4a102117a4
feat(storage01): Init victoria-metrics DB
2024-10-22 13:07:07 +02:00
969f59fbc4
feat(web03): Deploy the new annuaire
2024-10-21 20:03:20 +02:00
sinavir
e993d6de34
fix(stateless-uptime-kuma): Typo in domain name
2024-10-21 12:25:18 +02:00
sinavir
e0eb7bbf7c
fix(stateless-uptime-kuma): Correct probes for ollama and s3-api
2024-10-21 12:16:00 +02:00
a93a64d747
feat(forgejo): Send email to admins when new users appear
2024-10-21 09:33:40 +02:00
51133e6e5f
feat(netbird): Update
2024-10-20 23:01:14 +02:00
f0b3d4b490
feat(kanidm): Use kanidm-provision to setup active members
2024-10-18 14:36:38 +02:00
sinavir
e7edf29e11
fix(ollama-proxy): Use ip instead of vpn domain name
...
VPN dns is slow to start so nginx will fail
2024-10-18 12:45:27 +02:00
sinavir
1a05ea3a9a
feat(krz01): Move to lab-infra repo
2024-10-18 11:53:32 +02:00
113c83bb9c
feat: laptop change and smartphone add to authorized MACs
2024-10-18 11:12:14 +02:00
sinavir
3c445ab4c7
feat(networking): Add a bridge to connect VMs to the world
2024-10-17 17:56:09 +02:00
sinavir
492fe550d9
chore(krz01): Put all ollama/whisper stuff in separate modules
2024-10-17 15:47:10 +02:00
sinavir
a02da5f496
chore(proxmox-nixos): Update
2024-10-17 15:34:11 +02:00
db5859e472
feat(web03): Initial deployment of django-apps
2024-10-17 15:11:43 +02:00
b6cbf6e918
feat(infra): Deploy web03
2024-10-16 11:08:24 +02:00
06653220bb
fix(kanidm): Revert switch to simpleProxies
...
As we proxy to an https endpoint, this was not supported
2024-10-12 22:11:34 +02:00
2f06f22ac7
feat(nginx): Switch to simpleProxies for the majority of configs
2024-10-12 20:00:54 +02:00
af61ae6e61
feat(dgn-web): Add simpleProxies
...
This proxies the required host to localhost:$port and enables SSL
2024-10-12 20:00:54 +02:00
f819acf9bc
feat(forgejo): 7 days sessions
2024-10-12 19:52:21 +02:00
f20353b727
fix(storage01): pass through the admin API of Garage
...
not the web API!
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-10 17:52:22 +02:00
a4de5f4d31
feat(krz01): move ollama to compute01 via a reverse proxy
...
krz01 has no public web IP.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-10 17:40:56 +02:00
363f8d3c67
fix(krz01): open 80/443 for ACME
...
Oopsie!
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-10 17:20:28 +02:00
12b20e6acf
feat(storage01): add monorepo-terraform-state.s3.dgnum.eu
...
This is required to bootstrap the Terranix setup.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-10 17:13:11 +02:00
de6742aa0d
feat(storage01): add s3-admin.dgnum.eu
...
This is the administration endpoint of the S3, you can create new
buckets and more, from there.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-10 17:13:11 +02:00
d76e655174
feat(krz01): add a NGINX in front of ollama protected by password
...
This way, you can do direct requests to ollama from other places.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-10 16:43:33 +02:00
dae3b7c7f6
fix(web02): Remove test user
2024-10-10 09:41:58 +02:00
1e71ef3636
feat(users): Add root passwords and deactivate mutableUsers
2024-10-10 09:23:19 +02:00
5b271b7b4a
feat(nat): enabling for dgnum members for tests
2024-10-10 00:00:56 +02:00
93c47f47be
fix: laptop change
2024-10-09 23:47:29 +02:00
6c4099d369
feat(infra): Internalize nix-lib, and make keys management simpler
2024-10-09 18:58:46 +02:00
34640d467b
feat(krz01): finish ollama integration and whisper.cpp
...
My sanity was used in the process.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-09 13:59:05 +02:00
4bedb3f497
feat(krz01): move the GPU stuff to the host for now
...
