automatically start and pull config for yate #6

Merged

june merged 3 commits from yate into main 2025-01-23 23:21:26 +01:00

Conversation 9 Commits 3 Files changed 8 +324 -25

echtnurich commented 2024-08-07 19:58:16 +02:00

Owner

Copy link

• create systemd service for yate
• create yate user for service
• create yate-config group for config permissions
• add sops and use it to insert private deploy key for config repo
• link yate config to /etc/yate

- create systemd service for yate - create yate user for service - create yate-config group for config permissions - add sops and use it to insert private deploy key for config repo - link yate config to /etc/yate

echtnurich added 7 commits 2024-08-07 19:58:16 +02:00

add yate service for autostart 2037a1b647

introduce /etc/yate, clone/reset on service start b4de5dbb53

Fix config via git 1ef4c1cd48

make yate systemd service fd525ee06f

create yate service user 149f846d32

recreate the full config everytime 3b83a5d8ab

decolour the log because of blob data c9967f73c0

echtnurich added 1 commit 2024-08-08 20:11:50 +02:00

make sure source is available before deleting config c62f722899

echtnurich changed title from WIP: automatically start and pull config for yate to automatically start and pull config for yate 2024-08-11 20:35:58 +02:00

echtnurich added 1 commit 2024-09-08 18:53:12 +02:00

change yate-config repo f9f258a212

echtnurich changed title from automatically start and pull config for yate to WIP: automatically start and pull config for yate 2024-09-08 20:29:10 +02:00

echtnurich added 2 commits 2024-09-08 21:08:25 +02:00

fix yate deploy key fb458e244b

fix yate-config not pulling e24b5b6fb1

echtnurich changed title from WIP: automatically start and pull config for yate to automatically start and pull config for yate 2024-09-08 21:10:29 +02:00

echtnurich commented 2024-09-08 21:12:18 +02:00

Author

Owner

Copy link

Issues fixed

• repo is pulled from CCCHH/yate-config
• service is started after network-online.target
• check if that is true returns errors at /etc/yate/SSH_CHECK_LOG
• new deploy key is correct

Issues fixed - repo is pulled from CCCHH/yate-config - service is started after network-online.target - check if that is true returns errors at /etc/yate/SSH_CHECK_LOG - new deploy key is correct

echtnurich added 45 commits 2024-10-21 17:50:23 +02:00

Document how to use sops and sops-nix a355321979

Add ssh-to-age to the admin tooling 549c9b1e33

Document where a secret is then actually available on the host 903725dc18

Mark nix code blocks as containing nix code for syntax highlighting 2492eb970f

Bump element-web to 1.11.68 c556475efd

Add mqtt server (mosquitto) ... 8a6820a418

The config was based on the exsisting mosquitto setup.

Add hacker.tours and a staging env. similar to the CCCHH website one b6d48859cc

Upgrade to NixOS 24.05 ... 49a2dc6306

Also bump the default state version to 24.05.

See the release notes of the 24.05 release for more information:
https://nixos.org/manual/nixos/stable/release-notes#sec-release-24.05

