c3d2/nix-config
c3d2
/
nix-config
23
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity
707 Commits 6 Branches 0 Tags 9.3 MiB
Commit Graph

480 Commits

Author SHA1 Message Date
Ehmry - d2262715da Add yggdrasil configurations 2021-03-03 22:53:19 +01:00
Ehmry - 535478c160 Flakify freifunk container 2021-02-26 20:23:24 +01:00
Astro f24e6d6700 pulsebert: remove mjpeg-proxy 2021-02-25 17:50:15 +01:00
Astro b9a64af1b6 pulsebert: replace espCam with usb cam 2021-02-25 17:32:24 +01:00
Ehmry - 0098f6a58b Remove hydra 
Proxmox is too congested and broken to host a hydra.
 2021-02-24 14:20:16 +01:00
Ehmry - 6c64ceec62 Put a non-authoritative DHCP server on Pulsebert 
DHCP is an essential service and Pulsebert is more reliable than
anything in proxmox.
 2021-02-24 14:16:42 +01:00
Ehmry - 709d8e278e Flakify dhcp 2021-02-24 14:14:48 +01:00
Ehmry - 7126d09546 Pulsebert: install mpd but not as a service 2021-02-23 20:13:13 +01:00
Ehmry - ec81b6a28d Flakify pulsebert 2021-02-22 13:28:47 +01:00
Ehmry - cc1d97ba4f Flakify glotzbert 2021-02-22 13:13:08 +01:00
Ehmry - c01bf41df1 Remove hail 
Hail is no longer in use
 2021-02-22 12:12:00 +01:00
Ehmry - 6170a9c4e0 Nixfmt everything 2021-02-22 11:45:12 +01:00
Astro 211106cf53 pulsebert: migrate from httpbounder to rust-mjpeg-proxy 2021-02-21 23:44:21 +01:00
Astro ea5c17bd6a pulsebert: extend pulseaudio allowedIpRanges 2021-02-19 16:06:34 +01:00
Sandro - bc3bc98e61
comment out non existend file 2021-02-15 07:55:44 +01:00
Astro 71495bc257 pulsebert: double-proxy the espCam 2021-01-28 01:05:01 +01:00
Astro c06710cf18 freifunk: change sysinfo.json location 
nginx runs with PrivateTmp=yes since NixOS 20.09
 2021-01-06 18:43:54 +01:00
Astro 02095467fb freifunk: restore, rm accidental disk image 2021-01-06 18:17:57 +01:00
Daniel Poelzleithner 696181c97d Allow larger files on octoprint 2021-01-06 17:02:15 +01:00
Daniel Poelzleithner 873a957e52 Merge branch 'master' of ssh://gitea.c3d2.de:2222/C3D2/nix-config into master 2021-01-03 15:00:55 +01:00
Daniel Poelzleithner 256dcd5ec9 Merge branch 'master' of ssh://gitea.c3d2.de:2222/C3D2/nix-config into master 2021-01-03 15:00:33 +01:00
Astro 780919c313 ticker: add exma feeds 2020-12-30 23:37:32 +01:00
Astro af06036cc3 public-access-proxy: rm drkkr.hq.c3d2.de 
haproxy breaks the websockets
 2020-12-11 01:35:56 +01:00
Astro 6048ea42f1 pulsebert: serve drkkr.hq.c3d2.de 2020-12-10 17:26:47 +01:00
Astro f4632a422c pulsebert-access-proxy: add drkkr.hq.c3d2.de 2020-12-10 15:28:25 +01:00
Astro 3379116fc9 public-access-proxy: fix error.hq.c3d2.de.de domain 2020-12-10 15:28:11 +01:00
Astro 44c7b520fe pulsebert: update to nixos-20.09 + working octoprint 2020-12-10 15:24:45 +01:00
Daniel Poelzleithner 60f270224b Merge branch 'master' of ssh://gitea.c3d2.de:2222/C3D2/nix-config 2020-12-09 01:23:45 +01:00
Astro e66639bad9 public-access-proxy: fix haproxy conf syntax 2020-12-03 16:52:12 +01:00
Astro 3475c13a56 public-access-proxy: update haproxy settings to 2.1 2020-12-03 16:48:28 +01:00
Astro dcfa8cda56 public-access-proxy: add error.hq.c3d2.de vhost 2020-12-03 16:22:09 +01:00
Astro 9a01f098f2 ticker: update configuration.nix 2020-12-02 21:32:22 +01:00
Astro 971c267912 glotzbert: remove stale x11vnc-service.nix 2020-11-22 21:26:25 +01:00
Astro 02887763e7 glotzbert: update configuration.nix for 20.09 2020-11-19 17:53:08 +01:00
Astro 633a0e5b8c glotzbert: revert to krops deployment 2020-11-19 17:52:20 +01:00
Daniel Poelzleithner 5f073a7394 update prometheus 2020-11-12 02:31:45 +01:00
Daniel Poelzleithner b4c5afaecc enable sftp on storage-ng 2020-11-11 20:50:46 +01:00
Daniel Poelzleithner 73b7aa33e6 Revert "Remove storage-ng" 
This reverts commit babf880949.
