automatically start and pull config for yate #6

Open
echtnurich wants to merge 1 commit from yate into main
Owner
  • create systemd service for yate
  • create yate user for service
  • create yate-config group for config permissions
  • add sops and use it to insert private deploy key for config repo
  • link yate config to /etc/yate
- create systemd service for yate - create yate user for service - create yate-config group for config permissions - add sops and use it to insert private deploy key for config repo - link yate config to /etc/yate
echtnurich added 7 commits 2024-08-07 19:58:16 +02:00
echtnurich added 1 commit 2024-08-08 20:11:50 +02:00
echtnurich changed title from WIP: automatically start and pull config for yate to automatically start and pull config for yate 2024-08-11 20:35:58 +02:00
echtnurich added 1 commit 2024-09-08 18:53:12 +02:00
echtnurich changed title from automatically start and pull config for yate to WIP: automatically start and pull config for yate 2024-09-08 20:29:10 +02:00
echtnurich added 2 commits 2024-09-08 21:08:25 +02:00
echtnurich changed title from WIP: automatically start and pull config for yate to automatically start and pull config for yate 2024-09-08 21:10:29 +02:00
Author
Owner

Issues fixed

  • repo is pulled from CCCHH/yate-config
  • service is started after network-online.target
  • check if that is true returns errors at /etc/yate/SSH_CHECK_LOG
  • new deploy key is correct
Issues fixed - repo is pulled from CCCHH/yate-config - service is started after network-online.target - check if that is true returns errors at /etc/yate/SSH_CHECK_LOG - new deploy key is correct
echtnurich added 45 commits 2024-10-21 17:50:23 +02:00
The config was based on the exsisting mosquitto setup.
Also bump the default state version to 24.05.

See the release notes of the 24.05 release for more information:
https://nixos.org/manual/nixos/stable/release-notes#sec-release-24.05
Also see:
https://wiki.hamburg.ccc.de/infrastructure:services:mjolnir
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/d14b286322c7f4f897ca4b1726ce38cb68596c94?narHash=sha256-iqQa3omRcHGpWb1ds75jS9ruA5R39FTmAkeR3J%2Bve1w%3D' (2024-05-20)
  → 'github:nix-community/nixos-generators/35c20ba421dfa5059e20e0ef2343c875372bdcf3?narHash=sha256-WZ1gdKq/9u1Ns/oXuNsDm%2BW0salonVA0VY1amw8urJ4%3D' (2024-06-10)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/de0ae76b011bf0000d58ab71821199ce310128b2?narHash=sha256-/VAxV/4lvtOtq4Zxq0MrqTGj7g8aSR/eJQDXB37ozvs%3D' (2024-06-16)
  → 'github:nixos/nixpkgs/201ed88e66f7f34d5c74e46d2e4399cc4bea1501?narHash=sha256-3vNXv4zrblZFobrxz1P3RwLpHl6X3/GzfArdTxq0%2BnI%3D' (2024-06-21)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/2ee89d5a0167a8aa0f2a5615d2b8aefb1f299cd4?narHash=sha256-2eh7rYxQOntkUjFXtlPH7lBuUDd4isu/YHRjNJW7u1Q%3D' (2024-05-23)
  → 'github:nixos/nixpkgs/1c0bec249943cd3e03f876554b8af7d1e32a09e1?narHash=sha256-uIZlOpCIi/GZ3xrkA87CAHqbTvsTbVQV1JjnP33slxs%3D' (2024-06-21)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/b549832718b8946e875c016a4785d204fcfc2e53?narHash=sha256-0lMkIk9h3AzOHs1dCL9RXvvN4PM8VBKb%2BcyGsqOKa4c%3D' (2024-05-22)
  → 'github:Mic92/sops-nix/797ce4c1f45a85df6dd3d9abdc53f2691bea9251?narHash=sha256-Pm9I/BMQHbsucdWf6y9G3xBZh3TMlThGo4KBbeoeczg%3D' (2024-06-16)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/e7cc61784ddf51c81487637b3031a6dd2d6673a2?narHash=sha256-H0eCta7ahEgloGIwE/ihkyGstOGu%2BkQwAiHvwVoXaA0%3D' (2024-05-18)
  → 'github:NixOS/nixpkgs/c884223af91820615a6146af1ae1fea25c107005?narHash=sha256-v43N1gZLcGkhg3PdcrKUNIZ1L0FBzB2JqhIYEyKAHEs%3D' (2024-06-15)
With the shared system token, every time the Woodpecker host would
restart, a new Woodpecker agent registration would be created, because
the agent receives a unique ID on first connection using the system
token, which it couldn't store however, because it doesn't have a
writable config file in NixOS.
