e7e4874366
ap64: deploy
2023-02-20 23:30:57 +01:00
c931fced06
config/secrets-production: restore ospf secret
2023-02-20 20:00:17 +01:00
fb69152675
deploy priv46
2023-02-20 19:59:06 +01:00
f7f3ec5b26
Switch to drone
2023-01-29 20:53:08 +01:00
a818cee9b5
Add woodpecker
2023-01-26 00:47:57 +01:00
d6c14b1b0e
Add ledbeere back
2023-01-23 22:49:09 +01:00
d3d82d4807
core: add hosts6.dn42.cls-gw
2023-01-22 01:45:19 +01:00
ae6de7754c
nixos-module/container/bird: revert bgp experiments for now
2023-01-22 01:44:35 +01:00
f2bb5a2735
nixos-module/container/bird: bgp fixups
2023-01-22 01:42:19 +01:00
8869681b28
remove yggdrasil
2023-01-21 02:12:32 +01:00
e618d0caff
replace ospf with bgp
2023-01-20 22:28:12 +01:00
dfd033af25
ap62: update wifi psks
2023-01-20 22:19:21 +01:00
0a72811bbb
serv: replace rc3ticker with oxigraph
2023-01-20 22:16:01 +01:00
cd23dcbc9a
ap62: wiggle priv45 wifi params
2023-01-20 21:45:39 +01:00
89bcddf5e2
serv: add luulaatsch-asterisk
2023-01-18 18:46:47 +01:00
d134e1018c
serv: replace kibana with tmppleroma
2023-01-16 23:49:10 +01:00
e442b21e47
ap37: add priv43 wifi psk
2023-01-13 21:11:31 +01:00
c53321ea5d
ap37: s/priv45/priv43/
2023-01-13 21:09:47 +01:00
28b5fb280b
ap37: add priv45 bridge
2023-01-13 20:15:52 +01:00
a5d68cf467
ap37: add priv43
2023-01-13 17:27:13 +01:00
79afe62977
upstream4: disable NAT reflection for 80+443/tcp
...
enables us to rate-limit properly
2023-01-12 21:57:02 +01:00
d666b3cb27
ap: replace ap39 with ap63
2023-01-04 20:48:12 +01:00
7a872426e7
Cleanup
2023-01-03 03:59:03 +01:00
14bdeccb45
Add glotzbert
2022-12-26 23:48:10 +01:00
b4a363e05d
serv: add kibana ipv6
2022-12-23 20:17:32 +01:00
5041624b6c
vpn: set allowedUpstreams to upstreams with less legal liability
2022-12-23 16:11:37 +01:00
2c1158984d
Add accidentially deleted lines back
2022-12-21 21:44:10 +01:00
a7a5069016
Move mailtngbert to correct subnet
2022-12-20 19:44:53 +01:00
ab8bcc5960
serv: add rc3ticker
2022-12-20 19:36:56 +01:00
4d356a9fe6
Fix formatting
2022-12-20 19:36:25 +01:00
dd7acc41f0
Add pulsebert
2022-12-20 07:28:10 +01:00
465e824add
Add link to nixpkgs PR
2022-12-20 03:48:38 +01:00
6a3d727adb
Add dacbert ip
2022-12-20 03:47:45 +01:00
a510e60e4d
Add config.site.net-combined
2022-12-20 03:47:27 +01:00
0e1ccff6ab
serv: add buzzrelay
2022-12-19 20:19:08 +01:00
bd88928269
Remove mailtngbert from serv subnet
2022-12-19 01:06:26 +01:00
5a3194b23c
Add flpk entry for mailtngbert
2022-12-18 21:47:06 +01:00
5018c8f8c2
Add mailtngbert
2022-12-18 21:04:07 +01:00
66b7479057
ap21: remove outdated prvi39 bridge
...
deploy to make this go away:
> [15321146.921496] priv4: received packet on ext-priv4 with own address as source address (addr:aa:90:4d:48:16:fc, vlan:0)
2022-12-18 03:52:13 +01:00
4f090527d4
upstream4: fix forwardPorts
2022-12-16 19:29:00 +01:00
e926e053a1
upstream4: remove port forwarding for telnet
...
