Tristan Daniël Maat
119db5e1d3
sonnenshift: Init
2024-04-08 20:02:53 +02:00
Tristan Daniël Maat
c161eeb056
backups: Switch to hetzner storage box
2024-03-18 07:30:54 +01:00
Tristan Daniël Maat
329a6c4cf1
foundryvtt: Enable backups
2024-03-12 05:40:49 +01:00
Tristan Daniël Maat
f8789ee4d0
foundryvtt: Mark as running behind a reverse proxy
2024-03-12 05:35:18 +01:00
Tristan Daniël Maat
07f819cc58
coturn: Fix outdated IP address
2024-03-11 21:56:41 +01:00
Tristan Daniël Maat
7affed34f1
nextcloud: Remove unused variable
2024-03-11 04:51:25 +01:00
Tristan Daniël Maat
ddda6f534b
hetzner: Add new server config
2024-03-11 03:42:28 +01:00
Tristan Daniël Maat
54e0826860
gitea: Migrate to forgejo
2024-03-11 00:33:41 +01:00
Tristan Daniël Maat
ebc45a9af1
treewide: Upgrade to NixOS 23.11
2023-12-30 19:41:06 +01:00
Tristan Daniël Maat
eb3bd485c4
metrics: Add size limit to victoriametrics
2023-12-15 17:04:39 +01:00
Tristan Daniël Maat
759a9c7c0c
conduit: Fix acme issue
...
letsencrypt will prod on port 80 to verify the domain. `listen`
overrides `addSSL`, so none of the NixOS modules' setup will actually
work.
This means the conduit virtualhost never listened on port 80, and
couldn't verify letsencrypt requests.
How this *ever* worked is beyond me, but this commit resolves the
problems (don't worry, `forceSSL` does what it says on the tin and
overrides the `listen` again).
2023-10-13 06:08:26 +02:00
Tristan Daniël Maat
55a4aaf48b
metrics: Add metrics with victoriametrics + grafana
2023-10-12 20:41:04 +02:00
Tristan Daniël Maat
87dd9daa4f
backups: Add atomic backups with restic
2023-10-12 20:27:34 +02:00
Tristan Daniël Maat
ab5e088016
conduit: Add Element X support
2023-09-18 04:17:16 +02:00
Tristan Daniël Maat
bb3ffbbd90
nextcloud: Configure redis caching
2023-07-29 18:17:39 +02:00
Tristan Daniël Maat
0c5755d2f0
nextcloud: Upgrade to version 27
2023-07-29 18:17:24 +02:00
Tristan Daniël Maat
88d96f198b
nextcloud: Apply recommended PHP setting
2023-07-28 12:19:00 +02:00
Tristan Daniël Maat
828d3f3878
services: Update outdated options
2023-07-28 11:23:56 +02:00
Tristan Daniël Maat
a3e2d2931c
services: Add FoundryVTT service
2023-05-11 22:22:30 +01:00
Tristan Daniël Maat
14d29fa49d
services: Add wireguard service
2023-05-11 22:09:39 +01:00
Tristan Daniël Maat
74f38614a0
matrix: Add heisenbridge
2023-02-28 04:26:55 +00:00
Tristan Daniël Maat
33ec32a8da
conduit: Update to 0.5.0
2023-02-26 05:59:54 +00:00
Tristan Daniël Maat
f6e39e09a5
gitea: Update configuration for 22.11
2023-01-11 02:38:50 +00:00
Tristan Daniël Maat
b798efb2c0
nextcloud: Update the service and apps for 22.11
2023-01-11 02:38:42 +00:00
Tristan Daniël Maat
a28d385b17
conduit: Enable TURNS with a ZeroSSL-provided certificate
2022-11-05 22:26:52 +00:00
Tristan Daniël Maat
598c439002
conduit: Disable turns, remove the user limits and add all relay IPs
2022-11-05 17:10:39 +00:00
Tristan Daniël Maat
b3e8b0e85c
default.nix: Turn on minimal profile
2022-10-30 18:26:45 +00:00
Tristan Daniël Maat
c72953e1ef
matrix: Add coturn support for calls
2022-10-29 01:39:09 +01:00
Tristan Daniël Maat
c56de6cf7e
conduit: Add new conduit service
2022-10-22 21:22:55 +01:00
Tristan Daniël Maat
61d3008bc3
nextcloud: Fetch apps using nvfetcher
