Commit graph

77 commits

Author SHA1 Message Date
6bcdd774ac enable firewall again
replace iptables with nftables
disable reverse path filtering for all hosts
allow port 5353 for host running dnsmasq
closes #31
2024-01-12 22:31:15 +01:00
efe9b57867 create global module for machine-independent custom configuration
parameterize various IP addresses
2024-01-08 23:17:37 +01:00
b189d061cb encrypt secrets with all machines' and admins' public keys
closes #32
2024-01-08 21:46:40 +01:00
0d150b3236 move age keys to /etc
closes #33
2024-01-08 20:47:12 +01:00
aba16d3fd1 restructure modules 2024-01-07 23:06:27 +01:00
54d5f6f5dc enable dnsmasq for DHCP and DNS
allow setting static ipv4 address on DMZ
2024-01-07 22:36:26 +01:00
d4301bf7cd unbloat geokunis2 dns 2024-01-07 20:42:07 +01:00
fcf6864b77 Merge branch 'master' of ssh://git.kun.is:56287/home/nixos-servers 2024-01-07 20:31:17 +01:00
62bbc7c13d use dns.nix voor zone file generation 2024-01-07 20:24:12 +01:00
a152cde165 add authoritative DNS server 2024-01-07 18:14:44 +01:00
d92f27bd03 don't manage database permissions in nix
closes #24
2024-01-07 16:26:11 +01:00
914d84ef23 encrypt borg repository
also backup to AWS EC2 instance
2024-01-07 15:57:30 +01:00
2804e764f5 merge modules into one storage module 2024-01-07 00:22:44 +01:00
997d9bb0cb create terraform project to setup libvirt on hosts
use SATA drive for atlas OS
remove thecloud legacy project
2024-01-06 23:56:00 +01:00
7c7b3e667b swap disks on jefke
fix freshrss NFS volume mount point
remove freshrss extensions volume
disable vpay node in docker swarm
2024-01-06 23:07:54 +01:00
10dbccae97 create top-level switch whether a machine holds the application data 2024-01-06 21:45:18 +01:00
97fc20e251 backup nextcloud and hedgedoc database using borgmatic
expose database passwords using agenix
install lsof and parted
2024-01-06 20:17:45 +01:00
fc2da07613 update borgmatic config to backup btrfs subvolume 2024-01-04 23:04:02 +01:00
837ddf14e1 fix freshrss nfs volume directory
remove freshrss extensions volume
install lsof and parted
2024-01-02 08:27:12 +01:00
5884585b3a migrate data from thecloud.dmz to lewis.dmz
install tcpdump
2024-01-01 13:16:11 +01:00
3981805a6b add experimental module for data sharing on hypverisor 2023-12-30 21:13:48 +01:00
d9f697d171 add possibility of DMZ connectivity on hypervisor 2023-12-30 16:11:28 +01:00
0518fb5949 create module for networking 2023-12-30 15:20:16 +01:00
989ef332bb disable password logins by default in VMs
restructure terraform database module
2023-12-30 14:35:10 +01:00
7222254c22 cleanup nixos modules a bit 2023-12-29 13:46:12 +01:00
1f5d121fd0 restructure nixos modules 2023-12-29 13:41:01 +01:00
6d258fe5ae restructure code 2023-12-29 12:47:59 +01:00