Rouven Seifert
d086eed901
network: clean up secrets
2024-03-21 15:49:50 +01:00
Rouven Seifert
3be5380c58
quitte: network fixes
2024-03-21 15:47:32 +01:00
Rouven Seifert
ddd2514cdb
activation script: fix kernel warning
2024-03-19 11:30:00 +01:00
Rouven Seifert
632578f5b5
nix: flake update
2024-03-19 11:28:22 +01:00
Jonas Gaffke
ba2f0fb86b
grav: try dex login
2024-03-17 15:48:54 +01:00
Rouven Seifert
cf49b8dd13
Merge pull request #87 from fsr/ftp-timezone-fix
...
fixing wrong timezone on ftp
2024-03-17 00:42:21 +01:00
tenksom
30b4bf9540
fixing wrong timezone on ftp
2024-03-16 22:41:36 +01:00
Rouven Seifert
1e689b6c40
Merge pull request #86 from fsr/log-retention
...
core: configure log retention
2024-03-15 11:33:15 +01:00
Rouven Seifert
da871679f4
nix: flake update
2024-03-15 00:10:47 +01:00
Rouven Seifert
d3da0eab79
rspamd: fix dmarc domain
2024-03-15 00:10:19 +01:00
Rouven Seifert
66a554a13b
core: configure log retention
2024-03-14 23:59:42 +01:00
Rouven Seifert
d1c2ece3ea
Merge pull request #85 from fsr/refactoring
...
modules: some refactoring
2024-03-14 18:52:14 +01:00
Rouven Seifert
7023c328d9
mail: move mailman options to mailman.nix
2024-03-14 00:09:06 +01:00
Rouven Seifert
39320d987c
matrix: move into folder
2024-03-12 12:34:20 +01:00
Rouven Seifert
fea01b0b2e
courses: move into folder
2024-03-12 12:11:44 +01:00
Rouven Seifert
527651706e
options: move to tree root
2024-03-12 12:06:21 +01:00
Rouven Seifert
01bcc9ecad
refactor: streamline core modules into dedicated folder
2024-03-12 12:03:29 +01:00
Rouven Seifert
b429e6468f
refactor: streamline all websites into one folder
2024-03-12 11:49:01 +01:00
Rouven Seifert
71fdea75be
refactor: split mail into modules
2024-03-12 11:41:04 +01:00
Rouven Seifert
3979e9b2b9
nix: flake update
2024-03-11 23:22:35 +01:00
Rouven Seifert
736c84cce9
treewide: ran deadnix
2024-03-11 22:49:12 +01:00
Rouven Seifert
05a5e085d8
ftp: fix content type for komplefprüfungen
2024-03-11 12:04:31 +01:00
Rouven Seifert
d1fca836b9
mail: match smtp banner to rDNS
2024-03-08 14:41:03 +01:00
Rouven Seifert
8fe2173040
rspamd: fix rspamd signing for mailman
...
Mails to the big mailing lists currently fail dkim checking since we add
a footer and rewrite the subject. To not trigger DMARC fails, we sign all
outgoing mails from local networks with our domain.
2024-03-07 14:56:21 +01:00
Rouven Seifert
b9559cf5ce
pad: wiki: add robots.txt
2024-03-06 20:59:11 +01:00
Rouven Seifert
c04e11a958
mailman: add robots.txt
2024-03-06 20:49:02 +01:00
Lyn Fugmann
71cb425527
Merge remote-tracking branch 'origin/portunus2'
2024-03-06 12:44:18 +01:00
Rouven Seifert
08e43cf903
Merge pull request #82 from fsr/opendkim
...
Disable opendkim
2024-03-05 17:25:47 +01:00
Rouven Seifert
1955aa3cb2
rspamd: change dkim selector
2024-03-05 17:11:59 +01:00
Rouven Seifert
c36a242b35
rspamd: remove faulty allow_hdrfrom_mismatch option
2024-03-05 17:05:37 +01:00
Lyn Fugmann
2d7ed61384
use portunus from nixos-unstable
2024-03-05 15:24:28 +01:00
Rouven Seifert
71bc8234a2
opendkim: disable
2024-03-04 22:44:53 +01:00
Rouven Seifert
8e8cc54f75
mail: configure periodically sent dmarc aggregate reports
2024-03-04 22:40:04 +01:00
Rouven Seifert
a1bfa3f7e1
ldap: switch to sssd on quitte
2024-03-04 22:14:24 +01:00
Rouven Seifert
b454ad2437
secrets: prepare sssd for quitte
2024-03-04 21:51:30 +01:00
Rouven Seifert
a3e15cc105
rspamd: migrate redis to unix sockets
2024-03-04 19:47:09 +01:00
Rouven Seifert
4e1cf47b7b
mail: test rspamd signing with rspamd
2024-03-04 12:08:50 +01:00
Rouven Seifert
1e47c01032
ulimit: limit nix builders to 10000 processes at once
2024-03-03 11:39:52 +01:00
Rouven Seifert
d611cc5a26
ulimit: limit maximum number of processes per user
...
- Limits the number of processes a user can start to 2000
Mostly in place to prevent fork bombs taking down the host.
- If anyone encounters problems with this number we can raise it
2024-03-03 11:34:39 +01:00
Rouven Seifert
017a807a7c
nix: update flake inputs
2024-03-02 18:50:21 +01:00
Rouven Seifert
02e661890a
nix: restructure flake and add devshell
2024-03-02 18:50:08 +01:00
Lyn Fugmann
0cf95c4c34
Add hendrik's pgp and ssh keys
2024-02-29 16:24:21 +01:00
Lyn Fugmann
4f5148fbf4
Show warning when kernel version changes
2024-02-29 12:03:02 +01:00
Lyn Fugmann
7f70ae990c
ftp: custom 403 error page
2024-02-27 14:06:06 +01:00
Rouven Seifert
b3ee1d8e23
nix: flake update
2024-02-25 23:27:39 +01:00
Rouven Seifert
ae74749c28
tomate: add ifsr cache
2024-02-25 23:26:13 +01:00
Rouven Seifert
794b565e07
nix-serve: fix port
2024-02-25 23:16:47 +01:00
Rouven Seifert
a364e28bb8
nix-serve: init at cache.ifsr.de
2024-02-25 23:10:43 +01:00
Rouven Seifert
e4bb60adff
padlist: remove
...
moved to https://github.com/fsr/padlist
2024-02-25 22:16:37 +01:00
Rouven Seifert
522351905c
quitte: enable memory resource control
...
Limits the Memory of some important slices via systemd cgroup management.
- nix-daemon may not use more than 32 GB of Memory
- all users together may not use more than 32GB of Memory
See man systemd.resource-control(5) for more detailed information.
2024-02-25 21:52:36 +01:00