federez/nix
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
95 commits 1 branch 0 tags 846 KiB
Commit graph

62 commits

Author SHA1 Message Date
Jeltz
3a0e09f330
forgejo: add asciidoc support 2025-08-02 18:48:46 +02:00
Jeltz
b2b74ecf5d
sysadmin: add Gamma 2025-07-06 23:06:48 +02:00
Jeltz
c8a1985d96
Merge branch 'master' of git.federez.net:federez/nix 2025-07-06 23:05:03 +02:00
Jeltz
495f51725b
monitoring: fix typo + increase threshold for load5 alert 2025-07-06 23:03:08 +02:00
Jeltz
4e6513466f
monitoring: add support for Alert list visualisation in Grafana 2025-07-06 23:02:21 +02:00
asyncnomi
00312a3ffb use colmena name instead of networking.hostName 2025-07-05 18:53:44 +02:00
Sic mundus creatus est
873479d893 more generic approach, but stills limited to vogon, for the forgejo profile 2025-07-01 22:26:25 +02:00
asyncnomi
ea4d89eedc increase client body limit to 1GB 2025-06-23 22:35:37 +02:00
asyncnomi
19b2eb37e5 dual ip for forgejo, remove nft 2025-06-23 00:45:00 +02:00
asyncnomi
18c721bd99 rekey, fix some forgejo issue 2025-06-22 21:28:12 +02:00
asyncnomi
972693e5eb add forgejo conf 2025-06-22 20:04:01 +02:00
asyncnomi
1ce8f529ee add some secrets & asyncnomi key to sysadmin 2025-06-22 01:15:31 +02:00
Jeltz
a1c4879a38
sysadmin: add asyncnomi's ssh key 2025-06-21 23:39:03 +02:00
Jeltz
b8a6cbfeb5
bug: fix borgmatic when no pgsql + vogon wg secret path 2025-06-21 23:14:39 +02:00
Jeltz
5c4df54d2c
Merge branch 'master' of gitlab2.federez.net:federez/nix 2025-06-21 12:00:25 +02:00
Jeltz
10f55b04ca
refactor host/guest profiles + add niangon 2025-06-21 11:55:11 +02:00
Jeltz
698bde5856
monitoring: refactoring + blackbox 2025-06-21 11:51:39 +02:00
asyncnomi
342b9a17c6 me cannot see 2025-06-19 21:29:22 +02:00
asyncnomi
9517f24d6f add gitlab url to point to its fqdn, add asyncnomi keys for agenix 2025-06-19 21:11:12 +02:00
Jeltz
59789595d1
monitoring: cleanup rules + NodeLastBorgmaticTooOld 2025-04-07 20:29:09 +02:00
Jeltz
c7b9a8d839
fix(infra): typo enabled → enable 2025-04-07 20:29:09 +02:00
Jeltz
8129b26c4c
add backups + fix appservice-irc media proxy 2025-04-07 20:29:05 +02:00
Jeltz
d672a1d1ee
gitlab: store secrets in age 
Signed-off-by: Jeltz <jeltz@federez.net>
 2025-04-05 21:27:02 +02:00
Jeltz
a64b34810d
wip: nixpkgs versions + infra network + monitoring 
Signed-off-by: Jeltz <jeltz@federez.net>
 2025-04-05 21:26:29 +02:00
Jeltz
01b5a0fe25
Bump version + minor cleanups 
Signed-off-by: jeltz@federez.net
 2025-04-05 21:25:28 +02:00
Jeltz
09d82c6b88
wip: add vogon + many other things 
Added lots of things done in a hurry following the dodecagon failure.