Use forgejo package from stable (24.05) instead of from unstable 2ee045a296

Add mjolnir host running mjolnir for Matrix moderation ... 024451942e

Also see:
https://wiki.hamburg.ccc.de/infrastructure:services:mjolnir

flake.lock: Update ... 4e1700e8bb

Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/d14b286322c7f4f897ca4b1726ce38cb68596c94?narHash=sha256-iqQa3omRcHGpWb1ds75jS9ruA5R39FTmAkeR3J%2Bve1w%3D' (2024-05-20)
  → 'github:nix-community/nixos-generators/35c20ba421dfa5059e20e0ef2343c875372bdcf3?narHash=sha256-WZ1gdKq/9u1Ns/oXuNsDm%2BW0salonVA0VY1amw8urJ4%3D' (2024-06-10)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/de0ae76b011bf0000d58ab71821199ce310128b2?narHash=sha256-/VAxV/4lvtOtq4Zxq0MrqTGj7g8aSR/eJQDXB37ozvs%3D' (2024-06-16)
  → 'github:nixos/nixpkgs/201ed88e66f7f34d5c74e46d2e4399cc4bea1501?narHash=sha256-3vNXv4zrblZFobrxz1P3RwLpHl6X3/GzfArdTxq0%2BnI%3D' (2024-06-21)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/2ee89d5a0167a8aa0f2a5615d2b8aefb1f299cd4?narHash=sha256-2eh7rYxQOntkUjFXtlPH7lBuUDd4isu/YHRjNJW7u1Q%3D' (2024-05-23)
  → 'github:nixos/nixpkgs/1c0bec249943cd3e03f876554b8af7d1e32a09e1?narHash=sha256-uIZlOpCIi/GZ3xrkA87CAHqbTvsTbVQV1JjnP33slxs%3D' (2024-06-21)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/b549832718b8946e875c016a4785d204fcfc2e53?narHash=sha256-0lMkIk9h3AzOHs1dCL9RXvvN4PM8VBKb%2BcyGsqOKa4c%3D' (2024-05-22)
  → 'github:Mic92/sops-nix/797ce4c1f45a85df6dd3d9abdc53f2691bea9251?narHash=sha256-Pm9I/BMQHbsucdWf6y9G3xBZh3TMlThGo4KBbeoeczg%3D' (2024-06-16)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/e7cc61784ddf51c81487637b3031a6dd2d6673a2?narHash=sha256-H0eCta7ahEgloGIwE/ihkyGstOGu%2BkQwAiHvwVoXaA0%3D' (2024-05-18)
  → 'github:NixOS/nixpkgs/c884223af91820615a6146af1ae1fea25c107005?narHash=sha256-v43N1gZLcGkhg3PdcrKUNIZ1L0FBzB2JqhIYEyKAHEs%3D' (2024-06-15)

Add woodpecker host running a woodpecker-server and -agent for CI b574cc09ab

Disable mjolnirs verbose logging to have it not spam the management room 4ec5afa360

Use an agent token for Woodpecker agent to stop it from re-registering ... 2b276b2c97

With the shared system token, every time the Woodpecker host would
restart, a new Woodpecker agent registration would be created, because
the agent receives a unique ID on first connection using the system
token, which it couldn't store however, because it doesn't have a
writable config file in NixOS.
Use an agent token now, which doesn't require the agent to store a
unique ID in a wrtiable config, therefore not making it re-register.

Also see:
https://woodpecker-ci.org/docs/administration/agent-config#agent-registration

Fix clone step failing, because git.hamburg.ccc.de could not be resolved becec64020

Last commit didn't do, switching to Docker instead of podman does fb6a5444c9

Make passwordless ssh for ptouch-print-server work again ... 03227f546e

Now (with NixOS 24.05) pam.services.sshd.allowNullPassword needs to be
set to true for passwordless ssh to work apparently.