Use an agent token now, which doesn't require the agent to store a
unique ID in a wrtiable config, therefore not making it re-register.

Also see:
https://woodpecker-ci.org/docs/administration/agent-config#agent-registration
Now (with NixOS 24.05) pam.services.sshd.allowNullPassword needs to be
set to true for passwordless ssh to work apparently.
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/35c20ba421dfa5059e20e0ef2343c875372bdcf3?narHash=sha256-WZ1gdKq/9u1Ns/oXuNsDm%2BW0salonVA0VY1amw8urJ4%3D' (2024-06-10)
  → 'github:nix-community/nixos-generators/f7a029d41e49ff0747888105e1ed4314dca8436f?narHash=sha256-8lsuMR3rnX4yUPPjz04opgb30Z47sCgZu4TIszWBW9A%3D' (2024-07-01)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/3c62b6a12571c9a7f65ab037173ee153d539905f?narHash=sha256-K6IkdtMtq9xktmYPj0uaYc8NsIqHuaAoRBaMgu9Fvrw%3D' (2024-04-07)
  → 'github:nix-community/nixpkgs.lib/1bba8a624b3b9d4f68db94fb63aaeb46039ce9e6?narHash=sha256-XFNKtyirrGNdehpg7lMNm1skEcBApjqGhaHc/OI95HY%3D' (2024-06-30)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/201ed88e66f7f34d5c74e46d2e4399cc4bea1501?narHash=sha256-3vNXv4zrblZFobrxz1P3RwLpHl6X3/GzfArdTxq0%2BnI%3D' (2024-06-21)
  → 'github:nixos/nixpkgs/10c832d0548e9e3a6df7eb51e68c2783212a303e?narHash=sha256-2ASBatUTQWNIiTeBZRuxROu27MyOavVnzeCv7h40QNw%3D' (2024-07-01)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/1c0bec249943cd3e03f876554b8af7d1e32a09e1?narHash=sha256-uIZlOpCIi/GZ3xrkA87CAHqbTvsTbVQV1JjnP33slxs%3D' (2024-06-21)
  → 'github:nixos/nixpkgs/7f993cdf26ccef564eabf31fdb40d140821e12bc?narHash=sha256-pY0wosAgcr9W4vmGML0T3BVhQiGuKoozCbs2t%2BJe1zc%3D' (2024-07-01)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/797ce4c1f45a85df6dd3d9abdc53f2691bea9251?narHash=sha256-Pm9I/BMQHbsucdWf6y9G3xBZh3TMlThGo4KBbeoeczg%3D' (2024-06-16)
  → 'github:Mic92/sops-nix/b5974d4331fb6c893e808977a2e1a6d34b3162d6?narHash=sha256-KA9gy2Wkv76s4A8eLnOcdKVTygewbw3xsB8%2BawNMyqs%3D' (2024-06-30)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/c884223af91820615a6146af1ae1fea25c107005?narHash=sha256-v43N1gZLcGkhg3PdcrKUNIZ1L0FBzB2JqhIYEyKAHEs%3D' (2024-06-15)
  → 'github:NixOS/nixpkgs/4a1e673523344f6ccc84b37f4413ad74ea19a119?narHash=sha256-tXlrgAQygNIy49LDVFuPXlWD2zTQV9/F8pfoqwwPJyo%3D' (2024-06-29)
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/f7a029d41e49ff0747888105e1ed4314dca8436f?narHash=sha256-8lsuMR3rnX4yUPPjz04opgb30Z47sCgZu4TIszWBW9A%3D' (2024-07-01)
