* make hainich.hacc.space the default virtualHost for nginx
if no host is running on that subdomain, this will be shown
* disable SSL, so no pesky SSL error for empty subdomains anymore
* remove lots of unneeded brackes and semicolons
Since the delivery of mumble.hacc.space/murmur.hacc.space via gitlab pages
broke (for whatever reason), I've packaged the site into an ad-hoc nix
derivation, which is now delivered locally by nginx instead. This has a
couple benefits (mainly that we no longer depend on gitlab pages), but
also the downside that we can't just update the site via gitlab's CI/CD
pipelines anymore.
This is a first attempt to package octycs' keytracker [1] application.
It's more a quick-and-dirty approach, so there are a couple things to note:
- the config file is just generated by Nix as whatever the module got in
its config option stuffed into a toml file. There are no default values,
so all values must be set by hand – or rather, we just write the default
values in the config.
- I couldn't figure out how to actually make this thing work. It looks like
it /should/ work, but gets hung up every time on loading key information
via the web interface. Then again, it appears our current config on
libocedrus also doesn't conform to what the readme says, so perhaps I just
missed something that's as-yet undocumented.
- The module just calls python instead of an actual server as backend. This
is recommended just for development/testing, not actual deploys [2], but
since the project is missing a setup.py which afaik are required to package
these things more sensibly [3], that's it for now.
- keys and corresponding tokens are currently baked into the nix store. This
seems a bad idea, and I'll fix it as soon as I find the time.
[1] https://gitlab.infra4future.de/octycs/keytracker
[2] https://gitlab.infra4future.de/octycs/keytracker/-/blob/master/server/Readme.md
[3] https://flask.palletsprojects.com/en/1.1.x/tutorial/deploy/
this removes the old (unused) config for an angel system used during the
fridays for future camp 2020. Since it was configured "by hand" and not
in a declarative manner, and since there is now an actual module
`services.engelsystem` that we already use for the divoc it seems unlikely
that we will ever need the old config again.
From Nix's point of view, this commit is equivalent to doing nothing.
Seems to work fine, except for the domain — the engelsystem tries
to load its ressources from the IP of the container instead of its
url set in the config.
This is a partial revert, reintroducing hexchen to the project.
As it turns out, I am still quite invested in the project and require
frequent access to the nix-based infrastructure.
I am no longer comfortable with putting resources into this project and
therefore request to be removed from all infrastructure. I am still
happy to help out with software I set up, but I will no longer actively
maintain any services. As far as possible, I will remove myself from all
access groups or other privileged positions related to this project.
Essentially, I'm stepping down as a maintainer. I still reserve the
right to make changes via the established change processes (Merge
Requests as well as Issues in the meta-repositories), but I will no
longer make direct changes to infrastructure without going through those
review processes.