5041624b6c
vpn: set allowedUpstreams to upstreams with less legal liability
2022-12-23 16:11:37 +01:00
2c1158984d
Add accidentially deleted lines back
2022-12-21 21:44:10 +01:00
a7a5069016
Move mailtngbert to correct subnet
2022-12-20 19:44:53 +01:00
ab8bcc5960
serv: add rc3ticker
2022-12-20 19:36:56 +01:00
4d356a9fe6
Fix formatting
2022-12-20 19:36:25 +01:00
dd7acc41f0
Add pulsebert
2022-12-20 07:28:10 +01:00
465e824add
Add link to nixpkgs PR
2022-12-20 03:48:38 +01:00
6a3d727adb
Add dacbert ip
2022-12-20 03:47:45 +01:00
a510e60e4d
Add config.site.net-combined
2022-12-20 03:47:27 +01:00
0e1ccff6ab
serv: add buzzrelay
2022-12-19 20:19:08 +01:00
bd88928269
Remove mailtngbert from serv subnet
2022-12-19 01:06:26 +01:00
5a3194b23c
Add flpk entry for mailtngbert
2022-12-18 21:47:06 +01:00
5018c8f8c2
Add mailtngbert
2022-12-18 21:04:07 +01:00
66b7479057
ap21: remove outdated prvi39 bridge
...
deploy to make this go away:
> [15321146.921496] priv4: received packet on ext-priv4 with own address as source address (addr:aa:90:4d:48:16:fc, vlan:0)
2022-12-18 03:52:13 +01:00
4f090527d4
upstream4: fix forwardPorts
2022-12-16 19:29:00 +01:00
e926e053a1
upstream4: remove port forwarding for telnet
...
DSI.net is not fond of getting daily mails from BSI-Cert. Hence c3d2-web
moves to flpk IPs.
2022-12-16 18:29:43 +01:00
d0994b7acc
c3d2-web: move from serv to flpk
2022-12-16 18:18:01 +01:00
f00374d157
ap62: fix wlan2-priv45
2022-12-16 15:35:34 +01:00
b3674af31d
core: add priv45-gw
2022-12-14 21:28:36 +01:00
3ce27a8f87
add priv45-gw
2022-12-14 21:19:05 +01:00
9822783932
deploy priv45, ap62
2022-12-14 18:32:45 +01:00
d770e9b28f
upstream4: add telnet port forwarding
2022-12-12 20:57:06 +01:00
db0f881700
flpk: move mastodon from serv
2022-11-30 21:08:23 +01:00
8aa6c5e388
pub: remove flpk-gw from allowedUpstreams for legal reasons
2022-11-30 20:25:16 +01:00
15e1e9fb1c
serv: add mastodon
2022-11-30 00:21:35 +01:00
c529915367
serv: add prometheus
2022-11-27 01:08:19 +01:00
5113cf888d
switch-b3: plug server8
2022-11-24 19:27:55 +01:00
9af9b5fef3
serv: add owncast
2022-11-21 19:28:37 +01:00
f2a3c14c17
config/secrets-production: add wireguard peer
2022-11-21 02:51:58 +01:00
9cb7dbc385
config: move leoncloud from pub to flpk
2022-11-16 00:18:51 +01:00
8b5180bce9
flpk: move caveman from serv
2022-11-09 22:11:45 +01:00
9cad87cfc9
serv: add caveman
2022-11-03 19:29:35 +01:00
fe801a6a48
switch-b3: deploy riscbert
2022-11-01 02:13:05 +01:00
2994c00459
upstream4: use staticIpv4Address in ospf.stubNets4
2022-11-01 01:40:37 +01:00
a2d083963a
c3d2: add static dhcp entry for riscbert
2022-10-31 23:21:39 +01:00
13e0aa216e
nixos-module/container/bird: rework radv router selection
2022-10-23 01:16:18 +02:00
Your Name
f7f4836430
add wireguard client
2022-10-22 23:22:41 +02:00
f4ac3f9edb
nixos-module/container/dhcp-server: make dhcp.router a flat hostName
2022-10-22 22:41:17 +02:00
1fb1d9b38c
serv: add network-homepage
2022-10-22 21:19:38 +02:00
666e8e4439
upstream.nix: remove superfluous forwards to data-hoarder and add forward 51821/udp to data-hoarder-staging
2022-09-27 20:06:07 +02:00
769bc38d89
ap: remove all owe configuration
2022-09-21 20:52:28 +02:00
eab52a59ce
pub: fix hosts4.leoncloud
2022-09-19 23:13:54 +02:00
a0493fe3b0
flpk: add sshlog
2022-09-19 22:39:24 +02:00
4d094ae077
flpk-gw: move to ipv4 network address
...
