public-web-static: make www.c3cat.de actually work

public-web-static: remove cpuccc.hamburg.ccc.de alias
public-web-static: make hamburg.ccc.de the default server
2026-02-01 21:06:33 +01:00 · 2026-01-28 15:31:31 +01:00 · 2026-01-27 15:47:14 +01:00 · 2026-01-27 15:44:25 +01:00 · 2026-01-27 15:36:23 +01:00 · 2026-01-25 20:44:07 +01:00
22 changed files with 158 additions and 403 deletions
--- a/config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix
+++ b/config/hosts/forgejo-actions-runner/forgejo-actions-runner.nix
@ -3,11 +3,11 @@
 # - https://forgejo.org/docs/latest/user/actions/
 # - https://docs.gitea.com/next/usage/actions/act-runner

-{ config, pkgs-unstable, ... }:
+{ config, pkgs, ... }:

 {
  services.gitea-actions-runner = {
-    package = pkgs-unstable.forgejo-actions-runner;
+    package = pkgs.forgejo-runner;
    instances.ccchh-forgejo-global-docker = {
      enable = true;
      name = "Global Docker Forgejo Actions Runner";
--- a/config/hosts/hydra/configuration.nix
+++ b/config/hosts/hydra/configuration.nix
@ -1,9 +0,0 @@
-{ ... }:
-
-{
-  networking = {
-    hostName = "hydra";
-  };
-
-  system.stateVersion = "24.05";
-}
--- a/config/hosts/hydra/default.nix
+++ b/config/hosts/hydra/default.nix
@ -1,11 +0,0 @@
-{ ... }:
-
-{
-  imports = [
-    ./configuration.nix
-    ./hydra.nix
-    ./networking.nix
-    ./nginx.nix
-    ./nix.nix
-  ];
-}
--- a/config/hosts/hydra/hydra.nix
+++ b/config/hosts/hydra/hydra.nix
@ -1,15 +0,0 @@
-{ ... }:
-
-{
-  services.hydra = {
-    enable = true;
-    listenHost = "localhost";
-    port = 3000;
-    hydraURL = "https://hydra.hamburg.ccc.de/";
-    # E-Mail configuration requires some work/investigation still.
-    notificationSender = "no-reply@hydra.hamburg.ccc.de";
-    useSubstitutes = true;
-    minimumDiskFree = 8;
-    minimumDiskFreeEvaluator = 2;
-  };
-}
--- a/config/hosts/hydra/networking.nix
+++ b/config/hosts/hydra/networking.nix
@ -1,22 +0,0 @@
-{ ... }:
-
-{
-  networking = {
-    interfaces.net0 = {
-      ipv4.addresses = [
-        {
-          address = "172.31.17.163";
-          prefixLength = 25;
-        }
-      ];
-    };
-    defaultGateway = "172.31.17.129";
-    nameservers = [ "212.12.50.158" "192.76.134.90" ];
-    search = [ "hamburg.ccc.de" ];
-  };
-
-  systemd.network.links."10-net0" = {
-    matchConfig.MACAddress = "BC:24:11:45:7C:D6";
-    linkConfig.Name = "net0";
-  };
-}
--- a/config/hosts/hydra/nginx.nix
+++ b/config/hosts/hydra/nginx.nix
@ -1,58 +0,0 @@
-{ config, pkgs, ... }:
-
-let
-  domain = "hydra.hamburg.ccc.de";
-in
-{
-  services.nginx = {
-    enable = true;
-
-    virtualHosts = {
-      "acme-${domain}" = {
-        default = true;
-        enableACME = true;
-        serverName = "${domain}";
-
-        listen = [
-          {
-            addr = "0.0.0.0";
-            port = 31820;
-          }
-        ];
-      };
-
-      "${domain}" = {
-        default = true;
-        forceSSL = true;
-        useACMEHost = "${domain}";
-
-        listen = [
-          {
-            addr = "0.0.0.0";
-            port = 8443;
-            ssl = true;
-            proxyProtocol = true;
-          }
-        ];
-
-        locations."/" = {
-          proxyPass = "http://${config.services.hydra.listenHost}:${builtins.toString config.services.hydra.port}";
-        };
-
-        extraConfig = ''
-          # Make use of the ngx_http_realip_module to set the $remote_addr and
-          # $remote_port to the client address and client port, when using proxy
-          # protocol.
-          # First set our proxy protocol proxy as trusted.
-          set_real_ip_from 172.31.17.140;
-          # Then tell the realip_module to get the addreses from the proxy protocol
-          # header.
-          real_ip_header proxy_protocol;
-        '';
-      };
-    };
-  };
-
-  networking.firewall.allowedTCPPorts = [ 8443 31820 ];
-  networking.firewall.allowedUDPPorts = [ 8443 ];
-}
--- a/config/hosts/hydra/nix.nix
+++ b/config/hosts/hydra/nix.nix
@ -1,10 +0,0 @@
-{ ... }:
-
-{
-  # Allow Hydra to fetch flake inputs.
-  nix.settings.allowed-uris = [
-    "github:"
-    "https://github.com/"
-    "https://git.hamburg.ccc.de/"
-  ];
-}
--- a/config/hosts/mjolnir/networking.nix
+++ b/config/hosts/mjolnir/networking.nix
@ -1,19 +1,25 @@
 { ... }:

 {
-  networking = {
-    interfaces.net0 = {
-      ipv4.addresses = [
-        {
-          address = "172.31.17.161";
-          prefixLength = 25;
-        }
+  networking.useDHCP = false;
+
+  services.cloud-init = {
+    enable = true;
+    network.enable = true;
+
+    # Version without ssh of:
+    # https://github.com/NixOS/nixpkgs/blob/3c9db02515ef1d9b6b709fc60ba9a540957f661c/nixos/modules/services/system/cloud-init.nix#L145
+    # So we don't get ssh hostkey regenerations.
+    settings.cloud_config_modules = [
+        "disk_setup"
+        "mounts"
+        "ssh-import-id"
+        "set-passwords"
+        "timezone"
+        "disable-ec2-metadata"
+        "runcmd"
      ];
  };
-    defaultGateway = "172.31.17.129";
-    nameservers = [ "212.12.50.158" "192.76.134.90" ];
-    search = [ "hamburg.ccc.de" ];
-  };

  systemd.network.links."10-net0" = {
    matchConfig.MACAddress = "BC:24:11:C9:F8:C5";
--- a/config/hosts/public-reverse-proxy/nginx.nix
+++ b/config/hosts/public-reverse-proxy/nginx.nix
@ -6,22 +6,6 @@
 { config, pkgs, ... }:

 {
-  services.nginx.streamConfig = ''
-    map $ssl_preread_server_name $address {
-        status.ccchh.net 10.31.206.15:8443;
-        status.hamburg.ccc.de 10.31.206.15:8443;
-    }
-
-    # Listen on port 443 as a reverse proxy and use PROXY Protocol for the
-    # upstreams.
-    server {
-        listen 0.0.0.0:443;
-        proxy_pass $address;
-        ssl_preread on;
-        proxy_protocol on;
-    }
-  '';
-
  services.nginx.appendHttpConfig = ''
    map $host $upstream_acme_challenge_host {
        club-assistant.ccchh.net 10.31.208.10;
@ -35,7 +19,6 @@
        zigbee2mqtt.ccchh.net 10.31.208.25:31820;
        esphome.ccchh.net 10.31.208.24:31820;
        proxmox-backup-server.ccchh.net 10.31.208.28;
-        status.ccchh.net 10.31.206.15:31820;
        default "";
    }
  '';
--- a/config/hosts/public-web-static/nginx.nix
+++ b/config/hosts/public-web-static/nginx.nix
@ -1,7 +1,12 @@
 { ... }:

 {
-  services.nginx.enable = true;
+  services.nginx = {
+    enable = true;
+    appendHttpConfig = ''
+      access_log off;
+    '';
+  };

  networking.firewall.allowedTCPPorts = [ 8443 31820 ];
  networking.firewall.allowedUDPPorts = [ 8443 ];
--- a/config/hosts/public-web-static/virtualHosts/c3cat.de.nix
+++ b/config/hosts/public-web-static/virtualHosts/c3cat.de.nix
@ -23,7 +23,7 @@ in {
      ];
    };

-    "$www.${domain}" = {
+    "www.${domain}" = {
      forceSSL = true;
      useACMEHost = "${domain}";