flake.lock: Update ... 3a793a6272

Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/35c20ba421dfa5059e20e0ef2343c875372bdcf3?narHash=sha256-WZ1gdKq/9u1Ns/oXuNsDm%2BW0salonVA0VY1amw8urJ4%3D' (2024-06-10)
  → 'github:nix-community/nixos-generators/f7a029d41e49ff0747888105e1ed4314dca8436f?narHash=sha256-8lsuMR3rnX4yUPPjz04opgb30Z47sCgZu4TIszWBW9A%3D' (2024-07-01)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/3c62b6a12571c9a7f65ab037173ee153d539905f?narHash=sha256-K6IkdtMtq9xktmYPj0uaYc8NsIqHuaAoRBaMgu9Fvrw%3D' (2024-04-07)
  → 'github:nix-community/nixpkgs.lib/1bba8a624b3b9d4f68db94fb63aaeb46039ce9e6?narHash=sha256-XFNKtyirrGNdehpg7lMNm1skEcBApjqGhaHc/OI95HY%3D' (2024-06-30)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/201ed88e66f7f34d5c74e46d2e4399cc4bea1501?narHash=sha256-3vNXv4zrblZFobrxz1P3RwLpHl6X3/GzfArdTxq0%2BnI%3D' (2024-06-21)
  → 'github:nixos/nixpkgs/10c832d0548e9e3a6df7eb51e68c2783212a303e?narHash=sha256-2ASBatUTQWNIiTeBZRuxROu27MyOavVnzeCv7h40QNw%3D' (2024-07-01)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/1c0bec249943cd3e03f876554b8af7d1e32a09e1?narHash=sha256-uIZlOpCIi/GZ3xrkA87CAHqbTvsTbVQV1JjnP33slxs%3D' (2024-06-21)
  → 'github:nixos/nixpkgs/7f993cdf26ccef564eabf31fdb40d140821e12bc?narHash=sha256-pY0wosAgcr9W4vmGML0T3BVhQiGuKoozCbs2t%2BJe1zc%3D' (2024-07-01)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/797ce4c1f45a85df6dd3d9abdc53f2691bea9251?narHash=sha256-Pm9I/BMQHbsucdWf6y9G3xBZh3TMlThGo4KBbeoeczg%3D' (2024-06-16)
  → 'github:Mic92/sops-nix/b5974d4331fb6c893e808977a2e1a6d34b3162d6?narHash=sha256-KA9gy2Wkv76s4A8eLnOcdKVTygewbw3xsB8%2BawNMyqs%3D' (2024-06-30)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/c884223af91820615a6146af1ae1fea25c107005?narHash=sha256-v43N1gZLcGkhg3PdcrKUNIZ1L0FBzB2JqhIYEyKAHEs%3D' (2024-06-15)
  → 'github:NixOS/nixpkgs/4a1e673523344f6ccc84b37f4413ad74ea19a119?narHash=sha256-tXlrgAQygNIy49LDVFuPXlWD2zTQV9/F8pfoqwwPJyo%3D' (2024-06-29)

flake.lock: Update ... 827b6b41c1

Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/f7a029d41e49ff0747888105e1ed4314dca8436f?narHash=sha256-8lsuMR3rnX4yUPPjz04opgb30Z47sCgZu4TIszWBW9A%3D' (2024-07-01)
  → 'github:nix-community/nixos-generators/076ea5b672bb1ea535ee84cfdabd0c2f0b7f20c7?narHash=sha256-i8BiZj5faQS6gsupE0S9xtiyZmWinGpVLwxXWV342aQ%3D' (2024-07-13)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/10c832d0548e9e3a6df7eb51e68c2783212a303e?narHash=sha256-2ASBatUTQWNIiTeBZRuxROu27MyOavVnzeCv7h40QNw%3D' (2024-07-01)
  → 'github:nixos/nixpkgs/74348da2f3a312ee25cea09b98cdba4cb9fa5d5d?narHash=sha256-6vuViC56%2BKSr%2B945bCV8akHK%2B7J5k6n/epYg/W3I5eQ%3D' (2024-07-14)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/7f993cdf26ccef564eabf31fdb40d140821e12bc?narHash=sha256-pY0wosAgcr9W4vmGML0T3BVhQiGuKoozCbs2t%2BJe1zc%3D' (2024-07-01)
  → 'github:nixos/nixpkgs/0af9d835c27984b3265145f8e3cbc6c153479196?narHash=sha256-if0qaFmAe8X01NsVRK5e9Asg9mEWVkHrA9WuqM5jB70%3D' (2024-07-14)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/b5974d4331fb6c893e808977a2e1a6d34b3162d6?narHash=sha256-KA9gy2Wkv76s4A8eLnOcdKVTygewbw3xsB8%2BawNMyqs%3D' (2024-06-30)
  → 'github:Mic92/sops-nix/0703ba03fd9c1665f8ab68cc3487302475164617?narHash=sha256-eTpnrT6yu1vp8C0B5fxHXhgKxHoYMoYTEikQx///jxY%3D' (2024-07-14)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/4a1e673523344f6ccc84b37f4413ad74ea19a119?narHash=sha256-tXlrgAQygNIy49LDVFuPXlWD2zTQV9/F8pfoqwwPJyo%3D' (2024-06-29)
  → 'github:NixOS/nixpkgs/74348da2f3a312ee25cea09b98cdba4cb9fa5d5d?narHash=sha256-6vuViC56%2BKSr%2B945bCV8akHK%2B7J5k6n/epYg/W3I5eQ%3D' (2024-07-14)

