Commit Graph

181 Commits

Author SHA1 Message Date
b7d9df794e nixbld: close legacy firewall ports 2023-04-05 12:42:42 +08:00
6d31b77f0e add .ph site 2023-03-23 15:22:25 +08:00
ff37c5949e nixbld: add esavkin 2023-03-03 18:29:45 +08:00
8ea7b06218 remove therobs12 user 2023-02-16 11:55:29 +08:00
c9f774d011 nixbld: install labelprinter 2023-02-10 18:26:12 +08:00
9babd68652 nixbld: give backupdl access to nextcloud 2023-01-31 15:41:15 +08:00
b3f5f687aa nixbld: cleanup backupdl keys 2023-01-30 16:14:12 +08:00
af27584100 nixbld: remove topquark12 user 2023-01-30 16:12:13 +08:00
4c7a2dfce3 nixbld: label printer permissions 2023-01-30 16:12:00 +08:00
30fa569bdc nixbld: block more insecure devices 2023-01-30 16:08:27 +08:00
9dee7c1888 nixbld: update backupdl key 2023-01-29 20:19:05 +08:00
0faa05aec3 nixbld: add back qnetp DNS 2023-01-29 18:29:16 +08:00
faff3a5eef nixbld: relocation 2023-01-29 12:11:31 +08:00
3210289ebf fix *.mil DNS lookups 2023-01-28 09:54:13 +08:00
dd0ebf1c47 nixbld: move to he.net DNS 2023-01-27 14:48:14 +08:00
fb54880765 nixbld: start rt-fetchmail after dovecot 2023-01-04 11:54:30 +08:00
ea0b7d6dc7 nixbld: enable POP3 2022-12-25 11:07:02 +08:00
3b224c56aa nixbld: ignore local IP for fail2ban 2022-12-24 15:42:35 +08:00
15d99bc68b nixbld: persist DNSSEC private key
https://github.com/NixOS/nixpkgs/issues/204391
2022-12-05 10:00:35 +08:00
70a7ce5d30 nixbld: remove obsolete ssh key 2022-12-03 17:14:23 +08:00
2af492e37e nixbld: NixOS 22.11 2022-12-03 16:29:32 +08:00
88dd1a5fc4 nixbld: update therobs shell 2022-11-11 17:58:10 +08:00
cecda7e28b nixbld: update users 2022-11-11 17:46:10 +08:00
2d9b7767a6 nixbld: enable aarch64-linux binfmt emulation 2022-11-09 21:14:11 +08:00
fb745a11e3 nixbld: new msys2 repos 2022-11-03 19:09:35 +08:00
0c8019516d nixbld: fix bind DNSSEC configuration for new version
https://gitlab.isc.org/isc-projects/bind9/-/issues/3554
2022-09-30 16:46:39 +08:00
d2bfca1f25 nixbld: serve nmigen docs 2022-09-27 11:07:13 +08:00
9bc617a019 nixbld: fix munin auth 2022-09-23 11:00:49 +08:00
e2e4b0842a nixbld: add yuk account 2022-09-21 10:12:25 +08:00
382c8bfaab nixbld: add aux key for backupdl 2022-09-17 19:19:00 +08:00
ac022776e7 nixbld: SSH reverse proxy setup 2022-09-17 19:13:54 +08:00
e9b02d0c72 nixbld: disable kk105 account 2022-09-13 08:50:16 +08:00
365ec54358 nixbld: install hedgedoc 2022-09-01 11:39:47 +08:00
dc08412ba2 update email settings 2022-08-13 11:22:01 +08:00
a517d429ab work around Google DNS geolocation fuckup 2022-08-12 18:37:42 +08:00
7dc4866314 nixbld: more email setup 2022-08-09 17:45:26 +08:00
5f7cb6113e nixbld: block siglent internet 2022-08-03 12:52:26 +08:00
a147bb3883 nixbld: add topquark12 2022-07-31 19:40:45 +08:00
80ee7911cd nixbld: disable jitsi
Jitsi is bloated and overly complex, and the NixOS package is too limited.
https://discourse.nixos.org/t/setting-up-authentication-on-a-jitsi-server/17549
2022-07-25 18:33:40 +08:00
66d7dd6efe nixbld: enable more fail2ban filters 2022-07-25 18:33:24 +08:00
93a40ea87d nixbld: reduce gitea spamminess 2022-07-25 18:33:08 +08:00
e5250c88fb nixbld: web/hydra setup for flakes in ARTIQ stable 2022-07-08 19:00:38 +08:00
048863593a nixbld: remove obsolete ACME workaround 2022-07-04 16:22:40 +08:00
328a85c504 nixbld: install nextcloud 2022-06-30 17:33:09 +08:00
3ef19cbe93 nixbld: m-labs.hk DNS zone 2022-06-28 14:44:14 +08:00
6333165321 nixbld: setup email server for m-labs.hk 2022-06-27 18:17:30 +08:00
8bc44199fc nixbld: make bind CLI tools available 2022-06-27 18:16:38 +08:00
08ab958a76 nixbld: use semi-automatic DNSSEC 2022-06-27 13:08:16 +08:00
3909d7428d nixbld: DNS server (WIP) 2022-06-26 16:57:17 +08:00
70ad63ca56 nixbld: block internet access on insecure device 2022-06-23 15:33:37 +08:00
6cb5c84a9b nixbld: enable mail server again 2022-06-18 13:58:51 +08:00