--- a/config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix
+++ b/config/hosts/public-web-static/virtualHosts/cpu.ccc.de.nix
@ -0,0 +1,118 @@
+{ ... }:
+
+let
+  domain = "cpu.ccc.de";
+  dataDir = "/var/www/${domain}";
+  deployUser = "cpuccc-website-deploy";
+in
+{
+  security.acme.certs."cpu.ccc.de".extraDomainNames = [
+    "lokal.ccc.de"
+    "local.ccc.de"
+  ];
+
+  services.nginx.virtualHosts = {
+    "acme-${domain}" = {
+      enableACME = true;
+      serverName = "${domain}";
+
+      listen = [
+        {
+          addr = "0.0.0.0";
+          port = 31820;
+        }
+      ];
+    };
+
+    # https://git.hamburg.ccc.de/CCCHH/cpu.ccc.de/src/branch/main/nginx.conf
+    "${domain}" = {
+      forceSSL = true;
+      useACMEHost = "${domain}";
+
+      listen = [
+        {
+          addr = "0.0.0.0";
+          port = 8443;
+          ssl = true;
+          proxyProtocol = true;
+        }
+      ];
+
+      root = "${dataDir}";
+
+      extraConfig = ''
+        index index.html;
+        default_type text/plain;
+
+        # Make use of the ngx_http_realip_module to set the $remote_addr and
+        # $remote_port to the client address and client port, when using proxy
+        # protocol.
+        # First set our proxy protocol proxy as trusted.
+        set_real_ip_from 172.31.17.140;
+        # Then tell the realip_module to get the addreses from the proxy protocol
+        # header.
+        real_ip_header proxy_protocol;
+
+        port_in_redirect off;
+      '';
+
+      locations."/" = {
+        tryFiles = "$uri $uri/ =404";
+
+        extraConfig = ''
+          location /feed/ {
+            default_type application/rss+xml;
+            types {
+              text/xml application/rss+xml;
+            }
+          }
+
+          location /rss {
+            default_type application/rss+xml;
+          }
+        '';
+      };
+    };
+
+    "lokal.ccc.de" = {
+      forceSSL = true;
+      useACMEHost = "cpu.ccc.de";
+      serverAliases = [
+        "local.ccc.de"
+      ];
+
+      listen = [{
+        addr = "0.0.0.0";
+        port = 8443;
+        ssl = true;
+        proxyProtocol = true;
+      }];
+
+      locations."/".return = "302 https://cpu.ccc.de";
+
+      extraConfig = ''
+        # Make use of the ngx_http_realip_module to set the $remote_addr and
+        # $remote_port to the client address and client port, when using proxy
+        # protocol.
+        # First set our proxy protocol proxy as trusted.
+        set_real_ip_from 172.31.17.140;
+        # Then tell the realip_module to get the addreses from the proxy protocol
+        # header.
+        real_ip_header proxy_protocol;
+      '';
+    };
+  };
+
+  systemd.tmpfiles.rules = [
+    "d ${dataDir} 0755 ${deployUser} ${deployUser}"
+  ];
+
+  users.users."${deployUser}" = {
+    isNormalUser = true;
+    group = "${deployUser}";
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOnO7g/7mVVKnvkszto8m3nPljO/6qQc/34aEbrhKOvn deploy key for cpu.ccc.de"
+    ];
+  };
+  users.groups."${deployUser}" = { };
+}
--- a/config/hosts/public-web-static/virtualHosts/default.nix
+++ b/config/hosts/public-web-static/virtualHosts/default.nix
@ -4,6 +4,7 @@
  imports = [
    ./branding-resources.hamburg.ccc.de.nix
    ./c3cat.de.nix
+    ./cpu.ccc.de.nix
    ./cryptoparty-hamburg.de.nix
    ./element-admin.hamburg.ccc.de.nix
    ./element.hamburg.ccc.de.nix
--- a/config/hosts/public-web-static/virtualHosts/hamburg.ccc.de.nix
+++ b/config/hosts/public-web-static/virtualHosts/hamburg.ccc.de.nix
@ -17,6 +17,7 @@
    "hamburg.ccc.de" = {
      forceSSL = true;
      useACMEHost = "hamburg.ccc.de";
+      default = true;

