Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | remove obsolete directives | Alex Auvolat | 2023-03-31 | 1 | -3/+0 |
| | |||||
* | refactor configuration syntax | Alex Auvolat | 2023-03-24 | 2 | -102/+90 |
| | |||||
* | greatly simplify ipv4 and ipv6 configuration | Alex Auvolat | 2023-03-24 | 2 | -53/+61 |
| | |||||
* | Sanitize DNS configuration | Alex Auvolat | 2023-03-24 | 1 | -28/+10 |
| | | | | | | | | - get rid of outside nameserver, unbound does the recursive resolving itself (and it checks DNSSEC) - remove CAP_NET_BIND_SERVICE for Consul as it is no longer binding on port 53 (was already obsolete) - make unbound config independant of LAN IPv4 address | ||||
* | wgautomesh actually on prod | Alex Auvolat | 2023-03-24 | 3 | -9/+7 |
| | |||||
* | use nix enum type | Alex Auvolat | 2023-03-20 | 1 | -1/+1 |
| | |||||
* | wgautomesh variable log level (debug for staging) | Alex Auvolat | 2023-03-17 | 1 | -1/+6 |
| | |||||
* | keep wg-quick code as reference | Alex Auvolat | 2023-03-17 | 1 | -0/+12 |
| | |||||
* | wgautomesh from static binary hosted on gitea | Alex Auvolat | 2023-03-17 | 1 | -4/+3 |
| | |||||
* | update wgautomesh | Alex Auvolat | 2023-03-17 | 1 | -1/+1 |
| | |||||
* | wgautomesh persist state to file | Alex Auvolat | 2023-03-17 | 2 | -1/+8 |
| | |||||
* | wgautomesh gossip secret file | Alex Auvolat | 2023-03-17 | 2 | -1/+14 |
| | |||||
* | sample deployment of wgautomesh on staging (dont deploy prod with this commit) | Alex Auvolat | 2023-03-17 | 2 | -9/+131 |
| | |||||
* | TODOs in deuxfleurs.nix because the old world is maybe mixing with the new | Adrien | 2023-03-15 | 1 | -2/+2 |
| | |||||
* | Remove hardcoded years in deuxfleurs.nix | Alex Auvolat | 2023-01-01 | 1 | -7/+7 |
| | |||||
* | Replace deploy_wg by a NixOS activation script | Alex Auvolat | 2022-12-14 | 1 | -0/+9 |
| | |||||
* | Add origan node in staging cluster (+ refactor system.stateVersion) | Alex Auvolat | 2022-12-11 | 1 | -8/+0 |
| | |||||
* | Add possible public_ipv4 node tag | Alex Auvolat | 2022-12-07 | 1 | -1/+10 |
| | |||||
* | Staging: Add CNAME target meta parameter, will be used for diplonat auto dns ↵ | Alex Auvolat | 2022-12-07 | 1 | -8/+16 |
| | | | | update | ||||
* | Clean stuff up and update nix driver | Alex Auvolat | 2022-11-29 | 1 | -1/+1 |
| | |||||
* | Remove old nomad-driver-nix | Alex Auvolat | 2022-11-29 | 1 | -31/+0 |
| | |||||
* | Use nix driver moved to Deuxfleurs namespace | Alex Auvolat | 2022-11-29 | 1 | -7/+3 |
| | |||||
* | Deploy garage on staging using nix2 driver | Alex Auvolat | 2022-11-29 | 2 | -31/+29 |
| | |||||
* | Staging: ability to run Nix jobs using exec2 driver | Alex Auvolat | 2022-11-28 | 2 | -0/+32 |
| | |||||
* | Remove root, add wg-quick-wg0 after unbound | Alex Auvolat | 2022-11-28 | 1 | -0/+1 |
| | |||||
* | Fix wg-quick MTU because it does bad stuff by default | Alex Auvolat | 2022-11-22 | 1 | -0/+1 |
| | |||||
* | Add after config on nomad and consul | Alex Auvolat | 2022-11-22 | 1 | -0/+2 |
| | |||||
* | Add Baptiste ; fix wireguard | Alex Auvolat | 2022-11-22 | 1 | -2/+2 |
| | |||||
* | poc 2 for nix containers: use nomad-driver-nix | Alex Auvolat | 2022-11-16 | 1 | -0/+31 |
| | |||||
* | remove systemd-resolved | Alex Auvolat | 2022-10-16 | 2 | -10/+2 |
| | |||||
* | Complete telemetry configuration | Alex Auvolat | 2022-10-16 | 1 | -0/+5 |
| | |||||
* | Remove additonal DNS entries from docker | Maximilien Richer | 2022-10-16 | 1 | -1/+1 |
| | |||||
* | Correctly inject dns servers in docker | Quentin Dufour | 2022-10-16 | 1 | -1/+6 |
| | |||||
* | Add docker | Quentin Dufour | 2022-10-16 | 1 | -1/+1 |
| | |||||
* | Switch to systemd-networkd | Quentin Dufour | 2022-10-15 | 1 | -25/+27 |
| | |||||
* | Disable IPv6 RA/autoconf/temp addr | Quentin Dufour | 2022-10-14 | 1 | -0/+3 |
| | |||||
* | Force Garage to use ipv6 connectivity | Alex Auvolat | 2022-09-15 | 1 | -0/+1 |
| | |||||
* | systemd timesyncd | Alex Auvolat | 2022-09-08 | 1 | -1/+2 |
| | |||||
* | Improve DNS configuration | Alex Auvolat | 2022-08-30 | 1 | -4/+38 |
| | | | | | | | | | Add Unbound server that separates queries between those going to Consul and those going elsewhere. This allows us to have DNS working even if Consul fails for some reason. This way we can also remove the secondary `nameserver` entry in /etc/resolv.conf, thus fixing a bug where certain containers (Alpine-based images?) were using the secondary resolver some of the time, making them unable to access .consul hosts. | ||||
* | Ask consul to use advertised address and not bind one | Quentin Dufour | 2022-08-24 | 1 | -0/+1 |
| | |||||
* | Fix nomad talking to consul | Alex Auvolat | 2022-08-24 | 1 | -1/+4 |
| | |||||
* | Fix access to consul for non-server nodes | Alex Auvolat | 2022-08-24 | 1 | -1/+1 |
| | |||||
* | Disable bootstrap_expect unless specific deuxfleurs.bootstrap is set | Alex Auvolat | 2022-08-24 | 1 | -9/+11 |
| | |||||
* | Fix IPv6 | Quentin Dufour | 2022-08-24 | 1 | -1/+10 |
| | |||||
* | Remove wesher, reconfigure staging without it | Alex Auvolat | 2022-08-23 | 4 | -193/+73 |
| | |||||
* | Disable ipv6 temporary addresses | Alex Auvolat | 2022-08-23 | 1 | -0/+1 |
| | |||||
* | Update to nixos 22.05 | Alex Auvolat | 2022-07-27 | 2 | -13/+15 |
| | |||||
* | Configure Consul DNS | Alex Auvolat | 2022-06-01 | 1 | -3/+23 |
| | |||||
* | Work on drone runner as VM | Alex Auvolat | 2022-05-30 | 2 | -0/+13 |
| | |||||
* | Fix firewall rule for IGD | Alex Auvolat | 2022-05-09 | 1 | -2/+2 |
| |