Switch from deprecated extraConfig to settings for phpfpm.pools.dokuwiki 4e095c1a85

flake.lock: Update ... 89ee6878ad

Flake lock file updates:

• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/74348da2f3a312ee25cea09b98cdba4cb9fa5d5d?narHash=sha256-6vuViC56%2BKSr%2B945bCV8akHK%2B7J5k6n/epYg/W3I5eQ%3D' (2024-07-14)
  → 'github:nixos/nixpkgs/556533a23879fc7e5f98dd2e0b31a6911a213171?narHash=sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0%3D' (2024-07-21)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/0af9d835c27984b3265145f8e3cbc6c153479196?narHash=sha256-if0qaFmAe8X01NsVRK5e9Asg9mEWVkHrA9WuqM5jB70%3D' (2024-07-14)
  → 'github:nixos/nixpkgs/4cc8b29327bed3d52b40041f810f49734298af46?narHash=sha256-jfF4gpRUpTBY2OxDB0FRySsgNGOiuDckEtu7YDQom3Y%3D' (2024-07-21)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/0703ba03fd9c1665f8ab68cc3487302475164617?narHash=sha256-eTpnrT6yu1vp8C0B5fxHXhgKxHoYMoYTEikQx///jxY%3D' (2024-07-14)
  → 'github:Mic92/sops-nix/909e8cfb60d83321d85c8d17209d733658a21c95?narHash=sha256-AsvPw7T0tBLb53xZGcUC3YPqlIpdxoSx56u8vPCr6gU%3D' (2024-07-21)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/74348da2f3a312ee25cea09b98cdba4cb9fa5d5d?narHash=sha256-6vuViC56%2BKSr%2B945bCV8akHK%2B7J5k6n/epYg/W3I5eQ%3D' (2024-07-14)
  → 'github:NixOS/nixpkgs/556533a23879fc7e5f98dd2e0b31a6911a213171?narHash=sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0%3D' (2024-07-21)

Fix container registry image uploads for git server ... 744d17c0c7

Do this by disabling checking of client request body size.

Give esphome a static v6 and get cert directly via chal. served over v6 ... b7acd9f65d

Give the host a static v4 as well.
Also let the nginx redirect from the hosts FQDN to the service domain.

Clean up networking configs by making them all use the same layout ... 9a0d2fc9c6

Also use the v6 gateway as a nameserver as well for the esphome host.

