aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request 'cryptpad: add armael to admins' (#38) from ↵Armael2024-11-061-1/+2
|\ | | | | | | | | | | armael-cryptpad-admin into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/38
| * cryptpad: add armael to adminsarmael-cryptpad-adminArmaël Guéneau2024-11-061-1/+2
|/
* email: ensure email and email-android7 run on different sites to avoid port ↵Baptiste Jonglez2024-10-252-1/+3
| | | | conflicts
* email-android7: allocate more memory to avoid OOM killerdebug-cryptpad-updateBaptiste Jonglez2024-10-171-2/+2
|
* Merge pull request 'Add cryptad-debug instance with cloned data' (#36) from ↵maximilien2024-10-162-0/+372
|\ | | | | | | | | | | debug-cryptpad-update into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/36
| * Add cryptad-debug instance with cloned dataMaximilien Richer2024-10-162-0/+372
|/
* Merge pull request 'Upgrade crytptpad to 2024.9.0' (#35) from ↵Jill2024-10-043-6/+6
|\ | | | | | | | | | | | | KokaKiwi/nixcfg:crytptpad-upgrade-2024.9.0 into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/35 Reviewed-by: maximilien <me@mricher.fr>
| * cluster(prod): Upgrade crytptpad to 2024.9.0KokaKiwi2024-10-022-4/+4
| | | | | | | | Signed-off-by: KokaKiwi <kokakiwi+deuxfleurs@kokakiwi.net>
| * cluster(prod): cryptpad, update pinned sourcesKokaKiwi2024-10-021-2/+2
| | | | | | | | Signed-off-by: KokaKiwi <kokakiwi+deuxfleurs@kokakiwi.net>
* | woodpecker: update to 2.7.1Baptiste Jonglez2024-10-031-1/+1
| |
* | woodpecker: make sure grpc proxy gets up-to-date IP address of backendBaptiste Jonglez2024-10-031-0/+1
| |
* | Add SSH host key for pamplemousseBaptiste Jonglez2024-10-031-0/+1
| |
* | Update bespin endpointsBaptiste Jonglez2024-10-031-3/+3
|/
* modif de Synapse parce que ça buguait + update Matrix syncv3 to v0.99.16ADRN2024-09-264-8/+43
|
* update Synapse to v1.104.0 & Riot to v1.11.78ADRN2024-09-265-14/+34
|
* finalize jitsiQuentin Dufour2024-09-203-1/+18
|
* fix listen videobridge managementQuentin Dufour2024-09-201-1/+1
|
* activate management in jitsiQuentin Dufour2024-09-202-2/+4
|
* Merge pull request 'Upgrade jitsi build recipes to 9646' (#34) from ↵Quentin2024-09-129-24/+29
|\ | | | | | | | | | | 2024-09-12-update-jitsi into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/34
| * ready to deploy jitsiQuentin Dufour2024-09-126-12/+15
| |
| * add NODE_MAJOR_VERSION as argument of jitsi-meet container instead of hard-coded2024-09-12-update-jitsiADRN2024-09-122-1/+3
| |
| * upgrade jitsi build recipesQuentin Dufour2024-09-123-12/+12
|/
* remove notice messageADRN2024-09-121-1/+1
|
* update woodpecker to 2.7.0Alex Auvolat2024-08-251-1/+1
|
* Merge pull request 'Upgrade crytptpad to 2024.6.1' (#32) from ↵Jill2024-08-013-8/+8
|\ | | | | | | | | | | KokaKiwi/nixcfg:crytptpad-upgrade-2024.6.1 into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/32
| * cluster(prod): cryptpad, update pinned sourcesKokaKiwi2024-07-281-2/+2
| |
| * cluster(prod): Upgrade crytptpad to 2024.6.1KokaKiwi2024-07-282-6/+6
|/
* Merge pull request 'Update CryptPad to 2024.6.0' (#31) from ↵Jill2024-07-225-8/+30
|\ | | | | | | | | | | KokaKiwi/nixcfg:crytptpad-upgrade-2024.6.0 into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/31
| * cluster(prod/app/cryptpad): Update CryptPad to 2024.6.0KokaKiwi2024-07-024-5/+27
| |
| * cluster(prod/app/cryptpad): Update pinned channel from nixos-23.11 to ↵KokaKiwi2024-07-021-3/+3
| | | | | | | | nixos-24.05
* | Temporary access to pamplemousseBaptiste Jonglez2024-07-141-1/+1
| |
* | prod: Add new node pamplemousseBaptiste Jonglez2024-07-146-0/+33
| |
* | Revert "staging: enable IPv4 diplonat (UPnP) for corrin site"Baptiste Jonglez2024-07-141-1/+1
| | | | | | | | | | | | | | This reverts commit 22dba1f35cab74f6ecdc20d30eca4ee295810e8f. This site is now also a production site, so from now on UPnP will only be configured from the production cluster.
