Commit graph

121 commits

Author SHA1 Message Date
echtnurich f6b424fa7a
add yate service for autostart
introduce /etc/yate, clone/reset on service start

Fix config via git

make yate systemd service

create yate service user

recreate the full config everytime

decolour the log because of blob data

make sure source is available before deleting config

change yate-config repo

fix yate deploy key

fix yate-config not pulling
2024-11-17 21:41:16 +01:00
christian 579b63fe89
Update authorizedKeysRepo rev in common/users.nix
to add echtnurich secondary device key
2024-06-08 21:39:24 +02:00
June ef1710b09f
Configure basic yate host 2024-06-08 20:18:59 +02:00
June 46e43e51aa
Add deployment_configuration to make deployment using infra-rebuild work
Also document usage of infra-rebuild and its configuration file.
2024-06-08 19:57:40 +02:00
June 9d7f9d0ec8
Emulate aarch64-linux on nix-box-june to be able to build aarch64 pkgs 2024-06-06 20:17:00 +02:00
June 41f04732c2
Switch from colmena to standard nixosConfigurations
Those can then be deployed using for example nixos-rebuild or bij.
Also ensure all hosts have an fqdn, where possible, in order for bij to
be able to work with them more easily. Tho not really, since for actual
deployment one still needs to set the target manually to set usage of
the colmena-deploy user.

https://git.clerie.de/clerie/bij
2024-05-27 01:43:53 +02:00
June a7541eefa8
Add tools and other stuff for a more comf. admin enviorn. on the hosts 2024-05-26 18:32:55 +02:00
June 58ec317b02
Use IP address for eh22-wiki, which isn't already in use 2024-05-26 18:00:20 +02:00
June 7c7da0db05
Add a nix box managed by June
Every admin can login as its own user with the keys listed here:
https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/src/branch/trunk/authorized_keys
2024-05-26 14:39:28 +02:00
June 3aae597752
Switch the public-web-static hosts secret mngmt from colmena to sops-nix 2024-05-26 03:49:43 +02:00
June dc439abefe
Switch the netbox hosts secret management from colmena to sops-nix 2024-05-26 03:14:31 +02:00
June 154edc1972
Switch the matrix hosts secret management from colmena to sops-nix 2024-05-26 03:01:34 +02:00
June 361ccac69f
Switch the forgejo-actions-runners secret mngmt from colmena to sops-nix 2024-05-26 02:50:08 +02:00
June 88e3da11a6
Introduce sops and sops-nix for secret management
Use the GPG keys used for the password-store noc directory for the admin
keys.
Switch the git hosts secret management from colmena to sops-nix.