      listen = [
        {
--- a/config/hosts/status/configuration.nix
+++ b/config/hosts/status/configuration.nix
@ -1,10 +0,0 @@
-{ ... }:
-
-{
-  networking = {
-    hostName = "status";
-    domain = "z9.ccchh.net";
-  };
-
-  system.stateVersion = "24.05";
-}
--- a/config/hosts/status/default.nix
+++ b/config/hosts/status/default.nix
@ -1,10 +0,0 @@
-{ ... }:
-
-{
-  imports = [
-    ./configuration.nix
-    ./networking.nix
-    ./nginx.nix
-    ./uptime-kuma.nix
-  ];
-}
--- a/config/hosts/status/networking.nix
+++ b/config/hosts/status/networking.nix
@ -1,29 +0,0 @@
-{ ... }:
-
-{
-  networking = {
-    interfaces.net0 = {
-      ipv4.addresses = [
-        {
-          address = "10.31.206.15";
-          prefixLength = 23;
-        }
-      ];
-      ipv6.addresses = [
-        {
-          address = "2a07:c481:1:ce::a";
-          prefixLength = 64;
-        }
-      ];
-    };
-    defaultGateway = "10.31.206.1";
-    defaultGateway6 = "2a07:c481:1:ce::1";
-    nameservers = [ "10.31.206.1" "2a07:c481:1:ce::1" ];
-    search = [ "z9.ccchh.net" ];
-  };
-
-  systemd.network.links."10-net0" = {
-    matchConfig.MACAddress = "BC:24:11:79:D3:E1";
-    linkConfig.Name = "net0";
-  };
-}
--- a/config/hosts/status/nginx.nix
+++ b/config/hosts/status/nginx.nix
@ -1,149 +0,0 @@
-# Sources for this configuration:
-# - https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy
-
-{ config, ... }:
-
-{
-  services.nginx = {
-    enable = true;
-
-    virtualHosts = {
-      "status.hamburg.ccc.de" = {
-        forceSSL = true;
-        enableACME = true;
-        serverName = "status.hamburg.ccc.de";
-
-        listen = [
-          {
-            addr = "[::]";
-            port = 80;
-          }
-          {
-            addr = "[::]";
-            port = 443;
-            ssl = true;
-          }
-        ];
-
-        locations."/" = {
-          proxyPass = "http://localhost:3001";
-          proxyWebsockets = true;
-        };
-      };
-      "status-proxyprotocol.hamburg.ccc.de" = {
-        forceSSL = true;
-        useACMEHost = "status.hamburg.ccc.de";
-        serverName = "status.hamburg.ccc.de";
-
-        listen = [
-          {
-            addr = "0.0.0.0";
-            port = 8443;
-            ssl = true;
-            proxyProtocol = true;
-          }
-        ];
-
-        locations."/" = {
-          proxyPass = "http://localhost:3001";
-          proxyWebsockets = true;
-        };
-
-        extraConfig = ''
-          # Make use of the ngx_http_realip_module to set the $remote_addr and
-          # $remote_port to the client address and client port, when using proxy
-          # protocol.
-          # First set our proxy protocol proxy as trusted.
-          set_real_ip_from 10.31.206.11;
-          # Then tell the realip_module to get the addreses from the proxy protocol
-          # header.
-          real_ip_header proxy_protocol;
-        '';
-      };
-      "status.ccchh.net" = {
-        forceSSL = true;
-        useACMEHost = "status.hamburg.ccc.de";
-        serverName = "status.ccchh.net";
-
-        listen = [
-          {
-            addr = "[::]";
-            port = 80;
-          }
-          {
-            addr = "[::]";
-            port = 443;
-            ssl = true;
-          }
-        ];
-
-        globalRedirect = "status.hamburg.ccc.de";
-        redirectCode = 307;
-      };
-      "status-proxyprotocol.ccchh.net" = {
-        forceSSL = true;
-        useACMEHost = "status.hamburg.ccc.de";
-        serverName = "status.ccchh.net";
-
-        listen = [
-          {
-            addr = "0.0.0.0";
-            port = 8443;
-            ssl = true;
-            proxyProtocol = true;
-          }
-        ];
-
-        globalRedirect = "status.hamburg.ccc.de";
-        redirectCode = 307;
-
