makefu
31a4946a91
ma: add syncthing id for omo.r and x.r
2022-01-28 23:48:57 +01:00
Kierán Meinhardt
d866e61c09
external: add radio.kmein.r
2022-01-28 15:57:59 +01:00
tv
109f6ab1c5
krebs modules: reorder externals
2022-01-27 12:20:31 +01:00
tv
acd91d2263
krebs modules: reorder main imports
2022-01-27 12:19:47 +01:00
lassulus
83ec0fdb97
Merge remote-tracking branch 'ni/master'
2022-01-27 10:55:55 +01:00
tv
ad6f0cd901
krebs.setuid: remove security.wrappers's cruft
2022-01-27 05:37:32 +01:00
tv
10891882ab
krebs.setuid: mark activate string as sh
2022-01-27 05:37:06 +01:00
ba8a196faf
mic92: add dan
2022-01-27 04:21:01 +01:00
bfb86ca39a
mic92: add astrid
2022-01-27 04:21:01 +01:00
tv
f4e35a7312
krebs.setuid: add support for capabilities
2022-01-26 12:58:26 +01:00
lassulus
f78f3c701b
Merge remote-tracking branch 'kmein/master'
2022-01-25 20:12:08 +01:00
Kierán Meinhardt
48830c48c5
external: give kmein phone an ipv4
2022-01-25 20:07:36 +01:00
lassulus
27a726b6cf
external qubasa pub: remove trailing newline
2022-01-24 16:41:41 +01:00
Kierán Meinhardt
b846210a1c
external: one kmein per ssh key
2022-01-24 16:03:47 +01:00
lassulus
95f7f88185
l styx.r: use fixed tinc port because of NAT
2022-01-24 14:39:49 +01:00
lassulus
e422692ef6
go: fix urls with missing prefix
2022-01-24 14:36:22 +01:00
Felix
3b7632b086
external: add papawhakaaro.r
2022-01-18 21:48:34 +01:00
Kierán Meinhardt
138f9409fa
external: move kmein to separate file
2022-01-18 19:13:03 +01:00
Kierán Meinhardt
b3818cc155
external: add rrm.r alias
2022-01-17 20:01:21 +01:00
lassulus
f67bd5783d
Merge remote-tracking branch 'mic92/master'
2022-01-09 18:04:22 +01:00
lassulus
66bcb802f5
Merge remote-tracking branch 'ni/master'
2022-01-09 18:03:04 +01:00
4d50adb1fd
mic92: add dyndns endpoint for turingmachine/bernie
2022-01-09 13:31:13 +01:00
4f5f9c87f1
jarvis: add dyndns
2022-01-09 12:49:26 +01:00
lassulus
545b424ecb
krebs: use ergo instead of solanum everywhere
2022-01-09 00:43:23 +01:00
d814ddd212
mic92: add jarvis
2022-01-07 20:52:58 +01:00
lassulus
dbc2387520
Merge remote-tracking branch 'kmein/master'
2022-01-06 13:52:29 +01:00
lassulus
c5e8c95f68
Merge remote-tracking branch 'ni/master'
2022-01-06 13:52:10 +01:00
Kierán Meinhardt
4ebe149d32
external: rip bvg.kmein.r
2022-01-05 21:50:02 +01:00
Kierán Meinhardt
deda4c9789
external: add kmein grocy, remove radio
2022-01-05 21:34:08 +01:00
Lennart
a5df5deb3b
add ed25519 pubkey to {catalonia,karakalpakstan}.r
2022-01-05 21:30:29 +01:00
tv
63e76e4218
krebs.backup: use dedicated .backup-filter
2022-01-05 04:04:52 +01:00
tv
77d17636b1
tv bu: init
2022-01-05 04:04:52 +01:00
tv
e82cbd6f35
exim: set User= but run as root
...
LoadCredential= will set the owner of $CREDENTIALS_DIRECTORY and the
credentials to User=. As currently Exim is currently has to be run as
root in order to use the standard SMTP port and for local deliveries[1],
set User=exim, but run all processes as root.