https://github.com/getsops/sops
https://github.com/Mic92/sops-nix
2024-05-25 16:47:34 +02:00
June eab3523033
Make MPD be put into pause mode instead of start. playback after startup 2024-05-23 22:25:32 +02:00
June ca816ba50b
flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/722b512eb7e6915882f39fff0e4c9dd44f42b77e?narHash=sha256-3yh0nqI1avYUmmtqqTW3EVfwaLE%2B9ytRWxsA5aWtmyI%3D' (2024-04-22)
  → 'github:nix-community/nixos-generators/d14b286322c7f4f897ca4b1726ce38cb68596c94?narHash=sha256-iqQa3omRcHGpWb1ds75jS9ruA5R39FTmAkeR3J%2Bve1w%3D' (2024-05-20)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/8a4282c38b6cbea9f0989c0eafc6ce1837a26442?narHash=sha256-t1t39%2B9F0NSrUQQsvrQ0Ym/BfnOtjgXnJVn8daI3968%3D' (2024-05-13)
  → 'github:nixos/nixpkgs/dff68ababdd2c2616d03f26546ba632f5f09d3c6?narHash=sha256-e4pjcLqe1Dexz7enk/%2Bui0aVdcoSiWnrTGjk7KLtAPw%3D' (2024-05-22)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/7ed944be63682d0c5bc37e66f3c997390d0bbd8e?narHash=sha256-ncgLV/zSzXGx8XXEM8QlovDftzzcV11MnLeRUL63Szw%3D' (2024-05-13)
  → 'github:nixos/nixpkgs/2ee89d5a0167a8aa0f2a5615d2b8aefb1f299cd4?narHash=sha256-2eh7rYxQOntkUjFXtlPH7lBuUDd4isu/YHRjNJW7u1Q%3D' (2024-05-23)
2024-05-23 21:25:22 +02:00
June 475ab8cc66
Configure EH22 Wiki 2024-05-17 20:42:48 +02:00
June 320f4afb4a
flake.lock: Update
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/d4df7c26d03e94dbdabbd350cb89c9565cae07bb?narHash=sha256-TFRzgAjRgwXpDucaPZfVz9mRyH2wGM6oYABe1q/20iI%3D' (2024-04-22)
  → 'github:nixos/nixpkgs/8a4282c38b6cbea9f0989c0eafc6ce1837a26442?narHash=sha256-t1t39%2B9F0NSrUQQsvrQ0Ym/BfnOtjgXnJVn8daI3968%3D' (2024-05-13)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/de52a47e961d45f6a8c7f9f086c60ff89ecdddaf?narHash=sha256-HLpr4EgxIRB1UJCpupvF%2BAi8pFa93BJh8anPJ68FwOI%3D' (2024-04-22)
  → 'github:nixos/nixpkgs/7ed944be63682d0c5bc37e66f3c997390d0bbd8e?narHash=sha256-ncgLV/zSzXGx8XXEM8QlovDftzzcV11MnLeRUL63Szw%3D' (2024-05-13)
2024-05-14 03:46:01 +02:00
June c378fc64c6
Deploy shairport-sync with more verbosity for easier debugging 2024-04-28 19:51:45 +02:00
June c96486aa91
Let MPD mix the audio itself to work around PW/WP restore bug
jtbx discovered that MPD is using the Pipewire stream volume for volume
control, but that when Pipewire/Wireplumber restores the stream volumes
on restart, it wrongly assigns the MPD stream volume to the Shaireport
Sync stream as well.
Work around that bug by making MPD mix itself and not through
Pipewire/Wireplumber.
2024-04-27 23:28:31 +02:00
June 14bbdea9dc
Add MPD to audio service module 2024-04-23 19:12:16 +02:00
June 856c4ac696
flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/d942db8df8ee860556a38754f15b8d03bf7e6933?narHash=sha256-yYlxv1sg/TNl6hghjAe0ct%2B/p5PwXiT1mpuaExjhR88%3D' (2024-04-08)
  → 'github:nix-community/nixos-generators/722b512eb7e6915882f39fff0e4c9dd44f42b77e?narHash=sha256-3yh0nqI1avYUmmtqqTW3EVfwaLE%2B9ytRWxsA5aWtmyI%3D' (2024-04-22)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/6ec8515bc79f396159a67b2ed8012b2e988d9dc6?narHash=sha256-x4RVSeo0qq099PEdCOGHrJ/mpUKIhTCJDTy4hI1U%2BGs%3D' (2024-04-14)
  → 'github:nixos/nixpkgs/d4df7c26d03e94dbdabbd350cb89c9565cae07bb?narHash=sha256-TFRzgAjRgwXpDucaPZfVz9mRyH2wGM6oYABe1q/20iI%3D' (2024-04-22)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/bc59f72803cf40fb50f05cb73068d85b5ce21297?narHash=sha256-goBKZ4CKodTfkKaEGhpYOz545gnXmLfmn8gjiq7PLpU%3D' (2024-04-14)
  → 'github:nixos/nixpkgs/de52a47e961d45f6a8c7f9f086c60ff89ecdddaf?narHash=sha256-HLpr4EgxIRB1UJCpupvF%2BAi8pFa93BJh8anPJ68FwOI%3D' (2024-04-22)
2024-04-22 21:13:11 +02:00
June bc6af32a36
Update spaceapid to latest commit and use correct logo URL 2024-04-15 17:07:50 +02:00
June b229494eac
flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/bef32a05496d9480b02be586fa7827748b9e597b?narHash=sha256-803UIoB8%2BvGkm/VK/g55aBAAOf/ncTGvxXyjTF4ydm0%3D' (2024-03-08)
  → 'github:nix-community/nixos-generators/d942db8df8ee860556a38754f15b8d03bf7e6933?narHash=sha256-yYlxv1sg/TNl6hghjAe0ct%2B/p5PwXiT1mpuaExjhR88%3D' (2024-04-08)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/7873d84a89ae6e4841528ff7f5697ddcb5bdfe6c?narHash=sha256-jLBZmwXf0WYHzLkmEMq33bqhX55YtT5edvluFr0RcSA%3D' (2024-03-03)
  → 'github:nix-community/nixpkgs.lib/3c62b6a12571c9a7f65ab037173ee153d539905f?narHash=sha256-K6IkdtMtq9xktmYPj0uaYc8NsIqHuaAoRBaMgu9Fvrw%3D' (2024-04-07)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/fcaa81ed3c273237217330cf342ef1873b77c80a?narHash=sha256-LW84B4vM1cn7E6cDNQn2LndT9iJXI1dRE5fwbNFbQa8%3D' (2024-03-09)
  → 'github:nixos/nixpkgs/6ec8515bc79f396159a67b2ed8012b2e988d9dc6?narHash=sha256-x4RVSeo0qq099PEdCOGHrJ/mpUKIhTCJDTy4hI1U%2BGs%3D' (2024-04-14)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/e389a1133d14925b942e0ad76ce75f32637db20d?narHash=sha256-W3KoCToX0gnwpZARkRteYd8Ns0Kie3C4u057YepUP5I%3D' (2024-03-09)
  → 'github:nixos/nixpkgs/bc59f72803cf40fb50f05cb73068d85b5ce21297?narHash=sha256-goBKZ4CKodTfkKaEGhpYOz545gnXmLfmn8gjiq7PLpU%3D' (2024-04-14)
2024-04-14 18:50:13 +02:00
June c97f169b77
Add print server for label printer to have it easily usable via SSH
Add and configure a print server for the Brother P-touch QL 500 label
printer, so that it can be easily used via SSH.