  → 'github:nix-community/nixos-generators/076ea5b672bb1ea535ee84cfdabd0c2f0b7f20c7?narHash=sha256-i8BiZj5faQS6gsupE0S9xtiyZmWinGpVLwxXWV342aQ%3D' (2024-07-13)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/10c832d0548e9e3a6df7eb51e68c2783212a303e?narHash=sha256-2ASBatUTQWNIiTeBZRuxROu27MyOavVnzeCv7h40QNw%3D' (2024-07-01)
  → 'github:nixos/nixpkgs/74348da2f3a312ee25cea09b98cdba4cb9fa5d5d?narHash=sha256-6vuViC56%2BKSr%2B945bCV8akHK%2B7J5k6n/epYg/W3I5eQ%3D' (2024-07-14)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/7f993cdf26ccef564eabf31fdb40d140821e12bc?narHash=sha256-pY0wosAgcr9W4vmGML0T3BVhQiGuKoozCbs2t%2BJe1zc%3D' (2024-07-01)
  → 'github:nixos/nixpkgs/0af9d835c27984b3265145f8e3cbc6c153479196?narHash=sha256-if0qaFmAe8X01NsVRK5e9Asg9mEWVkHrA9WuqM5jB70%3D' (2024-07-14)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/b5974d4331fb6c893e808977a2e1a6d34b3162d6?narHash=sha256-KA9gy2Wkv76s4A8eLnOcdKVTygewbw3xsB8%2BawNMyqs%3D' (2024-06-30)
  → 'github:Mic92/sops-nix/0703ba03fd9c1665f8ab68cc3487302475164617?narHash=sha256-eTpnrT6yu1vp8C0B5fxHXhgKxHoYMoYTEikQx///jxY%3D' (2024-07-14)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/4a1e673523344f6ccc84b37f4413ad74ea19a119?narHash=sha256-tXlrgAQygNIy49LDVFuPXlWD2zTQV9/F8pfoqwwPJyo%3D' (2024-06-29)
  → 'github:NixOS/nixpkgs/74348da2f3a312ee25cea09b98cdba4cb9fa5d5d?narHash=sha256-6vuViC56%2BKSr%2B945bCV8akHK%2B7J5k6n/epYg/W3I5eQ%3D' (2024-07-14)
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/74348da2f3a312ee25cea09b98cdba4cb9fa5d5d?narHash=sha256-6vuViC56%2BKSr%2B945bCV8akHK%2B7J5k6n/epYg/W3I5eQ%3D' (2024-07-14)
  → 'github:nixos/nixpkgs/556533a23879fc7e5f98dd2e0b31a6911a213171?narHash=sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0%3D' (2024-07-21)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/0af9d835c27984b3265145f8e3cbc6c153479196?narHash=sha256-if0qaFmAe8X01NsVRK5e9Asg9mEWVkHrA9WuqM5jB70%3D' (2024-07-14)
  → 'github:nixos/nixpkgs/4cc8b29327bed3d52b40041f810f49734298af46?narHash=sha256-jfF4gpRUpTBY2OxDB0FRySsgNGOiuDckEtu7YDQom3Y%3D' (2024-07-21)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/0703ba03fd9c1665f8ab68cc3487302475164617?narHash=sha256-eTpnrT6yu1vp8C0B5fxHXhgKxHoYMoYTEikQx///jxY%3D' (2024-07-14)
  → 'github:Mic92/sops-nix/909e8cfb60d83321d85c8d17209d733658a21c95?narHash=sha256-AsvPw7T0tBLb53xZGcUC3YPqlIpdxoSx56u8vPCr6gU%3D' (2024-07-21)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/74348da2f3a312ee25cea09b98cdba4cb9fa5d5d?narHash=sha256-6vuViC56%2BKSr%2B945bCV8akHK%2B7J5k6n/epYg/W3I5eQ%3D' (2024-07-14)
  → 'github:NixOS/nixpkgs/556533a23879fc7e5f98dd2e0b31a6911a213171?narHash=sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0%3D' (2024-07-21)
Do this by disabling checking of client request body size.
