tlaternet/tlaternet-server
1
0
Fork 0
Code Issues11 Pull requests Releases Activity
261 commits 5 branches 0 tags 154 MiB
Commit graph

129 commits

Author SHA1 Message Date
Tristan Daniël Maat 5be7d3f10e
fix(vm): Make sops not break if running without battery manager 2025-02-11 05:01:39 +08:00
Tristan Daniël Maat 07b5064a85
feat(metrics): Add blackbox exporter 2025-02-11 05:01:38 +08:00
Tristan Daniël Maat 92f5040cbc
fix(grafana): Fix root URL 2025-02-11 05:01:38 +08:00
Tristan Daniël Maat c939b935bf
feat(conduit): Refactor matrix appservices and add matrix-hookshot 2025-02-11 05:01:37 +08:00
Tristan Daniël Maat e11b6f810b
feat(crowdsec): Switch to whitelisting wireguard IP 
My IP address is not static, and grafana seems to comfortably produce
enough traffic to get me IP banned.
 2025-02-08 05:29:56 +08:00
Tristan Daniël Maat e1989a6009
fix(crowdsec): Filter out events against matrix 2025-02-08 05:29:55 +08:00
Tristan Daniël Maat 78c81a1028
feat(acme): Switch to porkbun 2025-02-01 18:20:22 +08:00
Tristan Daniël Maat 68450870cf
feat(crowdsec-service): Add nginx monitoring 2025-02-01 18:01:00 +08:00
Tristan Daniël Maat 40187d4b2d
feat: Add crowdsec to replace fail2ban 2025-02-01 00:08:31 +08:00
Tristan Daniël Maat 22981fdcdd
feat: Remove fail2ban 2025-02-01 00:08:29 +08:00
Tristan Daniël Maat cf751d0199
feat: Don't run battery manager in test VM 2025-02-01 00:08:29 +08:00
Tristan Daniël Maat 37c4613ab3
fix: Add gateway for internet access in test envs 2025-02-01 00:08:28 +08:00
Tristan Daniël Maat 9efc952c7c
bump: Update nextcloud 2025-01-19 18:13:22 +08:00
Tristan Daniël Maat 22e1ab6095
chore: Remove nextcloud apps that I don't really use anymore 2025-01-19 17:48:49 +08:00
Tristan Daniël Maat b3be7bd88f
bump: Update to NixOS 24.11 2025-01-19 17:40:30 +08:00
Tristan Daniël Maat 34f88ee8d5
chore: Remove afvalcalendar 2025-01-19 17:40:29 +08:00
Tristan Daniël Maat 84759f564a
Sigh... 2025-01-19 17:40:28 +08:00
Tristan Daniël Maat cbbe555f07
bump: Update nextcloud 2024-10-25 00:17:29 +02:00
Tristan Daniël Maat 04f7a7ef1d
treewide: Use nixfmt for formatting 2024-08-18 20:41:20 +02:00
Tristan Daniël Maat d426e783cd
grafana: Properly proxy websocket connections 
Fixes
2024-07-03 02:56:23 +02:00
Tristan Daniël Maat 306b69f6b5
nextcloud: Use the system postgres version 2024-07-03 01:28:23 +02:00
Tristan Daniël Maat d568436d83
conduit: Use new upstream delegation support 2024-07-01 19:24:03 +02:00
Tristan Daniël Maat 222829d82a
starbound: Don't build service for now 
This includes the really huge steam-run closure, which is just a PITA
to keep up with if we're never using it.
 2024-07-01 19:24:03 +02:00
Tristan Daniël Maat 32f4cabfa3
nextcloud: Update to 28 since 27 is EOL 
We were waiting for nextcloud news to update, but we can't wait any
longer.
 2024-07-01 19:24:02 +02:00
Tristan Daniël Maat 21cb4eab9c
foundryvtt: Set foundry version explicitly 2024-07-01 18:37:43 +02:00
Tristan Daniël Maat fd138d45e6
treewide: Start using nixpkgs-fmt formatting 2024-06-28 20:12:55 +02:00
Tristan Daniël Maat 501c3466bc
Update to NixOS 24.05 2024-06-14 00:49:12 +02:00
Tristan Daniël Maat e16f3be326
acme: Switch to a wildcard certificate 2024-04-16 01:25:59 +02:00
Tristan Daniël Maat 8f178f776e
afvalcalendar: Host enschede afvalcalendar 2024-04-15 03:14:46 +02:00
Tristan Daniël Maat 0d43b5177d
treewide: Refactor nginx config 2024-04-13 04:46:22 +02:00
Tristan Daniël Maat 7bb27d9bee
conduit: Switch to stable package since that has updated 2024-04-08 20:49:44 +02:00
Tristan Daniël Maat 119db5e1d3
sonnenshift: Init 2024-04-08 20:02:53 +02:00
Tristan Daniël Maat 14785afa14
vm: Set up proper bridge networking 2024-03-27 01:51:15 +01:00
Tristan Daniël Maat c161eeb056
backups: Switch to hetzner storage box 2024-03-18 07:30:54 +01:00
Tristan Daniël Maat cf02da0d00
acme: Back up SSL certificates 2024-03-12 06:07:26 +01:00
Tristan Daniël Maat fa73574dba
nginx: Factor nginx configuration into a separate module 2024-03-12 06:07:24 +01:00
Tristan Daniël Maat 329a6c4cf1
foundryvtt: Enable backups 2024-03-12 05:40:49 +01:00
Tristan Daniël Maat f8789ee4d0
foundryvtt: Mark as running behind a reverse proxy 2024-03-12 05:35:18 +01:00
Tristan Daniël Maat 07f819cc58
coturn: Fix outdated IP address 2024-03-11 21:56:41 +01:00
Tristan Daniël Maat 7affed34f1
nextcloud: Remove unused variable 2024-03-11 04:51:25 +01:00
Tristan Daniël Maat aec7c5c7d8
vm: Change domain 2024-03-11 04:50:59 +01:00
Tristan Daniël Maat ae18832cb0
linode: Remove old server 2024-03-11 03:42:30 +01:00
Tristan Daniël Maat 1c6e7ec106
acme: Don't attempt to get certs if the domain is wrong 2024-03-11 03:42:29 +01:00
Tristan Daniël Maat ddda6f534b
hetzner: Add new server config 2024-03-11 03:42:28 +01:00
Tristan Daniël Maat 54e0826860
gitea: Migrate to forgejo 2024-03-11 00:33:41 +01:00
Tristan Daniël Maat ebc45a9af1
treewide: Upgrade to NixOS 23.11 2023-12-30 19:41:06 +01:00
Tristan Daniël Maat 4a966412b8
staging: Use a static ssh host key 2023-12-29 16:48:23 +01:00
Tristan Daniël Maat 95b5d4b3bd
nginx: Reduce number of rotated logs kept around 2023-12-15 17:04:42 +01:00
Tristan Daniël Maat eb3bd485c4
metrics: Add size limit to victoriametrics 2023-12-15 17:04:39 +01:00
Tristan Daniël Maat 759a9c7c0c
conduit: Fix acme issue 
letsencrypt will prod on port 80 to verify the domain. `listen`
overrides `addSSL`, so none of the NixOS modules' setup will actually
work.

This means the conduit virtualhost never listened on port 80, and
couldn't verify letsencrypt requests.

How this *ever* worked is beyond me, but this commit resolves the
problems (don't worry, `forceSSL` does what it says on the tin and
overrides the `listen` again).
 2023-10-13 06:08:26 +02:00