 2020-11-11 20:20:44 +01:00
Daniel Poelzleithner 5f8bdae3a8 update elastic / logging 2020-11-11 20:19:40 +01:00
Ehmry - 2bb9633559 Update flake nixpkgs input to 20.09 2020-10-26 16:06:42 +01:00
Ehmry - 3148381e42 Add cachix to hydra 2020-10-26 16:00:26 +01:00
Ehmry - 7dab4f4c8d Remove server7 2020-10-26 16:00:08 +01:00
Sandro - f7230c5829
deployer: activate autoOptimiseStore 2020-10-18 17:26:21 +02:00
Astro 13f735c0d7 public-access-proxy: add robots.datenspuren.de 2020-09-19 19:15:13 +02:00
bastiion 3202318820 adding a robot to ha-proxy robot1.hq.c3d2.de 2020-09-19 15:30:10 +02:00
Daniel Poelzleithner bf568e9de3 use all mon servers for connecting. use preStart 2020-08-19 00:47:25 +02:00
Daniel Poelzleithner 3913c09782 fix systemd invocation for docker container 2020-08-19 00:30:34 +02:00
Sandro - f121b5d4b2
pulsebert: add k-ot to audio group 
this is needed for pulseaudio
 2020-08-15 19:45:55 +02:00
Ehmry - 7ce33808f2 Use modulesPath where appropriate 2020-08-04 17:16:35 +02:00
Ehmry - 9b04ebedde server7: update yggdrasil peers 2020-08-04 08:52:41 +02:00
Ehmry - c66946030e server7: generate new hardware-configuration.nix 2020-07-29 13:35:13 +02:00
Ehmry - 449a8175f3 server7: aarch64 emulation 2020-07-29 13:27:50 +02:00
Ehmry - 5238abc7a7 server7: disable ceph mount 2020-07-07 20:52:05 +02:00
Ehmry - 91078207fb server7: uncomment systemd.services.docker-ceph-osd-7.serviceConfig 
Wasn't me, I found it this way
 2020-07-07 20:51:45 +02:00
Ehmry - 7e01c98da2 server7: docker-containers.ceph-osd-7? 2020-07-07 20:51:45 +02:00
Ehmry - a3db001870 hosts/containers/dhcp: make dhcp server authoritative 
Make the dhcp server explicitly authoritative before importing
the configuration from the secrets submodule.