[1]: https://www.exim.org/exim-html-current/doc/html/spec_html/ch-security_considerations.html#SECID270
2022-01-04 20:30:02 +01:00
tv
853e54ec84
htgen: use currect group names
2022-01-03 14:56:44 +01:00
makefu
2313e962e2
Merge remote-tracking branch 'lass/master'
2022-01-03 00:47:24 +01:00
makefu
057adcb836
k 3 ma: removing trace output for ed25519 keys
2022-01-03 00:47:03 +01:00
lassulus
afaf87781a
krebs.tinc: make /etc/tinc/ writable by tincd
2022-01-02 23:30:50 +01:00
lassulus
dc42812610
Merge remote-tracking branch 'mic92/master'
2022-01-02 22:54:22 +01:00
lassulus
bb4fdd13a4
Merge remote-tracking branch 'ni/master'
2022-01-02 22:54:07 +01:00
lassulus
4b977044b9
Merge remote-tracking branch 'gum/master'
2022-01-02 22:53:37 +01:00
88ec249276
mic92: drop ipv4 for bernie
2022-01-02 22:14:24 +01:00
6f96a15df6
mic92: add ip address for yasmin
2022-01-02 14:54:01 +01:00
62b30b0720
mic92: add tts.r
2021-12-31 17:26:47 +01:00
lassulus
1b59fef50a
Merge remote-tracking branch 'kmein/master'
2021-12-30 03:20:45 +01:00
Kierán Meinhardt
ed896a991f
external: update kmein ssh keys
2021-12-30 03:19:58 +01:00
tv
2280c39d3e
krebs.systemd: don't offer to reload services
...
Because new credentials won't be available after reloading, only after
restarting.
2021-12-29 17:17:45 +01:00
lassulus
7e67b78596
Merge remote-tracking branch 'ni/master'
2021-12-29 16:33:02 +01:00
tv
2f15fd1d68
ergo: fix multiclient default config
2021-12-29 16:23:59 +01:00
lassulus
f393c44c22
external: pinpox-ahorn.r -> ahorn.r
2021-12-29 16:13:03 +01:00
lassulus
8a24a9f395
ergo: reload, accounts, channels, doc
2021-12-29 15:52:29 +01:00
lassulus
d3c3f1551f
Merge remote-tracking branch 'ni/master'
2021-12-29 00:20:31 +01:00
makefu
7766b006a8
Merge remote-tracking branch 'tv/master'
2021-12-29 00:20:28 +01:00
makefu
3330b6a2c4
k 3 ma: add ed25519 keys for all hosts
2021-12-29 00:05:10 +01:00
tv
69d266b76b
ergo: kill dead code and stuff
2021-12-28 23:53:27 +01:00
makefu
a041768aa1
k 3 ma: make ed25519 keys available for hosts
2021-12-28 23:49:34 +01:00
lassulus
3bec49053d
hotdog.r tinc: add ed25519 pubkey
2021-12-28 23:34:13 +01:00
tv
e9cd6d91dc
ergo: always merge default config
2021-12-28 22:33:36 +01:00
lassulus
2a47990f16
ergo: use DynamicUser
2021-12-28 22:20:54 +01:00
lassulus
96c60accf3
Merge remote-tracking branch 'mic92/master'
2021-12-28 20:27:30 +01:00
tv
13a7209ca2
tv hosts: add all the ed25519 keys
2021-12-28 18:18:35 +01:00
Kierán Meinhardt
98e45d2075
mic92: fix ssh ed25519 keys
2021-12-28 16:49:07 +01:00
lassulus
7870cc2b04
external: fix ed25519 pubkey syntax
2021-12-28 16:44:23 +01:00
lassulus
02fbaca275
external kmein: fix ed25519 pubkey syntax