Add .editorconfig for ensuring some consistency fe24a029cc

Configure Uptime-Kuma host 94f8269d22

Update spaceapid to v0.1.0 3401265e6f

spaceapi: remove inside sensors for privacy reasons 6c7edcc1d3

penpot: configure penpot host using oci-containers f128368c0c

flake.lock: Update ... c3cf1fec38

Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/076ea5b672bb1ea535ee84cfdabd0c2f0b7f20c7?narHash=sha256-i8BiZj5faQS6gsupE0S9xtiyZmWinGpVLwxXWV342aQ%3D' (2024-07-13)
  → 'github:nix-community/nixos-generators/d6c5d29f58acc10ea82afff1de2b28f038f572bd?narHash=sha256-HSxOQEKNZXiJe9aWnckTTCThOhcRCabwHa32IduDKLk%3D' (2024-08-08)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/1bba8a624b3b9d4f68db94fb63aaeb46039ce9e6?narHash=sha256-XFNKtyirrGNdehpg7lMNm1skEcBApjqGhaHc/OI95HY%3D' (2024-06-30)
  → 'github:nix-community/nixpkgs.lib/8bebd4c74f368aacb047f0141db09ec6b339733c?narHash=sha256-do2Mfm3T6SR7a5A804RhjQ%2BJTsF5hk4JTPGjCTRM/m8%3D' (2024-08-04)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/556533a23879fc7e5f98dd2e0b31a6911a213171?narHash=sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0%3D' (2024-07-21)
  → 'github:nixos/nixpkgs/c306d09c1dc6492442ae4af0d1ba575869c41fc3?narHash=sha256-aA1JNhFh97BHPTXoJvcvgG4VSyjx0U1wT2EivxMp77o%3D' (2024-08-10)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/4cc8b29327bed3d52b40041f810f49734298af46?narHash=sha256-jfF4gpRUpTBY2OxDB0FRySsgNGOiuDckEtu7YDQom3Y%3D' (2024-07-21)
  → 'github:nixos/nixpkgs/bef98989a27429e1cb9e3d9c25701ba2da742af2?narHash=sha256-2B9qh8QBvw3kV/8cHc7ZJcrbVsRwP8wKjkwPXTSz76Y%3D' (2024-08-10)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/909e8cfb60d83321d85c8d17209d733658a21c95?narHash=sha256-AsvPw7T0tBLb53xZGcUC3YPqlIpdxoSx56u8vPCr6gU%3D' (2024-07-21)
  → 'github:Mic92/sops-nix/8ae477955dfd9cbf5fa4eb82a8db8ddbb94e79d9?narHash=sha256-3m/iyyjCdRBF8xyehf59QlckIcmShyTesymSb%2BN4Ap4%3D' (2024-08-05)

spaceapid: add 3d printer state sensors (bool) ... 919652f09c

The schema only allows numeric values so I'm leaving the time to finish
field out of this for now.

flake.lock: Update ... 625f462221

Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/d6c5d29f58acc10ea82afff1de2b28f038f572bd?narHash=sha256-HSxOQEKNZXiJe9aWnckTTCThOhcRCabwHa32IduDKLk%3D' (2024-08-08)
  → 'github:nix-community/nixos-generators/5fd22603892e4ec5ac6085058ed658243143aacd?narHash=sha256-U11ZiQPrpIBdv7oS23bNdX9GCxe/hPf/ARr64P2Wj1Y%3D' (2024-08-19)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/8bebd4c74f368aacb047f0141db09ec6b339733c?narHash=sha256-do2Mfm3T6SR7a5A804RhjQ%2BJTsF5hk4JTPGjCTRM/m8%3D' (2024-08-04)
  → 'github:nix-community/nixpkgs.lib/531a2e8416a6d8200a53eddfbdb8f2c8dc4a1251?narHash=sha256-QdSArN0xKESEOTcv%2B3kE6yu4B4WX9lupZ4%2BHtx3RXGg%3D' (2024-08-18)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/c306d09c1dc6492442ae4af0d1ba575869c41fc3?narHash=sha256-aA1JNhFh97BHPTXoJvcvgG4VSyjx0U1wT2EivxMp77o%3D' (2024-08-10)
  → 'github:nixos/nixpkgs/3f38e71a8e23a27569acbbfee0e83b76c86fa569?narHash=sha256-vAq%2BI0IWsIDq5RUc01t25iL46LLxdsmlTJ96A30bMEY%3D' (2024-08-18)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/bef98989a27429e1cb9e3d9c25701ba2da742af2?narHash=sha256-2B9qh8QBvw3kV/8cHc7ZJcrbVsRwP8wKjkwPXTSz76Y%3D' (2024-08-10)
  → 'github:nixos/nixpkgs/ed434d7889eddb68002d81bc25212f26ff8f2862?narHash=sha256-tGRPGJKwczrM7793zaR74KnuYLMHArJvYXmGu8Wo9oI%3D' (2024-08-19)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/8ae477955dfd9cbf5fa4eb82a8db8ddbb94e79d9?narHash=sha256-3m/iyyjCdRBF8xyehf59QlckIcmShyTesymSb%2BN4Ap4%3D' (2024-08-05)
  → 'github:Mic92/sops-nix/be0eec2d27563590194a9206f551a6f73d52fa34?narHash=sha256-N9IcHgj/p1%2B2Pvk8P4Zc1bfrMwld5PcosVA0nL6IGdE%3D' (2024-08-12)

