h7x4
806b18ede8
bekkalokk: init idp-simplesamlphp
2024-04-01 23:57:39 +02:00
h7x4
9495682f57
bekkalokk: package mediawiki extensions outside of module
2024-04-01 00:39:12 +02:00
h7x4
266ce9ed08
bekkalokk: set up kerberos client
2024-04-01 00:38:49 +02:00
Daniel Olsen
7c6d4d31c7
bicep/matrix/element: update room directories
2024-03-05 05:52:31 +01:00
Daniel Olsen
9f46be1ca1
bicep/matrix: update element lab flags and room directoriy listings
2024-03-05 05:28:23 +01:00
jovre
545583cf04
bekkalokk/gitea: Do not change the user visibility
2024-03-03 00:29:24 +01:00
Felix Albrigtsen
62b269637a
bekkalokk/gitea: unset visibility when updating users
2024-02-12 11:24:14 +01:00
Adrian Gunnar Lauterer
7fd9a1e646
started on bikkje container for new loginbox - work in progress
2024-01-07 01:21:11 +01:00
Daniel Olsen
4ea90380ad
bicep/matrix: use synapse package from stable
...
It's fixed now
2023-12-16 00:22:02 +01:00
Felix Albrigtsen
80ef1ce4fa
Buskerud: Remove OV-link, general cleanup
2023-12-12 15:27:20 +01:00
Felix Albrigtsen
2b834eee14
Buskerud: Comment out openvpn-client
2023-12-12 11:39:33 +01:00
Daniel Olsen
dd8b677a79
buskerud: bootloader - 3.3TB, OS - 256GB 👍
2023-12-10 05:27:58 +01:00
Daniel Olsen
eabd8df3d8
bicep/matrix: use package with fixed pythonEnv
2023-12-10 04:32:26 +01:00
h7x4
0b5e03471f
upgrade to nixpkgs 23.11
2023-12-05 00:36:09 +01:00
Daniel Lovbrotte Olsen
d8031ecca1
Merge pull request 'replace-knakelibrak-nginx-reverse-proxy' ( #18 ) from replace-knakelibrak-nginx-reverse-proxy into main
...
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/18
2023-12-03 07:01:13 +01:00
h7x4
8ced91a285
hosts/buskerud: init
...
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
2023-11-30 19:42:05 +01:00
Daniel Olsen
1ef033c754
bekkalokk/ingress: proxy matrix well-known files to bicep
2023-11-28 10:24:18 +01:00
Felix Albrigtsen
d900dc1b1b
Redirect subpages like ./well-known, add @-domains
2023-11-28 10:24:18 +01:00
h7x4
d5985e02f3
Prepare to replace knakelibrak
...
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
2023-11-28 10:23:02 +01:00
Daniel Olsen
2c42b120a6
Merge branch 'extend_smtp'
2023-11-28 08:39:15 +01:00
Daniel Olsen
27ba3f7a7f
bicep/matrix: serve server well-known
2023-11-28 08:36:56 +01:00
Daniel Olsen
c1c58122ea
bicep/matrix: Improve flexibility of username login
...
It should be possible to log in with @username:pvv.ntnu.no now
That way client well-known in third party clients will work
it might also fix the weird logout of session issues in element
2023-11-28 05:14:04 +01:00
Oystein Kristoffer Tveit
54a54ad0f5
Merge pull request 'Roundcube testing on bekkalokk now working.' ( #14 ) from roundcube into main
...
Reviewed-on: https://bekkalokk.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/14
2023-11-26 05:17:28 +01:00
h7x4
2a1e649eed
bekkalokk: fix roundcube, and move to webmail2.pvv.ntnu.no/roundcube
2023-11-26 05:05:15 +01:00
Daniel Olsen
d7638138ed
brzeczyszczykiewicz: add bokhylle as alias for the grzegorz service
2023-11-26 02:36:23 +01:00
Adrian Gunnar Lauterer
c8d383c9ab
bekkalokk-roundcube init at roundcube.pvv.ntnu.no
2023-11-25 21:23:06 +01:00
Daniel Olsen
c4df999058
bob: init
...
Cool beeg nix builder
for now anyways
2023-11-05 06:06:57 +01:00
h7x4
3caa66fb64
rename input: unstable -> nixpkgs-unstable
2023-11-05 01:22:48 +01:00
Daniel Olsen
b458801f95
Revert "bekkalokk: add wackattack ctf systemd service"
...