7f599bdbc9 nixbld: remove gitea patch (merged upstream) 2022-06-07 10:17:15 +08:00
ae5e85d611 nixbld: re-add networked derivations patch 2022-06-04 13:52:21 +08:00
5354daf585 nixbld: NixOS 22.05 2022-05-26 12:12:14 +08:00
cb75072f15 nixbld: add kk105 2022-05-26 10:57:19 +08:00
da3a82a52d nixbld: add spaqin 2022-05-06 16:55:00 +08:00
aba22c34ca nixbld: add nkrackow 2022-05-05 19:23:40 +08:00
a58a613418 nixbld: add .science tld 2022-04-14 12:17:22 +08:00
61c008ff43 nixbld: publish msys2 repos on web 2022-04-05 11:14:17 +08:00
a8d28d2cbc hydra: add msys2 type 2022-04-04 15:05:39 +08:00
28ca789aae nixbld: use flake output for beta conda channel 2022-02-12 18:50:08 +08:00
0c04f014d7 nixbld: use sipyco flake output for manual 2022-02-12 11:23:19 +08:00
d4c36b8cfd nixbld: use ARTIQ flake output for manual 2022-02-12 10:19:15 +08:00
0b8aa97192 nixbld: run AFWS server 2022-02-07 14:31:37 +08:00
995f8897a4 nixbld: work around hidden hydra sudo dependency 2022-01-17 18:48:23 +08:00
910506d3e4 nixbld: enable fail2ban 2022-01-03 14:34:57 +08:00
ec7e9209f5 nixbld: improve root account security 2022-01-03 13:46:57 +08:00
b70908f864 nixbld: restrict maxJobs again to avoid Vivado OOM 2021-12-03 11:03:36 +08:00
a0cb49b59d nixbld: nixos 21.11 2021-12-01 18:11:06 +08:00
628e5fb9d7 nixbld: cleanup buildMachines 2021-11-25 10:42:01 +08:00
c5c22da2ba nixbld: update nixops 2021-11-24 23:57:18 +08:00
8114dcfb6d nixbld: remove memtest86 2021-11-24 23:57:06 +08:00
f5ff63b74b nixbld: remove hkadmin 2021-11-22 12:19:00 +08:00
813b4831c6 nixbld: cleanup 2021-11-22 12:17:58 +08:00
c75cf3456b nixbld: improve backup
include Mattermost attachments
stop using expensive and insecure dropbox
2021-11-16 14:21:59 +08:00
7342601788 nixbld: add occheung user 2021-11-11 12:12:46 +08:00
00d29eba4d nixbld: install borgbackup 2021-09-18 16:35:25 +08:00
82e161dba3 hydra: hack-patch allowed URIs to work around Nix issue #5039 2021-09-01 19:59:23 +08:00
4ce9c2a718 nixbld: enable flakes 2021-08-18 14:53:01 +08:00
c96b3793c4 rt: persistent sessions 2021-08-12 13:39:53 +08:00
223ab96b5a nixbld: fix RT SSL 2021-08-11 12:02:33 +08:00
0e548d1eff nixbld: handle incoming RT emails 2021-08-11 11:57:05 +08:00
e3578011a5 rt: email setup WIP 2021-08-11 10:54:24 +08:00
d9536ff5db rt: fix API security problem 2021-08-11 10:54:12 +08:00
a97302a80a nixbld: RT working, no mail 2021-08-10 21:28:14 +08:00
ef3544f8f3 nixbld: publish conda channel archives 2021-08-10 19:08:25 +08:00
01212b4e51 nixbld: install iw and nvme-cli 2021-08-09 13:32:37 +08:00
adccf47d3c nixbld: wifi problems 2021-08-09 13:32:18 +08:00
7d073e371c nixbld: add github backups 2021-08-07 17:47:16 +08:00
4c394a0976 nixbld: wifi problems 2021-08-07 17:45:53 +08:00
9474dfa3a2 nixbld: fix stateVersion 2021-08-07 13:19:47 +08:00
58252a93a4 nixbld: new server 2021-08-07 12:24:31 +08:00
b7a49505bc nixbld: end mailserver experiment
This was going well, until some assholes at Gmail decided to block our IP address and as usual PCCW are useless when it
comes to changing to a whitelisted IP.

https://support.google.com/mail/answer/10336?p=NotAuthorizedError

Fuck Google.
Fuck PCCW.
2021-08-02 13:32:29 +08:00
b7cef86473 nixbld: nixos 21.05 2021-06-07 09:56:05 +08:00
3b4f5d27c8 nixbld: reduce zfs scrub frequency 2021-05-28 16:07:09 +08:00
2f8d46d872 nixbld: update for newer hydra (2021-05-03) 2021-05-13 15:46:52 +08:00
7b6ed95090 nixbld: disable Nix flarum module
hacky and buggy

https://github.com/NixOS/nixpkgs/pull/96869
2021-05-06 10:09:26 +08:00
a680baed40 nixbld: fix hydra-send-stats 2021-04-24 18:19:33 +08:00
536a134b32 nixbld: Hydra sysbuild patch merged upstream
https://github.com/NixOS/hydra/issues/784
2021-04-24 17:08:04 +08:00
7d04f99e33 nixbld: implement fbda8b064 correctly 2021-04-05 00:08:44 +08:00