Signed-off-by: Jeltz <jeltz@federez.net>
 2025-04-05 21:22:50 +02:00
Jeltz
a184d18f4b
WIP: add grafana & victoriametrics 2025-04-05 21:19:37 +02:00
Jeltz
5d32735063
indico: use systemd-creds 
Signed-off-by: Jeltz <jeltz@federez.net>
 2025-04-05 21:19:36 +02:00
Jeltz
e47358876e
indico: update profile with age passwords 
Signed-off-by: Jeltz <jeltz@federez.net>
 2025-04-05 21:19:35 +02:00
Jeltz
abbafb082d
indico: wip: create module 
Signed-off-by: Jeltz <jeltz@federez.net>
 2025-04-05 21:19:34 +02:00
Jeltz
d12f9d91d1
WIP: Add indico profile + required packages 
Signed-off-by: Jeltz <jeltz@federez.net>
 2025-04-05 21:19:32 +02:00
Jeltz
817aab82b6
discourse: add mail config and somme plugins 
Signed-off-by: Jeltz <jeltz@federez.net>
 2025-04-05 21:19:32 +02:00
Jeltz
7491e221d3
discourse: init (wip) 
Incomplete installation of Discourse on pendragon.

Missing in particular are emails (both outgoing and incoming).

Signed-off-by: Jeltz <jeltz@federez.net>
 2025-04-05 21:19:31 +02:00
Ryan Lahfa
61ed6e9571
profiles/sysadmin: move to Lix, purge journald to 512M, add GC/NGINX/net optimizations 
This should reduce some churn.

Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2025-04-05 21:19:31 +02:00
Ryan Lahfa
918610b56e
sources: bump & address deprecations 
Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2025-04-05 21:19:30 +02:00
Ryan Lahfa
c3844094b2
profiles/wayf: further wip work 
Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2025-04-05 21:19:30 +02:00
Ryan Lahfa
3b6c3f6d70
profiles/gitlab: init 
Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2025-04-05 21:19:25 +02:00
Jeltz
d595fc2c1f
admins: enroll Jeltz 
Jeltz est membre d'Aurore et du bureau de FedeRez.

Signed-off-by: Jeltz <jeltz@federez.net>
 2024-08-08 16:17:19 +02:00
Benjamin Somers
69130134cd irc-bot: reduce reply threshold 2024-02-15 16:43:43 +00:00
Ryan Lahfa
0355dd4b80 admins: enroll Tom Hubrecht 
Tom Hubrecht est un sysadmin / membre d'honneur de la DGNum, membre du CA d'AliENS.

Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2024-02-14 21:10:57 +01:00
Ryan Lahfa
a4ab0fce56 profiles/auditd: enable on all systems 
Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2024-02-14 20:40:47 +01:00
Ryan Lahfa
4fbfa50b10 profiles/sysadmin: do not log refused connections 
Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2024-02-14 20:40:38 +01:00
Ryan Lahfa
cb13a67c63 profiles/federez: add Federez MOTD for NixOS systems 
Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2024-02-14 20:40:31 +01:00
Ryan Lahfa
0a637e5079 profiles/ldap: init 
Phew, this is working?

Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2024-02-14 20:40:20 +01:00
Ryan Lahfa
4a043d6fb5 profiles/wayf: init work (wip) 
This is a very early version of the deployment, it doesn't work due to… PHP versions issues?

Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2024-02-14 04:17:49 +01:00
Ryan Lahfa
c9fe2f098b profiles/telegram: show notices from @klingon:federez.net 
The bot send updates about the monitoring.

Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2024-02-14 04:17:21 +01:00
Ryan Lahfa
600db7dd56 monitoring: stream children to klingon 
automagically.

more security will be nice for IP allowlists using their exact IPv4 in the future.

Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2024-02-14 04:09:52 +01:00
Ryan Lahfa
1cd73831d4 profiles/matrix: add sqlite to explore databases 
god…

Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2024-02-14 04:09:09 +01:00
Ryan Lahfa
e938475a17 profiles/netdata: open 19999 
Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2024-02-14 01:13:10 +01:00
Ryan Lahfa
b47ddc76b0 pkgs: init switchwayf 
Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
 2024-02-14 01:13:10 +01:00