 2020-07-07 20:54:22 +05:30
Astro cee19e7e3e spaceapi: disable firewall 2020-06-24 18:30:11 +02:00
Astro 1fe0da3080 pulsebert: deploy with krops 2020-06-21 22:27:17 +02:00
Astro eafa584ee8 pulsebert: remove broken services 2020-06-21 22:26:51 +02:00
Astro 73e129f72a pulsebert: don't let journald write to fs 2020-06-21 22:26:30 +02:00
Astro a376aaad01 glotzbert: setup 2020-06-19 19:32:53 +02:00
Astro f8e232b2e4 add new pulsebert 2020-06-19 19:05:46 +02:00
Astro 611dabf653 server7: move yggaddr.nix out to shared lib/ directory 2020-06-19 18:20:10 +02:00
Astro 03a7ab421e rename pulsebert to glotzbert 2020-06-19 18:12:42 +02:00
Ehmry - 0a196b0d80 server7: serve nix-serve on yggdrasil 2020-06-05 19:53:54 +02:00
Ehmry - 6ac2a2c6d4 Add static IPv4 to storage.hq 2020-06-05 19:45:16 +02:00
Astro 30b5584555 scrape: DRY 2020-06-04 01:18:06 +02:00
Astro 39562676b2 scrape: add freifunk node 1099 2020-06-03 17:20:18 +02:00
Daniel Poelzleithner 6c1cec431c add osd.7 on server7 2020-05-25 01:55:04 +02:00
Astro 9de52f1c4f freifunk: forward port 53 2020-05-24 22:33:07 +02:00
Astro e5c1afdb6c dnscache: allow query by freifunk range 2020-05-24 22:32:48 +02:00
Astro c45a087dfd freifunk: update to accommodate sysinfo changes in ffdd-server.git 2020-05-24 21:58:43 +02:00
Astro e967ee77cb dn42: fix tun interfaces 2020-05-24 18:37:06 +02:00
Astro 8a97a1c08a dn42: DRY address6 2020-05-24 02:05:51 +02:00
Astro 243406e499 dn42: remove obsolete quagga pkg 2020-05-24 01:34:00 +02:00
Astro d6842d607f update grafana influxdb address 2020-05-23 02:35:29 +02:00
Astro ef2f20658c kibana: tidy proxy url 2020-05-23 02:35:16 +02:00
Astro d69eee2b75 containers/kibana: init 2020-05-23 01:17:16 +02:00
Astro 672c8e5b13 public-access-proxy: add kibana.hq.c3d2.de 2020-05-22 20:30:30 +02:00
Astro c3beabc363 public-access-proxy: fix addresses 2020-05-22 19:11:41 +02:00
Astro f80c07aaa3 public-access-proxy: move to serv subnet 2020-05-22 19:07:07 +02:00
Astro d90d5f428d grafana: close signup 2020-05-22 18:34:26 +02:00
Astro a2f05a1699 public-access-proxy: add grafana, kibana 2020-05-22 18:24:37 +02:00
Astro ab38d328b7 grafana: switch to serv subnet 2020-05-22 18:07:39 +02:00
Astro dcaa765651 grafana: switch to serv subnet 2020-05-22 17:56:30 +02:00
Astro 412bd84abd spaceapi: rm default-gateway.nix 2020-05-22 17:53:16 +02:00
Astro 95b8272413 static ipv4 configuration for containers in the serv subnet 2020-05-22 17:24:56 +02:00
Ehmry - 61f134d91f server7: disable radvd default route 
Radvd is not enabled, this is for purposes of documentation.
 2020-05-21 13:54:09 +05:30
Daniel Poelzleithner e179dbe0f7 Merge branch 'master' of ssh://gitea.c3d2.de:2222/C3D2/nix-config 2020-05-15 10:46:58 +02:00
Astro f3ae530506 scrape: add freifunk node 1891 2020-04-30 20:59:11 +02:00
Astro aae6da4299 scrape: update freifunk node 2020-04-29 22:24:23 +02:00
Astro fa3e90f23f dn42: fix command syntax 2020-04-24 20:55:43 +02:00
Astro 2a039a3b3c dn42: fix wireguard pointopoint route 2020-04-24 20:54:50 +02:00
Astro 07779f2ff8 dn42: fix wireguard pointopoint route 2020-04-24 20:48:31 +02:00
Astro b28eb471f8 dn42: fix wireguard pointopoint routes 2020-04-24 20:42:52 +02:00
Astro 5e34762669 dn42: set wireguard.allowedIPsAsRoutes=false 2020-04-24 20:38:35 +02:00
Astro e9818d55c7 dn42: fix 2020-04-24 19:41:55 +02:00
Astro 150fd52178 dn42: make wireguard.endpoint optional 2020-04-24 19:40:49 +02:00
Astro ea275446d5 dn42: fix wireguard 2020-04-24 19:28:37 +02:00
Astro 68f6b337c9 dn42: fix wireguard 2020-04-24 19:20:41 +02:00