CTF is over
This reverts commit fa843c4a59
.
2023-10-30 09:03:27 +01:00
h7x4
fa843c4a59
bekkalokk: add wackattack ctf systemd service
2023-10-26 22:10:30 +02:00
Daniel Olsen
e07945d49c
bicep/matrix: enable sliding sync
2023-10-22 02:33:40 +02:00
Daniel Olsen
32885891fe
bicep/matrix: enable smtp auth
...
yolo lmao
2023-10-22 01:59:25 +02:00
Daniel Olsen
9b44087693
bekkalokk/gitea: make import user script run by default
...
Systemd stuff are generally turned on by default but need to be wanted
Much like me
2023-10-14 22:47:56 +02:00
Daniel Olsen
be341622fe
georg: init
2023-09-17 04:57:30 +02:00
Daniel Olsen
87a7b17b49
brzeczyszczykiewicz: init
2023-09-17 04:57:30 +02:00
h7x4
5c529a0233
Fix gitea runners, add 2 more
...
The gitea runners are now activated correctly,
has support for both debian and ubuntu based systems,
and can will connect to the gitea server through the
loopback interface
2023-09-17 04:05:08 +02:00
Oystein Kristoffer Tveit
bc678b5d51
Merge pull request 'Bekkalokk: Enable podman' ( #11 ) from add-gitea-ci into main
...
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/11
2023-09-16 22:38:23 +02:00
Amalie Mansåker
ade2f6f5c9
Bekkalokk: Enable podman
2023-09-16 22:38:15 +02:00
Oystein Kristoffer Tveit
5c37b71646
Merge pull request 'Setup gitea action runner' ( #10 ) from add-gitea-ci into main
...
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/10
2023-09-16 22:31:22 +02:00
Amalie Mansåker
76f18b459c
Setup gitea action runner
2023-09-16 22:26:44 +02:00
Oystein Kristoffer Tveit
97cd5a235f
Merge pull request 'Gitea enabled actions' ( #9 ) from add-gitea-ci into main
...
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/9
2023-09-16 21:51:43 +02:00
Amalie Mansåker
e5fac39ce8
Enabled actions
2023-09-16 21:51:13 +02:00
Daniel Olsen
f53c0c6eb5
bicep/synapse: Move database configuration out of secrets
2023-09-16 21:38:39 +02:00
Daniel Olsen
816997b74f
bicep/nginx: increase workers and enable modern compression
...
Should decrease latency
2023-09-13 11:01:09 +02:00
Daniel Olsen
06322a26fc
bicep/postgres: enable jit again, make more memory available
2023-09-13 05:22:23 +02:00
Daniel Olsen
a58101bfbc
Remove deprecated hosts and clean up
2023-09-13 05:03:57 +02:00
Daniel Olsen
d3b363b028
bicep: Remove deprecated grub version option
2023-09-13 04:54:46 +02:00
Daniel Olsen
4a6ea9be2d
bicep/synapse: define registration secret properly
2023-09-13 04:53:56 +02:00
Daniel Olsen
f92ebbee16
bicep/synapse: use postgres unix socket
2023-09-13 04:16:22 +02:00
Daniel Olsen
201e3d306b
bicep: Revert postgres socket stuff
2023-09-13 03:58:29 +02:00
Daniel Olsen
437219bb68
bicep/postgres: Enable unix socket auth
2023-09-13 00:52:27 +02:00
Felix Albrigtsen
d96c30bbd5
Fix calendar-bot timer
2023-09-12 18:23:20 +02:00
Felix Albrigtsen
36b768b3b2
( ͡° ͜ʖ ͡°)
2023-09-08 02:33:22 +02:00
Felix Albrigtsen
9f36bd86a8
Update calendar bot details
2023-09-08 02:25:23 +02:00
Felix Albrigtsen
1370ccddf8
Initialize host: shark
2023-09-08 02:11:02 +02:00
Daniel Lovbrotte Olsen
cfcd230678
Merge pull request 'Fix gitea on bekkalokk' ( #7 ) from configure-gitea into main
...
Reviewed-on: https://git.pvv.ntnu.no/Drift/pvv-nixos-config/pulls/7
2023-09-07 18:54:24 +02:00
h7x4
1afc8841a9
bekkalokk/nginx: remove commented virtualhost for mediawiki
2023-09-07 18:53:05 +02:00
h7x4
b4b6b4971a
bekkalokk/gitea: misc changes
...
