Commit Graph

266 Commits

Author SHA1 Message Date
Felix Albrigtsen 2030d4de39 fix-openstack-networking (!47)
Fix networking in Openstack.

This rewrites the systemd-networkd config, fixing both dhcp and manual address/route configurations.
Now, everything should behave predictably, routing NTNU-internal and NTNU-global addresses separately and properly across both ipv4 and ipv6.

Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/47
2024-07-31 11:23:00 +02:00
Felix Albrigtsen 615b5fc1f1 SimpleSAMLPHP/MediaWiki: Update deprecated --replace 2024-07-28 23:28:33 +02:00
Daniel Olsen 8f3013dc00 bekkalokk/gitea: direct non-logged-in users to the explore tab
This is a much more interesting page rather than trying to sell gitea
2024-07-19 21:19:06 +02:00
Øystein Tveit 868764e0cd bekkalokk/mediawiki: misc configuration 2024-07-10 19:04:55 +02:00
Øystein Tveit 7c3ff2068d bekkalokk/mediawiki: add some more extensions 2024-07-10 19:04:36 +02:00
Øystein Tveit f3a29429aa bekkalokk/gitea: set default email notification preference to 'onmention' 2024-07-10 00:18:01 +02:00
Øystein Tveit 1591fdb7cc bekkalokk/mediawiki: re-enable DeleteBatch extension 2024-07-08 19:56:43 +02:00
Øystein Tveit ed28ba28f3 bekkalokk/mediawiki: leave togglable debug flags for future use 2024-07-08 19:55:52 +02:00
h7x4 0301691b1c
gitea: enable notification mails 2024-07-04 20:41:46 +02:00
h7x4 946555e408
gitea: add subject prefix to mail 2024-07-04 20:36:44 +02:00
h7x4 e02062417a
gitea: move state back to /var/lib 2024-07-04 20:31:51 +02:00
h7x4 b2806d78af
gitea: enable lfs 2024-07-04 20:30:55 +02:00
h7x4 de2c7ea6f1
gitea: install custom images to correct dir 2024-07-04 20:29:50 +02:00
Felix Albrigtsen ca2deed668 WIP: all: Update to nixos-24.05 2024-06-30 01:55:25 +02:00
Oystein Kristoffer Tveit bb2f7899db Merge pull request 'bekkalokk/gitea: set default licenses and repo units' (!44) from gitea-set-misc-repo-settings into main
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/44
2024-06-29 23:16:17 +02:00
h7x4 c2b35a7ae4
bekkalokk/gitea: set default licenses and repo units 2024-06-29 23:14:41 +02:00
Felix Albrigtsen c88c3f87e0 buskerud: add libvirtd 2024-06-22 17:36:30 +02:00
Felix Albrigtsen 71479d5ca0 quickfix: bekkalokk/mediawiki: remove DeleteBatch 2024-05-27 11:02:35 +02:00
Felix Albrigtsen cf01792269 bekkalokk/vaultarden: Add kTLS 2024-05-26 10:50:29 +02:00
Felix Albrigtsen 35d745b156 bekkalokk: add vaultwarden 2024-05-26 04:19:17 +02:00
Felix Albrigtsen 1c35da0295 Merge pull request 'bekkalokk: add snappymail' (!39) from bekkalokk-snappymail into main
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/39
2024-05-26 01:52:17 +02:00
Felix Albrigtsen 5fb1b805a8 bekkalokk: add snappymail 2024-05-26 01:07:27 +02:00
Daniel Lovbrotte Olsen 898e362a9f Merge pull request 'bekkalokk/website: add sp metadata for all domains' (!34) from add-sp-metadata-for-all-website-domains into main
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/34
2024-05-14 05:27:44 +02:00
h7x4 bcf2ceed32
gitea: setup mail 2024-05-12 02:26:13 +02:00
Oystein Kristoffer Tveit 200224d2c1 Merge pull request 'bekkalokk: misc gitea cleanup' (!33) from misc-gitea-cleanup into main
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/33
2024-05-12 02:12:55 +02:00
Daniel Olsen dcf29b76b8 bicep/matrix: allow global address of new ildkule to access metrics 2024-04-24 03:03:53 +02:00
Felix Albrigtsen 55e8f01d1d Upgrade ildkule (!36)
This PR is made while moving Ildkule from PVE on joshua, to Openstack on stack.it.ntnu.no.

