Commit graph

129 commits

Author SHA1 Message Date
2e92960390
services/mail: update vorstand and admin 2022-11-02 21:21:15 +01:00
0fe3094853
services/mail: renable postfix logs 2022-10-16 14:37:07 +02:00
f64b1f9534
mattermost: don't read config from database
apparently the nixpkgs mattermost module simply ignores its own config
if mutableConfig is false, and reads whatever config is currently in the
database (in our case, old stuff involving auth.infra4future.de).

This overwrites that.
2022-10-16 14:32:04 +02:00
52f9f2d64c
get rid of mattermost-patched module
this does a couple things:
 - redo mattermost's secret config as an env file passed to systemd
 - get rid of modules/mattermost.nix and use upstream module instead
 - move some of the stuff in secret.json which don't need to be there
   into nix (e.g. smtp port)

Also, I set the log level to ERROR in the env file. Mattermost doesn't
seem to respect it otherwise *shrug*
2022-10-15 20:10:29 +02:00
55ffc7282e
services/lantifa: pin WikiDB version
resolves the issue with the nixfiles being unable to be built, because
of a hash mismatch. The previous URL always pointed to the newest
version instead of a static one.
Sadly static links only exist for previous, but not the current version.
2022-10-09 10:06:30 +02:00
5821a58d23
services/mail.nix: Adding an email for peter 2022-10-06 19:38:23 +02:00
77d7625315
remove gitlab 2022-09-24 17:29:42 +02:00
3ea537459b
change name 2022-09-12 19:29:51 +02:00
45ceeef189
gitea: git protocol v2 over ssh
cf. https://docs.gitea.io/en-us/config-cheat-sheet/#git-git, entry for
option ENABLE_AUTO_GIT_WIRE_PROTOCOL
2022-08-03 11:26:05 +02:00
e246563f57 git ssh: switch to gitea (instead of gitlab) 2022-08-01 20:54:17 +02:00
a1c5832a51 gitea: save state under /persist 2022-08-01 18:39:46 +02:00
c854e10980
gitea: enable offline mode 2022-07-27 23:26:13 +02:00
b5a68e09fd
gitea: fix uffd login
(note that this actually has to patch uffd)
2022-07-27 23:26:13 +02:00
f9f1eee6fd
update lantifa source urls & hashes 2022-07-27 23:26:13 +02:00
schweby
db5865fff2
!fixup add missing settings section 2022-07-27 23:26:13 +02:00
schweby
65ec0779b7
init basic untested config 2022-07-27 23:26:13 +02:00
schweby
86b9d3113c
parsons/mail: readd noreply@infra4ure 2022-07-17 19:36:42 +02:00
schweby
39aaf2e0bb
!fixup make virtual addresses actually work
also fix typo
2022-07-10 19:02:45 +02:00
schweby
8021685ec8
update mail config 2022-07-09 20:56:46 +02:00
8f413da05a services/nextcloud: remove mail & redis
(both of these have lots of options, which either do nothing at all or
are misconfigured in some way and don't work. If we want redis-caching,
we can re-add it later, but the current state suggest it's already
working, which it isn't, which is worse)
2022-07-09 20:27:46 +02:00
e9d2630ea9 fix auamost path 2022-07-09 19:11:30 +02:00
445a974f97 magic mattermost group sync 2022-07-09 11:00:57 +02:00
4eecd1bad4 update nextcloud to 24
(apparently we forget to commit this??)
2022-07-09 10:56:58 +02:00
hexchen
507a144165 Add uffd application icons 2022-05-02 16:28:37 +00:00
hexchen
7015386cd6 Fix uffd brand icon 2022-05-02 15:53:27 +00:00
schweby
440076bae9
services/nextcloud: make login work reliably 2022-04-30 23:35:19 +02:00
hexchen
27cc65fb14 feat: new SSO!!!! 🎉 2022-04-30 20:43:12 +00:00
schweby
7815e32f9f
services/mail: reduce logspam
reduce logspam by out mail services by seeting them to logleven 5
(notice) and 3 (error)
2022-02-01 17:07:52 +01:00
schweby
2d429492fe
services/mail: stop postfix from dying by rspamd 2022-01-31 21:43:25 +01:00
schweby
4bf804c025
services/syncthing: add Vorstands share
currently the receiveencrypted type is not supported by the nixos module
so we have to set it via the webinterface
2022-01-27 22:53:17 +01:00
schweby
8716f2b308
services/syncthing: update config format 2022-01-27 22:52:49 +01:00
hexchen
6de0b91beb fixer tous les things 2022-01-27 20:20:25 +00:00
9937d5ff94
fixing pad.hacc.space (hopefully)
(I haven't tested this, since I don't want to try the upgrade-adventure
a second time today, but I think this should fix it)
2022-01-27 20:38:06 +01:00
676ba4fc31
services/hedgedocs: use socket auth for postgres 2022-01-27 20:37:42 +01:00
schweby
238c1b2c92
mediawiki cleanup 2022-01-27 20:36:34 +01:00
c2c0bd366a
bump nixpkgs to 21.11
This simply updates nixpkgs to 21.11 (along with a general update of
other sources), then follows the hints given out in the build process
until everything (on parsons) ran through fine.

