peter
/
haccfiles
forked from hacc/haccfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
388 Commits
40 Branches
0 Tags
20 MiB
Commit Graph

73 Commits (main)

Author SHA1 Message Date
Moira 77d7625315
remove gitlab 2022-09-24 17:29:42 +02:00
Moira 3ea537459b
change name 2022-09-12 19:29:51 +02:00
stuebinm 45ceeef189
gitea: git protocol v2 over ssh 
cf. https://docs.gitea.io/en-us/config-cheat-sheet/#git-git, entry for
option ENABLE_AUTO_GIT_WIRE_PROTOCOL
 2022-08-03 11:26:05 +02:00
stuebinm e246563f57 git ssh: switch to gitea (instead of gitlab) 2022-08-01 20:54:17 +02:00
stuebinm a1c5832a51 gitea: save state under /persist 2022-08-01 18:39:46 +02:00
stuebinm c854e10980
gitea: enable offline mode 2022-07-27 23:26:13 +02:00
stuebinm b5a68e09fd
gitea: fix uffd login 
(note that this actually has to patch uffd)
 2022-07-27 23:26:13 +02:00
stuebinm f9f1eee6fd
update lantifa source urls & hashes 2022-07-27 23:26:13 +02:00
schweby db5865fff2
!fixup add missing settings section 2022-07-27 23:26:13 +02:00
schweby 65ec0779b7
init basic untested config 2022-07-27 23:26:13 +02:00
schweby 86b9d3113c
parsons/mail: readd noreply@infra4ure 2022-07-17 19:36:42 +02:00
schweby 39aaf2e0bb
!fixup make virtual addresses actually work 
also fix typo
 2022-07-10 19:02:45 +02:00
schweby 8021685ec8
update mail config 2022-07-09 20:56:46 +02:00
stuebinm 8f413da05a services/nextcloud: remove mail & redis 
(both of these have lots of options, which either do nothing at all or
are misconfigured in some way and don't work. If we want redis-caching,
we can re-add it later, but the current state suggest it's already
working, which it isn't, which is worse)
 2022-07-09 20:27:46 +02:00
stuebinm e9d2630ea9 fix auamost path 2022-07-09 19:11:30 +02:00
stuebinm 445a974f97 magic mattermost group sync 2022-07-09 11:00:57 +02:00
stuebinm 4eecd1bad4 update nextcloud to 24 
(apparently we forget to commit this??)
 2022-07-09 10:56:58 +02:00
hexchen 507a144165 Add uffd application icons 2022-05-02 16:28:37 +00:00
hexchen 7015386cd6 Fix uffd brand icon 2022-05-02 15:53:27 +00:00
schweby 440076bae9
services/nextcloud: make login work reliably 2022-04-30 23:35:19 +02:00
hexchen 27cc65fb14 feat: new SSO!!!! 🎉 2022-04-30 20:43:12 +00:00
schweby 7815e32f9f
services/mail: reduce logspam 
reduce logspam by out mail services by seeting them to logleven 5
(notice) and 3 (error)
 2022-02-01 17:07:52 +01:00
schweby 2d429492fe
services/mail: stop postfix from dying by rspamd 2022-01-31 21:43:25 +01:00
schweby 4bf804c025
services/syncthing: add Vorstands share 
currently the receiveencrypted type is not supported by the nixos module
so we have to set it via the webinterface
 2022-01-27 22:53:17 +01:00
schweby 8716f2b308
services/syncthing: update config format 2022-01-27 22:52:49 +01:00
hexchen 6de0b91beb fixer tous les things 2022-01-27 20:20:25 +00:00
stuebinm 9937d5ff94
fixing pad.hacc.space (hopefully) 
(I haven't tested this, since I don't want to try the upgrade-adventure
a second time today, but I think this should fix it)
 2022-01-27 20:38:06 +01:00
stuebinm 676ba4fc31
services/hedgedocs: use socket auth for postgres 2022-01-27 20:37:42 +01:00
schweby 238c1b2c92
mediawiki cleanup 2022-01-27 20:36:34 +01:00
stuebinm c2c0bd366a
bump nixpkgs to 21.11 
This simply updates nixpkgs to 21.11 (along with a general update of
other sources), then follows the hints given out in the build process
until everything (on parsons) ran through fine.

