Commit graph

155 commits

Author SHA1 Message Date
6e94647d8e Networkd ipv6 2022-09-13 23:59:59 +00:00
Raito Bezarius
9c006a3519 public-cof: fix docs.beta.rz.ens.wtf 2022-09-13 18:49:49 +02:00
Raito Bezarius
9a24316300 core01: add todo.beta.rz.ens.wtf DNS 2022-09-13 18:49:38 +02:00
Raito Bezarius
badae72a29 feat(public-cof): prevent nginx to bind on all IPv4 2022-09-10 16:20:47 +02:00
Raito Bezarius
c25b0f0eee feat(public-cof): ensure that hedgedocs bind on local ipv6 2022-09-10 16:20:47 +02:00
Raito Bezarius
71e5dcc437 feat(public-cof): disable rstudio server 2022-09-10 16:20:47 +02:00
Raito Bezarius
54163ed857 feat(public-cof): add IPv4 → IPv6 proxy 2022-09-10 16:20:47 +02:00
Raito Bezarius
c90e89bc7a feat: add traque.beta.rz.ens.wtf 2022-09-10 15:30:03 +02:00
Raito Bezarius
726bc5af0e feat(core01): enable TLS on inventory.rz.ens.wtf and fix secrets perms 2022-09-06 01:33:17 +02:00
Raito Bezarius
dc971eff71 feat(core01): add inventory.rz.ens.wtf → snipe-it instance 2022-09-06 01:06:39 +02:00
Raito Bezarius
86de42442d feat: add rstudio.beta.rz.ens.wtf basic features 2022-08-17 18:06:26 +02:00
Raito Bezarius
7f5f3213ac hotfix: disable student calendar 2022-08-15 13:31:27 +02:00
c5aa20dffa Move pubkeys in ./machines
This is required by the current krops setup.
2022-08-15 23:59:59 +00:00
ba5086a237 Centralize pubkeys 2022-08-15 03:28:40 +02:00
85ab8d8071 Install git
Needed for deployments with krops.
2022-08-15 23:59:59 +00:00
4375b29d50 Aarch64 emulation 2022-08-15 03:00:30 +02:00
bb668034b1 Cleanups 2022-08-15 02:59:45 +02:00
122c0deeac DHCP on ens19 and ens18 + set ip on ens18 2022-08-15 23:59:59 +00:00
816e084deb Change rpool layout and disk id 2022-08-15 01:20:35 +02:00
3f10516b6f Add kitty terminfo 2022-08-15 00:20:07 +02:00
f7b6fdf07a Fix remote builder ip address 2022-08-15 00:00:55 +02:00
a5f3e05889 Formatting 2022-08-14 22:27:28 +02:00
5170bdff65 Cleanups 2022-08-14 22:27:15 +02:00
ac0b6ef15b Update networking interface 2022-08-14 22:25:34 +02:00
Raito Bezarius
506e099945 monitoring: move to tiered dbengine with netdata nightly 2022-08-05 18:52:06 +02:00
Raito Bezarius
6b994c8591 gitea: log only from WARN and up 2022-08-05 17:52:28 +02:00
Raito Bezarius
be6e81ad46 monitoring: fix authentication via oauth2_proxy by moving to Keycloak-OIDC + many proxy buffer hacks 2022-08-05 17:52:21 +02:00
Raito Bezarius
9d3381cafb oauth2_proxy: add a cookie specific to *.rz.ens.wtf 2022-08-05 16:34:22 +02:00
Ryan Lahfa
6f5fdb0317 Headscale support (upgrade to latest nixpkgs) (#9)
This adds Headscale support.

It provides also an upgrade to Keycloak 18.0.0 (Quarkus distribution).
It upgrades NextCloud from 22 to 23.

