Commit graph

18 commits

Author SHA1 Message Date
schweby
78e607a28d
hainich: block x_tables module
this also blocks the x_tables module to prent it from loading
ip_tables
2021-03-30 17:59:26 +02:00
schweby
1064836092
Revert "security: remove hexchen"
This reverts commit bab826b1c7.
Also fixes hexchen nix due new logic
2021-03-26 22:04:27 +01:00
stuebinm
d5cf2abccc
hainich: init mattermost beta 2021-03-24 22:37:38 +01:00
schweby
8377d27b87 hainich: init minecraft server
this server replaces the vanilla minecraft server on libocedrus
2021-03-20 16:59:47 +01:00
schweby
071f135ef4
hainich: Blacklist ip_tables and ip6_tables
Prevent **something** (docker) from loading the iptables kernel modules
and breaking nftables
2021-03-20 16:56:56 +01:00
schweby
bab826b1c7 security: remove hexchen 2021-03-12 23:53:51 +01:00
schweby
2d4309fdf4 hainich: init workadventure 2021-03-11 00:11:51 +01:00
d7b70742fe remove old engelsystem config (NOP)
this removes the old (unused) config for an angel system used during the
fridays for future camp 2020. Since it was configured "by hand" and not
in a declarative manner, and since there is now an actual module
`services.engelsystem` that we already use for the divoc it seems unlikely
that we will ever need the old config again.

From Nix's point of view, this commit is equivalent to doing nothing.
2021-02-21 14:58:25 +01:00
Matthias Stübinger
3b42b89bd7 Hasenloch (Engelsystem for divoc)
Seems to work fine, except for the domain — the engelsystem tries
to load its ressources from the IP of the container instead of its
url set in the config.
2021-02-20 23:32:00 +01:00
schweby
1a8842457d restic: added mumur to backup 2021-02-20 21:56:05 +01:00
hexchen
233a4c7cab hainich: init restic backups 2021-02-15 07:23:23 +00:00
hexchen
0d362a17fc hainich/monitoring: init prometheus 2021-02-06 16:41:02 +00:00
Schweby mit Hut
4813284e82 syncthing 2021-01-27 23:27:59 +01:00
hexchen
43d36bb3d7 remove hexchen from the project
I am no longer comfortable with putting resources into this project and
therefore request to be removed from all infrastructure. I am still
happy to help out with software I set up, but I will no longer actively
maintain any services. As far as possible, I will remove myself from all
access groups or other privileged positions related to this project.

Essentially, I'm stepping down as a maintainer. I still reserve the
right to make changes via the established change processes (Merge
Requests as well as Issues in the meta-repositories), but I will no
longer make direct changes to infrastructure without going through those
review processes.
2021-01-25 11:37:34 +00:00
hexchen
95da394e01 hainich/nat: add docker and container IPs
for some reason, masquerading by interface does not work atm, should fix
itself with a host reboot though.
2021-01-15 23:55:06 +00:00
hexchen
61db3bc33f modules/nftnat: init nftables nat module 2021-01-15 23:55:06 +00:00
hexchen
d1412f0d3b hainich/lantifa: init mediawiki 2021-01-12 18:20:49 +00:00
hexchen
851052014a complete restructure of haccfiles
here be winkekatzen
2021-01-10 23:53:41 +00:00
Renamed from configuration/hosts/hainich/configuration.nix (Browse further)