| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Merge pull request 'Upgrade cryptpad from 2024.3.0 to 2024.3.1' (#27) from ↵ | baptiste | 2024-06-23 | 8 | -6231/+106 |
| |\ | | | | | | | | | | | | | KokaKiwi/nixcfg:update-cryptpad-2024.3.1 into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/27 Reviewed-by: maximilien <me@mricher.fr> | ||||
| | * | cluster/prod(app): Upgrade cryptpad from 2024.3.0 to 2024.3.1 | KokaKiwi | 2024-05-23 | 2 | -6009/+9 |
| | | | |||||
| | * | cluster/prod(app): Migrate from niv to npins for pinned sources for cryptpad | KokaKiwi | 2024-05-23 | 6 | -222/+97 |
| | | | |||||
| * | | prod: garage: Enable on-demand-tls check for *.garage S3 endpoint | Baptiste Jonglez | 2024-06-08 | 1 | -0/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We were hitting Let's Encrypt rate limits because we were generating thousands of non-sense certificates like "foo.bar.baz.garage.deuxfleurs.fr" See https://crt.sh Subdomains of garage.deuxfleurs.fr only make sense when accessing buckets through S3 with vhost-style, so let's enable the on-demand-tls check to make sure that the bucket exists in Garage. In the long term, we might want to have a wildcard certificate for this usage, or simply stop supporting vhost-style S3 access. | ||||
| * | | garage: harmonize staging and prod (checks, services) | Baptiste Jonglez | 2024-06-08 | 2 | -71/+104 |
| | | | |||||
| * | | staging: garage: Handle *.garage.staging for vhost-style S3 and add ↵ | Baptiste Jonglez | 2024-06-08 | 2 | -0/+9 |
| | | | | | | | | | on-demand TLS checks | ||||
| * | | staging: Upgrade tricot for on-demand TLS checks | Baptiste Jonglez | 2024-06-08 | 1 | -1/+1 |
| | | | |||||
| * | | staging: make tricot config closer to prod | Baptiste Jonglez | 2024-05-30 | 1 | -4/+5 |
| | | | |||||
| * | | staging: enable IPv4 diplonat (UPnP) for corrin site | Baptiste Jonglez | 2024-05-30 | 1 | -1/+1 |
| | | | |||||
| * | | Revert "staging: disable allocation of grafana on piranha" | Baptiste Jonglez | 2024-05-30 | 1 | -6/+0 |
| | | | | | | | | | piranha is accessible on a more reliable network now. | ||||
| * | | Move piranha to new network | Baptiste Jonglez | 2024-05-30 | 3 | -9/+4 |
| | | | |||||
| * | | Merge pull request 'cluster(prod): Add dathomir site' (#25) from ↵ | maximilien | 2024-05-26 | 10 | -11/+85 |
| |\ \ | |/ |/| | | | | | | | | | KokaKiwi/nixcfg:add-dathomir into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/25 Reviewed-by: maximilien <me@mricher.fr> | ||||
| | * | prod(cluster/dathomir): Open more SSH ports | KokaKiwi | 2024-05-26 | 3 | -0/+6 |
| | | | |||||
| | * | cluster(prod): Add oseille | KokaKiwi | 2024-05-26 | 5 | -0/+21 |
| | | | |||||
| | * | style: Fix spacetab in cluster/prod/ssh_config | KokaKiwi | 2024-05-26 | 1 | -11/+11 |
| | | | |||||
| | * | cluster(prod): Add io | KokaKiwi | 2024-05-26 | 5 | -0/+20 |
| | | | |||||
| | * | cluster(prod): Add dathomir site and onion node | KokaKiwi | 2024-05-15 | 6 | -0/+27 |
| | | | |||||
| * | | use diplonat autodiscovery to set ip addr | Quentin Dufour | 2024-05-18 | 1 | -5/+8 |
| | | | |||||
| * | | update neptune IP address | Quentin Dufour | 2024-05-18 | 1 | -1/+1 |
| | | | |||||
| * | | hotfix garage | Quentin Dufour | 2024-05-17 | 1 | -1/+1 |
| |/ | |||||
| * | migration Cryptpad sur Courgette (Neptune) depuis Abricot (Scorpio), avec ↵ | ADRN | 2024-05-12 | 2 | -3/+3 |
| | | | | | reconfiguration des backups | ||||
| * | ajout Boris en admin sur Cryptpad | ADRN | 2024-05-12 | 1 | -0/+1 |
| | | |||||
| * | Move emails from ananas (in scorpio) to celeri (in neptune) | Armaël Guéneau | 2024-05-12 | 2 | -7/+7 |
| | | |||||
| * | staging: disable allocation of grafana on piranha | Armaël Guéneau | 2024-05-01 | 1 | -0/+6 |