2022-10-17 11:00:02 +01:00
Tristan Daniël Maat
c4fa991b62
treewide: Add fail2ban
2022-10-14 06:27:11 +01:00
Tristan Daniël Maat
1ddf23bd01
nextcloud: Update nextcloud version
2022-10-14 05:58:18 +01:00
Tristan Daniël Maat
068e6d5d77
webserver: Use a hardened systemd unit instead of a container
2022-10-14 05:58:11 +01:00
Tristan Daniël Maat
b6594cea54
gitea: Use a hardened systemd unit instead of a container
2022-10-14 05:58:08 +01:00
Tristan Daniël Maat
3cedb9f978
nextcloud: Use a hardened systemd unit instead of a container
2022-10-14 05:58:05 +01:00
Tristan Daniël Maat
6a81ce4c1d
sops: Improve secrets provisioning to split out staging
2022-10-12 23:22:50 +01:00
Tristan Daniël Maat
7095ab2631
treewide: Remove minecraft server
...
This has fallen into disuse since the big Java vulnerability, and I
have ideas for better ways of doing this. Meanwhile it's making
maintenance and refactoring more difficult.
Hence I'll remove the server completely for the time being.
2022-10-12 13:12:04 +01:00
Tristan Daniël Maat
046a88905d
treewide: Reformat project with alejandra
2022-10-10 13:03:18 +01:00
Tristan Daniël Maat
ed74cfa576
starbound: Fix permissions for a syscall steamcmd needs
2022-04-23 09:31:21 +01:00
Tristan Daniël Maat
cd92ec64c2
Add starbound server
2022-04-23 08:47:13 +01:00
Tristan Daniël Maat
c019187b37
postgres: Upgrade to version 14
2022-01-18 18:54:37 +00:00
Tristan Daniël Maat
b6f39969cc
Fix podman hostnames
...
It seems that with the newest version of podman container names are no
longer added as hostnames, meaning that any attempt to resolve
hostnames with the current config will fail. `localhost` is probably
more robust anyway, so we switch to that.
The bug manifests as broken services because nextcloud/gitea cannot
resolve their databases and nextcloud fails to resolve the php
server. To fix this a running system, the gitea and nextcloud database
configurations will need to be hand-edited, since those values are
only set on initialization, and not updated when changed later.
2022-01-08 02:19:04 +00:00
Tristan Daniël Maat
bd7e4a3193
Fix service uid/gids
2022-01-08 00:33:01 +00:00
Tristan Daniël Maat
90926e2eee
nextcloud: Give nginx access to the nextcloud root
2021-10-13 15:29:12 +01:00
Tristan Daniël Maat
20cda44040
nextcloud: Update nginx config
2021-10-13 14:53:05 +01:00
Tristan Daniël Maat
b16ea49c44
nextcloud: Set TRUSTED_PROXIES
...
Part of #47
2021-10-13 13:27:27 +01:00
Tristan Daniël Maat
a66eac3b17
minecraft: Add automatic restart scheduling
...
This starts/stops the server at 2 pm and 4 am respectively. This
should hopefully fix some of the issues caused by shoddy programming.
2021-08-27 18:10:19 +01:00
Tristan Daniël Maat
6bc37ebdae
minecraft: Limit to a single core instead of limiting the quota
...
Minecraft is anyway supposed to be single-threaded, so if it goes
beyond one core something is very wrong.
2021-08-27 18:09:43 +01:00
Tristan Daniël Maat
4fe3b8b22b
minecraft: Fix ridiculous CPU usage
...
Tapes over https://bugs.mojang.com/browse/MC-183518 , which schedules
things completely stupidly on Linux starting with 1.14.
2021-08-25 20:06:05 +01:00
Tristan Daniël Maat
6b85b9523c
minecraft: Enable command blocks to fix ice and fire ores
2021-08-21 00:20:20 +01:00