- The main monitoring dashboard is moved from https://ildkule.pvv.ntnu.no to https://grafana.pvv.ntnu.no.
- A new service is added: uptime-kuma on https://uptime.pvv.ntnu.no.
- The (hardware) configuration for ildkule is updated to fit the new virtualization environment, boot loader, network interfaces, etc.
- Metrics exporters on other hosts should be updated to allow connections from the new host

As this is the first proper server running on openstack, and therefore outside our main IP range, we might discover challenges in our network structure. For example, the database servers usually only allow connections from this range, so Ildkule can no longer access it. This should be explored, documented and/or fixed as we move more services.

Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/36
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
Co-committed-by: Felix Albrigtsen <felix@albrigtsen.it>
2024-04-21 23:36:25 +02:00
h7x4 b7b1c73bfa
bekkalokk/gitea: use systemd unit for gitea customization 2024-04-16 01:02:21 +02:00
h7x4 6851879a03
bekkalokk: remove keycloak 2024-04-14 23:59:46 +02:00
h7x4 70603145cf
bekkalokk/website: add sp metadata for all domains 2024-04-14 17:06:01 +02:00
Felix Albrigtsen 1e4195ea9d bekkalokk: pvv-nettsiden-gallery: Improve thumbnail generation 2024-04-14 02:04:45 +02:00
Daniel Olsen ee335e3712 bicep/synapse: fix registering users via smtp 2024-04-14 01:52:17 +02:00
h7x4 5bed292a01
bekkalokk/gitea: move user import stuff to separate nix file 2024-04-11 21:47:44 +02:00
h7x4 36b7087a3f
base.nix: hotfix for hotfix for nginx on bicep (3352e48f)
Turns out the settings were in biceps local nginx config
2024-04-11 20:41:02 +02:00
oysteikt 1919da7a1c bicep/matrix: remove SAML authentication 2024-04-11 19:55:10 +02:00
h7x4 0950fedf98 bekkalokk/website: fix some nginx location directives 2024-04-11 13:21:11 +02:00
h7x4 614c2d624c
bekkalokk/webmail: add redirects for old webmail locations 2024-04-11 10:47:13 +02:00
Daniel Olsen db211c2304 bekkalokk/website: don't try to listen for ntnu.org 2024-04-11 05:31:33 +02:00
Felix Albrigtsen 79bf307ef2 bekkalokk: Reconfigure www ingress 2024-04-11 00:48:07 +02:00
Felix Albrigtsen 4d50efc6db Finalize www/idp/webmail migration from spikkjeposche to bekkalokk 2024-04-10 23:31:04 +02:00
h7x4 9577477460 bekkalokk/nettsiden: add secrets 2024-04-10 23:04:20 +02:00
Felix Albrigtsen fc19a8f1e1 bekkalokk: Automatically unpack pvv-nettsiden/gallery and generate thumbnails 2024-04-10 23:04:20 +02:00
h7x4 8657e77514 bekkalokk: set up pvv-nettsiden 2024-04-10 23:04:18 +02:00
h7x4 065992620e treewide: nginx optimizations 2024-04-10 22:06:44 +02:00
h7x4 fbbc54328b gitea: add theming module 2024-04-09 01:52:57 +02:00
h7x4 42fd371c3b
mediawiki: restart phpfpm on updated secrets 2024-04-06 23:57:37 +02:00
