Commit graph

552 commits

Author SHA1 Message Date
6b766b111d bvm-radius: make sure nginx can see certificates 2021-09-27 08:00:41 +00:00
00a02f8772 coredns: use the correct syntax, oops 2021-09-25 21:27:24 +00:00
bbbdfd5138 as205479.net: hmm, what 2021-09-25 21:18:09 +00:00
c976214bf8 coredns: _acme-challenge.www.as205479.net -> _acme-challenge.as205479.net 2021-09-25 21:03:14 +00:00
9c92e12742 bvm-radius: start serving as205479.net webpage 2021-09-25 20:51:24 +00:00
932afbda74 bvm-radius: require message authenticators 2021-09-25 20:36:40 +00:00
d6bd6e85ca bvm-radius: add freeradius configuration 2021-09-25 18:28:45 +00:00
a8718864c1 swann: configure for eduroam on VLAN 100 2021-09-25 17:38:21 +00:00
f93ec18859 bvm-radius: add ACME certs for as205479.net 2021-09-25 17:38:09 +00:00
b50fa68559 coredns: delegate _acme-challenge to GCP DNS 2021-09-25 13:17:52 +00:00
8e97938d3e bvm-radius: install eapol_test 2021-09-25 12:55:47 +00:00
f3c38e3bb2 bvm-radius: use IP rather than DNS in extraCommands
DNS resolution doesn't work during extraCommands, which... is probably reasonable. Let's not do that.
2021-09-25 12:39:44 +00:00
4530991827 bvm-radius: RADIUS fw/pkg setup 2021-09-25 12:32:27 +00:00
0d6ab41728 bvm-radius: add tailscale IP 2021-09-25 12:19:07 +00:00
c908e3ab5d coredns: add RADSEC entry for as205479.net. 2021-09-25 11:45:05 +00:00
4b1fd796ae bvm-radius: init 2021-09-24 22:50:30 +00:00
158e0afcf3 coredns: init bvm-radius 2021-09-24 22:46:44 +00:00
ccec4b308b as205479.net: add MX records 2021-09-19 00:08:03 +00:00
19782a9e63 ops/nixos: set group for isSystemUser users 2021-09-16 19:14:30 +00:00
cb7811898c blade-tuvok: set bgp_local_prefs 2021-09-10 20:46:05 +00:00
dbf906a9a7 blade-router: add cloudflare 2021-09-10 20:23:24 +00:00
3ba0ab045c blade-router: remove prefix limit 2021-09-10 20:00:31 +00:00
e7bfb107b1 coredns: update mac-mini tailscale IP 2021-09-05 08:07:14 +00:00
4bb015ee0d swann: use IPv6 endpoint for tuvok over EE
EE uses CGNAT on IPv4, which makes this... less than ideal. However, IPv6 is
IPv6 and works pretty reasonably.
2021-09-03 12:40:52 +00:00
edfc04551a totoro: set for duration on BFD alert 2021-09-02 19:24:17 +00:00
d35a0a35ba swann: ee-scrape-data must output data with a newline 2021-09-02 19:23:03 +00:00
58b87a9f0e swann: add ee-scrape-data, for putting allowance data into prometheus 2021-09-02 19:19:53 +00:00
683e6ffc21 totoro: add alert for BFD session failure 2021-09-02 18:35:18 +00:00
3abe727604 blade-router: add google session, which will hopefully turn up eventually 2021-08-31 20:36:26 +00:00
b4c80a07fa blade-router: configure passive session towards AS62240 2021-08-31 16:39:23 +00:00
2c632e28d2 blade-tuvok: switch from ECMP to metrics 2021-08-31 12:12:44 +00:00
e95324c175 swann: yes, this one 2021-08-31 02:29:56 +00:00
2d0a607383 ops/nixos: enable bird-exporter-lfty 2021-08-31 02:26:50 +00:00
f7fbfa5436 nix/pkgs: init prometheus-bird-exporter-lfty 2021-08-31 02:01:38 +00:00
a0d97e082d blade-tuvok: also NAT things going out onto linx 2021-08-31 01:37:34 +00:00
9a5b0379cb blade-tuvok: set net.ipv6.conf.default.forwarding as well 2021-08-30 21:01:53 +01:00
b2e45b56bb blade-tuvok: make sure wg-endpoint sysctl gets forwarding enabled 2021-08-30 20:52:20 +01:00
7134fe904a ops/nixos: implement BFD+WG tunneling for mldn-rd 2021-08-30 19:58:21 +01:00
bc1932df9b hm: start 1password's gui silently 2021-08-30 14:26:25 +01:00
44e22b810c porcorosso: force wayland off 2021-08-30 14:23:20 +01:00
dbcaa51968 hgrc: remove requirement for topic 2021-08-20 23:40:53 +00:00
4b7680acae ops/nixos/blade: force external IP to vl-transit 2021-08-20 23:34:54 +00:00
0ee916e49e ops/nixos/bgp: don't export routes to FB 2021-08-20 23:34:43 +00:00
0dd2d5d442 ops/nixos/bgp: more filtering shenanigans 2021-08-19 00:23:09 +00:00
fdacf57ead blade-tuvok: LINX updates 2021-08-17 01:30:33 +00:00
8ad77134ae ops/nixos/coredns: force store paths 2021-08-16 02:32:44 +00:00
68e0ee0a18 ops/nixos/coredns: add bvm-netbox to int zone 2021-08-16 02:19:38 +00:00
05ddad31ad bvm-netbox: complete setup 2021-08-16 02:09:47 +00:00
94078428f1 bvm-netbox: add postgresql/redis/users 2021-08-15 22:57:36 +00:00
d54d0a2ede bvm-netbox: add tailscale IP 2021-08-15 22:57:26 +00:00