Commit graph

482 commits

Author SHA1 Message Date
17f110b183 add two nixos-managed VMs for docker swarm
change docker swarm ansible to target these vms
2024-02-04 17:16:41 +01:00
c461ab5e49 replace AWS with borgbase for backups 2024-02-03 14:22:23 +01:00
885cba2f30 add ip and mac arithmatic functions
calculate vm mac addresses
2024-02-01 22:57:18 +01:00
beb1c384ec remove dataHost option
improve certificate directory structure
2024-01-31 22:11:28 +01:00
929d20a7d6 change networking config structuring 2024-01-31 21:58:23 +01:00
c58d6c89b3 improve networking templating and configuration 2024-01-30 22:32:09 +01:00
63688f3068 add vm working with dhcp+dns 2024-01-29 22:21:15 +01:00
532d76c049 update readme 2024-01-28 14:14:17 +01:00
45b7cd5c6c automatically set host name 2024-01-28 14:08:28 +01:00
0fd0713e08 Merge branch 'microvm2' 2024-01-28 13:59:25 +01:00
8e9d566d10 simplify flake functions 2024-01-28 13:57:36 +01:00
a015290fcf derive domain from server type 2024-01-28 13:46:32 +01:00
bd5dc4b883 set hostName and domain in nixos config directly 2024-01-28 12:55:58 +01:00
371b851ca5 create shared entrypoint nixos config for physical and vm 2024-01-28 12:30:13 +01:00
32154e7163 create shared nixos config between physical and VM
rename nixos -> nix
2024-01-28 12:06:30 +01:00
472175c5a3 integrate VM definitions 2024-01-28 11:48:13 +01:00
e57f80df82 add flake app to reboot vms on servers 2024-01-23 21:36:29 +01:00
d9bf4d3094 corrected ipv6 address for wg.kun.is 2024-01-21 12:27:54 +01:00
dcfde92bc1 corrected ipv6 address for wg.kun.is 2024-01-20 19:01:46 +01:00
bd1ccce50d fix ipv6 for wireguard 2024-01-17 23:05:30 +01:00
9ddc5c3547 fix ipv6 for wireguard 2024-01-17 23:04:27 +01:00
390cc30173 copy microvm config 2024-01-17 21:28:15 +01:00
dc2fe94c28 migrate external geokunis2.nl hostnames to kun.is 2024-01-17 19:47:22 +01:00
14aca80ff6 added kms.kun.is to dns config (without ipv6) 2024-01-17 19:13:46 +01:00
bf93921109 no ipv6 for kms.geokunis2.nl 2024-01-17 18:09:05 +01:00
8ff86cc4b2 fix reboot reverting to old generation 2024-01-16 21:47:41 +01:00
a341d0dd30 add paperless-ngx docker stack 2024-01-15 21:34:25 +01:00
b59026cb13 allow zone transfers for geokunis2.nl 2024-01-14 19:31:17 +01:00
e9156315d1 don't use IPv6 for git ssh 2024-01-14 18:38:04 +01:00
0b02ed85de enable ipv6 networking on docker swarm 2024-01-14 17:59:32 +01:00
b38f1c291a enable IPv6 support on DNS 2024-01-14 15:20:32 +01:00
13f0f036e9 enable ipv6 networking on DMZ 2024-01-13 17:33:14 +01:00
76501362f7 parameterize main nic and dmz bridge interface names
firewall some services to particular interfaces
2024-01-13 00:05:25 +01:00
6bcdd774ac enable firewall again
replace iptables with nftables
disable reverse path filtering for all hosts
allow port 5353 for host running dnsmasq
closes #31
2024-01-12 22:31:15 +01:00
efe9b57867 create global module for machine-independent custom configuration
parameterize various IP addresses
2024-01-08 23:17:37 +01:00
b189d061cb encrypt secrets with all machines' and admins' public keys
closes #32
2024-01-08 21:46:40 +01:00
0d150b3236 move age keys to /etc
closes #33
2024-01-08 20:47:12 +01:00
aba16d3fd1 restructure modules 2024-01-07 23:06:27 +01:00
11ec763244 remove hermes virtual machines 2024-01-07 22:39:34 +01:00
54d5f6f5dc enable dnsmasq for DHCP and DNS
allow setting static ipv4 address on DMZ
2024-01-07 22:36:26 +01:00
d4301bf7cd unbloat geokunis2 dns 2024-01-07 20:42:07 +01:00
fcf6864b77 Merge branch 'master' of ssh://git.kun.is:56287/home/nixos-servers 2024-01-07 20:31:17 +01:00
62bbc7c13d use dns.nix voor zone file generation 2024-01-07 20:24:12 +01:00
a152cde165 add authoritative DNS server 2024-01-07 18:14:44 +01:00
d92f27bd03 don't manage database permissions in nix
closes #24
2024-01-07 16:26:11 +01:00
914d84ef23 encrypt borg repository
also backup to AWS EC2 instance
2024-01-07 15:57:30 +01:00
2804e764f5 merge modules into one storage module 2024-01-07 00:22:44 +01:00
997d9bb0cb create terraform project to setup libvirt on hosts
use SATA drive for atlas OS
remove thecloud legacy project
2024-01-06 23:56:00 +01:00
7c7b3e667b swap disks on jefke
fix freshrss NFS volume mount point
remove freshrss extensions volume
disable vpay node in docker swarm
2024-01-06 23:07:54 +01:00
10dbccae97 create top-level switch whether a machine holds the application data 2024-01-06 21:45:18 +01:00