h7x4 6e1b06731f bekkalokk: add VisualEditor to mediawiki extensions 2024-04-06 21:09:01 +02:00
Felix Albrigtsen 2cb7e06369
bekkalokk/mediawiki: fix path, upgrade security 2024-04-03 08:29:19 +02:00
h7x4 a55c908fe7
bekkalokk/mediawiki: change domain from wiki2 to wiki 2024-04-02 19:54:28 +02:00
h7x4 d531419f35 bekkalokk: init mediawiki
Co-authored-by: Jørn Åne <yorinad@pvv.ntnu.no>
2024-04-01 23:57:39 +02:00
h7x4 806b18ede8 bekkalokk: init idp-simplesamlphp 2024-04-01 23:57:39 +02:00
h7x4 9495682f57 bekkalokk: package mediawiki extensions outside of module 2024-04-01 00:39:12 +02:00
h7x4 266ce9ed08 bekkalokk: set up kerberos client 2024-04-01 00:38:49 +02:00
Daniel Olsen 7c6d4d31c7 bicep/matrix/element: update room directories 2024-03-05 05:52:31 +01:00
Daniel Olsen 9f46be1ca1 bicep/matrix: update element lab flags and room directoriy listings 2024-03-05 05:28:23 +01:00
jovre 545583cf04 bekkalokk/gitea: Do not change the user visibility 2024-03-03 00:29:24 +01:00
Felix Albrigtsen 62b269637a bekkalokk/gitea: unset visibility when updating users 2024-02-12 11:24:14 +01:00
Adrian Gunnar Lauterer 7fd9a1e646
started on bikkje container for new loginbox - work in progress 2024-01-07 01:21:11 +01:00
Daniel Olsen 4ea90380ad bicep/matrix: use synapse package from stable
It's fixed now
2023-12-16 00:22:02 +01:00
Felix Albrigtsen 80ef1ce4fa Buskerud: Remove OV-link, general cleanup 2023-12-12 15:27:20 +01:00
Felix Albrigtsen 2b834eee14 Buskerud: Comment out openvpn-client 2023-12-12 11:39:33 +01:00
Daniel Olsen dd8b677a79 buskerud: bootloader - 3.3TB, OS - 256GB 👍 2023-12-10 05:27:58 +01:00
Daniel Olsen eabd8df3d8 bicep/matrix: use package with fixed pythonEnv 2023-12-10 04:32:26 +01:00
h7x4 0b5e03471f
upgrade to nixpkgs 23.11 2023-12-05 00:36:09 +01:00
Daniel Lovbrotte Olsen d8031ecca1 Merge pull request 'replace-knakelibrak-nginx-reverse-proxy' (#18) from replace-knakelibrak-nginx-reverse-proxy into main
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/18
2023-12-03 07:01:13 +01:00
h7x4 8ced91a285
hosts/buskerud: init
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
2023-11-30 19:42:05 +01:00
Daniel Olsen 1ef033c754
bekkalokk/ingress: proxy matrix well-known files to bicep 2023-11-28 10:24:18 +01:00
Felix Albrigtsen d900dc1b1b
Redirect subpages like ./well-known, add @-domains 2023-11-28 10:24:18 +01:00
h7x4 d5985e02f3
Prepare to replace knakelibrak
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
2023-11-28 10:23:02 +01:00
Daniel Olsen 2c42b120a6 Merge branch 'extend_smtp' 2023-11-28 08:39:15 +01:00
Daniel Olsen 27ba3f7a7f bicep/matrix: serve server well-known 2023-11-28 08:36:56 +01:00
Daniel Olsen c1c58122ea bicep/matrix: Improve flexibility of username login
It should be possible to log in  with @username:pvv.ntnu.no now
That way client well-known in third party clients will work