We also add a K80 specific patch for ollama.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-09 09:33:57 +02:00
8160b2762f
feat(krz01): passthrough the nVidia Tesla K80 in ml01
...
This way, no need for reboot.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-09 09:33:57 +02:00
ebed6462f6
feat(krz01): introduce ML01 -- a machine learning VM
...
I will add ollama on it later on and passthrough the GPU in there.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-09 09:33:57 +02:00
e200ae53a4
feat(proxmox): Revert the disabling
2024-10-08 20:59:34 +02:00
3aeae4e33f
feat(krz01): add basic microvm exprs
...
For a router01.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-08 17:14:23 +02:00
4d689fee33
feat(krz01): enable proprietary drivers for nVidia
...
For the Tesla K80.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-08 16:58:47 +02:00
862f004e3c
fix(krz01): disable proxmox for now
...
Until #139 is merged.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-10-08 16:40:18 +02:00
sinavir
da40fa9b3d
fix(krz01): Fix root password hash
2024-10-08 16:05:19 +02:00
sinavir
39f5cad75d
feat(krz01): Proxmox
2024-10-08 13:59:28 +02:00
sinavir
a194da9662
fix(krz01): Enable netbird
2024-10-08 12:51:57 +02:00
sinavir
70c69346fb
feat(krz01): init
2024-10-08 12:35:59 +02:00
sinavir
bdf0e4cf7a
feat(binary-cache): Add some hints on how to configure the cache
2024-10-06 23:57:57 +02:00
e4fc6a0d98
chore(npins): Update
2024-10-06 22:21:07 +02:00
8769d6738e
fix(cas-eleves): Remove dependency on pytest-runner
2024-10-06 18:40:48 +02:00
7d24e2dfc1
feat(dgsi): Update, with SAML provisional auth
2024-10-06 18:40:48 +02:00
sinavir
38231eb6e0
feat(attic): Bye bye attic
2024-10-06 18:33:04 +02:00
sinavir
e70d0be931
chore(garage): update
2024-10-02 19:20:17 +02:00
sinavir
53379c88de
feat(pub.dgnum.eu): Add a redirect toward instagram
2024-09-30 20:17:20 +02:00
sinavir
626577e2bc
feat(redirections): Make it more flexible to allow temporary redirects
2024-09-30 20:17:20 +02:00
e12b8454fe
chore(dgsi): Update
2024-09-27 13:23:55 +02:00
176cff5e6d
feat(dgsi): Update source and settings
2024-09-26 15:23:43 +02:00
681155318b
fix(nextcloud): Don't use fast_shutdown
2024-09-26 14:05:40 +02:00
sinavir
5c8db3544c
chore(ci): Make the CI happy
2024-09-26 13:45:06 +02:00
bdeb55f9ec
feat(dgsi): Make it work
2024-09-25 13:57:55 +02:00
2b75890752
feat(compute01): Deploy dgsi
2024-09-24 20:54:51 +02:00
sinavir
05f7be1983
fix(tvix-cache): Update the cache to a working version
2024-09-23 00:40:06 +02:00
sinavir
89d219fe8a
feat(garage): Add hackens website
2024-09-22 00:52:04 +02:00
sinavir
9e7215b5b8
feat(hermes): Bridge more channels
2024-09-22 00:51:36 +02:00
859418b377
feat(chatops): init takumi
...
Takumi means "artisan" (in the sense of "master") in Japanese. It's an
accurate and efficient ChatOps for day-to-day operations of DGNum.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-20 21:50:15 +02:00
sinavir
f6253021d7
feat(nuit website): migrate to s3
2024-09-18 14:21:13 +02:00
99825b89ca
fix(stirling-pdf): Make it build again
2024-09-10 22:41:25 +02:00
595407c13b
feat(ISP): enable SNAT on 5C:64:8E:F4:09:06
...
For testing purposes.
