hacc/haccfiles
8
0
Fork 1
Code Issues 1 Pull requests Projects Releases Wiki Activity
Wie Sie sehen, sehen sie nix! https://docs.hacc.space
215 commits 9 branches 0 tags 21 MiB
SCSS 40.5%
Nix 30.1%
HTML 28.7%
JavaScript 0.7%
Go to file
stuebinm f739329087
synapse: add mail config (currently broken) 
tl;dr: mail config works, but on trying to send mail synapse gets rejected by
postfix for using a too-old version of tls, as apparently tls in twisted (the
python library used for mail in synapse) is just hardcoded to v1, which our
postfix rejects.

```
postfix/smtpd[9737]: warning: TLS library problem: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol:ssl/statem/statem_srvr.c:1685:
synapse[9211]: synapse.handlers.identity: [POST-41] Error sending threepid validation email to stuebinm@hacc.space
               Traceback (most recent call last):
                 File "/nix/store/55mh6w2ark2blrbkyq0d1jjg9alb1dw5-matrix-synapse-1.29.0/lib/python3.8/site-packages/synapse/handlers/identity.py", line 382, in send_threepid_validation
                   await send_email_func(email_address, token, client_secret, session_id)
                 File "/nix/store/55mh6w2ark2blrbkyq0d1jjg9alb1dw5-matrix-synapse-1.29.0/lib/python3.8/site-packages/synapse/push/mailer.py", line 207, in send_add_threepid_mail
                   await self.send_email(
                 File "/nix/store/55mh6w2ark2blrbkyq0d1jjg9alb1dw5-matrix-synapse-1.29.0/lib/python3.8/site-packages/synapse/push/mailer.py", line 349, in send_email
                   await make_deferred_yieldable(
               twisted.mail._except.SMTPConnectError: Unable to connect to server.
```

This is a known issue [1], which should be fixed in the current version of twisted,
which will be in the next version of synapse.

[1] https://github.com/matrix-org/synapse/issues/6211
2021-04-20 23:09:57 +02:00
common Revert "security: remove hexchen" 2021-03-26 22:04:27 +01:00
desktop remove hexchen from the project 2021-01-25 11:37:34 +00:00
hosts synapse: add mail config (currently broken) 2021-04-20 23:09:57 +02:00
modules hainich: init mattermost beta 2021-03-24 22:37:38 +01:00
nix sources: update sources 2021-04-20 21:52:18 +02:00
pkgs pkgs: set jre_headless to jdk11_headless 2021-04-03 21:07:02 +02:00
.gitignore repo: add vim swapfiles to gitignore 2020-11-29 12:53:03 +00:00
.gitlab-ci.yml ci: remove instantiate stage 2021-02-22 09:41:15 +00:00
default.nix default: unclutter by using a recursive attrset 2021-01-22 19:26:05 +00:00
README.md readme: add golden commit rule 2021-01-20 18:47:57 +00:00

README.md

hacc nixfiles

welcome to hacc nixfiles (haccfiles). this is the code describing our nix-based infrastructure.

structure

  • default.nix: Entrypoint to the config
  • common/: configuration common to all hosts
  • desktop/: desktop-relevant communication
  • modules/: home-grown modules for hacc-specific services
  • nix/: sources files, managed with niv
  • pkgs/: packages we built and don't want to upstream

working with the haccfiles

deploy:

nix build -f . deploy.$hostname && ./result switch

$hostname can be replaced with any hostname or group

committing to haccfiles

  • Golden Rule: DO NOT COMMIT TO MAIN
    • exceptions apply, if you are not sure where to commit, don't commit to main
  • split up commits, every commit is one atomic change
    • e.g. no big "did some changes" but instead "updated service x", "updated service y", "update service z"
  • follow the commit format: "$prefix$place: $change"
    • prefix: one of fixup, nothing
    • place: one of "modules/$module", "$hostname/service", "common/($place)", "pkgs/$pkgs" or "sources"
    • change: describe your change, don't go over the character limit where git starts hiding/wrapping
  • Exception: autogenerated messages (merge commits, reverts, etc)