
4467c2172d add yate service for autostart 
introduce /etc/yate, clone/reset on service start

Fix config via git

make yate systemd service

create yate service user

recreate the full config everytime

decolour the log because of blob data

make sure source is available before deleting config

change yate-config repo

fix yate deploy key

fix yate-config not pulling
 2025-01-18 21:00:53 +01:00
June
f5bc9024b1
 		audio-hauptraum-*: move audio VMs to client network 
Do this per request to hopefully improve mDNS discovery.
 2025-01-14 21:06:26 +01:00
June
5676b1a468
 		netbox: configure and patch NetBox for OIDC group and role mapping 
The custom pipeline code is licensed under the Creative Commons: CC
BY-SA 4.0 license.

See:
https://github.com/goauthentik/authentik/blob/main/LICENSE
https://github.com/goauthentik/authentik/blob/main/website/integrations/services/netbox/index.md
https://docs.goauthentik.io/integrations/services/netbox/
 2025-01-14 20:49:14 +01:00
June
a039b3febf
 		update nixpkgs to 24.11 (small) 
Also use non-lts forgejo and adjust config for 24.11.
 2024-12-08 22:21:15 +01:00
c6ristian
c78c278627
 		Set WOODPECKER_LIMIT_MEM to 6 GB for woodpecker 
so pipelines don't get killed by OOM.
 2024-11-17 22:43:51 +01:00
jopejoe1
e404d4740f
 		remove nixpkgs-unstable 
the current version of woodpecker-server in stable now has the features this was original used for, not other usages of unstable are in tree left so removing it.
 2024-11-17 19:33:00 +01:00
jopejoe1
f7ebe660fe
 		format files with nix fmt 2024-11-17 19:33:00 +01:00
June
cf46da9df7
 		public-web-static: make c3cat.de and www work as well as staging 2024-11-12 23:06:01 +01:00
fi
c84d9e7d0a
 		Update element to 1.11.84 2024-11-11 02:43:08 +01:00
June
2ba371f8cd
 		git: disable making org users auto watch new repos on creation 
Also explicitly disable making users auto watch repos after their first
commit to it.
 2024-11-10 19:38:05 +01:00
June
c8e7bd1ccf
 		git: enable sending of e-mails to watchers of repositories 2024-11-10 19:26:26 +01:00
June
4f789adb21
 		hydra: configure hydra host 2024-10-30 01:44:12 +01:00
dequis
9d1521c485
 		spaceapid: adjustments to 3d printer state sensors 
- Prefix sensor names with ext_ as the spec says we should use that for
  extensions (this also improves attribute access for tools that don't
  like fields starting with a number)
- Rename printer state to printer busy state, to make it clearer.
- Add ext_3d_printer_minutes_remaining sensors
 2024-10-24 16:25:40 +02:00
June
accd31173b
 		public-web-static: turn off ports to prevent broken redirects to 8443 2024-10-21 21:35:10 +02:00
June
8165d22159
 		public-web-static: prevent staging ht ccchh from search machine indexing 2024-10-21 21:30:36 +02:00
June
ecdaa2d5f6
 		public-web-static: redirect EH20 doku.php?id=$pagename to new format 
See:
CCCHH/easterhegg-eh20-website#2 (comment)
 2024-10-13 22:09:20 +02:00
Stefan Bethke
de2390c78d
 		public-web-static: redirect old hackertours 37C3 urls to proper url 2024-10-13 20:59:04 +02:00
June
2fe65b0513
 		public-web-static: add staging for hackertours.hamburg.ccc.de 2024-10-12 22:14:42 +02:00
June
804094aaeb
 		public-web-static: add hackertours.hamburg.ccc.de static web host 
It can be deployed using a corresponding deploy key in the same manner
hacker.tours and hamburg.ccc.de can be deployed.
 2024-10-12 20:03:04 +02:00
c6ristian
da8e2bbbf4
 		Update element to 1.11.80 2024-10-10 20:50:20 +02:00
June
05b96b8fae
 		netbox: integrate with CCCHH ID (Keycloak) 2024-10-09 02:18:46 +02:00
June
c54b655b0e
 		all: setup prometheus node exporter for all hosts on Chaosknoten 
Do that so we can have monitoring for them via prometheus, alertmanager
and grafana.
Also add a local ip for the git host for PVE firewalling.
 2024-10-03 16:09:42 +02:00
June
68f11ad955
 		mjolnir: allow use of deprecated, somewhat insecure libolm 
Do this to be able to update the moderation bot and because the security
issues apparently aren't real world exploitable:
https://matrix.org/blog/2024/08/libolm-deprecation/
 2024-09-30 23:20:06 +02:00
June
445bf05842
 		public-web-static: host Easterhegg 20 website static export 2024-09-28 05:00:31 +02:00
June
b26320f999
 		penpot: switch to stock penpot image and version 2.1.3 
Do that since it now has all the fixes applied we need.
 2024-08-27 00:00:55 +02:00
dequis
9b751fa1ed
 		spaceapid: add 3d printer state sensors (bool) 
The schema only allows numeric values so I'm leaving the time to finish
field out of this for now.
 2024-08-17 00:15:27 +02:00
June
178777007f
 		penpot: configure penpot host using oci-containers 2024-08-10 22:38:05 +02:00
June
faffcb7d54
 		spaceapi: remove inside sensors for privacy reasons 2024-08-04 21:05:43 +02:00
June
1ffc959ce3
 		Update spaceapid to v0.1.0 2024-08-04 21:03:29 +02:00
June
028b5dc9e8
 		Configure Uptime-Kuma host 2024-08-04 02:19:26 +02:00
June
b30015fee1
 		Clean up networking configs by making them all use the same layout 
Also use the v6 gateway as a nameserver as well for the esphome host.
 2024-07-30 01:17:05 +02:00
June
e88982d7c7
 		Give esphome a static v6 and get cert directly via chal. served over v6 
Give the host a static v4 as well.
Also let the nginx redirect from the hosts FQDN to the service domain.
 2024-07-27 22:24:54 +02:00
June
a2102b064f
 		Fix container registry image uploads for git server 
Do this by disabling checking of client request body size.
 2024-07-27 21:05:58 +02:00
June
a271fddff8
 		Switch from deprecated extraConfig to settings for phpfpm.pools.dokuwiki 2024-07-15 02:44:37 +02:00
June
7058ec3582
 		Make passwordless ssh for ptouch-print-server work again 
Now (with NixOS 24.05) pam.services.sshd.allowNullPassword needs to be
set to true for passwordless ssh to work apparently.
 2024-06-30 21:12:28 +02:00
June
026e47d055
 		Last commit didn't do, switching to Docker instead of podman does 2024-06-22 18:06:39 +02:00
June
be7f6e4917
 		Fix clone step failing, because git.hamburg.ccc.de could not be resolved 2024-06-22 17:11:11 +02:00
June
f5432bd682
 		Use an agent token for Woodpecker agent to stop it from re-registering 
With the shared system token, every time the Woodpecker host would
restart, a new Woodpecker agent registration would be created, because
the agent receives a unique ID on first connection using the system
token, which it couldn't store however, because it doesn't have a
writable config file in NixOS.
Use an agent token now, which doesn't require the agent to store a
unique ID in a wrtiable config, therefore not making it re-register.