Do the following to make that work:
- Configure the print server host.
- Package printer-driver-ptouch to have a working driver for the label
  printer.
- Configure CUPS.
- Add a script "forcecommand-lpr-wrapper", which works together with the
  ForceCommand sshd_config option and wraps lpr to provide an easy
  interface to use the Brother QL 500 label printer via SSH.
- Add a print user and configure SSH to have the
  "forcecommand-lpr-wrapper" script accessible without a password using
  the print user via SSH.
2024-04-14 18:46:51 +02:00
christian 6a0218c132
Serve old easterhegg pages from public-web-static.
The old easterhegg pages from 2003, 2005, 2007, 2009, 2011 are served on the
easterhegg.eu domain and all old subdomains under hamburg.ccc.de
redirect to the corresponding pages under easterhegg.eu
2024-03-29 16:16:13 +01:00
June fc5b5bb9b7
flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/f4631dee1a0fd56c0db89860e83e3588a28c7631' (2024-02-22)
  → 'github:nix-community/nixos-generators/bef32a05496d9480b02be586fa7827748b9e597b' (2024-03-08)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/e623008d8a46517470e6365505f1a3ce171fa46a' (2024-02-18)
  → 'github:nix-community/nixpkgs.lib/7873d84a89ae6e4841528ff7f5697ddcb5bdfe6c' (2024-03-03)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/79032939bc8d409bcc16121c4ad694ca862895e4' (2024-02-24)
  → 'github:nixos/nixpkgs/fcaa81ed3c273237217330cf342ef1873b77c80a' (2024-03-09)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/5ab08ad057499977d489f1b378e79d166a684e6c' (2024-02-24)
  → 'github:nixos/nixpkgs/e389a1133d14925b942e0ad76ce75f32637db20d' (2024-03-09)
2024-03-10 03:58:41 +01:00
June 1ad6ac9dc0
Run "nix fmt" to format this entire flake 2024-03-06 22:50:32 +01:00
June 71e1684f76
Add a formatter, which can be used by running "nix fmt"
Use nixpkgs-fmt because what it does closely aligns to this repos
already established conventions and it doesn't do weird stuff.

