Commit graph

75 commits

Author SHA1 Message Date
876e472a3c ops/nixos: bvm-forgejo + pomerium 2024-11-10 21:55:37 +00:00
525ec8977b ops/nixos: introduce seaweedfs 2024-10-20 14:37:47 +01:00
d87a9cee2d totoro: enable zigbee2mqtt and mosquitto 2024-10-13 14:42:52 +01:00
4db9ef0543 ops/nixos: change shape of systemd-networkd
some repeated things have moved up
2024-06-09 00:53:59 +01:00
8be0a210d9 barf: add fonts for people on macos 2024-03-12 02:22:13 +00:00
a25ba9aef6 barf: some more fixes 2024-03-12 01:43:08 +00:00
240c3a72f2 etheroute-lon01: drop pomerium redis databroker 2024-01-08 00:38:42 +00:00
b934f315dd ops/nixos: fixes for nixpkgs bump 2023-10-24 23:51:25 +01:00
2420018235 etheroute-lon01: change setup of quadv 2023-09-30 01:14:36 +00:00
490b63936c etheroute-lon01: make DNS lookups use v6 as well 2023-08-24 20:41:02 +01:00
2714def613 etheroute-lon01: add code.int.lukegb.com 2023-08-19 22:43:34 +00:00
1c847d3eda etheroute-lon01: set up gsl1 2023-07-28 21:13:35 +00:00
7d221ced9a etheroute-lon01: make cofractal-ams01 public 2023-07-21 16:47:47 +00:00
551c4f27ad etheroute-lon01: GRE->Wireguard 2023-07-15 12:09:18 +01:00
1c4530988d etheroute-lon01: switch to networkd 2023-07-11 12:01:46 +01:00
c283dc8f90 ops/nixos: update etheroute-lon01 tailscale IP 2023-04-18 20:59:21 +00:00
7fe7452e2f ops/nixos: add tumblrandom 2023-04-18 20:05:51 +00:00
24cd61c461 etheroute-lon01: IPv4 renumber 2023-03-16 10:32:09 +00:00
ca7b57a78a cofractal-ams01: adopt more responsibility from clouvider-fra01 2023-03-12 03:15:34 +00:00
7c6bdab11c etheroute-lon01: quadv1-4 2023-02-03 23:30:35 +00:00
6f77028a62 ops: pending changes 2022-11-30 10:50:47 +00:00
bc6832b6ca etheroute-lon01: reinstall, reconfig bgp.tools session 2022-08-26 21:00:43 +01:00
159da44acf totoro: enable nodered 2022-08-14 18:10:49 +01:00
6e746fb2cf etheroute-lon01: use gre rather than ipip
Cloudflare Magic Transit appears to become Very Unhappy when you blast it with IPIP.

Use GRE instead, which it is happier with.
2022-04-30 16:48:28 +01:00
d21b733794 ops/nixos: add bgp.tools route collector 2022-04-30 16:48:01 +01:00
35c014bdbe etheroute-lon01: configure endpoint my end 2022-04-26 09:16:25 +01:00
8647af22d7 ops/nixos: put more things in Vault 2022-04-09 21:51:24 +01:00
157629a402 paperless: allow websockets, set up postgres 2022-04-06 11:49:52 +01:00
da71f20036 ops/nixos: enable paperless 2022-04-06 00:57:22 +01:00
b719181dfe nixos: migrate to secretsmgr for sshd and ACME 2022-03-17 23:31:55 +00:00
4100b021aa etheroute-lon01: add google service account token 2022-03-11 16:20:34 +00:00
dd746bec32 etheroute-lon01: use FQDN for Pomerium DNS 2022-03-11 16:20:24 +00:00
c98f3312a7 etheroute-lon01: migrate to vault-agent-secrets 2022-03-11 14:40:55 +00:00
0c458988de ops/nixos: misc cleanups 2022-03-11 03:27:58 +00:00
daccfa5717 ops/nixos: migrate everything to vault-agent-acme 2022-03-07 00:52:03 +00:00
cbabb6f211 ops/nixos: migrate nix.maxJobs/binaryCaches/trustedBinaryCaches to the nix.settings equivalents 2022-01-30 20:30:20 +00:00
4b14ea5b4d ops/nixos: remove rebuilder
It's in the common profile, we don't need it everywhere.
2022-01-23 16:57:20 +00:00
ad95bffd3d ops/nixos: tidy up networking.useDHCP 2022-01-08 21:45:18 +00:00
2ddd50aef4 etheroute-lon01: disable TLS verification for totoro
For some reason this is failing with a TLS alert that the certificate
is expired???
2022-01-07 15:23:43 +00:00
d79265ddad ops/nixos: tidy up security.acme 2022-01-04 14:00:45 +00:00
05aea7f5f1 ops/nixos: migrate from services.redis to services.redis.servers."" 2021-12-24 02:02:57 +00:00
b6e4741320 etheroute-lon01: stateful firewall for forwarded packets 2021-12-07 17:25:59 +00:00
81b19971d1 etheroute-lon01: IPIP shouldn't bind to that 2021-12-07 16:48:48 +00:00
a344287e92 etheroute-lon01: fix up IPIP 2021-12-07 16:13:32 +00:00
41c85d898b etheroute-lon01: export QuadV net 2021-12-07 15:48:50 +00:00
b94b586d5b clouvider-fra01: add content.int.lukegb.com 2021-10-19 07:06:37 +01:00
05ddad31ad bvm-netbox: complete setup 2021-08-16 02:09:47 +00:00
eba082c249 etheroute-lon01: renumber BGP session from 16089 to 3170 2021-06-11 12:28:30 +00:00
36cc88bcef ipfs: add to pomerium, explicitly set IPs for swarm 2021-04-18 16:24:59 +00:00
d96ef542d7 etheroute-lon01: set X-Forwarded-Roles header for rundeck 2021-04-10 19:22:54 +00:00