6e94647d8e
Networkd ipv6
2022-09-13 23:59:59 +00:00
Raito Bezarius
9c006a3519
public-cof: fix docs.beta.rz.ens.wtf
2022-09-13 18:49:49 +02:00
Raito Bezarius
9a24316300
core01: add todo.beta.rz.ens.wtf DNS
2022-09-13 18:49:38 +02:00
Raito Bezarius
badae72a29
feat(public-cof): prevent nginx to bind on all IPv4
2022-09-10 16:20:47 +02:00
Raito Bezarius
c25b0f0eee
feat(public-cof): ensure that hedgedocs bind on local ipv6
2022-09-10 16:20:47 +02:00
Raito Bezarius
71e5dcc437
feat(public-cof): disable rstudio server
2022-09-10 16:20:47 +02:00
Raito Bezarius
54163ed857
feat(public-cof): add IPv4 → IPv6 proxy
2022-09-10 16:20:47 +02:00
Raito Bezarius
c90e89bc7a
feat: add traque.beta.rz.ens.wtf
2022-09-10 15:30:03 +02:00
Raito Bezarius
726bc5af0e
feat(core01): enable TLS on inventory.rz.ens.wtf and fix secrets perms
2022-09-06 01:33:17 +02:00
Raito Bezarius
dc971eff71
feat(core01): add inventory.rz.ens.wtf → snipe-it instance
2022-09-06 01:06:39 +02:00
Raito Bezarius
86de42442d
feat: add rstudio.beta.rz.ens.wtf basic features
2022-08-17 18:06:26 +02:00
Raito Bezarius
7f5f3213ac
hotfix: disable student calendar
2022-08-15 13:31:27 +02:00
c5aa20dffa
Move pubkeys in ./machines
...
This is required by the current krops setup.
2022-08-15 23:59:59 +00:00
ba5086a237
Centralize pubkeys
2022-08-15 03:28:40 +02:00
85ab8d8071
Install git
...
Needed for deployments with krops.
2022-08-15 23:59:59 +00:00
4375b29d50
Aarch64 emulation
2022-08-15 03:00:30 +02:00
bb668034b1
Cleanups
2022-08-15 02:59:45 +02:00
122c0deeac
DHCP on ens19 and ens18 + set ip on ens18
2022-08-15 23:59:59 +00:00
816e084deb
Change rpool layout and disk id
2022-08-15 01:20:35 +02:00
3f10516b6f
Add kitty terminfo
2022-08-15 00:20:07 +02:00
f7b6fdf07a
Fix remote builder ip address
2022-08-15 00:00:55 +02:00
a5f3e05889
Formatting
2022-08-14 22:27:28 +02:00
5170bdff65
Cleanups
2022-08-14 22:27:15 +02:00
ac0b6ef15b
Update networking interface
2022-08-14 22:25:34 +02:00
Raito Bezarius
506e099945
monitoring: move to tiered dbengine with netdata nightly
2022-08-05 18:52:06 +02:00
Raito Bezarius
6b994c8591
gitea: log only from WARN and up
2022-08-05 17:52:28 +02:00
Raito Bezarius
be6e81ad46
monitoring: fix authentication via oauth2_proxy by moving to Keycloak-OIDC + many proxy buffer hacks
2022-08-05 17:52:21 +02:00
Raito Bezarius
9d3381cafb
oauth2_proxy: add a cookie specific to *.rz.ens.wtf
2022-08-05 16:34:22 +02:00
Ryan Lahfa
6f5fdb0317
Headscale support (upgrade to latest nixpkgs) ( #9 )
...
This adds Headscale support.
It provides also an upgrade to Keycloak 18.0.0 (Quarkus distribution).
It upgrades NextCloud from 22 to 23.