Also see:
https://nixos.org/manual/nix/stable/command-ref/new-cli/nix3-fmt.html
https://github.com/nix-community/nixpkgs-fmt
2024-03-06 22:50:26 +01:00
fi a5a994f87f
Bump element-web to 1.11.59 2024-03-02 17:22:15 +01:00
June 7ab1563c88
Add entry to public-reverse-proxy for acme challenge for light-werkstatt 2024-03-02 15:40:55 +01:00
June c0142ad1a5
flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/896f6589db5b25023b812bbb6c1f5d3a499b1132' (2024-01-24)
  → 'github:nix-community/nixos-generators/f4631dee1a0fd56c0db89860e83e3588a28c7631' (2024-02-22)
• Updated input 'nixos-generators/nixlib':
    'github:nix-community/nixpkgs.lib/f5af57d3ef9947a70ac86e42695231ac1ad00c25' (2023-09-03)
  → 'github:nix-community/nixpkgs.lib/e623008d8a46517470e6365505f1a3ce171fa46a' (2024-02-18)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/ac0524b807cb04a3e792c0bcc9e853e9a1547aa1' (2024-02-02)
  → 'github:nixos/nixpkgs/79032939bc8d409bcc16121c4ad694ca862895e4' (2024-02-24)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/4f301350dacb4eb0a93578ef3b07c8a996c777e7' (2024-02-03)
  → 'github:nixos/nixpkgs/5ab08ad057499977d489f1b378e79d166a684e6c' (2024-02-24)
2024-02-24 15:51:03 +01:00
June 85951e2e59
flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/ed8ab00e8d92076a7cac1b428881b4d5304bb771' (2024-01-22)
  → 'github:nix-community/nixos-generators/896f6589db5b25023b812bbb6c1f5d3a499b1132' (2024-01-24)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/a1aa4980b64eb5fbfa652da57ed4de92e92be630' (2024-01-21)
  → 'github:nixos/nixpkgs/ac0524b807cb04a3e792c0bcc9e853e9a1547aa1' (2024-02-02)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/8cccce637e19577815de54c5ecc3132dff965aee' (2024-01-22)
  → 'github:nixos/nixpkgs/4f301350dacb4eb0a93578ef3b07c8a996c777e7' (2024-02-03)
2024-02-04 00:21:47 +01:00
fi d8d0236870
Fix indentation 2024-01-28 22:03:15 +01:00
fi 2ae1ad3604
Configure matrix server .well-known delegation 2024-01-28 21:59:08 +01:00
fi 4c0decea4a
Update element-web to 1.11.55 2024-01-28 05:05:53 +01:00
June e18b840d20
Enable offline mode for Forgejo to disable use of CDN and Gravatar 2024-01-24 20:17:59 +01:00
June a0e92ff92a
Give Git an IPv6 2024-01-23 23:24:20 +01:00
June 7ce5c934df
Redirect old feed location to new one for CCCHH website 2024-01-23 19:57:20 +01:00
June c83f1faaa7
Use custom 404 page for hamburg.ccc.de 2024-01-22 23:32:00 +01:00
June 6bb4577a33
flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-generators':
    'github:nix-community/nixos-generators/246219bc21b943c6f6812bb7744218ba0df08600' (2023-12-04)
  → 'github:nix-community/nixos-generators/ed8ab00e8d92076a7cac1b428881b4d5304bb771' (2024-01-22)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/76fc2dd7efd18cb4251db2f35ab6655ee746e961' (2024-01-12)
  → 'github:nixos/nixpkgs/a1aa4980b64eb5fbfa652da57ed4de92e92be630' (2024-01-21)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/391d29cb04fe2ca9a4744c10d6b8a7783f6b0f6d' (2024-01-12)
  → 'github:nixos/nixpkgs/8cccce637e19577815de54c5ecc3132dff965aee' (2024-01-22)
2024-01-22 23:15:57 +01:00
June 1dd8651bda
Update wiki links to point to wiki.hamburg.ccc.de 2024-01-22 23:15:03 +01:00
June 394f4fe562
Deploy new website under hamburg.ccc.de
Make next.hamburg.ccc.de hamburg.ccc.de and add redirects to handle URLs
of the old website deployment properly.
Also redirect the old spaceapi endpoint to the new one.

Add staging.hamburg.ccc.de for hosting upcoming changes (PRs).
Also give it a robots.txt, since its contents don't need to show up in
search engines.

Add www.hamburg.ccc.de and let it redirect to hamburg.ccc.de.
2024-01-22 23:08:38 +01:00
June 485ed0fec2
Use opensearch for code and issue search 2024-01-22 17:59:01 +01:00
June 12c38aac8b
Add CO2 sensors to spaceapid response 2024-01-22 02:05:48 +01:00
June 7fd115ca22
Use new infrastructure-authorized-keys url and latest commit 2024-01-21 04:55:57 +01:00
June aa25b300e3
Fix temperature unit in spaceapid response
See:
https://github.com/SpaceApi/directory/pull/247#pullrequestreview-1825757336
CCCHH/spaceapid#26
https://spaceapi.io/docs/#schema-key-sensors-temperature-unit
2024-01-21 03:54:01 +01:00
June 598e110641
Don't keep artifacts for so long
Keep them for 30 days instead of the default 90.
2024-01-20 21:39:22 +01:00
June f6567bffb2
Use Forgejo 1.21 from NixOS unstable to make Actions work properly
1.21 has scheduled Actions for example, which we need.
2024-01-20 21:34:09 +01:00
June 85c059c75c
Configure new forgejo-actions-runner host
Configure it to host a forgejo-actions-runner capable of handling CI
workloads running on Docker.
2024-01-18 05:03:21 +01:00