2021-12-28 16:41:24 +01:00
Pablo Ovelleiro Corral
17e614cb00
external: add pinpox-ahorn
2021-12-28 16:30:33 +01:00
Kierán Meinhardt
6104ec910e
external: add kmein ed25519 keys
2021-12-28 16:10:19 +01:00
lassulus
c7b7bd48b5
l tinc: define ed25519 keys for all hosts
2021-12-28 16:09:42 +01:00
lassulus
8692db1285
Merge remote-tracking branch 'mic92/master'
2021-12-25 20:08:31 +01:00
cb26de2f5c
matchbox: remove ipv4
2021-12-25 08:39:02 +01:00
tv
969bd9767e
exim-smarthost: dkim_strict = true
2021-12-24 10:19:13 +01:00
tv
b33381d15e
exim-smarthost: use LoadCredential
2021-12-24 09:22:41 +01:00
tv
7219292dd5
repo-sync: use LoadCredential
2021-12-24 00:51:28 +01:00
tv
71d11e8f2b
repo-sync: add group
2021-12-24 00:51:28 +01:00
tv
234d9d96bf
krebs.systemd: allow LoadCredential to be a string
2021-12-24 00:51:28 +01:00
lassulus
2be08e3c52
systemd module: use LoadCredentials from config.systemd.services
2021-12-23 23:59:22 +01:00
lassulus
29b796f521
Merge remote-tracking branch 'ni/master'
2021-12-23 21:49:55 +01:00
tv
d4521eb339
krebs.systemd: allow reload if credentials change
2021-12-23 20:18:28 +01:00
tv
1cf495d6eb
krebs.systemd: support credentials of any service
2021-12-23 20:18:28 +01:00
a9d324f176
mic92: update ip for eve
2021-12-23 08:36:49 +01:00
tv
5f7ab23ebf
krebs.tinc: drop environment.systemPackages TODO
...
Nobody bothered about this for more than five years. And even though
fixable, chances are quite high that this feature is not needed anymore.
2021-12-23 03:20:36 +01:00
tv
8029e80632
krebs.tinc: drop api and imp boilerplate
2021-12-23 03:16:44 +01:00
tv
018018e16b
krebs.tinc: don't bother aliasing packages
2021-12-23 03:12:58 +01:00
tv
21e407aa59
krebs.tinc: use LoadCredential
2021-12-23 01:59:25 +01:00
tv
d6ebd497f0
krebs.systemd.services: restart by LoadCredential
2021-12-23 01:59:25 +01:00
tv
448cd3b9af
Merge remote-tracking branch 'prism/master'
2021-12-22 23:33:05 +01:00
tv
2656cbf2a9
empty -> emptyDirectory
2021-12-22 23:27:07 +01:00
lassulus
c9f0c17660
tinc module: reload instead of restart
...
remove enableLegacy option since reloading is dependant on
/etc/tinc/<netname> existing
2021-12-22 13:58:30 +01:00
lassulus
8f94e0bc4b
Merge remote-tracking branch 'ni/master'
2021-12-21 16:45:56 +01:00
tv
e888b00a6b
secret service: don't be wanted by multi-user.target
...
This fixes an issue causing secret-trigger-*.service to be restarted on
every activation because after triggering these services are dead, this
in turn causes restarts of secret-*.service.
And finally this caused the issue of always restarting tinc services
as they are PartOf= a couple of secert-*.service.