-        extraConfig = ''
-          # Make use of the ngx_http_realip_module to set the $remote_addr and
-          # $remote_port to the client address and client port, when using proxy
-          # protocol.
-          # First set our proxy protocol proxy as trusted.
-          set_real_ip_from 10.31.206.11;
-          # Then tell the realip_module to get the addreses from the proxy protocol
-          # header.
-          real_ip_header proxy_protocol;
-        '';
-      };
-      "status.z9.ccchh.net" = {
-        forceSSL = true;
-        useACMEHost = "status.hamburg.ccc.de";
-        serverName = "status.z9.ccchh.net";
-
-        listen = [
-          {
-            addr = "0.0.0.0";
-            port = 80;
-          }
-          {
-            addr = "[::]";
-            port = 80;
-          }
-          {
-            addr = "0.0.0.0";
-            port = 443;
-            ssl = true;
-          }
-          {
-            addr = "[::]";
-            port = 443;
-            ssl = true;
-          }
-        ];
-
-        globalRedirect = "status.hamburg.ccc.de";
-        redirectCode = 307;
-      };
-    };
-  };
-
-  security.acme.certs."status.hamburg.ccc.de".extraDomainNames = [
-    "status.ccchh.net"
-    "status.z9.ccchh.net"
-  ];
-
-  networking.firewall.allowedTCPPorts = [ 80 443 8443 ];
-}
--- a/config/hosts/status/uptime-kuma.nix
+++ b/config/hosts/status/uptime-kuma.nix
@ -1,7 +0,0 @@
-{ ... }:
-
-{
-  services.uptime-kuma = {
-    enable = true;
-  };
-}
--- a/deployment_configuration.json
+++ b/deployment_configuration.json
@ -16,16 +16,13 @@
      "targetHostname": "forgejo-actions-runner-intern.hamburg.ccc.de"
    },
    "mjolnir": {
-      "targetHostname": "mjolnir-intern.hamburg.ccc.de"
+      "targetHostname": "mjolnir.hosts.hamburg.ccc.de"
    },
    "woodpecker": {
      "targetHostname": "woodpecker-intern.hamburg.ccc.de"
    },
    "penpot": {
      "targetHostname": "penpot-intern.hamburg.ccc.de"
-    },
-    "hydra": {
-      "targetHostname": "hydra-intern.hamburg.ccc.de"
    }
  }
 }
--- a/flake.lock
+++ b/flake.lock
@ -19,27 +19,27 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1761173472,
-        "narHash": "sha256-m9W0dYXflzeGgKNravKJvTMR4Qqa2MVD11AwlGMufeE=",
+        "lastModified": 1768621446,
+        "narHash": "sha256-6YwHV1cjv6arXdF/PQc365h1j+Qje3Pydk501Rm4Q+4=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "c8aa8cc00a5cb57fada0851a038d35c08a36a2bb",
+        "rev": "72ac591e737060deab2b86d6952babd1f896d7c5",
        "type": "github"
      },
      "original": {
        "owner": "nixos",
-        "ref": "nixos-25.05",
+        "ref": "nixos-25.11",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1761349956,
-        "narHash": "sha256-tH3wHnOJms+U4k/rK2Nn1RfBrhffX92jLP/2VndSn0w=",
+        "lastModified": 1768661221,
+        "narHash": "sha256-MJwOjrIISfOpdI9x4C+5WFQXvHtOuj5mqLZ4TMEtk1M=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "02f2cb8e0feb4596d20cc52fda73ccee960e3538",
+        "rev": "3327b113f2ef698d380df83fbccefad7e83d7769",
        "type": "github"
      },
      "original": {
@ -64,11 +64,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1760998189,
-        "narHash": "sha256-ee2e1/AeGL5X8oy/HXsZQvZnae6XfEVdstGopKucYLY=",
+        "lastModified": 1768709255,
+        "narHash": "sha256-aigyBfxI20FRtqajVMYXHtj5gHXENY2gLAXEhfJ8/WM=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "5a7d18b5c55642df5c432aadb757140edfeb70b3",
+        "rev": "5e8fae80726b66e9fec023d21cd3b3e638597aa9",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -5,7 +5,7 @@
    # Use the NixOS small channels for nixpkgs.
    # https://nixos.org/manual/nixos/stable/#sec-upgrading
    # https://github.com/NixOS/nixpkgs
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable";