Reviewed-on: https://git.rz.ens.wtf/Klub-RZ/infrastructure/pulls/9
Co-authored-by: Ryan Lahfa <raito@noreply.git.rz.ens.wtf>
Co-committed-by: Ryan Lahfa <raito@noreply.git.rz.ens.wtf>
2022-06-26 23:48:43 +02:00
57b5c931d1 Add CiterinRemy to MC whitelist 2022-05-21 23:59:59 +00:00
Raito Bezarius
f842b30e05 core01: allow *, unfirewall wgmon 2022-05-15 00:08:46 +02:00
Raito Bezarius
5f2a5ff782 core01: generalize monitoring, open up a wgmon for external nodes 2022-05-14 20:21:18 +02:00
544df15eb1 Enable command blocks in the minecraft server 2022-05-11 23:59:59 +00:00
Raito Bezarius
df2b7e819d public-cof: upgrade nextcloud (21 → 22) 2022-04-17 01:34:44 +02:00
6a3af7d165 Add Pollux to MC whitelist 2022-04-13 23:59:59 +00:00
ab9d022b33 Add Cst1 to MC whitelist 2022-04-07 23:59:59 +00:00
Raito Bezarius
dcc0085c41 public-cof: add framagenda.org 2022-03-29 23:04:31 +02:00
e472173bad Update MC server 2022-03-29 23:59:59 +00:00
Raito Bezarius
bacdad33d3 public-cof: improve monitoring of postgresql 2022-03-08 19:47:32 +01:00
Raito Bezarius
2721ad9b71 public-cof: improve monitoring of system and nextcloud performance 2022-03-06 20:22:03 +01:00
Raito Bezarius
bfdfa5a206 core01: rotate drone key, update swap uuid, bump netdata multihost disk space for 30d of metrics 2022-03-06 20:21:37 +01:00
Raito Bezarius
e03a3f16f8 public-cof: add monitoring, deploy home.beta.rz.ens.wtf properly 2022-03-05 23:17:06 +01:00
Raito Bezarius
e1e8401160 public-cof: update Raito's NUR 2022-03-05 23:17:06 +01:00
Raito Bezarius
e0167f27d3 core01: open up Gitea registration and whitelist @ens.fr emails 2022-03-05 23:17:06 +01:00
Raito Bezarius
b581fbcfc5 core01: fix #6, remove Dex 2022-03-05 23:17:06 +01:00
Julien Marquet
09ad6670ed feat: Matterbridge
je suis fatigué
2022-02-23 01:42:26 +01:00
Raito Bezarius
075cd90fb7 core01: rekey with MrF, add pve01 hypervisor monitoring 2022-02-22 23:25:46 +01:00
e290a918a0 progress on dex... 2022-01-25 23:59:59 +00:00
52d0f1433a Ryan tu me doit 10k 2022-01-25 23:59:59 +00:00
7193ee270a add dex to confifiguration.nix 2022-01-25 23:59:59 +00:00
6535ca50af add dex 2022-01-25 23:59:59 +00:00
Julien Marquet
3670aab583 ipv4 for public-cof 2022-01-25 18:12:54 +01:00
Raito Bezarius
7e11763d74 core01: Add MrF keys for real 2022-01-25 17:52:56 +01:00
Raito Bezarius
cb92be5d72 core01: add MrF key, default gateway, A for acme 2022-01-25 00:37:12 +01:00
Raito Bezarius
067ab1d7cc core01/public-cof: flush changes, router02 → router01 2022-01-24 22:04:43 +01:00
Raito Bezarius
2c321dd0aa core-services: bump dbengine disk size to 4GiB 2021-12-29 17:33:28 +01:00
Raito Bezarius
8ac5d2e4ab core-services: adjust to our changes in IPv4 network for MWAN/local net 2021-12-19 14:51:12 +01:00
Raito Bezarius
916b06ad1f dns: jurisprudens.beta.rz.ens.wtf → public COF with v4 upstream proxy 2021-11-21 11:53:50 +01:00
Raito Bezarius
f3f4431f2c core-services: use jre8 for keycloak, fixes LDAP federation 2021-11-21 11:53:30 +01:00
Raito Bezarius
d8a577b078 public-cof: fix cryptpad 2021-11-20 21:01:42 +01:00
5e24c6c8c7 try simple cryptpad module 2021-11-15 01:06:57 +01:00
b2eb90564d change hedgedoc localhost port 2021-11-15 01:02:47 +01:00
Raito Bezarius
bf2ecf0874 public-cof: add agenix modules 2021-11-15 00:54:27 +01:00
Raito Bezarius
77b86de5c4 public-cof: proxy ws for hedgedoc 2021-11-15 00:48:11 +01:00
Raito Bezarius
885ba660f5 public-cof: get back to default port 2021-11-15 00:36:46 +01:00
Raito Bezarius
f5eafee411 public-cof: secure nextcloud using agenix 2021-11-15 00:36:46 +01:00
bb89a44d87 add RaitoMezarius to the MC whitlist 2021-11-15 00:19:27 +01:00
ea6b47e4bd add mrf keys 2021-11-15 00:16:01 +01:00
71797ad07e start a cryptpad module 2021-11-15 00:09:44 +01:00
d0b0093ba6 make home.beta.rz.ens.wtf the nginx default 2021-11-14 23:57:19 +01:00
10a5cef823 add hedgedoc 2021-11-14 23:56:00 +01:00
ff0a6b450f remove space in MC level name 2021-11-14 01:28:51 +01:00
f8cc9879ef close unused UDP port 2021-11-13 23:54:30 +01:00
0dc5bd6aad add {pads,docs}.beta.rz.ens.wtf to the DNS server 2021-11-13 23:48:21 +01:00
Raito Bezarius
dd57d05591 dns: add upstream v4 proxy for {home,nuage,}.beta.rz.ens.wtf to kurisu.dual.lahfa.xyz 2021-11-13 23:35:16 +01:00
72b926a6ed disable the factorio server 2021-11-13 02:52:16 +01:00
0dfcfe243e create nginx virtual host for home.beta.rz.ens.wtf 2021-11-13 02:51:54 +01:00
7dd205ad90 add factorio server to public-cof 2021-11-13 01:52:22 +01:00
06e84b79b4 add minecraft server to public-cof 2021-11-13 01:52:04 +01:00
1309a9a91e add nextcloud to plublic-cof 2021-11-13 01:48:32 +01:00
9b6c56baad add DNS records for public-cof's future services 2021-11-12 23:59:59 +00:00
9cb53cb9db initial public-cof config 2021-11-12 23:59:59 +00:00
20147f145b add AAAA for gdd.rz.ens.wtf 2021-11-12 23:59:59 +00:00
bc935ad037 update dns serial 2021-11-11 23:59:59 +00:00
95225c5055 delegate the gdd subzone 2021-11-11 23:59:59 +00:00
218419732a remove incorrect ip adresses for the gdd subdomain 2021-11-11 23:59:59 +00:00
6adb20c64f remove hackens keys from netboot server 2021-11-05 23:59:59 +00:00
82ccb56fe5 remove hackens keys from core-services and remote-builder 2021-11-05 23:59:59 +00:00
Raito Bezarius
eaa209eb7b core-services(dns): append 2001:470:1f13:187:350a:214a:639c:b97b backup.gdd.rz.ens.wtf AAAA 2021-10-20 23:52:58 +02:00
Raito Bezarius
aab45dbc6d dns: add backup.gdd.rz.ens.wtf 2021-08-04 15:59:21 +02:00
Raito Bezarius
3fc1c9da86 core-services-01: add backup repository for VyOS 2021-08-04 15:59:02 +02:00
Raito Bezarius
2a33516e54 deploy: add remote-builder-01 and my remote builder SSH key 2021-07-29 00:08:48 +02:00
gdd
dee54e706d Add remote-builder-01 (#2)
Initial configuration of remote-builder-01.