- change domain from git2 to git1
- enable internal SSH serer
- enable code search
- add custom logos
- update import-user-script to ignore GECOS fields
2023-09-07 18:53:05 +02:00
oysteikt
b52753987d
bicep: use mysql on bicep as production server
2023-09-07 18:40:13 +02:00
Felix Albrigtsen
3beb76e411
Add pvv-calendar-bot to bicep
2023-08-27 02:36:01 +02:00
Daniel Olsen
bfe94003c4
bicep/matrix/discord: enable legacy authorization because old mx-puppet-discord 😭
2023-08-18 00:54:06 +02:00
oysteikt
a5c83866ca
bicep: setup ACME cert for postgres
2023-08-12 02:55:20 +02:00
oysteikt
34a16149f8
ildkule: add config for prometheus_mysqld_exporter
...
There's a PR waiting to add this module to nixpkgs,
so we should enable this once it gets merged.
2023-07-10 00:06:27 +02:00
oysteikt
998e66db65
bicep: enable mysql
2023-07-10 00:06:09 +02:00
Daniel Olsen
699569249a
ildkule: adjust matrix version annotations for nixos matrix module
2023-06-20 14:01:44 +02:00
Daniel Olsen
e73b7d2cd1
ildule: fix upstream dashboard variables
2023-06-20 13:46:00 +02:00
Daniel Olsen
ff30477e86
ildule: Update matrix dashboard from upstream
2023-06-20 13:20:42 +02:00
Felix Albrigtsen
8f55ef3193
Bekkalokk: Configure Gitea, clean web services
...
Update bekkalokk secrets format
Update gitea keys and firewall rules
Create gitea-user-import script
Fix SSH host key verification
Gitea-import-users bug squashification
Fix Gitea-import SSH problems
2023-06-05 19:41:25 +02:00
Daniel Olsen
d694724f5c
bicep/synapse: Set event cache to 20K
...
This is double the cache from default
changed because we're seeing periodic cpu spikes
with this cache beeing the main one missing
2023-05-26 02:22:18 +02:00
Daniel Olsen
68ce7acebb
Revert "bicep: Emergency fix for matrix postgres auth"
...
This reverts commit fdbcd8c884
.
This was not it
2023-05-23 05:12:46 +02:00
Daniel Olsen
fdbcd8c884
bicep: Emergency fix for matrix postgres auth
...
I think
2023-05-23 04:59:34 +02:00
Daniel Olsen
815063744b
bicep/postgres: Remove jit setting
...
The nixos build of postgres doesn't support it anyways
2023-05-23 04:57:18 +02:00
Daniel Olsen
dfd827ee74
Clean up jokum removal
2023-05-23 04:29:45 +02:00
Felix Albrigtsen
9ccfb6cbed
Merge branch 'bekkalokk-metrics'
2023-05-21 04:04:29 +02:00
Felix Albrigtsen
1335ab1d4b
Add metrics exporters to bekkalokk
2023-05-21 04:03:14 +02:00
felixalb
69be23712f
Merge branch 'bicep-metrics' of Drift/pvv-nixos-config into main
2023-05-21 03:47:53 +02:00
Felix Albrigtsen
ce58f91e16
Add metrics exporters to bicep
2023-05-21 03:47:02 +02:00
Felix Albrigtsen
8ccf9e9298
Update keys and re-enable web services
2023-05-21 02:29:14 +02:00
Felix Albrigtsen
8b70d84f41
bekkalokk: hardware-config for baremetal
2023-05-21 00:06:25 +02:00
h7x4
cd0c8c8198
bekkalokk: continue work on mediawiki service
2023-05-19 03:03:47 +02:00
h7x4
c11a804097
bicep: set up mysql/mariadb
2023-05-18 15:40:13 +02:00
Daniel Olsen
4ff5da28c4
bicep: nginx listen on bicep ip
2023-05-08 03:38:59 +02:00
Daniel Olsen
ee73a964be
move matrix to bicep
2023-05-08 03:38:59 +02:00
h7x4
dcbe6871da
bekkalokk: setup keycloak
2023-05-07 00:34:42 +02:00
h7x4
0e75e0a5b9
bicep: add backup service
2023-05-06 19:07:10 +02:00
Daniel Olsen
f77a5e946f
bicep: mount /data
2023-04-08 05:23:01 +02:00
Daniel Olsen
bac67ee123
bicep: don't wait for all interfaces and especially not jokums
2023-04-07 04:53:36 +02:00
Daniel Olsen
38e3202c9e
Move more of jokum
...