    # # Add nixos-generators as an input.
@ -147,7 +147,6 @@
          ];
          specialArgs = {
            inherit authorizedKeysRepo;
-            inherit pkgs-unstable;
          };
        };

@ -201,16 +200,6 @@
          ];
        };

-        status = nixpkgs.lib.nixosSystem {
-          inherit system specialArgs;
-          modules = [
-            self.nixosModules.common
-            self.nixosModules.proxmox-vm
-            sops-nix.nixosModules.sops
-            ./config/hosts/status
-          ];
-        };
-
        penpot = nixpkgs.lib.nixosSystem {
          inherit system specialArgs;
          modules = [
@ -221,16 +210,6 @@
            ./config/hosts/penpot
          ];
        };
-
-        hydra = nixpkgs.lib.nixosSystem {
-          inherit system specialArgs;
-          modules = [
-            self.nixosModules.common
-            self.nixosModules.proxmox-vm
-            self.nixosModules.prometheus-exporter
-            ./config/hosts/hydra
-          ];
-        };
      };

      # packages.x86_64-linux = {
@ -259,10 +238,5 @@
      # };

      formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
-
-      hydraJobs = {
-        inherit (self) packages;
-        nixosConfigurations = builtins.mapAttrs (name: value: value.config.system.build.toplevel) self.nixosConfigurations;
-      };
    };
 }
Author	SHA1	Message	Date
June	ebb0cea592	public-web-static: make www.c3cat.de actually work	2026-02-01 21:06:33 +01:00
June	213707b310	public-web-static: remove cpuccc.hamburg.ccc.de alias	2026-01-28 15:31:31 +01:00
June	175df86928	public-web-static: make hamburg.ccc.de the default server	2026-01-27 15:47:14 +01:00
June	62885a0095	public-web-static: to not log ip addresses just disable the access_log	2026-01-27 15:44:25 +01:00
June	193ccedbee	public-web-static: setup cpu.ccc.de with redirects from aliases	2026-01-27 15:36:23 +01:00
June	709afd0a1d	Add cpu.ccc.de to static web host (under cpuccc.hamburg.ccc.de for now)	2026-01-25 20:44:07 +01:00
June	827c469415	forgejo-actions-runner: forgejo-actions-runner is forgejo-runner now Also use package from stable instead of unstable.	2026-01-18 22:49:43 +01:00
June	30b6d54f95	Upgrade to NixOS 25.11 mjolnir seems to be broken.	2026-01-18 22:48:13 +01:00
June	0ea41b3141	remove more hydra-related config	2026-01-18 21:58:56 +01:00
June	e51e631918	flake.lock: Update Flake lock file updates: • Updated input 'nixpkgs': 'github:nixos/nixpkgs/c8aa8cc00a5cb57fada0851a038d35c08a36a2bb' (2025-10-22) → 'github:nixos/nixpkgs/ac62194c3917d5f474c1a844b6fd6da2db95077d' (2026-01-02) • Updated input 'nixpkgs-unstable': 'github:nixos/nixpkgs/02f2cb8e0feb4596d20cc52fda73ccee960e3538' (2025-10-24) → 'github:nixos/nixpkgs/3327b113f2ef698d380df83fbccefad7e83d7769' (2026-01-17) • Updated input 'sops-nix': 'github:Mic92/sops-nix/5a7d18b5c55642df5c432aadb757140edfeb70b3' (2025-10-20) → 'github:Mic92/sops-nix/5e8fae80726b66e9fec023d21cd3b3e638597aa9' (2026-01-18)	2026-01-18 21:45:50 +01:00
June	28d82f149d	status: remove status as it got replaced by a ansible-managed Gatus	2026-01-18 21:09:15 +01:00
June	79952f8c63	hydra: remove hydra as its being decommissioned nix-infra is built back in general, so remove hydra as well.	2026-01-17 22:06:24 +01:00
June	c9e27a5bb6	mjolnir: use cloud-init for network configuration and move to new net. Switch to cloud-init to align with the Ansible infra. Also move to new network and hostname.	2026-01-07 19:20:50 +01:00