Commit graph

25 commits

Author SHA1 Message Date
b458d59693
nextcloud: enable module
(before, the relevant nixfiles were not actually imported into hainich's configuration)
2021-04-20 23:16:10 +02:00
schweby
908d6df2da
sources: update sources
this also disables mattermost-beta because of a version mismatch with
the development branch
will be readded with MR
2021-04-20 21:52:18 +02:00
6e36ff58e2 workadventure: update and manage sources with niv
Changes:
 - workadventure is now pulled from stuebinm.eu/git via niv, and
   should be updated automatically along with the other sources
 - the same is true for the default map, which gets pulled directly from
   its gitlab sources.
 - this setup may potentially break things if I decide to rename an
   option upstream, but I don't think that'll happen too often
 - made the code a little nicer
 - uses workadventure-xce now, since the tabascoeye version is now gone

Open for discussion:
 - afaik know, the current version of workadventure-xce now contains
   fediventure-specific patches. Do we want that, or should we switch
   to the unfederated version?
2021-04-15 20:12:32 +00:00
schweby
0c55ccb47b
hainich: reduce backup retention 2021-04-15 06:37:12 +02:00
schweby
ccb4469922
hainich: Set more sensible snapshot retention time 2021-04-15 06:35:31 +02:00
schweby
b136ca090f
hainich: remove hasenloch 2021-04-15 06:18:26 +02:00
schweby
1f40f1f142
hainich: disable workadventure 2021-04-14 22:47:25 +02:00
schweby
78e607a28d
hainich: block x_tables module
this also blocks the x_tables module to prent it from loading
ip_tables
2021-03-30 17:59:26 +02:00
schweby
1064836092
Revert "security: remove hexchen"
This reverts commit bab826b1c7.
Also fixes hexchen nix due new logic
2021-03-26 22:04:27 +01:00
stuebinm
d5cf2abccc
hainich: init mattermost beta 2021-03-24 22:37:38 +01:00
schweby
8377d27b87 hainich: init minecraft server
this server replaces the vanilla minecraft server on libocedrus
2021-03-20 16:59:47 +01:00
schweby
071f135ef4
hainich: Blacklist ip_tables and ip6_tables
Prevent **something** (docker) from loading the iptables kernel modules
and breaking nftables
2021-03-20 16:56:56 +01:00
schweby
bab826b1c7 security: remove hexchen 2021-03-12 23:53:51 +01:00
schweby
2d4309fdf4 hainich: init workadventure 2021-03-11 00:11:51 +01:00
d7b70742fe remove old engelsystem config (NOP)
this removes the old (unused) config for an angel system used during the
fridays for future camp 2020. Since it was configured "by hand" and not
in a declarative manner, and since there is now an actual module
`services.engelsystem` that we already use for the divoc it seems unlikely
that we will ever need the old config again.

From Nix's point of view, this commit is equivalent to doing nothing.
2021-02-21 14:58:25 +01:00
Matthias Stübinger
3b42b89bd7 Hasenloch (Engelsystem for divoc)
Seems to work fine, except for the domain — the engelsystem tries
to load its ressources from the IP of the container instead of its
url set in the config.
2021-02-20 23:32:00 +01:00
schweby
1a8842457d restic: added mumur to backup 2021-02-20 21:56:05 +01:00
hexchen
233a4c7cab hainich: init restic backups 2021-02-15 07:23:23 +00:00
hexchen
0d362a17fc hainich/monitoring: init prometheus 2021-02-06 16:41:02 +00:00
Schweby mit Hut
4813284e82 syncthing 2021-01-27 23:27:59 +01:00
hexchen
43d36bb3d7 remove hexchen from the project
I am no longer comfortable with putting resources into this project and
therefore request to be removed from all infrastructure. I am still
happy to help out with software I set up, but I will no longer actively
maintain any services. As far as possible, I will remove myself from all
access groups or other privileged positions related to this project.

Essentially, I'm stepping down as a maintainer. I still reserve the
right to make changes via the established change processes (Merge
Requests as well as Issues in the meta-repositories), but I will no
longer make direct changes to infrastructure without going through those
review processes.
2021-01-25 11:37:34 +00:00
hexchen
95da394e01 hainich/nat: add docker and container IPs
for some reason, masquerading by interface does not work atm, should fix
itself with a host reboot though.
2021-01-15 23:55:06 +00:00
hexchen
61db3bc33f modules/nftnat: init nftables nat module 2021-01-15 23:55:06 +00:00
hexchen
d1412f0d3b hainich/lantifa: init mediawiki 2021-01-12 18:20:49 +00:00
hexchen
851052014a complete restructure of haccfiles
here be winkekatzen
2021-01-10 23:53:41 +00:00
Renamed from configuration/hosts/hainich/configuration.nix (Browse further)