Astro 52387b4db7 dn42: implement wireguard 2020-04-24 19:15:28 +02:00
Ehmry - 2fc4716870 server7: remove missing collectd plugins 
Something happened to collectd between 19.09 and 20.03
 2020-04-24 10:14:37 +02:00
Ehmry - 9b5b7432ca server7: update hydra revision 2020-04-24 10:14:08 +02:00
Ehmry - b390162f36 hosts/hydra: upgrade to 20.03, use server7 builder 2020-04-24 13:41:35 +05:30
Astro ac0bc652c5 freifunk: announce being a bmxd gateway 2020-04-23 20:13:32 +02:00
Astro 8adb86f47a freifunk: improve nat rules 2020-04-23 20:13:18 +02:00
Astro 4ee1e24064 server7/storage: add git+borg to systemPackages 2020-04-23 18:46:35 +02:00
Astro 461a5680fd remove lib/hq.nix remnants 2020-04-23 18:45:53 +02:00
Astro 25c0c05a5a freifunk: DRY 2020-04-23 18:44:40 +02:00
Astro cc10aadbbb freifunk: disable nginx proxy_buffering 2020-04-23 18:44:25 +02:00
Astro 3d5fdf0a28 scrape: add freifunk_node 1176 2020-04-23 18:43:39 +02:00
Ehmry - 6882367df8 Consolidate yggdrasil to c3d2.hq.yggdrasil.enableGateway 
Move the server7 hydra proxy to a container. The yggdrasil
addresses for containers has changed now. Add yggdrasil
mappings to /etc/hosts.
 2020-04-21 17:27:14 +05:30
Ehmry - 2249553661 server7: Move hydra proxy to a container 2020-04-21 17:27:14 +05:30
Ehmry - a1656f9553 server7: use sotest hydra flake 2020-04-21 17:27:14 +05:30
Ehmry - c0970654bb server7: add Nix signing post-build-hook 2020-04-21 17:27:14 +05:30
Astro d2f65be2e4 freifunk: shorten services.nginx.virtualHosts 2020-04-17 03:18:34 +02:00
Astro 6f16c99c38 freifunk: doc 2020-04-17 02:14:14 +02:00
Astro b163f350de scrape: remove luftdaten 2020-04-17 02:13:12 +02:00
Astro 7260bbe3c6 scrape: fix freifunk node 1768 addr 2020-04-17 02:12:57 +02:00
Astro bd1a109a9c freifunk: fix index.html encoding 2020-04-17 02:11:05 +02:00
Astro 80273f027e freifunk: serve sysinfo-json.cgi 2020-04-16 22:46:37 +02:00
Astro f5e258382e freifunk: advertise whole freifunk/15 in ospfv2 2020-04-16 22:45:57 +02:00
Astro 464c8169d5 freifunk: tmpOnTmpfs = true 2020-04-16 22:45:39 +02:00
Astro 22a6a7d13c scrape: replace freifunk node 1176 with 1768 2020-04-16 22:44:46 +02:00
Astro 02fa9225a1 scrape: scrape freifunk_nodes 2020-04-15 02:03:48 +02:00
Astro cc0761579f freifunk: add nginx 2020-04-14 20:58:29 +02:00
Astro 89cad8060a freifunk: configure ipv6 2020-04-14 20:58:29 +02:00
Astro 09ff8fc7cd freifunk: add collectd plugin `protocols' 2020-04-14 20:58:29 +02:00
Ehmry - 2ec4213eb6 Add Nixos module to flake, make check pass 2020-04-14 12:12:13 +05:30
Ehmry - b23ed3c746 server7: update hardware config to avoid boot failure 
If the boot fails, just hit CTRL-D
 2020-04-13 13:03:27 +02:00
Ehmry - 6c84fc4ebf server7: switch to flake, re-enable hydra 2020-04-13 13:01:48 +02:00
Ehmry - cf11f394b9 server7: add borg backup 2020-04-13 13:00:51 +02:00
Ehmry - ac3663a4d4 server7: add nvme mountpoints 2020-04-13 13:00:51 +02:00
Ehmry - ba13bda063 server7: hydra-dev, zfs support, fixed dhcp id 2020-04-13 13:00:49 +02:00
Astro 840a3eedd7 freifunk: fix bmx-lookback netmask 2020-04-13 01:14:56 +02:00
Astro edf243176b dnscache: add more directly forwarded zones 2020-04-13 01:14:47 +02:00
Astro 370b0c92c5 dnscache: fix reverse forward-zone switcheroo 2020-04-12 23:40:06 +02:00
Astro a12ddfb3c3 dnscache: remove unreachable fd42 forward addrs from unbound, use ssl only for . 2020-04-12 23:30:00 +02:00
Astro f1662e06ef dnscache: use static address 
it moved o_0

TODO: exlude this address from dhcp!