penpot: switch to stock penpot image and version 2.1.3 ... 5e15381f81

Do that since it now has all the fixes applied we need.

flake.lock: Update ... 4954dd00a0

Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/5fd22603892e4ec5ac6085058ed658243143aacd?narHash=sha256-U11ZiQPrpIBdv7oS23bNdX9GCxe/hPf/ARr64P2Wj1Y%3D' (2024-08-19)
  → 'github:nix-community/nixos-generators/8e337ce40421c4f33e7535aeb988d8e30fe067eb?narHash=sha256-LI%2BgI4qeVTQaS0vW6tn49RG%2Bf8cH1KBALaligCeHLog%3D' (2024-09-02)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/531a2e8416a6d8200a53eddfbdb8f2c8dc4a1251?narHash=sha256-QdSArN0xKESEOTcv%2B3kE6yu4B4WX9lupZ4%2BHtx3RXGg%3D' (2024-08-18)
  → 'github:nix-community/nixpkgs.lib/7f0b9e4fbd91826cb9ce6babbc11c87903191051?narHash=sha256-Tm344cnFM9f2YZsgWtJduvhIrvLr3Bi8J4Xc%2BUZDKYE%3D' (2024-09-01)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/3f38e71a8e23a27569acbbfee0e83b76c86fa569?narHash=sha256-vAq%2BI0IWsIDq5RUc01t25iL46LLxdsmlTJ96A30bMEY%3D' (2024-08-18)
  → 'github:nixos/nixpkgs/3524b030c839db4ea4ba16737789c6fb8a1769c6?narHash=sha256-w3sjCEbnc242ByJ18uebzgjFZY3QU7dZhmLwPsJIZJs%3D' (2024-09-01)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/ed434d7889eddb68002d81bc25212f26ff8f2862?narHash=sha256-tGRPGJKwczrM7793zaR74KnuYLMHArJvYXmGu8Wo9oI%3D' (2024-08-19)
  → 'github:nixos/nixpkgs/2830c7c930311397d94c0b86a359c865c081c875?narHash=sha256-/HTUg%2BkMaqBPGrcQBYboAMsQHIWIkuKRDldss/035Hc%3D' (2024-09-03)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/be0eec2d27563590194a9206f551a6f73d52fa34?narHash=sha256-N9IcHgj/p1%2B2Pvk8P4Zc1bfrMwld5PcosVA0nL6IGdE%3D' (2024-08-12)
  → 'github:Mic92/sops-nix/5db5921e40ae382d6716dce591ea23b0a39d96f7?narHash=sha256-lj5pxOwidP0W//E7IvyhbhXrnEUW99I07%2BQpERnzTS4%3D' (2024-09-01)

