683a565a1d
Document intl node set up
...
Uses strongswan and GRE for mail connection, iptables for port forwarding to the smtp, nginx for website and webhook service, with static files getting uploaded from nixbld
Signed-off-by: Egor Savkin <es@m-labs.hk>
2024-10-18 17:40:04 +08:00
14e9d63ab7
nixbld: apply TCP MSS clamping to USA tunnel
2024-10-17 15:08:27 +08:00
19aee9b59f
nixbld: send mail from m-labs-intl.com through trump0
2024-10-17 15:04:50 +08:00
f8a3d54b54
nixbld: update simple-nixos-mailserver
2024-10-17 15:04:14 +08:00
c499a7ce86
nixbld: keep checking SPF for email from tunnel
...
GRE preserves source IP information.
2024-10-17 14:48:04 +08:00
476f5d1d6c
nixbld: update to nextcloud 30
2024-10-16 11:33:07 +08:00
ecf40fb2db
nixbld: fix firewall issue with incoming USA tunnel connections
2024-10-15 21:27:43 +08:00
34102e66ad
nixbld: install nextcloud forms app
2024-10-15 16:22:33 +08:00
93ae830468
nixbld: disable IPv6 MX for m-labs-intl.com
2024-10-14 14:23:15 +08:00
8af66556b9
nixbld: remove google fonts workaround
2024-10-11 17:27:10 +08:00
94cff9bb09
nixbld: revert 233998b8 (did not fix the problem)
2024-10-08 16:11:12 +08:00
2bf7bb0638
nixbld: connect to USA VPN
2024-10-08 16:09:56 +08:00
3419fe6013
nixbld: remove nkrackow user
2024-10-05 10:15:13 +08:00
ec53c0cbdd
nixbld: add eduardotenholder user
2024-10-02 18:41:45 +08:00
0258f5cff4
nixbld: reorganize users (NFC)
2024-10-02 18:40:48 +08:00
b723b7f8c0
nixbld: clean up/update systemPackages
2024-09-30 15:12:01 +08:00
0c336f3dd7
nixbld: do not log refused connections
...
Happen all the time and spam the kernel log.
2024-09-30 14:40:09 +08:00
11181f0397
nixbld: flarum createDatabaseLocally no longer needed
...
https://github.com/NixOS/nixpkgs/pull/341340
2024-09-23 10:52:08 +08:00
aaf70f36df
nixops: remove user accounts
2024-09-13 13:23:15 +08:00
4a288abe2b
nixbld: keep automatic flarum DB migrations
2024-09-10 17:12:44 +08:00
246a375dfb
add remote IPsec settings
2024-09-05 14:36:37 +08:00
635f90f0c7
nixbld/flarum: use nix
2024-08-31 17:27:16 +08:00
8a187ba5b9
nixbld: SIT can take larger packets
2024-08-29 18:55:52 +08:00
9383227c5b
nixbld: consistent netif variables
2024-08-29 18:53:33 +08:00
233998b8f3
nixbld: work around tunnel bring-up race condition
2024-08-29 18:40:17 +08:00
90a6b84c09
nixbld: work around tunnel TCPMSS issues
2024-08-29 18:39:52 +08:00
23e1fa029a
nixbld: upgrade postgresql
2024-08-25 11:06:19 +08:00
75035b387e
Skip SPF for mails originating from intl
...
Signed-off-by: Egor Savkin <es@m-labs.hk>
2024-08-20 10:59:27 +08:00
4f48ea611a
nixops: remove wanglm user
2024-08-19 11:18:06 +08:00
6dc8214102
nixbld/backup: include gitea DB dump
2024-08-17 18:26:46 +08:00
a6b216bb87
nixbld/gitea: move to postgresql
2024-08-17 18:18:56 +08:00
6e21a95ba8
nixbld/named: add qnetp slave DNS for m-labs-intl.com
2024-08-15 19:52:42 +08:00
d08186a27a
nixbld/named: enable CAA for m-labs-intl.com
2024-08-14 11:52:25 +08:00
5d132565e6
nixbld/named: add hooks.m-labs-intl.com
2024-08-14 11:42:38 +08:00
97ca7ea3ce
nixbld: mail setup for m-labs-intl.com WIP
2024-08-14 11:38:19 +08:00
e24c167f8b
Revert "nixbld: block SAP spam"
...
Option seems to have no effect.
This reverts commit b769b47075
2024-08-14 10:58:49 +08:00
18194be5c3
nixbld: deploy web2019 to the intl domain
...
Co-authored-by: Egor Savkin <es@m-labs.hk>
Co-committed-by: Egor Savkin <es@m-labs.hk>
2024-08-14 10:54:52 +08:00
7781d6236e
nixbld/rt: disable TCP
2024-08-11 12:19:15 +08:00
93e19c74e9
nixbld/rt: use psql peer authentication
2024-08-11 12:12:28 +08:00
4ccab3cf2b
nixbld: remove outdated DNS records
2024-08-05 19:13:34 +08:00
69fe8c9866
nixbld: add flo user
2024-08-01 07:32:11 +08:00
b769b47075
nixbld: block SAP spam
2024-07-02 09:56:02 +02:00
f0668fa5b7
juno: mobo swap
2024-06-27 14:20:30 +08:00
8422d16978
nixops: add new DSLogic USB ID
2024-06-26 13:29:20 +08:00
872dcaa6bc
nixbld: serve m-labs-intl.com domain
2024-06-06 17:29:07 +08:00
ca895df9f3
nixbld: switch to gitea built-in SSH server
2024-06-06 16:27:39 +08:00
4e6686dbe9
nixbld: fix gitea emails
2024-06-06 13:52:35 +08:00
f973d2969a
nixbld: fix gitea emails
2024-06-05 11:23:24 +08:00
18a41e1c88
nixbld: work around for hydra input issues in restricted mode
2024-06-03 22:39:00 +08:00
f49a0f825e
nixops: typo
2024-06-02 20:29:37 +08:00
