Commit graph

813 commits

Author SHA1 Message Date
Rouven Seifert d086eed901
network: clean up secrets 2024-03-21 15:49:50 +01:00
Rouven Seifert 3be5380c58
quitte: network fixes 2024-03-21 15:47:32 +01:00
Rouven Seifert ddd2514cdb
activation script: fix kernel warning 2024-03-19 11:30:00 +01:00
Rouven Seifert 632578f5b5
nix: flake update 2024-03-19 11:28:22 +01:00
Jonas Gaffke ba2f0fb86b
grav: try dex login 2024-03-17 15:48:54 +01:00
Rouven Seifert cf49b8dd13
Merge pull request #87 from fsr/ftp-timezone-fix
fixing wrong timezone on ftp
2024-03-17 00:42:21 +01:00
tenksom 30b4bf9540
fixing wrong timezone on ftp 2024-03-16 22:41:36 +01:00
Rouven Seifert 1e689b6c40
Merge pull request #86 from fsr/log-retention
core: configure log retention
2024-03-15 11:33:15 +01:00
Rouven Seifert da871679f4
nix: flake update 2024-03-15 00:10:47 +01:00
Rouven Seifert d3da0eab79
rspamd: fix dmarc domain 2024-03-15 00:10:19 +01:00
Rouven Seifert 66a554a13b
core: configure log retention 2024-03-14 23:59:42 +01:00
Rouven Seifert d1c2ece3ea
Merge pull request #85 from fsr/refactoring
modules: some refactoring
2024-03-14 18:52:14 +01:00
Rouven Seifert 7023c328d9
mail: move mailman options to mailman.nix 2024-03-14 00:09:06 +01:00
Rouven Seifert 39320d987c
matrix: move into folder 2024-03-12 12:34:20 +01:00
Rouven Seifert fea01b0b2e
courses: move into folder 2024-03-12 12:11:44 +01:00
Rouven Seifert 527651706e
options: move to tree root 2024-03-12 12:06:21 +01:00
Rouven Seifert 01bcc9ecad
refactor: streamline core modules into dedicated folder 2024-03-12 12:03:29 +01:00
Rouven Seifert b429e6468f
refactor: streamline all websites into one folder 2024-03-12 11:49:01 +01:00
Rouven Seifert 71fdea75be
refactor: split mail into modules 2024-03-12 11:41:04 +01:00
Rouven Seifert 3979e9b2b9
nix: flake update 2024-03-11 23:22:35 +01:00
Rouven Seifert 736c84cce9
treewide: ran deadnix 2024-03-11 22:49:12 +01:00
Rouven Seifert 05a5e085d8 ftp: fix content type for komplefprüfungen 2024-03-11 12:04:31 +01:00
Rouven Seifert d1fca836b9
mail: match smtp banner to rDNS 2024-03-08 14:41:03 +01:00
Rouven Seifert 8fe2173040
rspamd: fix rspamd signing for mailman
Mails to the big mailing lists currently fail dkim checking since we add
a footer and rewrite the subject. To not trigger DMARC fails, we sign all
outgoing mails from local networks with our domain.
2024-03-07 14:56:21 +01:00
Rouven Seifert b9559cf5ce
pad: wiki: add robots.txt 2024-03-06 20:59:11 +01:00
Rouven Seifert c04e11a958
mailman: add robots.txt 2024-03-06 20:49:02 +01:00
Lyn Fugmann 71cb425527
Merge remote-tracking branch 'origin/portunus2' 2024-03-06 12:44:18 +01:00
Rouven Seifert 08e43cf903
Merge pull request #82 from fsr/opendkim
Disable opendkim
2024-03-05 17:25:47 +01:00
Rouven Seifert 1955aa3cb2
rspamd: change dkim selector 2024-03-05 17:11:59 +01:00
Rouven Seifert c36a242b35
rspamd: remove faulty allow_hdrfrom_mismatch option 2024-03-05 17:05:37 +01:00
Lyn Fugmann 2d7ed61384
use portunus from nixos-unstable 2024-03-05 15:24:28 +01:00
Rouven Seifert 71bc8234a2
opendkim: disable 2024-03-04 22:44:53 +01:00
Rouven Seifert 8e8cc54f75 mail: configure periodically sent dmarc aggregate reports 2024-03-04 22:40:04 +01:00
Rouven Seifert a1bfa3f7e1
ldap: switch to sssd on quitte 2024-03-04 22:14:24 +01:00
Rouven Seifert b454ad2437
secrets: prepare sssd for quitte 2024-03-04 21:51:30 +01:00
Rouven Seifert a3e15cc105
rspamd: migrate redis to unix sockets 2024-03-04 19:47:09 +01:00
Rouven Seifert 4e1cf47b7b
mail: test rspamd signing with rspamd 2024-03-04 12:08:50 +01:00
Rouven Seifert 1e47c01032
ulimit: limit nix builders to 10000 processes at once 2024-03-03 11:39:52 +01:00
Rouven Seifert d611cc5a26
ulimit: limit maximum number of processes per user
- Limits the number of processes a user can start to 2000
  Mostly in place to prevent fork bombs taking down the host.
- If anyone encounters problems with this number we can raise it
2024-03-03 11:34:39 +01:00
Rouven Seifert 017a807a7c
nix: update flake inputs 2024-03-02 18:50:21 +01:00
Rouven Seifert 02e661890a
nix: restructure flake and add devshell 2024-03-02 18:50:08 +01:00
Lyn Fugmann 0cf95c4c34
Add hendrik's pgp and ssh keys 2024-02-29 16:24:21 +01:00
Lyn Fugmann 4f5148fbf4
Show warning when kernel version changes 2024-02-29 12:03:02 +01:00
Lyn Fugmann 7f70ae990c
ftp: custom 403 error page 2024-02-27 14:06:06 +01:00
Rouven Seifert b3ee1d8e23
nix: flake update 2024-02-25 23:27:39 +01:00
Rouven Seifert ae74749c28
tomate: add ifsr cache 2024-02-25 23:26:13 +01:00
Rouven Seifert 794b565e07
nix-serve: fix port 2024-02-25 23:16:47 +01:00
Rouven Seifert a364e28bb8
nix-serve: init at cache.ifsr.de 2024-02-25 23:10:43 +01:00
Rouven Seifert e4bb60adff
padlist: remove
moved to https://github.com/fsr/padlist
2024-02-25 22:16:37 +01:00
Rouven Seifert 522351905c
quitte: enable memory resource control
Limits the Memory of some important slices via systemd cgroup management.

- nix-daemon may not use more than 32 GB of Memory
- all users together may not use more than 32GB of Memory

See man systemd.resource-control(5) for more detailed information.
2024-02-25 21:52:36 +01:00