slightly less stupid this time
2023-03-26 14:44:58 +02:00
Daniel Olsen
7620fb3dee
move jokum to nixos bicep
2023-03-26 06:36:04 +02:00
h7x4
dfe8b8b44c
bicep: added postgres settings
2023-03-26 01:50:00 +01:00
h7x4
169f774e81
bicep dead, but maybe soon bicep alive
2023-03-26 01:09:44 +01:00
Felix Albrigtsen
2568800794
Add andresbu to node-exporter targets
2023-03-12 00:41:36 +01:00
Daniel Olsen
d9c19385fa
synapse: cache more event_auth
2023-03-08 03:18:57 +01:00
Daniel Olsen
70f4777696
fix synapse dashboard
2023-03-04 05:11:40 +01:00
Daniel Olsen
db69d28b42
Revert "metrics: Fix Synapse dashboard"
...
This reverts commit beb8df8fc7
.
2023-03-04 03:14:54 +01:00
Daniel Olsen
8f23d7ba06
jokum: don't use host resolv.conf
2023-03-04 03:04:32 +01:00
Daniel Olsen
3252a3b5d1
turn on jokum
2023-03-04 02:03:37 +01:00
Daniel Olsen
8e819b5546
fix ip for bekkalokk
2023-03-04 00:57:28 +01:00
Daniel Olsen
6cf831a347
switch to networkd
2023-03-04 00:44:30 +01:00
Daniel Olsen
af955c88f8
jokum: move to systemd-nspawn container on bicep
2023-02-26 19:23:00 +01:00
Daniel Olsen
eed3c9b05f
matrix: Point mjolnir directly at synapse so it can use the admin api
2023-02-13 03:42:52 +01:00
Daniel Olsen
7a9759ef71
matrix: Add mjolnir as a moderation bot
2023-02-13 02:34:11 +01:00
Daniel Olsen
4684cd239a
matrix: enable shared secret registration
2023-02-13 00:58:15 +01:00
Daniel Olsen
c0c0dea069
tune worker distribution post fosdem and turning off prescence
2023-02-06 02:11:07 +01:00
Daniel Olsen
9c18a87866
element: disable presence if disabled in synapse
2023-02-02 18:51:47 +01:00
Daniel Olsen
73aa42a5f5
synapse: Disable presence
...
For now at least until we move to a stronger
machine.
Most large servers don't have this enabled.
2023-02-02 18:39:08 +01:00
Daniel Olsen
eade192132
synapse: bump federation receiver count to 3
2023-02-02 00:35:26 +01:00
Daniel Olsen
beb8df8fc7
metrics: Fix Synapse dashboard
...
Some of the panels were set to the wrong
datasource
Additionally since we don't do MAU limits,
I moved the relevant MAU panel to Overview
2023-02-01 22:54:54 +01:00
Daniel Olsen
1a424c79fe
synapse: track monthly active users
2023-02-01 19:42:49 +01:00
h7x4
796155481f
Add host `bekkalokk`
...
`bekkalokk` is a new machine, meant to host web services and eventually
miscellaneous services.
2023-01-29 01:51:35 +01:00
h7x4
efc8eb7ffc
ildkule: add postgres exporter for knakelibrak
2023-01-26 02:16:52 +01:00
Felix Albrigtsen
84b57bb4db
Provision go dashboard for gogs
2023-01-23 14:48:26 +01:00
Felix Albrigtsen
b4e74a3959
Add node and gogs metrics collection to prometheus
2023-01-23 13:12:46 +01:00
h7x4
a78f120a65
explicitly state nginx listen addresses
2023-01-22 17:46:48 +01:00
h7x4
3880190577
ildkule: add postgres dashboard to grafana
2023-01-22 02:28:19 +01:00
h7x4
171fea39bc
ildkule: switch grafana db from sqlite to postgres
2023-01-22 02:18:21 +01:00
h7x4
2bc5d7d91e
ildkule: set up postgres metrics exporter
2023-01-22 00:47:22 +01:00
h7x4
a7408b8800
ildkule: restructure prometheus config
2023-01-21 20:08:36 +01:00
h7x4
ad75cb0c88
Restructure values file to separate hosts from services
2023-01-21 19:54:20 +01:00
Daniel Olsen
94fc936251
ildkule: use ip addressess from values.nix
2023-01-21 11:45:05 +01:00
Felix Albrigtsen
ecfde9f56a
Update ildkule IPv6-address
2023-01-20 11:40:42 +01:00
Daniel Olsen
1a0880086a
metrics: use matrix-lib to simplify generation of prometheus scrape config
2023-01-20 08:24:02 +01:00
Daniel Olsen
efed13c810
Revert "metrics: stop parsing prometheus labels from url"
...