Give the host a static v4 as well.
Also let the nginx redirect from the hosts FQDN to the service domain.
Also use the v6 gateway as a nameserver as well for the esphome host.
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/076ea5b672bb1ea535ee84cfdabd0c2f0b7f20c7?narHash=sha256-i8BiZj5faQS6gsupE0S9xtiyZmWinGpVLwxXWV342aQ%3D' (2024-07-13)
  → 'github:nix-community/nixos-generators/d6c5d29f58acc10ea82afff1de2b28f038f572bd?narHash=sha256-HSxOQEKNZXiJe9aWnckTTCThOhcRCabwHa32IduDKLk%3D' (2024-08-08)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/1bba8a624b3b9d4f68db94fb63aaeb46039ce9e6?narHash=sha256-XFNKtyirrGNdehpg7lMNm1skEcBApjqGhaHc/OI95HY%3D' (2024-06-30)
  → 'github:nix-community/nixpkgs.lib/8bebd4c74f368aacb047f0141db09ec6b339733c?narHash=sha256-do2Mfm3T6SR7a5A804RhjQ%2BJTsF5hk4JTPGjCTRM/m8%3D' (2024-08-04)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/556533a23879fc7e5f98dd2e0b31a6911a213171?narHash=sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0%3D' (2024-07-21)
  → 'github:nixos/nixpkgs/c306d09c1dc6492442ae4af0d1ba575869c41fc3?narHash=sha256-aA1JNhFh97BHPTXoJvcvgG4VSyjx0U1wT2EivxMp77o%3D' (2024-08-10)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/4cc8b29327bed3d52b40041f810f49734298af46?narHash=sha256-jfF4gpRUpTBY2OxDB0FRySsgNGOiuDckEtu7YDQom3Y%3D' (2024-07-21)
  → 'github:nixos/nixpkgs/bef98989a27429e1cb9e3d9c25701ba2da742af2?narHash=sha256-2B9qh8QBvw3kV/8cHc7ZJcrbVsRwP8wKjkwPXTSz76Y%3D' (2024-08-10)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/909e8cfb60d83321d85c8d17209d733658a21c95?narHash=sha256-AsvPw7T0tBLb53xZGcUC3YPqlIpdxoSx56u8vPCr6gU%3D' (2024-07-21)
  → 'github:Mic92/sops-nix/8ae477955dfd9cbf5fa4eb82a8db8ddbb94e79d9?narHash=sha256-3m/iyyjCdRBF8xyehf59QlckIcmShyTesymSb%2BN4Ap4%3D' (2024-08-05)
The schema only allows numeric values so I'm leaving the time to finish
field out of this for now.
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/d6c5d29f58acc10ea82afff1de2b28f038f572bd?narHash=sha256-HSxOQEKNZXiJe9aWnckTTCThOhcRCabwHa32IduDKLk%3D' (2024-08-08)
  → 'github:nix-community/nixos-generators/5fd22603892e4ec5ac6085058ed658243143aacd?narHash=sha256-U11ZiQPrpIBdv7oS23bNdX9GCxe/hPf/ARr64P2Wj1Y%3D' (2024-08-19)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/8bebd4c74f368aacb047f0141db09ec6b339733c?narHash=sha256-do2Mfm3T6SR7a5A804RhjQ%2BJTsF5hk4JTPGjCTRM/m8%3D' (2024-08-04)
  → 'github:nix-community/nixpkgs.lib/531a2e8416a6d8200a53eddfbdb8f2c8dc4a1251?narHash=sha256-QdSArN0xKESEOTcv%2B3kE6yu4B4WX9lupZ4%2BHtx3RXGg%3D' (2024-08-18)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/c306d09c1dc6492442ae4af0d1ba575869c41fc3?narHash=sha256-aA1JNhFh97BHPTXoJvcvgG4VSyjx0U1wT2EivxMp77o%3D' (2024-08-10)
