stuebinm
49fa2325f3
sops-nix proof of concept
...
this is currently deployed and appears to be working. please everyone
have a look at it & then decide if we want to use this for the other
secrets as well.
2023-04-19 20:08:45 +02:00
stuebinm
a3689d1c76
mattermost: 7.1.7 → 7.1.8
...
this is a security update, see
https://mattermost.com/blog/mattermost-security-updates-7-9-2-7-8-3-esr-7-7-4-7-1-8-esr-released/
for more.
2023-04-15 19:02:42 +02:00
stuebinm
eda184ee48
netbox: remove python override workaround
...
this is currently unused anyways, but in case we ever do need it again,
https://github.com/NixOS/nixpkgs/pull/223268 has removed the need for
the weird override workaround.
2023-04-05 23:04:59 +02:00
stuebinm
8d9df0e20e
mattermost: 7.1.4 → 7.1.7
...
apparently the 7.1.x series is now old enough that even though it
does still get security fixes, the mattermost team no longer mentions
this on their blog, so we missed out on a couple. fun!
2023-03-24 03:49:37 +01:00
stuebinm
fb3c1b0a96
symlink haccfiles into /etc/haccfiles
...
upsides:
- we will no longer get confused about which state is currently deployed
downsides:
- deploys get slower, since it has to uploads the entire haccfiles each time
2023-03-23 15:29:29 +01:00
stuebinm
b30df7ea6d
unbreak tracktrain css
2023-03-16 15:03:13 +01:00
stuebinm
26f3f98a9c
update inputs
2023-03-15 21:50:48 +01:00
Moira
f91ea850bc
mail: reenable recieving mail on noreply@
...
because mail providers are sending out abuse mails for fbls they're
causing *shrung*
2023-03-15 19:06:36 +01:00
stuebinm
a6d21f4fd9
make working on websites nicer
...
(since every time we have to change anything on these I get annoyed at
having to remember how to build these. Now you can just use `nix run`!)
2023-02-24 17:33:48 +01:00
stuebinm
7fd1c9ff80
remove the default.nix file
...
(why did we keep this around? in any case, it's broken)
2023-02-24 16:11:43 +01:00
Moira
ba91526fc8
common/users: add new ssh-key for moira
2023-02-23 17:24:48 +01:00
stuebinm
72c16d9e1c
nicer container configs
...
today i woke up to the realisation that there's an extremely obvious way
to make these nicer, & then i did exactly that. For some reason I did
not think of this when originally removing the dependency to nix-hexchen's
evalConfig.
unfortunately, this is not /quite/ a no-op. The only actual change is
different whitespace in some of the semantically-equivalent
coredns-configs that got unified.
2023-02-18 14:45:14 +01:00
stuebinm
aa62e616a3
common/users: remove an old ssh key
2023-02-16 01:40:14 +01:00
stuebinm
30510a3194
tracktrain: don't start before network.target
...
i hope this is the correct option; the last one apparently wasn't
enough.
2023-02-16 01:38:35 +01:00
stuebinm
dc1bdb2682
websites/infra4future.de: further edits
...
(also remove the link to hacc.wiki, that's kinda outdated)
2023-02-16 01:22:08 +01:00
stuebinm
5fee4c445d
websites/infra: update group explanation
2023-02-16 01:22:08 +01:00
stuebinm
9ac7307672
update websites
2023-02-16 01:22:08 +01:00
stuebinm
26f91fac20
parsons: fix nix auto gc
2023-02-15 21:23:44 +01:00
stuebinm
9185f3e0ab
update inputs
2023-02-13 20:43:09 +01:00
stuebinm
2e74ca9b35
tracktrain: remove cors header
...
this is almost certainly not needed anymore. i think.
2023-01-30 21:00:54 +01:00
stuebinm
4c456eae1c
tracktrain: don't open firewall twice
...
just to cause less confusion down the line
2023-01-30 15:00:13 +01:00
stuebinm
7a3e65a3f5
working tracktrain + monitoring
2023-01-22 20:03:11 +01:00
stuebinm
9af819b4b8
init tracktrain
2023-01-22 02:25:07 +01:00
Moira
82e2831d3a
common/users: update terrus key
2023-01-10 19:20:47 +01:00
stuebinm
15c49c657f
update inputs
2023-01-06 17:45:43 +01:00
stuebinm
87fd563ad3
remove netbox
2023-01-06 16:23:05 +01:00
stuebinm
eb7183ac54
services/mattermost: security update 7.1.4 → 7.1.5
2023-01-02 22:51:16 +01:00
stuebinm
1a54dbd191
alps: please don't start if there's no mailserver yet
2022-12-17 16:37:18 +01:00
stuebinm
015f66d749
netbox: fix uffd secret path
...
(turns out it's not a good idea to put it into a non-persistant directory)
2022-12-17 16:36:53 +01:00
hexchen
ba5bcf601c
flake: update nix-hexchen and remove reference to deploy
2022-12-17 16:00:53 +01:00
stuebinm
9363c9e004
services/alps: use the nixos module
...
(since nixos 22.11 comes with one)
2022-12-17 15:56:06 +01:00
stuebinm
34a147afe6
python 3.9 -> python 3.10
...
(nixos 22.11 changed the default version, so some of our stuff broke)
2022-12-17 15:54:31 +01:00
stuebinm
1720b7bf81
update inputs
2022-12-16 22:56:28 +01:00
stuebinm
bb24ce8b87
nixos-22.11: fix module warnings
...
(also wow nextcloud encryption is apparently broken. colour me surprised!)
2022-12-16 22:56:28 +01:00
stuebinm
7e00264911
update inputs to nixos-22.11
...
(note that simple-nixos-mailserver is not updated since it doesn't
have a 22.11 release yet)
2022-12-16 22:56:28 +01:00
Moira
c5a0f13884
remove lantifa: apparently dead
2022-12-13 23:52:48 +01:00
Moira
bcc27eba11
netbox: add Media_Root
2022-12-13 23:47:28 +01:00
Moira
c28e533257
services/netbox: fix access to static directory
2022-12-10 13:18:02 +01:00
stuebinm
84dab162c1
don't vendor the netbox package definition
...
(because there's a simpler but also more cursed way of doing it instead)
2022-12-09 14:08:17 +01:00
stuebinm
f75429781d
netbox uff(d)
2022-12-09 02:53:48 +01:00
stuebinm
5a28a55f01
netbox yolo
2022-12-08 23:30:02 +01:00
stuebinm
3df1ec0436
services/nextcloud: update to 25
...
(this has already been deployed for over a week, but apparently no one
thought to commit it)
2022-12-06 19:45:47 +01:00
stuebinm
b15f303107
mattermost: update to 7.1.4
2022-11-26 16:39:02 +01:00
stuebinm
0f4957d860
tell parsons it's called parsons
...
(i guess this was lost along with hexchen's nix deploy module?)
2022-11-26 00:08:53 +01:00
stuebinm
ea2d89fa84
make fish my default shell
2022-11-26 00:08:38 +01:00
stuebinm
7fa5939cf9
reduce lockfile size
2022-11-25 22:50:29 +01:00
stuebinm
12da955842
nix: enable 'experimental feature' flakes by default
2022-11-19 15:23:03 +01:00
stuebinm
0127b30566
add deploy-rs gc roots to .gitignore
2022-11-19 15:18:32 +01:00
Moira
5a0496a8f7
do unspeakable things to flake.lock
2022-11-15 15:34:59 +01:00
stuebinm
d11c388f31
deploy-rs: disable auto-rollback by default
...
(as per Moira's request)
2022-11-15 15:19:36 +01:00