This reverts commit 1524b6b10c
.
Prometheus doesn't allow scraping from uris only socketAddresses
The relabeling is to change the internal labels to trick it to read
from a url
2023-01-20 05:04:16 +01:00
h7x4
1524b6b10c
metrics: stop parsing prometheus labels from url
2023-01-20 01:15:45 +01:00
Daniel Olsen
90e924c083
synapse: also generate metric config for the master node
2023-01-18 04:04:42 +01:00
h7x4
c8d26e3c81
synapse: generate metric endpoints automatically
2023-01-18 02:55:05 +01:00
Daniel Olsen
1330c9575f
metrics/dashboards/synapse: update default timeframe
2023-01-17 18:57:32 +01:00
danio
4a82d22a56
Merge branch 'jokum_logs' of Drift/pvv-nixos-config into main
2023-01-17 18:50:41 +01:00
Daniel Olsen
64d0253aa0
I dont think the nginx config verifier has caught a single configuration error ever
2023-01-17 18:47:08 +01:00
Daniel Olsen
1ea40456a5
add ipv6 to allowed ip addresses for metrics exporters
2023-01-17 18:23:42 +01:00
Daniel Olsen
524bbdb78b
ildkule/dashboard/synapse: Make zooming out on the cpu graph aggregate max cpu instead of avg
2023-01-17 17:37:44 +01:00
Daniel Olsen
5b798b2f1d
jokum: enable metric exporters
2023-01-17 17:28:47 +01:00
Daniel Olsen
96b6dee404
Add firewalling to metric exporters
2023-01-17 17:28:11 +01:00
Daniel Olsen
e4cb215d39
Simplify networking configs
...
Introduces values.nix, a place to store information relevant across systems
2023-01-17 17:28:11 +01:00
Felix Albrigtsen
e679c7d27a
Add bicep and hildring to monitoring
2023-01-17 13:47:48 +01:00
Felix Albrigtsen
084313e01d
Add ildkule to prometheus targets
2023-01-14 22:45:01 +01:00
Felix Albrigtsen
40c67c6153
Removed motd extras
2022-12-20 23:15:52 +01:00
Felix Albrigtsen
f6cc25cdaf
Add synapse monitoring with prometheus
2022-12-20 23:11:46 +01:00
Felix Albrigtsen
a45a08db57
Cleanup ildkule configs
2022-12-20 23:11:46 +01:00
Felix Albrigtsen
fcdce57a3d
SSL and loki network config
2022-12-20 18:11:32 +01:00
Felix Albrigtsen
c0b5932432
Improve grafana config, enable boltdb-shipper
2022-12-20 18:11:32 +01:00
Felix Albrigtsen
ed46e9af61
Add a default dashboard
2022-12-20 18:11:32 +01:00
Felix Albrigtsen
a2f71ba120
ildkule-grafana upgrades
2022-12-20 18:11:32 +01:00
Felix Albrigtsen
2236863f09
Add a new metrics stack
2022-12-20 18:11:32 +01:00
Felix Albrigtsen
1de68ee0e2
ildkule: hardware-configuration.nix
2022-12-20 18:11:28 +01:00
Felix Albrigtsen
1429a1b51b
Simplify nginx on ildkule
2022-12-20 18:06:49 +01:00
Felix Albrigtsen
6b1f0eb090
Add host ildkule
2022-12-17 21:51:43 +01:00
Daniel Olsen
44f2b6d8d8
fed-sender2 metrics
2022-12-14 10:26:28 +01:00
Daniel Olsen
154e12e609
add another federation sender as one is being maxed out
2022-12-14 10:25:29 +01:00
Daniel Olsen
8a3219e8d1
user directory worker
2022-12-14 10:15:37 +01:00