summaryrefslogtreecommitdiffstats
path: root/system/services (unfollow)
Commit message (Collapse)Author
2024-02-11feat: remove keycloaksils
2024-02-10fix(system/services/invidious-router): fix typo in domainsils
2024-02-10feat: add invidious-routersils
2024-01-19fix(system/services/restic): create /srv/snapshots if non-existentsils
2024-01-14fix(sys/services/restic): Set the system start time to 'daily'Soispha
Considering that the db dump takes longer than an hour, an hourly service start time could lead to multiple dumps happening concurrently. This should reduce this risk
2024-01-14fix(sys/services/restic): Include a db dump of PostgreSQLSoispha
Including this dump should remove the risk of a backup with a corrupt PostgreSQL database. Initial test showed that the backup takes around 32 GB and runs in under 3 hours. There is one big oversight not yet included in this commit: All services running a SQLite database are not included in this dump and thus can not be safely recovered. At present these are: - etebase-server (db.sqlite3) - murmur (murmur.sqlite) (This is list was generated with `sudo fd sqlite /srv/`)
2024-01-07fix(system/services): import restic configsils
2024-01-07feat(system): add resticsils
2024-01-06feat(system/services/mastodon): define streamingProcessessils
2024-01-06feat(system/services/fail2ban): define config in daemonSettingssils
This isn't strictly necessary as we define the default config
2024-01-06feat(system/services/matrix): use mautrix-whatsapp module provided bysils
nixpkgs
2023-11-30refactor(system/services/etebase): explain outcommented static filessils
2023-11-27fix(system/services/etebase): don't serve static filessils
This doesn't work as nginx doesn't have the right permissions.
2023-11-27fix(system/services/etebase): serve static_rootsils
2023-11-27fix(system/services/etebase): micellanous changes to make it worksils
2023-11-20fix(system/services/nix): add nixremote to trusted-userssils
2023-11-18refactor(system/services/etebase): Use a reference to the port numberSoispha
2023-11-18fix(system/services/etebase): Use the correct subdomainsSoispha
This is done to comply with the naming scheme employed at `vhack.eu`.
2023-11-18fix(system/services/etebase): Hard-code localhost ipSoispha
Otherwise, etebase might use the ipv6 ip, whilst nginx uses the ipv4 version. This prevents this issue
2023-11-18Fix(system/services/etebase): Add proxy parameterssils
2023-11-18Fix(system/services/etebase): Proxy ipv4sils
2023-11-18Refactor(system/services/etebase): Formatsils
2023-11-18Fix(system/services/etebase-server): Use nginxsils
2023-11-18Feat(system/services): Add etebase-serversils
2023-11-18docs(system/services/taskserver): Add docs about expectations to runtimeSoispha
2023-11-18fix(system/services/taskserver): Support both ipv4 and ipv6Soispha
2023-11-18fix(system/services/taskserver): Support both ipv4 and ipv6Soispha
2023-11-07fix(system/services/taskserver/certs): Move cert generation to scriptSoispha
This fully removes the human-factor and allows it to just run `./generate` to generate all required certificates and keys (with the needed extra keys and certificates)
2023-11-03fix(system/services/nginx/redirects): Enable ssl for the domainsSoispha
Although the page does not actually serve any content, many browsers will still refuse to access it at all, if they have the 'https-only' mode activated.
2023-10-17feat(system/services/taskserver): Add a way to connect users togetherSoispha
2023-10-17fix(system/services/taskserver): Disable debugSoispha
2023-10-16fix(system/services/taskserver): Activate debugSoispha
2023-10-16fix(system/services/taskserver): Use correct key name (`key.pem`)Soispha
2023-10-16fix(system/services/taskserver): Switch to strings instead of pathsSoispha
2023-10-16feat(system/services/taskserver): Integrate Let's Encrypt certificatesSoispha
The current setup now runs the `taskserver.vhack.eu` domain with a Let's Encrypt certificate and additionally uses a self-signed CA certificate to validate clients. The shell scripts used to generate the CA certificate and the derived client certificate (and keys) are taken nearly unmodified from the upstream repository [1]. [1]: https://github.com/GothenburgBitFactory/taskserver/tree/9794cff61e56bdfb193c6aa4cebb57970ac68aef/pki
2023-10-16fix(system/services/taskserver): declare certs/keys in pki.manualsils
2023-10-16feat(system/services/taskserver): change ca to letsencryptsils
2023-10-16fix(system/services/taskserver): Hide organisationsSoispha
2023-10-14refactor(system/services/redirects): Move under the nginx directorySoispha
2023-10-14fix(system/services/redirects): disable sslsils
2023-10-14Feat(system/services/redirects): Build up the base to comply with the AGPLSoispha
2023-10-14Style(treewide): Merge attrs togetherSoispha
2023-10-13fix(system/services/miniflux): Set correct subdomain, but leave aliasSoispha
2023-10-13fix(system/services/mastodon): Correctly avoid string castsSoispha
2023-10-13Revert "fix(system/services/mastodon): remove unneccessary stringcasts"sils
These stringcasts were mandatory. This reverts commit cfdd2e350ff5df55beef4fa5b7bc11e9ff5e23c1.
2023-10-13fix(system/services/mastodon): remove unneccessary stringcastssils
2023-10-12fix(system/services/mastodon): change string to list of stringsils
2023-10-12fix(system/services/mastodon): add nginx to group 'mastodon'sils
2023-10-12fix(system/services/mastodon): allow registration only with vhack.eu/sils.li ↵sils
mail
2023-10-12fix(system/services/mastodon): separate domains for user handles and ↵sils
webinterface
generated by cgit v1.3.1 (git 2.54.0) at 2026-06-03 08:52:17 +0000