Some things to note:
 - syncthing's declarative config is gone. Instead, declarative and
   non-declarative configuration can now be mixed, but with
   `overrideDevices` set to true, it _should_ ignore non-declarative
   settings and basically behave the same as before (or at least that's
   how I understood the documentation on that)
 - some postfix options now require a lib.mkForce, since the mail module
   also wants to set them — we should probably look into if the mail
   module has nicer ways of handling our settings now (which I didn't
   do)
 - we no longer import the vaultwarden module from unstable, since it's
   included in nixos 21.11 as-is. We _do_ still import the vaultwarden
   package from unstable, since downgrading sounds like a bad idea.
 - nix build will print a warning that `literalExample` is now
   depricated, but we don't seem to use that — I guess at some point
   we'll have to search through our sources if it doesn't go away

This was not yet deployed, and should probably considered a
work-in-progress.

Building Nixda currently fails decklink seems to have disappeared.
2022-01-27 20:36:17 +01:00
schweby
c21b1b8ddf
services/syncthing: cleanup clients
remove no longer needed clients due to "new" password sharing
2022-01-19 21:35:03 +01:00
schweby
02a64a6f31
services/hedgedoc: lower loglevel to warn 2022-01-19 21:22:32 +01:00
b9aa3050d7 fix mumble website
This does two things:
 - add a group "mumblecert" which is allowed to read the mumble.hacc.space
   cert, and add both nginx and murmur's users to it
 - remove the website's derivation from services/murmur.nix and instead
   add it to the websites/ dir and handle it the same as all our other sites
2022-01-18 09:08:27 +01:00
schweby
6f0d8a6af9
hotfix: disable mumble website
disable the mumble website because of cert permission issues causes by ad9c1f4481
nginx doesn't start because it can read the cert of the website
2022-01-17 22:37:43 +01:00
ad9c1f4481
security/acme: mumble cert readable by murmur group
the postRun thing doesn't seem to work at all anymore?
2022-01-12 23:51:31 +01:00
f800057478
services/hedgedocs: remove unused module imports 2022-01-12 19:31:31 +01:00
ae67b38304 add the rest of our stativ web pages
however, for some reason, ACME still fails. Hopefully it's just the
rate limit, but it does look suspicious; there' still a
"www.muc.hacc.space" in the log that oughtn't be there …
2022-01-10 23:45:21 +01:00
eb07f34672 modules/website.nix init
idea is to have a directory `websites/` which contains all our static
sites, with the name of each subdirectory also being their domain. Then
Nix can just read that directory during build-time and automatically
generate nginx virtualHosts for all of them (note that the
subdirectories have to contain a `default.nix` specifying how to build
the site for that to work).

Thus we could avoid the dependency on gitlab pages.
2022-01-10 22:57:09 +01:00
a7896e718f
services/workadventure: re-add the hacc assembly map as default map 2022-01-07 17:29:10 +01:00
16245e830f
remove truelove-specific workadventure
This removes the special configuration to make our workadventure useable
for the truelove event and reverts it to just run at void.hacc.space
without authentication etc.

