Egor Savkin
|
dda6a06454
|
Document strongswan setup
Signed-off-by: Egor Savkin <es@m-labs.hk>
|
2024-10-18 17:36:01 +08:00 |
Egor Savkin
|
7803b0a97c
|
Use postfix options for routing mails
Signed-off-by: Egor Savkin <es@m-labs.hk>
|
2024-10-18 15:17:21 +08:00 |
Egor Savkin
|
e48a5e3e2e
|
Prototype mail router
Signed-off-by: Egor Savkin <es@m-labs.hk>
|
2024-10-18 15:16:49 +08:00 |
Egor Savkin
|
4d97416d44
|
Remove request rate restriction and remove proxy protocol
Signed-off-by: Egor Savkin <es@m-labs.hk>
|
2024-10-18 15:16:49 +08:00 |
Egor Savkin
|
5e64abf31c
|
Limit connections and redirect www to canonical
Signed-off-by: Egor Savkin <es@m-labs.hk>
|
2024-10-18 15:16:49 +08:00 |
Egor Savkin
|
2340919bb5
|
Move away from automated script
Signed-off-by: Egor Savkin <es@m-labs.hk>
|
2024-10-18 15:16:49 +08:00 |
Egor Savkin
|
f7b8ee5a03
|
Postfix instead of nginx streams
Signed-off-by: Egor Savkin <es@m-labs.hk>
|
2024-10-18 15:16:49 +08:00 |
Egor Savkin
|
389c0ad3ce
|
Remove imap and pop3 ports proxy
Signed-off-by: Egor Savkin <es@m-labs.hk>
|
2024-10-18 15:16:49 +08:00 |
Egor Savkin
|
85aa83f886
|
Add configuration for the m-labs-intl
Signed-off-by: Egor Savkin <es@m-labs.hk>
|
2024-10-18 15:16:49 +08:00 |
Sébastien Bourdeauducq
|
14e9d63ab7
|
nixbld: apply TCP MSS clamping to USA tunnel
|
2024-10-17 15:08:27 +08:00 |
Sébastien Bourdeauducq
|
19aee9b59f
|
nixbld: send mail from m-labs-intl.com through trump0
|
2024-10-17 15:04:50 +08:00 |
Sébastien Bourdeauducq
|
f8a3d54b54
|
nixbld: update simple-nixos-mailserver
|
2024-10-17 15:04:14 +08:00 |
Sébastien Bourdeauducq
|
c499a7ce86
|
nixbld: keep checking SPF for email from tunnel
GRE preserves source IP information.
|
2024-10-17 14:48:04 +08:00 |
Sébastien Bourdeauducq
|
476f5d1d6c
|
nixbld: update to nextcloud 30
|
2024-10-16 11:33:07 +08:00 |
Sebastien Bourdeauducq
|
ecf40fb2db
|
nixbld: fix firewall issue with incoming USA tunnel connections
|
2024-10-15 21:27:43 +08:00 |
Sébastien Bourdeauducq
|
34102e66ad
|
nixbld: install nextcloud forms app
|
2024-10-15 16:22:33 +08:00 |
Sébastien Bourdeauducq
|
93ae830468
|
nixbld: disable IPv6 MX for m-labs-intl.com
|
2024-10-14 14:23:15 +08:00 |
Sébastien Bourdeauducq
|
8af66556b9
|
nixbld: remove google fonts workaround
|
2024-10-11 17:27:10 +08:00 |
Sébastien Bourdeauducq
|
94cff9bb09
|
nixbld: revert 233998b8 (did not fix the problem)
|
2024-10-08 16:11:12 +08:00 |
Sébastien Bourdeauducq
|
2bf7bb0638
|
nixbld: connect to USA VPN
|
2024-10-08 16:09:56 +08:00 |
Sébastien Bourdeauducq
|
3419fe6013
|
nixbld: remove nkrackow user
|
2024-10-05 10:15:13 +08:00 |
Sébastien Bourdeauducq
|
ec53c0cbdd
|
nixbld: add eduardotenholder user
|
2024-10-02 18:41:45 +08:00 |
Sébastien Bourdeauducq
|
0258f5cff4
|
nixbld: reorganize users (NFC)
|
2024-10-02 18:40:48 +08:00 |
Sébastien Bourdeauducq
|
b723b7f8c0
|
nixbld: clean up/update systemPackages
|
2024-09-30 15:12:01 +08:00 |
Sébastien Bourdeauducq
|
0c336f3dd7
|
nixbld: do not log refused connections
Happen all the time and spam the kernel log.