it might also fix the weird logout of session issues in element
2023-11-28 05:14:04 +01:00
Oystein Kristoffer Tveit 54a54ad0f5 Merge pull request 'Roundcube testing on bekkalokk now working.' (#14) from roundcube into main
Reviewed-on: https://bekkalokk.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/14
2023-11-26 05:17:28 +01:00
h7x4 2a1e649eed bekkalokk: fix roundcube, and move to webmail2.pvv.ntnu.no/roundcube 2023-11-26 05:05:15 +01:00
Daniel Olsen d7638138ed brzeczyszczykiewicz: add bokhylle as alias for the grzegorz service 2023-11-26 02:36:23 +01:00
Adrian Gunnar Lauterer c8d383c9ab bekkalokk-roundcube init at roundcube.pvv.ntnu.no 2023-11-25 21:23:06 +01:00
Daniel Olsen c4df999058 bob: init
Cool beeg nix builder
for now anyways
2023-11-05 06:06:57 +01:00
h7x4 3caa66fb64
rename input: unstable -> nixpkgs-unstable 2023-11-05 01:22:48 +01:00
Daniel Olsen b458801f95 Revert "bekkalokk: add wackattack ctf systemd service"
CTF is over

This reverts commit fa843c4a59.
2023-10-30 09:03:27 +01:00
h7x4 fa843c4a59
bekkalokk: add wackattack ctf systemd service 2023-10-26 22:10:30 +02:00
Daniel Olsen e07945d49c bicep/matrix: enable sliding sync 2023-10-22 02:33:40 +02:00
Daniel Olsen 32885891fe bicep/matrix: enable smtp auth
yolo lmao
2023-10-22 01:59:25 +02:00
Daniel Olsen 9b44087693 bekkalokk/gitea: make import user script run by default
Systemd stuff are generally turned on by default but need to be wanted

Much like me
2023-10-14 22:47:56 +02:00
Daniel Olsen be341622fe georg: init 2023-09-17 04:57:30 +02:00
Daniel Olsen 87a7b17b49 brzeczyszczykiewicz: init 2023-09-17 04:57:30 +02:00
h7x4 5c529a0233 Fix gitea runners, add 2 more
The gitea runners are now activated correctly,
has support for both debian and ubuntu based systems,
and can will connect to the gitea server through the
loopback interface
2023-09-17 04:05:08 +02:00
Oystein Kristoffer Tveit bc678b5d51 Merge pull request 'Bekkalokk: Enable podman' (#11) from add-gitea-ci into main
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/11
2023-09-16 22:38:23 +02:00
Amalie Mansåker ade2f6f5c9 Bekkalokk: Enable podman 2023-09-16 22:38:15 +02:00
Oystein Kristoffer Tveit 5c37b71646 Merge pull request 'Setup gitea action runner' (#10) from add-gitea-ci into main
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/10
2023-09-16 22:31:22 +02:00
Amalie Mansåker 76f18b459c Setup gitea action runner 2023-09-16 22:26:44 +02:00
Oystein Kristoffer Tveit 97cd5a235f Merge pull request 'Gitea enabled actions' (#9) from add-gitea-ci into main
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/9
2023-09-16 21:51:43 +02:00
Amalie Mansåker e5fac39ce8 Enabled actions 2023-09-16 21:51:13 +02:00
Daniel Olsen f53c0c6eb5 bicep/synapse: Move database configuration out of secrets 2023-09-16 21:38:39 +02:00
Daniel Olsen 816997b74f bicep/nginx: increase workers and enable modern compression
Should decrease latency
2023-09-13 11:01:09 +02:00
Daniel Olsen 06322a26fc bicep/postgres: enable jit again, make more memory available 2023-09-13 05:22:23 +02:00
Daniel Olsen a58101bfbc Remove deprecated hosts and clean up 2023-09-13 05:03:57 +02:00
Daniel Olsen d3b363b028 bicep: Remove deprecated grub version option 2023-09-13 04:54:46 +02:00
Daniel Olsen 4a6ea9be2d bicep/synapse: define registration secret properly 2023-09-13 04:53:56 +02:00
Daniel Olsen f92ebbee16 bicep/synapse: use postgres unix socket 2023-09-13 04:16:22 +02:00
Daniel Olsen 201e3d306b bicep: Revert postgres socket stuff 2023-09-13 03:58:29 +02:00