hacky, but leaves one more address
2022-09-19 19:30:57 +02:00
a113f2d4fa
pub: update leoncloud ipv6 addrs
2022-09-18 22:47:39 +02:00
4ac8db230d
leoncloud: move from serv to pub
2022-09-18 22:33:20 +02:00
491fcda4a9
upstream4: update leon port forwardings to new address
2022-09-18 21:41:31 +02:00
3fbc5577d5
flpk: fix hosts4.leon
2022-09-18 21:34:56 +02:00
ccb5f0e33f
flpk-gw: clean upstream.noNat.subnets6
2022-09-18 21:26:37 +02:00
97dadf4801
ap: turn owe on on 5ghz for all c3d2 aps
2022-09-18 20:44:38 +02:00
2e4f65b3b7
leon: move from serv to flpk
2022-09-18 20:38:10 +02:00
3d26788830
config/secrets-production: fix many more
2022-09-18 20:13:17 +02:00
62d43a47d7
config/secrets-production: fix
2022-09-18 20:05:59 +02:00
ffc4c56730
pub: add flpk subnet
2022-09-18 01:59:14 +02:00
05641a7f74
flpk-gw: implement upstream.noNat.subnets4
2022-09-18 01:42:34 +02:00
7be3b761e6
c3d2-gw1: route over flpk-gw
2022-09-18 01:32:19 +02:00
d5e2307404
flpk: add addresses
2022-09-18 01:29:09 +02:00
c9585041f6
cluster: bridge flpk to server3..10
2022-09-18 01:01:52 +02:00
8ae2a3567e
flpk: add interface flpk
2022-09-18 01:00:20 +02:00
b6ebe0f136
net/flpk: init
2022-09-18 00:17:59 +02:00
1293ab0a75
nixos-module/container/wireguard: make upBandwidth optional
2022-09-18 00:07:10 +02:00
5fc24d2d59
anon1: properly prefer upstream4
2022-09-17 14:20:08 +02:00
bc3f838c80
anon1: prefer upstream3
2022-09-17 14:17:51 +02:00
07face4a33
c3d2: enlarge dhcp range
2022-09-17 11:14:59 +02:00
104352788e
config/secrets-production: update
2022-09-16 22:42:26 +02:00
ef7d4d377d
ap21: redeploy
2022-09-16 22:27:46 +02:00
0d912ec5a1
ap: end the owe experiment in the saal :(
...
was not reliable
2022-09-16 20:27:05 +02:00
3f441fd54e
ap: merge ssid Datenspuren into ZW public again
2022-09-16 20:15:13 +02:00
afeab51ff9
ap: bring back ZW public legacy in the saal
...
change config for an hour and now others expect it to be like this
forever :(
2022-09-16 19:43:00 +02:00
70f63609f6
ap: add explicit ifname for ssids of duplicate nets
2022-09-16 19:19:24 +02:00
0002456abf
options, saal aps: turn ZW public back to no encryption, add ssid Datenspuren for owe
2022-09-16 18:57:16 +02:00
186c9e6db3
switch-ds1, switch-ds2: deploy
2022-09-16 18:39:06 +02:00
52ed3f3b9e
serv: add zengel
2022-09-15 20:07:14 +02:00
6b55e24a25
switch-c1: remove old port
2022-09-14 21:23:37 +02:00
de99179247
switch-c1: deploy ap61
2022-09-14 21:22:23 +02:00
d95c54e3c2
ap: add "ZW public legacy" for some dual-band aps
2022-09-14 17:31:02 +02:00
cff8d37b14
priv44: fix gw typo
2022-09-12 22:53:56 +02:00
60df827767
ap61: prepare
2022-09-12 22:37:42 +02:00
910428ebde
config: add priv44
2022-09-12 21:56:32 +02:00
629decc369
config/secrets-production: update
2022-09-12 18:32:02 +02:00
0ba27a4e0a
serv: add leoncloud
2022-09-05 20:57:25 +02:00
3324eb1ed3
Revert "Update pulsebert MAC"
...
This reverts commit aa9ec2268d
.
2022-09-03 01:12:01 +02:00
5d7bcf31b2
update port
2022-08-28 00:45:00 +01:00
0fec126f08
add new-port-forward
2022-08-27 15:42:32 +01:00
582f13c303
upstream4: change port forwarding from 777/udp to 8800/udp
2022-08-25 21:38:30 +02:00
cf014d1aac
asecrets-production: update
2022-08-25 21:20:42 +02:00
bd1e42067a
config/net/upstream: fmt
2022-08-25 18:53:18 +02:00
1bc11e35bf
Merge pull request 'master' ( #9 ) from leon/network:master into master
...
Reviewed-on: #9
2022-08-25 18:52:43 +02:00
f01d8bd26d
ap42: remove outdated link to ap34
2022-08-24 02:50:12 +02:00
aa9ec2268d
Update pulsebert MAC
2022-08-23 23:56:13 +02:00
d4a2f34f18
nix/nixos-module/container/netboot: merge into c3d2/nix-config host nfsroot
2022-08-22 19:54:07 +02:00
70b7bd00e5
add port upstream vpn-website-
2022-08-20 21:14:18 +01:00
cd7d55247c
add port upstream vpn-website
2022-08-20 21:09:57 +01:00
89df3792d6
Forward ftp to port 22
2022-08-05 22:40:21 +02:00
fa0869b110
Forward port 1022 to ftp
2022-08-05 22:04:32 +02:00
39897ded63
Add factorio.serv
2022-08-05 18:58:22 +02:00
88cadab0f0
entirely remove obsolete upstream1+upstream2 ipv4 subnets
2022-08-05 18:15:00 +02:00
15ab6d744e
vpn-gw: add peer
2022-07-26 20:10:16 +02:00
ec93cdfcda
Add auth
2022-07-22 21:51:13 +02:00
59974b34bc
ap34: swap for ap15
2022-07-19 20:03:34 +02:00