| | | | | | piranha does not seem to be available from the outside world currently | ||||
| * | ajout max et vincent en admin cryptpad | ADRN | 2024-04-30 | 1 | -1/+3 |
| | | |||||
| * | Fix coturn that was failing with newer Nomad/Docker | Baptiste Jonglez | 2024-04-28 | 1 | -4/+2 |
| | | | | | | | | | | | | | | | | | | | | | | | Coturn was failing to start with the following error: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "/usr/local/bin/docker-entrypoint.sh": permission denied: unknown It seems to be caused by the recent NixOS update. Either because Docker/runc is now more strict when checking if the entrypoint is executable [1] And/or because Nomad may mount the secrets directory with "noexec" [2]. In any case, the "local" directory [2] looks more appropriate, because it's shared with the task while not being accessible to other tasks. [1] https://github.com/opencontainers/runc/issues/3715 [2] https://developer.hashicorp.com/nomad/docs/concepts/filesystem | ||||
| * | Update woodpecker to latest 2.4.1 | Baptiste Jonglez | 2024-04-28 | 2 | -2/+2 |
| | | |||||
| * | Merge pull request 'Update Woodpecker to v2.4.0' (#24) from ↵ | baptiste | 2024-04-28 | 2 | -2/+2 |
| |\ | | | | | | | | | | | tixie/nixcfg:update-woodpecker-2.4.0 into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/24 | ||||
| | * | update woodpecker-agent to 2.4.0 | Tixie | 2024-04-24 | 1 | -1/+1 |
| | | | |||||
| | * | update woodpecker-server to 2.4.0 | Tixie | 2024-04-24 | 1 | -1/+1 |
| | | | |||||
| * | | Fix link in CI setup doc | Baptiste Jonglez | 2024-04-28 | 1 | -2/+2 |
| | | | |||||
| * | | caribou: update ipv6 address after ISP change | Armaël Guéneau | 2024-04-26 | 1 | -1/+1 |
| | | | |||||
| * | | Tricot ulimit | Quentin Dufour | 2024-04-25 | 1 | -0/+3 |
| |/ | |||||
| * | prod: update nomad to 1.6 | Alex Auvolat | 2024-04-20 | 1 | -1/+1 |
| | | |||||
| * | prod: nixos 23.11 and nomad 1.5 | Alex Auvolat | 2024-04-20 | 2 | -3/+3 |
| | | |||||
| * | prod: allow woodpecker on neptune now with good ipv6 | Alex Auvolat | 2024-04-20 | 1 | -3/+1 |
| | | |||||
| * | prod: update nixos to 23.05 | Alex Auvolat | 2024-04-20 | 2 | -1/+4 |
| | | |||||
| * | prod: update ip config for Free ISP at Neptune | Alex Auvolat | 2024-04-20 | 2 | -7/+9 |
| | | |||||
| * | staging: accept nomad bsl license | Alex Auvolat | 2024-04-19 | 1 | -0/+1 |
| | | |||||
| * | fix pad when not in neptune, and allow android7 email to move to bespin | Alex Auvolat | 2024-04-19 | 2 | -1/+3 |
| | | |||||
| * | Merge branch 'poil' | ADRN | 2024-04-18 | 2 | -3/+5 |
| |\ | |||||
| | * | ajout de Jill & Trinity en admins de CryptPad | ADRN | 2024-04-18 | 1 | -1/+3 |
| | | | |||||
| | * | déplacement du service cryptpad concombre -> abricot | ADRN | 2024-04-18 | 1 | -2/+2 |
| | | | |||||
| * | | Merge pull request 'cluster/prod(app): Upgrade CryptPad to 2024.3.0' (#23) ↵ | adrien | 2024-04-18 | 18 | -8284/+6411 |
| |\| | | | | | | | | | | | from KokaKiwi/nixcfg:crytptpad-upgrade-1 into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/nixcfg/pulls/23 | ||||
| | * | cluster/prod(app): Add new CryptPad build files | KokaKiwi | 2024-04-18 | 16 | -8272/+6399 |
| | | | |||||
| | * | cluster/prod(app): Upgrade CryptPad to 2024.3.0 | KokaKiwi | 2024-04-18 | 2 | -12/+12 |
| | | | |||||
| * | | cluster/prod: Add kokakiwi to adminAccounts | KokaKiwi | 2024-04-18 | 1 | -0/+3 |
| |/ | |||||
| * | prod: garage v1.0.0-rc1 | Alex Auvolat | 2024-04-01 | 2 | -1/+3 |
| | | |||||
| * | remove notice message for moderation | Lauric Desauw | 2024-03-29 | 1 | -1/+1 |
| | | |||||
| * | staging: garage v1.0 rc1 | Alex Auvolat | 2024-03-28 | 1 | -2/+2 |
| | | |||||
 |
index : nixcfg.git | |
| Nixos configuration for Deuxfleurs clusters |
| aboutsummaryrefslogtreecommitdiff |