aboutsummaryrefslogtreecommitdiffstats
path: root/hosts/by-name (unfollow)
Commit message (Collapse)Author
2025-04-23hosts/server2: Use the internal stalwart directoryBenedikt Peetz
2025-04-22hosts/server2: Setup sharkeyBenedikt Peetz
Server2 is currently not so much under load, as such it seems better to split the load. # server2 ## Virtual Hosts etebase.vhack.eu: dav.vhack.eu gallery.s-schoeffel.de git.foss-syndicate.org invidious-router.vhack.eu: video.fosswelt.org invidious-router.sils.li issues.foss-syndicate.org libreddit.vhack.eu nextcloud.vhack.eu # <-- This redlib.vhack.eu sharkey.vhack.eu # <-- And this are the “only” really heavy services here. source.foss-syndicate.org source.vhack.eu ## Open ports TCP 22: ssh TCP 25: mail-smtp TCP 53: dns TCP 80: http TCP 443: https TCP 465: mail-smtp-tls TCP 993: mail-imap-tls TCP 995: mail-pop3-tls TCP 10222: taskchampion-sync UDP 53: dns # server3 ## Virtual Hosts b-peetz.de mail.vhack.eu mastodon.vhack.eu matrix.vhack.eu miniflux.foss-syndicate.org: rss.foss-syndicate.org rss.vhack.eu miniflux.vhack.eu openpgpkey.b-peetz.de openpgpkey.s-schoeffel.de openpgpkey.sils.li openpgpkey.vhack.eu peertube.vhack.eu trinitrix.vhack.eu vhack.eu ## Open ports TCP 22: ssh TCP 25: <port is 'mail-smtp' but service 'vhack.mail' is not enabled.> TCP 53: dns TCP 80: http TCP 443: https TCP 465: <port is 'mail-smtp-tls' but service 'vhack.mail' is not enabled.> TCP 993: <port is 'mail-imap-tls' but service 'vhack.mail' is not enabled.> TCP 4190: ??? TCP 64738: ??? UDP 53: dns UDP 64738: ???
2025-04-11hosts/server2: Enable taskwarrior-syncBenedikt Peetz
2025-04-07nextcloud: init on server2Silas Schöffel
2025-04-01hosts/server2: FormatBenedikt Peetz
2025-04-01{hosts/server3,zones/vhack.eu}: Activate stalwart-mail on server3 for soisphaBenedikt Peetz
2025-04-01zones/vhack.eu: Make it obvious, that the serial number must be changedBenedikt Peetz
The comment alone would probably suffice, but having a convenient function that makes it obvious *what* part of the serial number you are actually supposed to change seems quite useful, when trying to reduce the possibilities of forgetting it.
2025-03-30{hosts/server2,modules/mail}: Re-active the old mail serverBenedikt Peetz
Running two mail-servers on one system is a total /mess/. Both try to bind to the same ports, the old stack consists of **5** different systemd services whilst stalwart-mail's systemd service simply refuses to stop, etc. I'm confident that it can work, but it would probably be best to deploy the new mail-server on server3.
2025-03-29hosts/server2: Use the correct path to the DKIM keysBenedikt Peetz
2025-03-29hosts/server2: Setup stalwalt-mail on mail.vhack.eu for soispha@vhack.euBenedikt Peetz
We need to actually test stalwart out in the real world, because the test can never actually capture all the weird things people do with their mail setup. Refs: #6ea08aa
2025-03-11zones: Provide a single entry point for all zonesBenedikt Peetz
2025-03-10{hosts,zones}: Init dns zone for vhack.euBenedikt Peetz
2025-03-09hosts/server2: Use new back configBenedikt Peetz
2025-02-09fix(hosts/server2/redirects): Also recognize the old source.vhack.eu redirectBenedikt Peetz
2025-02-07hosts/server3/websites: Host nix-sync on server3Benedikt Peetz
2025-02-04hosts/server2/websites: Correct extraSettings for wkdBenedikt Peetz
The `/.well-known/openpgpkey/hu/` path does not exist. Thus remove the erroneous `hu/` at the end.
2025-02-04hosts/server2/websites: Use the new repository urlsBenedikt Peetz
This changes: https://codeberg.org/bpeetz/b-peetz.de.git -> https://git.foss-syndicate.org/bpeetz/b-peetz.de.git https://codeberg.org/vhack.eu/gpg_wkd.git -> https://git.foss-syndicate.org/vhack.eu/pgp-wkd.git
2025-02-04modules/nix-sync: Actually enableBenedikt Peetz
This includes the obvious changes, ensuring that it follows our current best-practices.
2025-01-29refactor(hosts/{server2,server3}): Move the backup secrets in a directoryBenedikt Peetz
2025-01-25feat(matrix): make secrets configurableSilas Schöffel
2025-01-25feat(mastodon): make secrets configurableSilas Schöffel
2025-01-25feat(miniflux): make secrets configurableSilas Schöffel
2025-01-25feat(peertube): make secrets configurableSilas Schöffel
2025-01-25feat(hosts)!: remove server1Silas Schöffel
This host is unused and therefore unneeded
2025-01-25feat(etesync): migrate to server2Silas Schöffel
2025-01-25feat(redlib): move to server2Silas Schöffel
2025-01-25feat(modules/mail): init on server2Silas Schöffel
2025-01-21feat(modules/backup): initSilas Schöffel
2025-01-21fix(hosts/server1): remove migrated servicesSilas Schöffel
2025-01-21feat(modules/matrix): init on server3Silas Schöffel
2025-01-21feat(modules/mastodon): init on server3Silas Schöffel
2025-01-21fix(peertube): migrate to server3Silas Schöffel
2025-01-20feat(modules/murmur): initSilas Schöffel
2025-01-20feat(modules/nixconfig): initSilas Schöffel
2025-01-20feat(modules/invidious-router): initSilas Schöffel
2025-01-20feat(modules/gallery): initSilas Schöffel
2025-01-20feat(miniflux): init module, host on server2Silas Schöffel
2025-01-04feat(hosts/server3): initSilas Schöffel
2024-12-27fix(server2/networking): correct ipv6 addressSilas Schöffel
2024-12-25fix(hosts/server2): Use correct path to `vhack.eu/nixos-server` repoBenedikt Peetz
2024-12-25feat(modules/nginx): Modularise the redirects and migrate them to server2Benedikt Peetz
The redirects always have an implicit dependency on the DNS config of the running host. As such, simply stating them for all host is never a possibility and setting them per host the only viable option.
2024-12-25refactor(hosts): Use a `by-name` structure and construct all host depended ↵Benedikt Peetz
values This allows us to outsource the host-handling from the `flake.nix` file.
generated by cgit v1.3.1 (git 2.54.0) at 2026-05-31 19:06:50 +0000