2021-12-21 15:27:44 +01:00
lassulus
0a7d779cc1
iptables module: add compat layer to networking.firewall
2021-12-21 12:38:07 +01:00
lassulus
d6f79283bf
tinc module: use tinc_pre as default package
2021-12-21 12:08:47 +01:00
lassulus
5b71cbae40
Merge remote-tracking branch 'ni/master'
2021-12-20 21:23:50 +01:00
a7f26ef99b
mic92: add mickey.r
2021-12-20 19:00:45 +01:00
tv
dbc54fb823
github-known-hosts: update list
2021-12-18 09:50:06 +01:00
lassulus
f2533d8892
ci: add gcroots for successful builds
2021-12-11 12:00:36 +01:00
lassulus
abd82c4faf
ca.r: serve ca.crt via nginx
2021-12-09 14:52:35 +01:00
lassulus
fba330ab36
wiki.r: add acme ssl config
2021-12-09 14:30:25 +01:00
lassulus
155e3e18b0
realwallpaper: use new graph.r endpoint
2021-12-09 11:35:27 +01:00
lassulus
e5fc654f50
add ACME ca via ca.r
2021-12-09 11:31:10 +01:00
b981c43a97
mic92: remove ipv4 from turingmachine
2021-12-08 21:08:53 +01:00
2bcac9f89c
mic92: drop redundant addrs blocks
2021-12-08 21:08:53 +01:00
9900a57f3f
mic92: drop eva's ipv4 address
2021-12-08 21:08:53 +01:00
759a471f88
mic92: drop eddie
2021-12-08 21:08:53 +01:00
makefu
3f6219e251
users: add xkey ssh key, use for logging into puyak
2021-12-08 16:15:40 +01:00
lassulus
b48f08ea8e
ci: buildbot-classic -> buildbot; cleanup
2021-12-08 16:15:40 +01:00
Kierán Meinhardt
0d329f970b
external: add moodle.kmein.r
2021-12-08 12:58:06 +01:00
makefu
28d5d0233a
module airdcpp: make group explicit
2021-12-04 22:43:59 +01:00
makefu
22766982a2
module urlwatch: create group for user
2021-12-04 22:20:50 +01:00
makefu
c22610c8e6
Merge remote-tracking branch 'lass/21.11' into 21.11
2021-12-04 18:33:43 +01:00
lassulus
9f6c37f21c
github-host-sync: add group
2021-12-01 18:31:53 +01:00
lassulus
bb709ce412
buildbot: add groups to users
2021-12-01 18:30:57 +01:00
lassulus
5d6bbe6797
brockman: add group
2021-12-01 18:29:24 +01:00
lassulus
cd367626d4
tinc_graphs: add groups
2021-12-01 18:28:26 +01:00
lassulus
c5ade4fdd6
realwallpaper: add group
2021-12-01 18:27:04 +01:00
lassulus
280ed594fb
htgen: generate group for every user
2021-12-01 18:11:58 +01:00
makefu
9301506249
Merge remote-tracking branch 'lass/master'
2021-12-01 11:21:09 +01:00
lassulus
b79f5ab97d
Merge remote-tracking branch 'ni/master'
2021-11-30 23:09:27 +01:00
Kierán Meinhardt
948584f291
external: kmein takes over graph.r
2021-11-30 22:09:06 +01:00
lassulus
8a0685d859
l: init tablet.r
2021-11-27 23:48:41 +01:00
lassulus
d71fe62fff
l prism.r: add jelly.r alias + proxy_pass
2021-11-27 23:47:15 +01:00
lassulus
ee59532c60
l prism.r: add internet ipv6 address
2021-11-27 23:45:26 +01:00
makefu
13c525e548
Merge remote-tracking branch 'mic/master'
2021-11-26 14:13:30 +01:00
makefu
463dc7ea67
Merge remote-tracking branch 'lass/master'
2021-11-26 14:12:34 +01:00
f1bca35b39
eve: drop ipv6
2021-11-26 10:36:23 +01:00
a87fa2d11d
mic92: add keller ed215519
2021-11-24 20:07:38 +01:00
makefu
44d45e7c2c
k/3/m: add arcadeomat
...
brain is also updated
2021-11-24 08:29:27 +01:00
Luis-Hebendanz
f2e83be6a3
qubasa: add kelle.r
2021-11-23 17:44:50 +01:00
db5c1b6659
mic92: add qubasa's public ed25519 key
2021-11-23 17:44:50 +01:00
Luis-Hebendanz
a0c5805e9e
qubasa: changed tinc pubkey
2021-11-23 17:44:50 +01:00
600f9cbe61
sauron: add ipv6
2021-11-23 17:44:50 +01:00
87b7045f53
mic92: add dns name to sandro's machine
2021-11-23 17:44:50 +01:00
a36a09931e
mic92: update eva's ip
2021-11-23 17:44:50 +01:00
2e2f5969ec
mic92: add public ipv6/ipv4 for ryan/graham
2021-11-23 17:44:50 +01:00
lassulus
ff9a042e70
l dishfire.r: revive with minimal config
2021-11-23 12:47:06 +01:00
lassulus
3d1544c785
Revert "l: rip dishfire.r"
...