Tbh, not sure if that's actually what we want — do we need a running
workadventure instance at all? Or should we just remove the entire container?
2022-01-01 20:03:32 +01:00
schweby
2a1e692522 services/lantifa: set mediawiki-version from 21.11
due to a wikiDB issue the mediawiki version in unstable (37) is not
compatible.
switching to 21.05 would mean a downgrade, so this is the hack until we
fully upgrade to 21.11
2021-12-11 13:20:42 +01:00
928d44fb95 Added stuebinm@hacc.space to mitglieder@hacc.space 2021-12-01 21:25:27 +00:00
3ad6a0d2df raphael@hacc.space added to voc@hacc.space 2021-12-01 21:22:53 +00:00
schweby
277d4a1fa7 services/nextcloud: fix downloads >1GB
should also gernerally improve performance when large(r) amounts of data
are exchanged
2021-11-22 20:58:39 +01:00
6563e0ccfa add services/workadventure for true-love event 2021-11-09 17:02:43 +00:00
schweby
5432503397 services/mattermost: set MaxUsersPerTeam to 250 2021-11-06 18:11:08 +01:00
schweby
144bd0d5f5 remove services/unifi
no longer needed
2021-11-03 15:36:03 +01:00
1b94984486
unbreak vaultwarden backup 2021-10-31 22:22:48 +01:00
schweby
232a90aaf1 services/nextcloud: replace password with file 2021-10-31 09:19:45 +01:00
schweby
0652afa761 services/nextcloud: set defaultapp to apporder 2021-10-31 08:28:10 +01:00
hexchen
750b069420 services/nginx-pages: fix acme bullshit 2021-10-28 19:02:38 +00:00
schweby
09d6d6838d service/lantifa: update intersection plugin 2021-10-15 22:27:22 +02:00
octycs
f125de8342 services/nginx-pages: readd help.studentsforfuture.info 2021-09-28 21:28:54 +02:00
56cbb7601b services/vaultwarden: init vaultwarden 2021-09-28 11:13:25 +00:00
schweby
35a563185d parsons/lantifa: update intersection plugin 2021-09-18 21:36:39 +02:00
schweby
b9eb988aa0 parsons/murmur: fix acme
credits for ${pkgs.acl} go to stuebinm
2021-08-30 15:12:30 +02:00
schweby
95a0e9f04a parsons: init lantifa wiki 2021-08-23 19:32:02 +00:00
hexchen
41acbdd3e0 parsons: deploy unifi controller 2021-08-23 19:32:02 +00:00
hexchen
d367269e87 thelounge: foo 2021-08-23 19:32:02 +00:00
hexchen
7dbc22929b parsons/nginx-pages: add muc.hacc.earth hacc 2021-08-23 19:32:02 +00:00
hexchen
35cd963f8c services/gitlab-runner: init on parsons
also disable ci for hainich
2021-08-23 19:32:02 +00:00
hexchen
6121acabd7 maintenance: update sources, fix mattermost 2021-08-23 19:32:02 +00:00
hexchen
69e49a0020 services/gitlab: init ssh 2021-08-23 19:32:02 +00:00
hexchen
373926e33b services/gitlab: init on parsons 2021-08-23 19:32:02 +00:00
schweby
7881b444ba parsons: init syncthing 2021-08-23 19:32:02 +00:00
hexchen
cdeb52f808 services/mail: migrate to parsons 2021-08-23 19:32:02 +00:00
hexchen
a5063ae960 parsons: small fixes 2021-08-23 19:32:02 +00:00
schweby
632bf21200 parsons: fix hegedocs 2021-08-23 19:32:02 +00:00
schweby
76c9b07d56 parsons: init hegedocs 2021-08-23 19:32:02 +00:00
hexchen
172d0869b3 services/murmur: migrate to parsons 2021-08-23 19:32:02 +00:00
hexchen
4b11dbf1d4 services/thelounge: move to parsons 2021-08-23 19:32:02 +00:00
schweby
b23582a52f services/mattermost: init on parsons 2021-08-23 19:32:02 +00:00
hexchen
da7beff2fe services/nextcloud: init on parsons 2021-08-07 12:05:26 +00:00