Reviewed-on: https://git.rz.ens.wtf/Klub-RZ/infrastructure/pulls/9
Co-authored-by: Ryan Lahfa <raito@noreply.git.rz.ens.wtf>
Co-committed-by: Ryan Lahfa <raito@noreply.git.rz.ens.wtf>
2022-06-26 23:48:43 +02:00
57b5c931d1
Add CiterinRemy to MC whitelist
2022-05-21 23:59:59 +00:00
Raito Bezarius
f842b30e05
core01: allow *, unfirewall wgmon
2022-05-15 00:08:46 +02:00
Raito Bezarius
5f2a5ff782
core01: generalize monitoring, open up a wgmon for external nodes
2022-05-14 20:21:18 +02:00
544df15eb1
Enable command blocks in the minecraft server
2022-05-11 23:59:59 +00:00
Raito Bezarius
df2b7e819d
public-cof: upgrade nextcloud (21 → 22)
2022-04-17 01:34:44 +02:00
6a3af7d165
Add Pollux to MC whitelist
2022-04-13 23:59:59 +00:00
ab9d022b33
Add Cst1 to MC whitelist
2022-04-07 23:59:59 +00:00
Raito Bezarius
dcc0085c41
public-cof: add framagenda.org
2022-03-29 23:04:31 +02:00
e472173bad
Update MC server
2022-03-29 23:59:59 +00:00
Raito Bezarius
bacdad33d3
public-cof: improve monitoring of postgresql
2022-03-08 19:47:32 +01:00
Raito Bezarius
2721ad9b71
public-cof: improve monitoring of system and nextcloud performance
2022-03-06 20:22:03 +01:00
Raito Bezarius
bfdfa5a206
core01: rotate drone key, update swap uuid, bump netdata multihost disk space for 30d of metrics
2022-03-06 20:21:37 +01:00
Raito Bezarius
e03a3f16f8
public-cof: add monitoring, deploy home.beta.rz.ens.wtf properly
2022-03-05 23:17:06 +01:00
Raito Bezarius
e1e8401160
public-cof: update Raito's NUR
2022-03-05 23:17:06 +01:00
Raito Bezarius
e0167f27d3
core01: open up Gitea registration and whitelist @ens.fr emails
2022-03-05 23:17:06 +01:00
Raito Bezarius
b581fbcfc5
core01: fix #6 , remove Dex
2022-03-05 23:17:06 +01:00
Julien Marquet
09ad6670ed
feat: Matterbridge
...
je suis fatigué
2022-02-23 01:42:26 +01:00
Raito Bezarius
075cd90fb7
core01: rekey with MrF, add pve01 hypervisor monitoring
2022-02-22 23:25:46 +01:00
e290a918a0
progress on dex...
2022-01-25 23:59:59 +00:00
52d0f1433a
Ryan tu me doit 10k
2022-01-25 23:59:59 +00:00
7193ee270a
add dex to confifiguration.nix
2022-01-25 23:59:59 +00:00
6535ca50af
add dex
2022-01-25 23:59:59 +00:00
Julien Marquet
3670aab583
ipv4 for public-cof
2022-01-25 18:12:54 +01:00
Raito Bezarius
7e11763d74
core01: Add MrF keys for real
2022-01-25 17:52:56 +01:00
Raito Bezarius
cb92be5d72
core01: add MrF key, default gateway, A for acme
2022-01-25 00:37:12 +01:00
Raito Bezarius
067ab1d7cc
core01/public-cof: flush changes, router02 → router01
2022-01-24 22:04:43 +01:00
Raito Bezarius
2c321dd0aa
core-services: bump dbengine disk size to 4GiB
2021-12-29 17:33:28 +01:00
Raito Bezarius
8ac5d2e4ab
core-services: adjust to our changes in IPv4 network for MWAN/local net
2021-12-19 14:51:12 +01:00
Raito Bezarius
916b06ad1f
dns: jurisprudens.beta.rz.ens.wtf → public COF with v4 upstream proxy
2021-11-21 11:53:50 +01:00
Raito Bezarius
f3f4431f2c
core-services: use jre8 for keycloak, fixes LDAP federation
2021-11-21 11:53:30 +01:00
Raito Bezarius
d8a577b078
public-cof: fix cryptpad
2021-11-20 21:01:42 +01:00
5e24c6c8c7
try simple cryptpad module
2021-11-15 01:06:57 +01:00
b2eb90564d
change hedgedoc localhost port
2021-11-15 01:02:47 +01:00
Raito Bezarius
bf2ecf0874
public-cof: add agenix modules
2021-11-15 00:54:27 +01:00
Raito Bezarius
77b86de5c4
public-cof: proxy ws for hedgedoc
2021-11-15 00:48:11 +01:00
Raito Bezarius
885ba660f5
public-cof: get back to default port