  → 'github:nixos/nixpkgs/3f38e71a8e23a27569acbbfee0e83b76c86fa569?narHash=sha256-vAq%2BI0IWsIDq5RUc01t25iL46LLxdsmlTJ96A30bMEY%3D' (2024-08-18)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/bef98989a27429e1cb9e3d9c25701ba2da742af2?narHash=sha256-2B9qh8QBvw3kV/8cHc7ZJcrbVsRwP8wKjkwPXTSz76Y%3D' (2024-08-10)
  → 'github:nixos/nixpkgs/ed434d7889eddb68002d81bc25212f26ff8f2862?narHash=sha256-tGRPGJKwczrM7793zaR74KnuYLMHArJvYXmGu8Wo9oI%3D' (2024-08-19)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/8ae477955dfd9cbf5fa4eb82a8db8ddbb94e79d9?narHash=sha256-3m/iyyjCdRBF8xyehf59QlckIcmShyTesymSb%2BN4Ap4%3D' (2024-08-05)
  → 'github:Mic92/sops-nix/be0eec2d27563590194a9206f551a6f73d52fa34?narHash=sha256-N9IcHgj/p1%2B2Pvk8P4Zc1bfrMwld5PcosVA0nL6IGdE%3D' (2024-08-12)
Do that since it now has all the fixes applied we need.
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/5fd22603892e4ec5ac6085058ed658243143aacd?narHash=sha256-U11ZiQPrpIBdv7oS23bNdX9GCxe/hPf/ARr64P2Wj1Y%3D' (2024-08-19)
  → 'github:nix-community/nixos-generators/8e337ce40421c4f33e7535aeb988d8e30fe067eb?narHash=sha256-LI%2BgI4qeVTQaS0vW6tn49RG%2Bf8cH1KBALaligCeHLog%3D' (2024-09-02)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/531a2e8416a6d8200a53eddfbdb8f2c8dc4a1251?narHash=sha256-QdSArN0xKESEOTcv%2B3kE6yu4B4WX9lupZ4%2BHtx3RXGg%3D' (2024-08-18)
  → 'github:nix-community/nixpkgs.lib/7f0b9e4fbd91826cb9ce6babbc11c87903191051?narHash=sha256-Tm344cnFM9f2YZsgWtJduvhIrvLr3Bi8J4Xc%2BUZDKYE%3D' (2024-09-01)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/3f38e71a8e23a27569acbbfee0e83b76c86fa569?narHash=sha256-vAq%2BI0IWsIDq5RUc01t25iL46LLxdsmlTJ96A30bMEY%3D' (2024-08-18)
  → 'github:nixos/nixpkgs/3524b030c839db4ea4ba16737789c6fb8a1769c6?narHash=sha256-w3sjCEbnc242ByJ18uebzgjFZY3QU7dZhmLwPsJIZJs%3D' (2024-09-01)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/ed434d7889eddb68002d81bc25212f26ff8f2862?narHash=sha256-tGRPGJKwczrM7793zaR74KnuYLMHArJvYXmGu8Wo9oI%3D' (2024-08-19)
  → 'github:nixos/nixpkgs/2830c7c930311397d94c0b86a359c865c081c875?narHash=sha256-/HTUg%2BkMaqBPGrcQBYboAMsQHIWIkuKRDldss/035Hc%3D' (2024-09-03)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/be0eec2d27563590194a9206f551a6f73d52fa34?narHash=sha256-N9IcHgj/p1%2B2Pvk8P4Zc1bfrMwld5PcosVA0nL6IGdE%3D' (2024-08-12)
  → 'github:Mic92/sops-nix/5db5921e40ae382d6716dce591ea23b0a39d96f7?narHash=sha256-lj5pxOwidP0W//E7IvyhbhXrnEUW99I07%2BQpERnzTS4%3D' (2024-09-01)
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/8e337ce40421c4f33e7535aeb988d8e30fe067eb?narHash=sha256-LI%2BgI4qeVTQaS0vW6tn49RG%2Bf8cH1KBALaligCeHLog%3D' (2024-09-02)
  → 'github:nix-community/nixos-generators/e8c1cd886cc17e31e424f915efd32e84d8af0ce9?narHash=sha256-t/%2Bz1Tf7hSaStU1pBYkY7i0/GkG%2BYIPSmfeRrK8eYUw%3D' (2024-09-23)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/7f0b9e4fbd91826cb9ce6babbc11c87903191051?narHash=sha256-Tm344cnFM9f2YZsgWtJduvhIrvLr3Bi8J4Xc%2BUZDKYE%3D' (2024-09-01)
