aboutsummaryrefslogtreecommitdiff
path: root/cluster/prod/app
Commit message (Collapse)AuthorAgeFilesLines
* cluster(prod): cryptpad, update pinned sourcesKokaKiwi2024-07-281-2/+2
|
* cluster(prod): Upgrade crytptpad to 2024.6.1KokaKiwi2024-07-282-6/+6
|
* Merge pull request 'Update CryptPad to 2024.6.0' (#31) from ↵Jill2024-07-225-8/+30
|\ | | | | | | | | | | KokaKiwi/nixcfg:crytptpad-upgrade-2024.6.0 into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/31
| * cluster(prod/app/cryptpad): Update CryptPad to 2024.6.0KokaKiwi2024-07-024-5/+27
| |
| * cluster(prod/app/cryptpad): Update pinned channel from nixos-23.11 to ↵KokaKiwi2024-07-021-3/+3
| | | | | | | | nixos-24.05
* | intervention JitsiADRN2024-07-022-3/+9
|/
* update guichetQuentin Dufour2024-06-241-1/+1
|
* staging: move bottin and guichet to docker, sync with prod configBaptiste Jonglez2024-06-232-1/+5
|
* cluster(prod/cryptpad): Update cryptpad image on Nomad clusterKokaKiwi2024-06-231-1/+1
|
* Merge pull request 'Upgrade cryptpad from 2024.3.0 to 2024.3.1' (#27) from ↵baptiste2024-06-238-6231/+106
|\ | | | | | | | | | | | | KokaKiwi/nixcfg:update-cryptpad-2024.3.1 into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/27 Reviewed-by: maximilien <me@mricher.fr>
| * cluster/prod(app): Upgrade cryptpad from 2024.3.0 to 2024.3.1KokaKiwi2024-05-232-6009/+9
| |
| * cluster/prod(app): Migrate from niv to npins for pinned sources for cryptpadKokaKiwi2024-05-236-222/+97
| |
* | prod: garage: Enable on-demand-tls check for *.garage S3 endpointBaptiste Jonglez2024-06-081-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | We were hitting Let's Encrypt rate limits because we were generating thousands of non-sense certificates like "foo.bar.baz.garage.deuxfleurs.fr" See https://crt.sh Subdomains of garage.deuxfleurs.fr only make sense when accessing buckets through S3 with vhost-style, so let's enable the on-demand-tls check to make sure that the bucket exists in Garage. In the long term, we might want to have a wildcard certificate for this usage, or simply stop supporting vhost-style S3 access.
* | garage: harmonize staging and prod (checks, services)Baptiste Jonglez2024-06-081-37/+36
|/
* use diplonat autodiscovery to set ip addrQuentin Dufour2024-05-181-5/+8
|
* hotfix garageQuentin Dufour2024-05-171-1/+1
|
* migration Cryptpad sur Courgette (Neptune) depuis Abricot (Scorpio), avec ↵ADRN2024-05-122-3/+3
| | | | reconfiguration des backups
* ajout Boris en admin sur CryptpadADRN2024-05-121-0/+1
|
* Move emails from ananas (in scorpio) to celeri (in neptune)Armaël Guéneau2024-05-122-7/+7
|
* ajout max et vincent en admin cryptpadADRN2024-04-301-1/+3
|
* Fix coturn that was failing with newer Nomad/DockerBaptiste Jonglez2024-04-281-4/+2
| | | | | | | | | | | | | | | | | | | | | | Coturn was failing to start with the following error: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "/usr/local/bin/docker-entrypoint.sh": permission denied: unknown It seems to be caused by the recent NixOS update. Either because Docker/runc is now more strict when checking if the entrypoint is executable [1] And/or because Nomad may mount the secrets directory with "noexec" [2]. In any case, the "local" directory [2] looks more appropriate, because it's shared with the task while not being accessible to other tasks. [1] https://github.com/opencontainers/runc/issues/3715 [2] https://developer.hashicorp.com/nomad/docs/concepts/filesystem
* Update woodpecker to latest 2.4.1Baptiste Jonglez2024-04-282-2/+2
|
* Merge pull request 'Update Woodpecker to v2.4.0' (#24) from ↵baptiste2024-04-282-2/+2
|\ | | | | | | | | | | tixie/nixcfg:update-woodpecker-2.4.0 into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/24
| * update woodpecker-agent to 2.4.0Tixie2024-04-241-1/+1
| |
| * update woodpecker-server to 2.4.0Tixie2024-04-241-1/+1
| |
* | Fix link in CI setup docBaptiste Jonglez2024-04-281-2/+2
| |
* | Tricot ulimitQuentin Dufour2024-04-251-0/+3
|/
* prod: allow woodpecker on neptune now with good ipv6Alex Auvolat2024-04-201-3/+1
|
* fix pad when not in neptune, and allow android7 email to move to bespinAlex Auvolat2024-04-192-1/+3
|
* ajout de Jill & Trinity en admins de CryptPadADRN2024-04-181-1/+3
|
* déplacement du service cryptpad concombre -> abricotADRN2024-04-181-2/+2
|
* cluster/prod(app): Add new CryptPad build filesKokaKiwi2024-04-1816-8272/+6399
|
* cluster/prod(app): Upgrade CryptPad to 2024.3.0KokaKiwi2024-04-182-12/+12
|
* prod: garage v1.0.0-rc1Alex Auvolat2024-04-012-1/+3
|
* remove notice message for moderationLauric Desauw2024-03-291-1/+1
|
* add trinity.fr.eu.org to DKIMtrinity-1686a2024-03-241-0/+1
|
* Courderec.re domain in the DKIM tableVincent2024-03-241-0/+1
|
* prod: remove drone-ciAlex Auvolat2024-03-176-328/+0
|
* Ajout de la regex dans le query parameter du http-bind aussiQuentin Dufour2024-03-111-0/+4
|
* ajout redirection nginx des salons Jitsi suspectsADRN2024-03-101-0/+5
|
* added notice message on Jitsi about our monitoringADRN2024-03-101-1/+2
|
* increased Jitsi logs a bitADRN2024-03-091-0/+5
|
* Update lightstream and grafanaMaximilien Richer2024-03-091-3/+3
|
* store real IP from JitsiADRN2024-03-081-0/+6
|
* prod: give more memory to promehteusAlex Auvolat2024-03-081-1/+2
|
* force woodpecker on scorpioAlex Auvolat2024-03-041-7/+3
|
* garage: update to v0.9.2 finalAlex Auvolat2024-03-011-1/+1
|
* prod: update to garage 0.9.2-rc1Alex Auvolat2024-02-291-1/+1
|
* woodpecker-ci: higher affinity to scorpioAlex Auvolat2024-02-281-0/+6
|
* add automatic subdomains for v4 and v6 per site for dashboardAlex Auvolat2024-02-141-2/+8
|