DSI.net is not fond of getting daily mails from BSI-Cert. Hence c3d2-web
moves to flpk IPs.
2022-12-16 18:29:43 +01:00
d0994b7acc
c3d2-web: move from serv to flpk
2022-12-16 18:18:01 +01:00
f00374d157
ap62: fix wlan2-priv45
2022-12-16 15:35:34 +01:00
b3674af31d
core: add priv45-gw
2022-12-14 21:28:36 +01:00
3ce27a8f87
add priv45-gw
2022-12-14 21:19:05 +01:00
9822783932
deploy priv45, ap62
2022-12-14 18:32:45 +01:00
d770e9b28f
upstream4: add telnet port forwarding
2022-12-12 20:57:06 +01:00
db0f881700
flpk: move mastodon from serv
2022-11-30 21:08:23 +01:00
8aa6c5e388
pub: remove flpk-gw from allowedUpstreams for legal reasons
2022-11-30 20:25:16 +01:00
15e1e9fb1c
serv: add mastodon
2022-11-30 00:21:35 +01:00
c529915367
serv: add prometheus
2022-11-27 01:08:19 +01:00
5113cf888d
switch-b3: plug server8
2022-11-24 19:27:55 +01:00
9af9b5fef3
serv: add owncast
2022-11-21 19:28:37 +01:00
f2a3c14c17
config/secrets-production: add wireguard peer
2022-11-21 02:51:58 +01:00
9cb7dbc385
config: move leoncloud from pub to flpk
2022-11-16 00:18:51 +01:00
8b5180bce9
flpk: move caveman from serv
2022-11-09 22:11:45 +01:00
9cad87cfc9
serv: add caveman
2022-11-03 19:29:35 +01:00
fe801a6a48
switch-b3: deploy riscbert
2022-11-01 02:13:05 +01:00
2994c00459
upstream4: use staticIpv4Address in ospf.stubNets4
2022-11-01 01:40:37 +01:00
a2d083963a
c3d2: add static dhcp entry for riscbert
2022-10-31 23:21:39 +01:00
13e0aa216e
nixos-module/container/bird: rework radv router selection
2022-10-23 01:16:18 +02:00
Your Name
f7f4836430
add wireguard client
2022-10-22 23:22:41 +02:00
f4ac3f9edb
nixos-module/container/dhcp-server: make dhcp.router a flat hostName
2022-10-22 22:41:17 +02:00
1fb1d9b38c
serv: add network-homepage
2022-10-22 21:19:38 +02:00
666e8e4439
upstream.nix: remove superfluous forwards to data-hoarder and add forward 51821/udp to data-hoarder-staging
2022-09-27 20:06:07 +02:00
769bc38d89
ap: remove all owe configuration
2022-09-21 20:52:28 +02:00
eab52a59ce
pub: fix hosts4.leoncloud
2022-09-19 23:13:54 +02:00
a0493fe3b0
flpk: add sshlog
2022-09-19 22:39:24 +02:00
4d094ae077
flpk-gw: move to ipv4 network address
...