  → 'github:nix-community/nixpkgs.lib/575704ff85d3a41dc5bfef7b55380cbc7b87f3c2?narHash=sha256-25ByioeOBFcnitO5lM/Mufnv/u7YtHEHEM8QFuiS40k%3D' (2024-09-22)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/3524b030c839db4ea4ba16737789c6fb8a1769c6?narHash=sha256-w3sjCEbnc242ByJ18uebzgjFZY3QU7dZhmLwPsJIZJs%3D' (2024-09-01)
  → 'github:nixos/nixpkgs/7ca0f93c530406c1610defff0b9bf643333cf992?narHash=sha256-gXIWudYhY/4LjQPvrGn9lN4fbHjw/mf1mb9KKJK//4I%3D' (2024-09-23)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/2830c7c930311397d94c0b86a359c865c081c875?narHash=sha256-/HTUg%2BkMaqBPGrcQBYboAMsQHIWIkuKRDldss/035Hc%3D' (2024-09-03)
  → 'github:nixos/nixpkgs/d266adc5a77ec8c10ed941c7251b2673004dbd62?narHash=sha256-m6kgjR4zAwyMe1Pn4RGXLCzArtoBp1qzhb2AUlPeVh4%3D' (2024-09-23)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/5db5921e40ae382d6716dce591ea23b0a39d96f7?narHash=sha256-lj5pxOwidP0W//E7IvyhbhXrnEUW99I07%2BQpERnzTS4%3D' (2024-09-01)
  → 'github:Mic92/sops-nix/e2d404a7ea599a013189aa42947f66cede0645c8?narHash=sha256-qis6BtOOBBEAfUl7FMHqqTwRLB61OL5OFzIsOmRz2J4%3D' (2024-09-16)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/556533a23879fc7e5f98dd2e0b31a6911a213171?narHash=sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0%3D' (2024-07-21)
  → 'github:NixOS/nixpkgs/dc454045f5b5d814e5862a6d057e7bb5c29edc05?narHash=sha256-vNv%2BaJUW5/YurRy1ocfvs4q/48yVESwlC/yHzjkZSP8%3D' (2024-09-08)
Do this to be able to update the moderation bot and because the security
issues apparently aren't real world exploitable:
https://matrix.org/blog/2024/08/libolm-deprecation/
Do that so we can have monitoring for them via prometheus, alertmanager
and grafana.
Also add a local ip for the git host for PVE firewalling.
It can be deployed using a corresponding deploy key in the same manner
hacker.tours and hamburg.ccc.de can be deployed.
See:
CCCHH/easterhegg-eh20-website#2 (comment)
echtnurich force-pushed yate from 0cd4b81e17 to e24b5b6fb1 2024-10-21 18:05:46 +02:00 Compare
Author
Owner

Kann das bitte jemand anders zusammenfrickeln, ich hab keinen Bock mehr...
@june @jtbx

Kann das bitte jemand anders zusammenfrickeln, ich hab keinen Bock mehr... @june @jtbx
c6ristian force-pushed yate from e24b5b6fb1 to f6b424fa7a 2024-11-17 21:41:59 +01:00 Compare
c6ristian force-pushed yate from f6b424fa7a to 5fee15c3dc 2024-11-17 21:46:06 +01:00 Compare
This pull request doesn't have enough approvals yet. 0 of 1 approvals granted.
This branch is out-of-date with the base branch
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin yate:yate
git checkout yate
Sign in to join this conversation.
No reviewers
No milestone
No project
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: CCCHH/nix-infra#6
No description provided.