This reverts commit 61e6552da3
.
2021-11-23 11:43:25 +01:00
tv
8f97f5e2e1
krebs zone-head-config: fix style
2021-11-21 20:39:28 +01:00
lassulus
b0f39ae34d
filebitch.r: define shack prefix
2021-11-14 17:15:17 +01:00
lassulus
ebc830a91f
puyak.r: define cores
2021-11-14 17:14:10 +01:00
lassulus
14e6157d30
l prism.r: add nets.internet.ip4.prefix
2021-11-08 19:59:03 +01:00
lassulus
4452b26816
Merge remote-tracking branch 'ni/master'
2021-11-08 09:06:57 +01:00
tv
d7f44debbd
exim: fix for manual
2021-11-08 05:14:49 +01:00
tv
6940c3ac83
htgen: fix for manual
2021-11-08 05:14:49 +01:00
tv
13a1eb3fc5
reaktor2: fix for manual
2021-11-08 05:14:49 +01:00
tv
07d9619956
github-hosts-sync: fix for manual
2021-11-08 05:14:49 +01:00
tv
29c59684a3
exim-smart-host: fix for manual
2021-11-08 05:14:49 +01:00
tv
ebd5fbbe05
buildbot: fix for manual
2021-11-08 05:14:49 +01:00
tv
c8c0f2597f
git: fix for manual
2021-11-08 05:14:49 +01:00
tv
96965e3578
rtorrent: fix for manual
2021-11-08 05:14:49 +01:00
tv
8e5dc749c5
shadow: fix for manual
2021-11-08 05:14:49 +01:00
tv
1247440a3d
tinc: fix for manual
2021-11-08 05:14:49 +01:00
tv
ae0c0de7f1
github-hosts-sync: fix for manual
2021-11-08 05:11:27 +01:00
tv
87f43a3be4
tinc_graphs: fix for manual
2021-11-08 05:11:27 +01:00
tv
551cfeadef
bepasty-server: fix for manual
2021-11-08 05:11:27 +01:00
tv
53f192125b
airdcpp: fix default hubs.*.Nick
2021-11-08 05:01:20 +01:00
tv
85604f02df
krebs.build.profile: fix type
2021-11-07 21:19:09 +01:00
lassulus
0e668121a1
git: set fcgiwrap group as maingroup
2021-11-05 14:35:03 +01:00
tv
2fccbc483d
github-known-hosts: update list
2021-11-04 14:22:01 +01:00
lassulus
9fd58eb162
l codimd: move to pad.lassul.us
2021-10-31 12:35:16 +01:00
xkey
e1fdb4728c
external: modify catalonia.r
2021-10-30 15:35:43 +02:00
lassulus
0f9c6ee738
news.r, puyak.r: use dynamic tinc port
2021-10-24 20:09:51 +02:00
lassulus
d8f72378dc
l domsen: add roundcube at mail.lassul.us
2021-10-24 20:03:16 +02:00
lassulus
6e61a2d9fc
sync-containers module: make chmod failsafe
2021-10-24 18:27:58 +02:00
lassulus
4fa8f74fc0
solanum: use upstream service
2021-10-24 18:25:51 +02:00
lassulus
f455668ff3
l: remove red.r morpheus.r uriel.r
2021-10-24 11:06:43 +02:00
0564414a31
mic92: add aenderpad
2021-10-23 14:58:10 +02:00
04ec7f8e7d
mic92: add ed25519 for maurice
2021-10-23 14:58:10 +02:00
db9f0d97ec
mic92: fix ips of maurice
2021-10-23 14:58:10 +02:00
b13aaa3e65
mic92: add maurice
2021-10-23 14:58:10 +02:00
6d51da9202
mic92: non-colliding ip address for graham