Co-authored-by: Gabriel DORIATH DOHLER <gabriel.doriath.dohler@ens.psl.eu>
Reviewed-on: https://git.rz.ens.wtf/Klub-RZ/infrastructure/pulls/2
Co-authored-by: gdd <gabriel.doriath.dohler@ens.fr>
Co-committed-by: gdd <gabriel.doriath.dohler@ens.fr>
2021-07-28 23:55:34 +02:00
Raito Bezarius
821b1cdc31 dns: add nix01.builders.rz.ens.wtf 2021-07-28 23:55:23 +02:00
Raito Bezarius
6b7f3d32ff netdata: monitor pve01, alert #réseau over IRC, store more metrics (~2GiB) 2021-07-28 23:10:45 +02:00
Raito Bezarius
6509fe0f36 core-services-01(autodeploy): disable autoUpgrade 2021-07-27 14:37:31 +02:00
Raito Bezarius
b75aa4ac5c core-services-01(autodeploy): enable default /var/src usage through systemd tmp filesystem and force creation of sentinel file 2021-07-26 03:55:56 +02:00
Raito Bezarius
6642638d2a core-services-01(autodeploy): enforce nix label, update drone runner module 2021-07-26 03:34:45 +02:00
Raito Bezarius
57172ba54c core-services-01(drone-runners): prevent them to kill an auto-deployment 2021-07-26 03:14:10 +02:00
Raito Bezarius
fb43cc15e1 core-services-01(drone-runners): initialize nix01 2021-07-26 02:55:35 +02:00