flake.lock: Update ... 982c73f96a

Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/8e337ce40421c4f33e7535aeb988d8e30fe067eb?narHash=sha256-LI%2BgI4qeVTQaS0vW6tn49RG%2Bf8cH1KBALaligCeHLog%3D' (2024-09-02)
  → 'github:nix-community/nixos-generators/e8c1cd886cc17e31e424f915efd32e84d8af0ce9?narHash=sha256-t/%2Bz1Tf7hSaStU1pBYkY7i0/GkG%2BYIPSmfeRrK8eYUw%3D' (2024-09-23)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/7f0b9e4fbd91826cb9ce6babbc11c87903191051?narHash=sha256-Tm344cnFM9f2YZsgWtJduvhIrvLr3Bi8J4Xc%2BUZDKYE%3D' (2024-09-01)
  → 'github:nix-community/nixpkgs.lib/575704ff85d3a41dc5bfef7b55380cbc7b87f3c2?narHash=sha256-25ByioeOBFcnitO5lM/Mufnv/u7YtHEHEM8QFuiS40k%3D' (2024-09-22)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/3524b030c839db4ea4ba16737789c6fb8a1769c6?narHash=sha256-w3sjCEbnc242ByJ18uebzgjFZY3QU7dZhmLwPsJIZJs%3D' (2024-09-01)
  → 'github:nixos/nixpkgs/7ca0f93c530406c1610defff0b9bf643333cf992?narHash=sha256-gXIWudYhY/4LjQPvrGn9lN4fbHjw/mf1mb9KKJK//4I%3D' (2024-09-23)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/2830c7c930311397d94c0b86a359c865c081c875?narHash=sha256-/HTUg%2BkMaqBPGrcQBYboAMsQHIWIkuKRDldss/035Hc%3D' (2024-09-03)
  → 'github:nixos/nixpkgs/d266adc5a77ec8c10ed941c7251b2673004dbd62?narHash=sha256-m6kgjR4zAwyMe1Pn4RGXLCzArtoBp1qzhb2AUlPeVh4%3D' (2024-09-23)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/5db5921e40ae382d6716dce591ea23b0a39d96f7?narHash=sha256-lj5pxOwidP0W//E7IvyhbhXrnEUW99I07%2BQpERnzTS4%3D' (2024-09-01)
  → 'github:Mic92/sops-nix/e2d404a7ea599a013189aa42947f66cede0645c8?narHash=sha256-qis6BtOOBBEAfUl7FMHqqTwRLB61OL5OFzIsOmRz2J4%3D' (2024-09-16)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/556533a23879fc7e5f98dd2e0b31a6911a213171?narHash=sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0%3D' (2024-07-21)
  → 'github:NixOS/nixpkgs/dc454045f5b5d814e5862a6d057e7bb5c29edc05?narHash=sha256-vNv%2BaJUW5/YurRy1ocfvs4q/48yVESwlC/yHzjkZSP8%3D' (2024-09-08)

public-web-static: host Easterhegg 20 website static export 539b17edc3

mjolnir: allow use of deprecated, somewhat insecure libolm ... f9052d0eac

Do this to be able to update the moderation bot and because the security
issues apparently aren't real world exploitable:
https://matrix.org/blog/2024/08/libolm-deprecation/

all: setup prometheus node exporter for all hosts on Chaosknoten ... 7e6644b112

Do that so we can have monitoring for them via prometheus, alertmanager
and grafana.
Also add a local ip for the git host for PVE firewalling.

netbox: integrate with CCCHH ID (Keycloak) 51cc0097f0

Update element to 1.11.80 dfd6506e1c

public-web-static: add hackertours.hamburg.ccc.de static web host ... 4906d71540

It can be deployed using a corresponding deploy key in the same manner
hacker.tours and hamburg.ccc.de can be deployed.

public-web-static: add staging for hackertours.hamburg.ccc.de 905b7dd3ba

public-web-static: redirect old hackertours 37C3 urls to proper url e2dc43ede9

public-web-static: redirect EH20 doku.php?id=$pagename to new format ... 654b3f443e