hacky, but leaves one more address
2022-09-19 19:30:57 +02:00
a113f2d4fa
pub: update leoncloud ipv6 addrs
2022-09-18 22:47:39 +02:00
4ac8db230d
leoncloud: move from serv to pub
2022-09-18 22:33:20 +02:00
491fcda4a9
upstream4: update leon port forwardings to new address
2022-09-18 21:41:31 +02:00
3fbc5577d5
flpk: fix hosts4.leon
2022-09-18 21:34:56 +02:00
ccb5f0e33f
flpk-gw: clean upstream.noNat.subnets6
2022-09-18 21:26:37 +02:00
97dadf4801
ap: turn owe on on 5ghz for all c3d2 aps
2022-09-18 20:44:38 +02:00
2e4f65b3b7
leon: move from serv to flpk
2022-09-18 20:38:10 +02:00
3d26788830
config/secrets-production: fix many more
2022-09-18 20:13:17 +02:00
62d43a47d7
config/secrets-production: fix
2022-09-18 20:05:59 +02:00
ffc4c56730
pub: add flpk subnet
2022-09-18 01:59:14 +02:00
05641a7f74
flpk-gw: implement upstream.noNat.subnets4
2022-09-18 01:42:34 +02:00
7be3b761e6
c3d2-gw1: route over flpk-gw
2022-09-18 01:32:19 +02:00
d5e2307404
flpk: add addresses
2022-09-18 01:29:09 +02:00
c9585041f6
cluster: bridge flpk to server3..10
2022-09-18 01:01:52 +02:00
8ae2a3567e
flpk: add interface flpk
2022-09-18 01:00:20 +02:00
b6ebe0f136
net/flpk: init
2022-09-18 00:17:59 +02:00
1293ab0a75
nixos-module/container/wireguard: make upBandwidth optional
2022-09-18 00:07:10 +02:00
5fc24d2d59
anon1: properly prefer upstream4
2022-09-17 14:20:08 +02:00
bc3f838c80
anon1: prefer upstream3
2022-09-17 14:17:51 +02:00
07face4a33
c3d2: enlarge dhcp range
2022-09-17 11:14:59 +02:00
104352788e
config/secrets-production: update
2022-09-16 22:42:26 +02:00
ef7d4d377d
ap21: redeploy
2022-09-16 22:27:46 +02:00
0d912ec5a1
ap: end the owe experiment in the saal :(
...
was not reliable
2022-09-16 20:27:05 +02:00
3f441fd54e
ap: merge ssid Datenspuren into ZW public again
2022-09-16 20:15:13 +02:00
afeab51ff9
ap: bring back ZW public legacy in the saal
...
change config for an hour and now others expect it to be like this
forever :(
2022-09-16 19:43:00 +02:00
70f63609f6
ap: add explicit ifname for ssids of duplicate nets
2022-09-16 19:19:24 +02:00
0002456abf
options, saal aps: turn ZW public back to no encryption, add ssid Datenspuren for owe
2022-09-16 18:57:16 +02:00
186c9e6db3
switch-ds1, switch-ds2: deploy
2022-09-16 18:39:06 +02:00
52ed3f3b9e
serv: add zengel
2022-09-15 20:07:14 +02:00
6b55e24a25
switch-c1: remove old port
2022-09-14 21:23:37 +02:00
de99179247
switch-c1: deploy ap61
2022-09-14 21:22:23 +02:00
d95c54e3c2
ap: add "ZW public legacy" for some dual-band aps
2022-09-14 17:31:02 +02:00
cff8d37b14
priv44: fix gw typo
2022-09-12 22:53:56 +02:00
60df827767
ap61: prepare
2022-09-12 22:37:42 +02:00
910428ebde
config: add priv44
2022-09-12 21:56:32 +02:00
629decc369
config/secrets-production: update
2022-09-12 18:32:02 +02:00
0ba27a4e0a
serv: add leoncloud
2022-09-05 20:57:25 +02:00
3324eb1ed3
Revert "Update pulsebert MAC"
...
This reverts commit aa9ec2268d
2022-09-03 01:12:01 +02:00
5d7bcf31b2
update port
2022-08-28 00:45:00 +01:00
0fec126f08
add new-port-forward
2022-08-27 15:42:32 +01:00
582f13c303
upstream4: change port forwarding from 777/udp to 8800/udp
2022-08-25 21:38:30 +02:00
cf014d1aac
asecrets-production: update
2022-08-25 21:20:42 +02:00
bd1e42067a
config/net/upstream: fmt
2022-08-25 18:53:18 +02:00
1bc11e35bf
Merge pull request 'master' ( #9 ) from leon/network:master into master
...