|
2024-09-30 14:40:09 +08:00 |
Sebastien Bourdeauducq
|
11181f0397
|
nixbld: flarum createDatabaseLocally no longer needed
https://github.com/NixOS/nixpkgs/pull/341340
|
2024-09-23 10:52:08 +08:00 |
Sebastien Bourdeauducq
|
aaf70f36df
|
nixops: remove user accounts
|
2024-09-13 13:23:15 +08:00 |
Sébastien Bourdeauducq
|
4a288abe2b
|
nixbld: keep automatic flarum DB migrations
|
2024-09-10 17:12:44 +08:00 |
Sébastien Bourdeauducq
|
246a375dfb
|
add remote IPsec settings
|
2024-09-05 14:36:37 +08:00 |
Sébastien Bourdeauducq
|
635f90f0c7
|
nixbld/flarum: use nix
|
2024-08-31 17:27:16 +08:00 |
Sébastien Bourdeauducq
|
8a187ba5b9
|
nixbld: SIT can take larger packets
|
2024-08-29 18:55:52 +08:00 |
Sébastien Bourdeauducq
|
9383227c5b
|
nixbld: consistent netif variables
|
2024-08-29 18:53:33 +08:00 |
Sébastien Bourdeauducq
|
233998b8f3
|
nixbld: work around tunnel bring-up race condition
|
2024-08-29 18:40:17 +08:00 |
Sébastien Bourdeauducq
|
90a6b84c09
|
nixbld: work around tunnel TCPMSS issues
|
2024-08-29 18:39:52 +08:00 |
Sébastien Bourdeauducq
|
23e1fa029a
|
nixbld: upgrade postgresql
|
2024-08-25 11:06:19 +08:00 |
Egor Savkin
|
75035b387e
|
Skip SPF for mails originating from intl
Signed-off-by: Egor Savkin <es@m-labs.hk>
|
2024-08-20 10:59:27 +08:00 |
Sébastien Bourdeauducq
|
4f48ea611a
|
nixops: remove wanglm user
|
2024-08-19 11:18:06 +08:00 |
Sébastien Bourdeauducq
|
6dc8214102
|
nixbld/backup: include gitea DB dump
|
2024-08-17 18:26:46 +08:00 |
Sébastien Bourdeauducq
|
a6b216bb87
|
nixbld/gitea: move to postgresql
|
2024-08-17 18:18:56 +08:00 |
Sébastien Bourdeauducq
|
6e21a95ba8
|
nixbld/named: add qnetp slave DNS for m-labs-intl.com
|
2024-08-15 19:52:42 +08:00 |
Sébastien Bourdeauducq
|
d08186a27a
|
nixbld/named: enable CAA for m-labs-intl.com
|
2024-08-14 11:52:25 +08:00 |
Sébastien Bourdeauducq
|
5d132565e6
|
nixbld/named: add hooks.m-labs-intl.com
|
2024-08-14 11:42:38 +08:00 |
Sébastien Bourdeauducq
|
97ca7ea3ce
|
nixbld: mail setup for m-labs-intl.com WIP
|
2024-08-14 11:38:19 +08:00 |
Sébastien Bourdeauducq
|
e24c167f8b
|
Revert "nixbld: block SAP spam"
Option seems to have no effect.
This reverts commit b769b47075 .
|
2024-08-14 10:58:49 +08:00 |
Egor Savkin
|
18194be5c3
|
nixbld: deploy web2019 to the intl domain
Co-authored-by: Egor Savkin <es@m-labs.hk>
Co-committed-by: Egor Savkin <es@m-labs.hk>
|
2024-08-14 10:54:52 +08:00 |
Sébastien Bourdeauducq
|
7781d6236e
|
nixbld/rt: disable TCP
|
2024-08-11 12:19:15 +08:00 |
Sébastien Bourdeauducq
|
93e19c74e9
|
nixbld/rt: use psql peer authentication
|
2024-08-11 12:12:28 +08:00 |
Sébastien Bourdeauducq
|
4ccab3cf2b
|
nixbld: remove outdated DNS records
|
2024-08-05 19:13:34 +08:00 |
Sebastien Bourdeauducq
|
69fe8c9866
|
nixbld: add flo user
|
2024-08-01 07:32:11 +08:00 |
Sebastien Bourdeauducq
|
b769b47075
|
nixbld: block SAP spam
|
2024-07-02 09:56:02 +02:00 |