Also see:
https://woodpecker-ci.org/docs/administration/agent-config#agent-registration
 2024-06-22 16:26:58 +02:00
June
1aff46745a
 		Disable mjolnirs verbose logging to have it not spam the management room 2024-06-22 16:07:01 +02:00
June
df17b25009
 		Add woodpecker host running a woodpecker-server and -agent for CI 2024-06-22 04:20:38 +02:00
June
3059843e1a
 		Add mjolnir host running mjolnir for Matrix moderation 
Also see:
https://wiki.hamburg.ccc.de/infrastructure:services:mjolnir
 2024-06-20 23:45:44 +02:00
June
f3f5d5a611
 		Use forgejo package from stable (24.05) instead of from unstable 2024-06-20 04:12:42 +02:00
June
6411ae8b80
 		Add hacker.tours and a staging env. similar to the CCCHH website one 2024-06-13 22:53:06 +02:00
c6ristian
b30952a049
 		Add mqtt server (mosquitto) 
The config was based on the exsisting mosquitto setup.
 2024-06-11 23:03:57 +02:00
fi
8a2d406d4e
 		Bump element-web to 1.11.68 2024-06-09 22:51:42 +02:00
echtnurich
22eff92488 add yate service for autostart 2024-06-09 21:13:14 +02:00
June
ef1710b09f
 		Configure basic yate host 2024-06-08 20:18:59 +02:00
June
9d7f9d0ec8
 		Emulate aarch64-linux on nix-box-june to be able to build aarch64 pkgs 2024-06-06 20:17:00 +02:00