Some things to note:
 - syncthing's declarative config is gone. Instead, declarative and
   non-declarative configuration can now be mixed, but with
   `overrideDevices` set to true, it _should_ ignore non-declarative
   settings and basically behave the same as before (or at least that's
   how I understood the documentation on that)
 - some postfix options now require a lib.mkForce, since the mail module
   also wants to set them — we should probably look into if the mail
   module has nicer ways of handling our settings now (which I didn't
   do)
 - we no longer import the vaultwarden module from unstable, since it's
   included in nixos 21.11 as-is. We _do_ still import the vaultwarden
   package from unstable, since downgrading sounds like a bad idea.
 - nix build will print a warning that `literalExample` is now
   depricated, but we don't seem to use that — I guess at some point
   we'll have to search through our sources if it doesn't go away

This was not yet deployed, and should probably considered a
work-in-progress.

Building Nixda currently fails decklink seems to have disappeared.
 2022-01-27 20:36:17 +01:00
schweby c21b1b8ddf
services/syncthing: cleanup clients 
remove no longer needed clients due to "new" password sharing
 2022-01-19 21:35:03 +01:00
schweby 02a64a6f31
services/hedgedoc: lower loglevel to warn 2022-01-19 21:22:32 +01:00
stuebinm b9aa3050d7 fix mumble website 
This does two things:
 - add a group "mumblecert" which is allowed to read the mumble.hacc.space
   cert, and add both nginx and murmur's users to it
 - remove the website's derivation from services/murmur.nix and instead
   add it to the websites/ dir and handle it the same as all our other sites
 2022-01-18 09:08:27 +01:00
schweby 6f0d8a6af9
hotfix: disable mumble website 
disable the mumble website because of cert permission issues causes by ad9c1f4481
nginx doesn't start because it can read the cert of the website
 2022-01-17 22:37:43 +01:00
stuebinm ad9c1f4481
security/acme: mumble cert readable by murmur group 
the postRun thing doesn't seem to work at all anymore?
 2022-01-12 23:51:31 +01:00
stuebinm f800057478
services/hedgedocs: remove unused module imports 2022-01-12 19:31:31 +01:00
stuebinm ae67b38304 add the rest of our stativ web pages 
however, for some reason, ACME still fails. Hopefully it's just the
rate limit, but it does look suspicious; there' still a
"www.muc.hacc.space" in the log that oughtn't be there …
 2022-01-10 23:45:21 +01:00
stuebinm eb07f34672 modules/website.nix init 
idea is to have a directory `websites/` which contains all our static
sites, with the name of each subdirectory also being their domain. Then
Nix can just read that directory during build-time and automatically
generate nginx virtualHosts for all of them (note that the
subdirectories have to contain a `default.nix` specifying how to build
the site for that to work).

Thus we could avoid the dependency on gitlab pages.
 2022-01-10 22:57:09 +01:00
stuebinm a7896e718f
services/workadventure: re-add the hacc assembly map as default map 2022-01-07 17:29:10 +01:00
stuebinm 16245e830f
remove truelove-specific workadventure 
This removes the special configuration to make our workadventure useable
for the truelove event and reverts it to just run at void.hacc.space
without authentication etc.

Tbh, not sure if that's actually what we want — do we need a running
workadventure instance at all? Or should we just remove the entire container?
 2022-01-01 20:03:32 +01:00
schweby 2a1e692522 services/lantifa: set mediawiki-version from 21.11 
due to a wikiDB issue the mediawiki version in unstable (37) is not
compatible.
switching to 21.05 would mean a downgrade, so this is the hack until we
fully upgrade to 21.11
 2021-12-11 13:20:42 +01:00
Raphael Weniger 928d44fb95 Added stuebinm@hacc.space to mitglieder@hacc.space 2021-12-01 21:25:27 +00:00
Raphael Weniger 3ad6a0d2df raphael@hacc.space added to voc@hacc.space 2021-12-01 21:22:53 +00:00
schweby 277d4a1fa7 services/nextcloud: fix downloads >1GB 
should also gernerally improve performance when large(r) amounts of data
are exchanged
 2021-11-22 20:58:39 +01:00
stuebinm 6563e0ccfa add services/workadventure for true-love event 2021-11-09 17:02:43 +00:00
schweby 5432503397 services/mattermost: set MaxUsersPerTeam to 250 2021-11-06 18:11:08 +01:00
schweby 144bd0d5f5 remove services/unifi 
no longer needed
 2021-11-03 15:36:03 +01:00
stuebinm 1b94984486
unbreak vaultwarden backup 2021-10-31 22:22:48 +01:00
schweby 232a90aaf1 services/nextcloud: replace password with file 2021-10-31 09:19:45 +01:00
schweby 0652afa761 services/nextcloud: set defaultapp to apporder 2021-10-31 08:28:10 +01:00