 2020-04-12 23:29:13 +02:00
Astro bd86de8c39 dnscache: try fixing unbound 2020-04-12 22:43:58 +02:00
Astro 4e349e469a dnscache: try fixing unbound 2020-04-12 22:18:07 +02:00
Astro c3792f16ce freifunk: setup all the correct details 2020-04-12 03:34:10 +02:00
Astro d589cba320 dnscache: add freifunk forward-zones 2020-04-12 03:05:55 +02:00
Astro 9533957525 add containers/freifunk 2020-04-11 00:32:40 +02:00
Astro 202efe3a07 add containers/freifunk 2020-04-05 02:31:57 +02:00
Astro 8c8ce01820 containers/scrape: add scrape-{fhem,matemat} 2020-04-04 04:29:04 +02:00
Astro 3feed02e45 containers/scrape: scrape luftdaten 2020-04-04 01:39:01 +02:00
Astro 95c33dc243 containers/ledstripes: deploy ledball 2020-04-04 00:56:53 +02:00
Astro c38882d07e containers/scrape: setup xerox scraping 2020-04-04 00:06:59 +02:00
Astro dcc281d2e0 krops.nix: init with new containers/{ledstrips,scrape} 2020-04-03 22:49:45 +02:00
Ehmry - 35d7ff5e9f Pulsebert: add k-ot to wheel group 2020-03-25 23:33:38 +05:30
Astro 7a3059a084 hosts/containers/mucbot: user 2020-03-09 23:37:19 +01:00
Astro 5b2a67ac47 hosts/containers/mucbot: group 2020-03-09 23:33:45 +01:00
Astro 1f975bf976 hosts/containers/mucbot: user/group 2020-03-09 23:30:48 +01:00
Astro f398e09440 hosts/containers/mucbot: also join international@chat.c3d2.de 2020-03-09 22:30:55 +01:00
k-ot 02e64a8f80 Remove lib/mpd.nix, configure pulsebert directly 2020-02-28 20:28:31 +00:00
k-ot 1f5a5272c4 Pulsebert: disable getty on the ncmpcpp tty 2020-02-22 16:25:25 +01:00
Ehmry - ffdecafac7 Remove this miserable nix.distributedBuilds shit 2020-02-22 15:54:52 +01:00
Astro a255f545e3 server7: fix the bridge 2020-01-26 22:36:37 +01:00
Astro 0059e75b0b server7/samba: move around 2020-01-26 22:20:37 +01:00
Astro b3112f6ea5 server7/samba: use DHCP 2020-01-26 22:19:29 +01:00
Astro 057529f14f server7/samba: fix guest account 2020-01-26 22:15:10 +01:00
Astro e1ed8caa85 server7: move samba from storage to samba container 2020-01-26 22:12:22 +01:00
Astro 3f1934c2b3 server7/containers: add samba 2020-01-26 22:08:42 +01:00
Ehmry - 9d4376600a Make storage writeable 2020-01-26 22:05:44 +01:00
Astro b2f5af9abe server7/storage: enable nginx webdav 2020-01-26 22:00:29 +01:00
Ehmry - babf880949 Remove storage-ng 2020-01-26 21:55:22 +01:00
Ehmry - 2d2aac6df0 Enable SFTP on storage 2020-01-26 21:55:22 +01:00
Ehmry - aee7e8651c Mover storage-ng to server7/storage 2020-01-26 19:25:07 +01:00
Ehmry - a4fefb7251 Move samba to server7 2020-01-26 19:25:07 +01:00
Ehmry - 5a39119e2e Move nfs from storage-ng to server7 2020-01-26 18:37:24 +01:00
Ehmry - c96d71e06a Server7/ncdc: colllect statistics 2020-01-26 18:28:48 +01:00