2021-10-23 14:58:10 +02:00
fd37549f82
mic92: add ryan & graham
2021-10-23 14:58:10 +02:00
lassulus
1ea95b68f4
fetchWallpaper module: add group
2021-10-23 12:08:58 +02:00
lassulus
c5bab88a9e
tinc module: add group for user
2021-10-23 12:07:40 +02:00
Kierán Meinhardt
411cb36608
external: add names.kmein.r alias
2021-10-12 22:35:11 +02:00
Kierán Meinhardt
e4793149c0
external: add bvg.kmein.r alias
2021-10-10 14:45:17 +02:00
Kierán Meinhardt
8a697d6897
external: refactor kmein hosts
2021-09-19 09:26:03 +02:00
lassulus
e7d5d99083
rip Reaktor
2021-09-14 20:32:51 +02:00
lassulus
68c7f79174
l echelon.r: add syncthing id
2021-09-10 09:24:12 +02:00
lassulus
b8cd625a70
l: add lasspi & domsen-pixel hosts
2021-09-10 09:23:11 +02:00
lassulus
f2287d2024
l: add mumble.lassul.us for mumble-web
2021-09-10 09:22:08 +02:00
9cebb56981
mic92: restart realwallpaper on failure
2021-09-06 18:53:21 +02:00
lassulus
b471ff4191
irc-announce: add tls flag
2021-09-05 23:09:21 +02:00
lassulus
aaae1b2f5b
hidden-ssh: fix to work with new nixos tor service
2021-09-05 23:04:05 +02:00
makefu
357a021c94
ma: add rss.makefu.r
2021-09-05 21:15:06 +02:00
xkey
c7db9e13cd
external: add aleph.r
2021-09-04 14:53:23 +02:00
lassulus
6db453c84d
l paste: add c.krebsco.de
2021-08-26 09:58:42 +02:00
lassulus
bb846b5ca9
l prism.r: add c.r cyberlocker
2021-08-25 12:05:18 +02:00
lassulus
0d84e80619
l: add flix.r alias
2021-08-15 18:49:23 +02:00
98437c4641
mic92: remove paulheidekrueger; add yasmin
2021-07-30 09:00:00 +00:00
483c3d608d
mic92: add paulheidekrueger
2021-07-30 09:00:00 +00:00
6763b4475f
mic92: add ed25519 for grandalf
2021-07-30 09:00:00 +00:00
d1059dccf5
mic92: connect to tinc via internet for bill/nardole
2021-07-30 09:00:00 +00:00
1d29774766
mic92: update bills ip address
2021-07-30 09:00:00 +00:00
5f38a5d722
mic92: add redha ed25519 keys
2021-07-30 09:00:00 +00:00
36603ca137
mic92: add matchbox ed25519 key
2021-07-30 09:00:00 +00:00
lassulus
1380200b30
hotdog.r: add agenda.r alias
2021-07-27 22:36:36 +02:00
tv
5211b94619
Merge remote-tracking branch 'prism/master'
2021-06-18 20:53:44 +02:00
lassulus
8949b2ad36
external: add ed25519 pubkey of makanek.r
2021-06-16 14:01:45 +02:00
makefu
1fc23b6f77
krebs: init neos, add ssh key to shack infra managers
2021-06-15 17:50:06 +02:00
tv
9e59a65d92
repo-sync: isSystemUser
2021-06-15 15:54:46 +02:00
makefu
8be55929d1
Merge remote-tracking branch 'lass/master'
2021-06-09 19:30:27 +02:00
lassulus
85cd96ed8b
gollum: follow upstream
2021-06-09 11:37:27 +02:00