See:
CCCHH/easterhegg-eh20-website#2 (comment)

make yate systemd service 0cd4b81e17

echtnurich force-pushed yate from 0cd4b81e17 to e24b5b6fb1 2024-10-21 18:05:46 +02:00 Compare

echtnurich commented 2024-10-21 18:08:48 +02:00

Author

Owner

Copy link

Kann das bitte jemand anders zusammenfrickeln, ich hab keinen Bock mehr...
@june @jtbx

Kann das bitte jemand anders zusammenfrickeln, ich hab keinen Bock mehr... @june @jtbx

c6ristian force-pushed yate from e24b5b6fb1 to f6b424fa7a 2024-11-17 21:41:59 +01:00 Compare

c6ristian force-pushed yate from f6b424fa7a to 5fee15c3dc 2024-11-17 21:46:06 +01:00 Compare

echtnurich force-pushed yate from 5fee15c3dc to 4467c2172d 2025-01-18 21:00:55 +01:00 Compare

echtnurich commented 2025-01-18 21:05:09 +01:00

Author

Owner

Copy link

Can someone please approve and merge this, before it breaks again?

We kinda need to go live soon

Can someone please approve and merge this, before it breaks again? We kinda need to go live soon

june approved these changes 2025-01-19 17:02:05 +01:00

Dismissed

june left a comment

Owner

Copy link

Looks alright!

Looks alright!

june added 1 commit 2025-01-19 19:05:52 +01:00

yate: clean up and nicely format nix configuration 50e5e78968

june dismissed june's review 2025-01-19 19:05:52 +01:00

Reason:

New commits pushed, approval review dismissed automatically according to repository settings

june approved these changes 2025-01-19 19:06:18 +01:00

Dismissed

june left a comment

Owner

Copy link

Looks good!

Looks good!

june commented 2025-01-19 19:06:43 +01:00

Owner

Copy link

@echtnurich I cleaned up the configuration a bit, can u check, if yate works fine and if so, I would merge this :3

@echtnurich I cleaned up the configuration a bit, can u check, if yate works fine and if so, I would merge this :3

june added 1 commit 2025-01-19 20:28:25 +01:00

public-web-static: remove irc from spaceapi response as it's deprecated de04bc09f6

june dismissed june's review 2025-01-19 20:28:25 +01:00

Reason:

New commits pushed, approval review dismissed automatically according to repository settings

june force-pushed yate from de04bc09f6 to 50e5e78968 2025-01-19 20:32:35 +01:00 Compare

echtnurich commented 2025-01-20 16:52:12 +01:00

Author

Owner

Copy link

Will check later,
1 open todo:

Use ExecReload= to trigger a hard config pull from
origin
This will run on systemctl reload
May drop sessions, gotta be careful.

Will check later, 1 open todo: Use ExecReload= to trigger a hard config pull from origin This will run on systemctl reload May drop sessions, gotta be careful.

echtnurich added 1 commit 2025-01-23 20:15:44 +01:00

Add reload script for refreshing config during runtime aadf95b576

echtnurich commented 2025-01-23 20:18:42 +01:00

Author

Owner

Copy link

Looks good, everything seems to work just as intended.
Also you can now sudo systemctl reload yate and the config will be hard pulled from repo

Looks good, everything seems to work just as intended. Also you can now `sudo systemctl reload yate` and the config will be hard pulled from repo

👍 1

june approved these changes 2025-01-23 23:17:23 +01:00

june left a comment

Owner

Copy link

Let's get this thing merged :3

Let's get this thing merged :3

🚀 1

june force-pushed yate from aadf95b576 to d57c47437f 2025-01-23 23:17:37 +01:00 Compare

june merged commit d57c47437f into main 2025-01-23 23:21:26 +01:00

Sign in to join this conversation.

Reviewers

No reviewers

june

Labels

Clear labels   

bug

Something is not working

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

help wanted

Need some help

  

invalid

Something is wrong

  

question

More information is needed

  

wontfix

This won't be fixed

No labels

bug

duplicate

enhancement

help wanted

invalid

question

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

3 participants

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

CCCHH/nix-infra!6

No description provided.