2021-11-15 00:36:46 +01:00
Raito Bezarius
f5eafee411
public-cof: secure nextcloud using agenix
2021-11-15 00:36:46 +01:00
bb89a44d87
add RaitoMezarius to the MC whitlist
2021-11-15 00:19:27 +01:00
ea6b47e4bd
add mrf keys
2021-11-15 00:16:01 +01:00
71797ad07e
start a cryptpad module
2021-11-15 00:09:44 +01:00
d0b0093ba6
make home.beta.rz.ens.wtf the nginx default
2021-11-14 23:57:19 +01:00
10a5cef823
add hedgedoc
2021-11-14 23:56:00 +01:00
ff0a6b450f
remove space in MC level name
2021-11-14 01:28:51 +01:00
f8cc9879ef
close unused UDP port
2021-11-13 23:54:30 +01:00
0dc5bd6aad
add {pads,docs}.beta.rz.ens.wtf to the DNS server
2021-11-13 23:48:21 +01:00
Raito Bezarius
dd57d05591
dns: add upstream v4 proxy for {home,nuage,}.beta.rz.ens.wtf to kurisu.dual.lahfa.xyz
2021-11-13 23:35:16 +01:00
72b926a6ed
disable the factorio server
2021-11-13 02:52:16 +01:00
0dfcfe243e
create nginx virtual host for home.beta.rz.ens.wtf
2021-11-13 02:51:54 +01:00
7dd205ad90
add factorio server to public-cof
2021-11-13 01:52:22 +01:00
06e84b79b4
add minecraft server to public-cof
2021-11-13 01:52:04 +01:00
1309a9a91e
add nextcloud to plublic-cof
2021-11-13 01:48:32 +01:00
9b6c56baad
add DNS records for public-cof's future services
2021-11-12 23:59:59 +00:00
9cb53cb9db
initial public-cof config
2021-11-12 23:59:59 +00:00
20147f145b
add AAAA for gdd.rz.ens.wtf
2021-11-12 23:59:59 +00:00
bc935ad037
update dns serial
2021-11-11 23:59:59 +00:00
95225c5055
delegate the gdd subzone
2021-11-11 23:59:59 +00:00
218419732a
remove incorrect ip adresses for the gdd subdomain
2021-11-11 23:59:59 +00:00
6adb20c64f
remove hackens keys from netboot server
2021-11-05 23:59:59 +00:00
82ccb56fe5
remove hackens keys from core-services and remote-builder
2021-11-05 23:59:59 +00:00
Raito Bezarius
eaa209eb7b
core-services(dns): append 2001:470:1f13:187:350a:214a:639c:b97b backup.gdd.rz.ens.wtf AAAA
2021-10-20 23:52:58 +02:00
Raito Bezarius
aab45dbc6d
dns: add backup.gdd.rz.ens.wtf
2021-08-04 15:59:21 +02:00
Raito Bezarius
3fc1c9da86
core-services-01: add backup repository for VyOS
2021-08-04 15:59:02 +02:00
Raito Bezarius
2a33516e54
deploy: add remote-builder-01 and my remote builder SSH key
2021-07-29 00:08:48 +02:00
dee54e706d
Add remote-builder-01 ( #2 )
...
Initial configuration of remote-builder-01.
Co-authored-by: Gabriel DORIATH DOHLER <gabriel.doriath.dohler@ens.psl.eu>
Reviewed-on: https://git.rz.ens.wtf/Klub-RZ/infrastructure/pulls/2
Co-authored-by: gdd <gabriel.doriath.dohler@ens.fr>
Co-committed-by: gdd <gabriel.doriath.dohler@ens.fr>
2021-07-28 23:55:34 +02:00
Raito Bezarius
821b1cdc31
dns: add nix01.builders.rz.ens.wtf
2021-07-28 23:55:23 +02:00
Raito Bezarius
6b7f3d32ff
netdata: monitor pve01, alert #réseau over IRC, store more metrics (~2GiB)
2021-07-28 23:10:45 +02:00
Raito Bezarius
6509fe0f36
core-services-01(autodeploy): disable autoUpgrade
2021-07-27 14:37:31 +02:00
Raito Bezarius
b75aa4ac5c
core-services-01(autodeploy): enable default /var/src usage through systemd tmp filesystem and force creation of sentinel file
2021-07-26 03:55:56 +02:00
Raito Bezarius
6642638d2a
core-services-01(autodeploy): enforce nix label, update drone runner module
2021-07-26 03:34:45 +02:00
Raito Bezarius
57172ba54c
core-services-01(drone-runners): prevent them to kill an auto-deployment
2021-07-26 03:14:10 +02:00
Raito Bezarius
fb43cc15e1
core-services-01(drone-runners): initialize nix01
2021-07-26 02:55:35 +02:00