* | Revert "openssh: Temporary patch for CVE-2024-6387 mitigation"Baptiste Jonglez2024-07-141-17/+0
| | | | | | | | This reverts commit b89b625f46003e0a018eaede1a6923c93b423755.
* | intervention JitsiADRN2024-07-022-3/+9
|/
* Merge pull request 'openssh: Temporary patch for CVE-2024-6387 mitigation' ↵Jill2024-07-021-0/+17
|\ | | | | | | | | | | (#30) from KokaKiwi/nixcfg:openssh-mitigation into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/30
| * openssh: Temporary patch for CVE-2024-6387 mitigationKokaKiwi2024-07-011-0/+17
| |
* | Merge pull request 'dathomir: Updates' (#29) from ↵Jill2024-07-0218-21/+40
|\ \ | |/ |/| | | | | | | | | KokaKiwi/nixcfg:dathomir-update into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/29 Reviewed-by: maximilien <me@mricher.fr>
| * cluster(staging): Rename jupiter site to dathomirKokaKiwi2024-06-2713-21/+17
| |
| * cluster(prod): Add new ortie nodeKokaKiwi2024-06-275-0/+23
|/
* update guichetQuentin Dufour2024-06-241-1/+1
|
* staging: move bottin and guichet to docker, sync with prod configBaptiste Jonglez2024-06-239-161/+198
|
* cluster(prod/cryptpad): Update cryptpad image on Nomad clusterKokaKiwi2024-06-231-1/+1
|
* staging: Passage garage en mode dockerBaptiste Jonglez2024-06-231-23/+25
|
* Merge pull request 'Upgrade cryptpad from 2024.3.0 to 2024.3.1' (#27) from ↵baptiste2024-06-238-6231/+106
|\ | | | | | | | | | | | | KokaKiwi/nixcfg:update-cryptpad-2024.3.1 into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/27 Reviewed-by: maximilien <me@mricher.fr>
| * cluster/prod(app): Upgrade cryptpad from 2024.3.0 to 2024.3.1KokaKiwi2024-05-232-6009/+9
| |
| * cluster/prod(app): Migrate from niv to npins for pinned sources for cryptpadKokaKiwi2024-05-236-222/+97
| |
* | prod: garage: Enable on-demand-tls check for *.garage S3 endpointBaptiste Jonglez2024-06-081-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | We were hitting Let's Encrypt rate limits because we were generating thousands of non-sense certificates like "foo.bar.baz.garage.deuxfleurs.fr" See https://crt.sh Subdomains of garage.deuxfleurs.fr only make sense when accessing buckets through S3 with vhost-style, so let's enable the on-demand-tls check to make sure that the bucket exists in Garage. In the long term, we might want to have a wildcard certificate for this usage, or simply stop supporting vhost-style S3 access.
* | garage: harmonize staging and prod (checks, services)Baptiste Jonglez2024-06-082-71/+104
| |
* | staging: garage: Handle *.garage.staging for vhost-style S3 and add ↵Baptiste Jonglez2024-06-082-0/+9
| | | | | | | | on-demand TLS checks