Reviewed-on: zentralwerk/network#9
2022-08-25 18:52:43 +02:00
f01d8bd26d
ap42: remove outdated link to ap34
2022-08-24 02:50:12 +02:00
aa9ec2268d
Update pulsebert MAC
2022-08-23 23:56:13 +02:00
d4a2f34f18
nix/nixos-module/container/netboot: merge into c3d2/nix-config host nfsroot
2022-08-22 19:54:07 +02:00
70b7bd00e5
add port upstream vpn-website-
2022-08-20 21:14:18 +01:00
cd7d55247c
add port upstream vpn-website
2022-08-20 21:09:57 +01:00
89df3792d6
Forward ftp to port 22
2022-08-05 22:40:21 +02:00
fa0869b110
Forward port 1022 to ftp
2022-08-05 22:04:32 +02:00
39897ded63
Add factorio.serv
2022-08-05 18:58:22 +02:00
88cadab0f0
entirely remove obsolete upstream1+upstream2 ipv4 subnets
2022-08-05 18:15:00 +02:00
15ab6d744e
vpn-gw: add peer
2022-07-26 20:10:16 +02:00
ec93cdfcda
Add auth
2022-07-22 21:51:13 +02:00
59974b34bc
ap34: swap for ap15
2022-07-19 20:03:34 +02:00
0d6bcab8f2
serv: add ftp
2022-07-16 18:54:20 +02:00
9fda6bc16f
config/secrets-production: update
2022-07-16 01:48:33 +02:00
5b1c0301d5
nixos-module/collectd: add distribution to mqttServer
2022-07-16 01:29:02 +02:00
2ea199f980
serv: add broker
2022-07-16 00:42:38 +02:00
4f033b2b20
switch-b3: make server1 a proper group
2022-07-12 00:23:42 +02:00
1a4714e2de
switch-b3: deploy server1
2022-07-12 00:07:44 +02:00
4dea4cf035
switch-b3: distribute bonds across both stacked switches in the hope for enhanced redundancy
2022-07-11 02:59:45 +02:00
845b55aaed
Add sandro to wireguard
2022-07-10 20:11:10 +02:00
Markus Schmidl
71dece2882
fix typo
2022-07-09 23:58:44 +02:00
Markus Schmidl
87febd07ee
fix typo
2022-07-09 23:19:27 +02:00
Markus Schmidl
9ce3a15fca
upstream4: add port forwarding for data-hoarder and add data-hoarder
2022-07-09 23:09:53 +02:00
6b81111b6d
upstream4: add port forwarding for gnunet
2022-07-06 21:06:34 +02:00
a36ac03dbc
config/net/serv: add gnunet host
2022-07-06 20:57:39 +02:00
ac97ea42cf
config/switch: remove outdated server3 and server5
2022-07-01 01:54:32 +02:00
5c0d8ab858
config/ap: s#platform/qca955x_wmac#platform/ahb/18100000.wmac#
2022-06-30 15:47:29 +02:00
01f5dffa9e
ap15: fix model
2022-06-30 15:41:01 +02:00
c0781ea212
config/ap: s/switch-b[12]/switch-b3/
2022-06-27 22:50:54 +02:00
593e7fefb0
config/secrets: add dummy switch-b3.password
2022-06-27 22:41:50 +02:00
547e0e92d3
pkgs/switches/junos: generate password hash
2022-06-27 22:40:14 +02:00
00c57c88bf
lib/config/options: add assertions for switch links
2022-06-27 22:09:16 +02:00
5a6a5cdeed
switch-b3: set some ports for c3d2
2022-06-27 21:28:43 +02:00
4549820bef
switch-b3: migrate
2022-06-27 01:11:07 +02:00
212794fc0c
switch-b3: migrate
2022-06-27 01:07:28 +02:00
fec671f093
switch-b3: replace switch-b1/b2
2022-06-27 01:04:44 +02:00
469caa0858
serv: fix hydra role
2022-06-23 22:31:07 +02:00