Ehmry - ed3670aeba Move ncdc from storage-ng to server7 2020-01-26 18:03:51 +01:00
Ehmry - 9e91b7c21e Move user configuration into c3d2 module 2020-01-26 18:03:37 +01:00
Ehmry - 6033155062 Move mpd-index to Server7, c3d2.hq.enableMpdProxy 2020-01-26 14:10:10 +01:00
Ehmry - d17a7e01e9 Server7: define container options within per-container configs 2020-01-26 14:10:10 +01:00
Ehmry - 76145d112d Server7: mount cephfs at /srv/ceph 2020-01-26 13:12:08 +01:00
Ehmry - 27df1c21ba Add ehmry to storage-ng 2020-01-26 13:11:59 +01:00
Ehmry - 65bff74538 Server7: stop building with other hydra, new nix-serve keys 2020-01-26 12:17:18 +01:00
Ehmry - c03a6ea7c0 Glotzbert: remove memtest 2020-01-20 17:32:13 +01:00
Ehmry - 84e7a38024 Hail fixup 2020-01-20 17:32:09 +01:00
Ehmry - 0878859b17 Hydra: disable firewall 
Firewalls are only for poorly configured systems running insecure
services.
 2020-01-20 17:06:14 +01:00
Ehmry - 275e1696ae Pulsebert ncmpcpp on tty1 2020-01-20 16:47:32 +01:00
Ehmry - f761c4a5d1 Glotzbert: remove broadcom firmware 
Hail cannot build this.
 2020-01-20 15:36:23 +01:00
Ehmry - 9f2af93778 Add glotzbert to host registry, add static IPv6 address 2020-01-20 15:17:03 +01:00
Ehmry - 39cef2da1d Move mpd console to tty9, run as k-ot 2020-01-20 14:58:41 +01:00
Ehmry - 654f2ecf1f Move hail into the c3d2 module 2020-01-20 14:58:41 +01:00
Ehmry - b60c3cc13b Server7: build on localhost and hydra 2020-01-18 18:49:56 +01:00
Ehmry - 9675463d96 Server7: remove Tox bootstrap container 
There is a Tox bot running on this machine that acts as a DHT node
and provides fast local discovery.
 2020-01-18 18:49:56 +01:00
Ehmry - 80fa2d745f Pulsebert: run ncmpcpp on tty0 2020-01-18 18:04:58 +01:00
Ehmry - f82f1ab323 Hydra: remove localhost from nix build machines 
Localhost is used implicitly.
 2020-01-18 17:37:47 +01:00
Ehmry - 9d43c8617e Add emery user to pulsebert 2020-01-18 16:25:26 +01:00
Ehmry - 5d2c1b64e3 Server7: remove distributed builds to hydra.hq 2020-01-17 11:10:45 +01:00
Winzlieb - 79b7d5c662 Add windsleep shell to hydra and server7 2020-01-17 11:08:22 +01:00
Daniel Poelzleithner e2fde98b71 add docker 2020-01-06 19:57:36 +01:00
Ehmry - 7d92e8cae9 hydra: create TUN device when starting yggdrasil 2019-12-24 05:35:08 +00:00
Astro 3c49f9b3bd hydra: add blanket allowed-uris to ease fetching and building 
wouldn't work even with sha256 passed to builtins.fetchTarball
 2019-12-17 18:34:29 +01:00
Astro 7a80aedadc server7: rm conflicting nix.maxJobs 2019-12-13 19:50:43 +01:00
Astro 05ce0e78d0 hydra, server7: increase maxJobs from 4 to 10 2019-12-13 19:49:07 +01:00
Astro 2e2fa3b8f1 lxc: progress, nixcloud-webservices 2019-12-09 22:52:53 +01:00