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-09-08 12:32:56 +02:00
3b766e6a2b
feat(ulogd): enabling ulogd
2024-09-08 12:21:08 +02:00
b8601b0782
feat(nat): desactivating on vlan-apro
2024-09-07 16:09:01 +02:00
605f7beda2
fix(uptime-kuma): Don't try to get the radius endpoint
2024-09-01 23:34:07 +02:00
fd0aeacff4
feat(firewall): Sunset fail2ban and switch to reaction
2024-09-01 22:51:56 +02:00
86c1018dc8
fix(web01): Add a redirection from bds.ens.fr/gestion2 to its new location
2024-09-01 15:48:35 +02:00
8a42e18d98
feat(k-radius): Use LE certificates instead of self-signed ones
2024-09-01 15:40:59 +02:00
3ca3ff8939
feat(radius): add AP secret for RADIUS auth requests
...
Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
2024-08-31 22:38:35 +02:00
16f47ce227
feat(wordpress): Finish the migration of the BDS website
2024-08-31 00:36:19 +02:00
f5cc186ea1
feat(web01): Decomissionate kahulm
2024-08-30 18:44:58 +02:00
ccaa999adc
feat(wordpress): Prepare the migration
2024-08-30 10:08:12 +02:00
0d7b4efbd3
feat(kahulm): Added kahulm to web01
2024-08-17 18:00:30 +02:00
b3b21d1f96
feat(forgejo-runners): Switch to patched version of colmena
...
This allows to evaluate bridge01 in the CI
2024-08-14 18:56:11 +02:00
sinavir
c14e263b98
feat(tvix-store): Init
2024-07-29 14:31:42 +02:00
be128f6c3a
feat(kadenios): Fix build of static files and restore cas.eleves.ens.fr for authens
2024-07-28 14:30:03 +02:00
1216a0a780
feat(cas-eleves): Redirect from cas-eleves.dgnum.eu to cas.eleves
2024-07-28 14:10:42 +02:00
sinavir
f6c9137850
fix(signal-irc-bridge): make it work
2024-07-20 00:45:17 +02:00
23b2a19494
feat(kadenios): Don't include dev dependencies in the environment
2024-07-19 11:24:21 +02:00
ce64be6e79
Revert "fix(web02): Don't be too fast"
...
This reverts commit a6c3b42ad9
.
2024-07-12 19:13:04 +02:00
a6c3b42ad9
fix(web02): Don't be too fast
2024-07-12 11:02:04 +02:00
680682f520
feat(bridge02): Initialize and add instructions to the README
2024-07-10 17:31:04 +02:00
4bc2ebf429
feat(web02): Switch to cas.eleves.ens.fr for the cas server
2024-07-10 14:15:24 +02:00
1bf5ad93a2
feat(kadenios): Add management script
2024-07-09 14:52:01 +02:00
954ba45281
feat(web02): Deploy kadenios on vote.dgnum.eu
2024-07-09 10:47:30 +02:00
59aaf015dd
chore(cas-eleves): There is no real build phase
2024-07-09 10:46:58 +02:00
411795c664
fix(routing): clean icmp storm
2024-07-08 20:38:01 +02:00
dce439fcca
fix(shitty-oob): Drop user vlans when no-uplink
2024-07-08 20:38:00 +02:00
37a18c0347
feat(nat): Enable nat (with ip_forward)
2024-07-08 20:38:00 +02:00
a00833c682
fix(cas-eleves): Fix the build of django-cas-server
2024-07-08 16:23:12 +02:00
adf62b0534
feat(web02): Switch to nix-pkgs for python modules
2024-07-07 13:56:10 +02:00
7092c4e9c3
fix(attic): Don't use the same port as prometheus
2024-07-06 11:59:58 +02:00
d553d6efe7
fix(stirling-pdf): Vendor patches and update version
2024-07-06 11:36:54 +02:00
9f7ddf2adf
feat(nextcloud): Update collabora and settings
2024-07-05 18:44:49 +02:00
5279356835
feat(nextcloud): Upgrade to 29
2024-07-05 16:15:27 +02:00
8b3747fd22
fix(web02): Once more
2024-07-05 16:09:04 +02:00
38f6151fbb
fix(web02): Don't let the CI choke
2024-07-05 15:31:57 +02:00
sinavir
f637ae9ea8
fixup! feat: Upgrade machines to nixos-24.05
2024-07-05 10:54:33 +02:00
ac09d221ad
feat: Upgrade machines to nixos-24.05
2024-07-05 10:54:33 +02:00