Commit graph

414 commits

Author SHA1 Message Date
Rouven Seifert e70b57490e
formatting 2024-02-02 21:18:42 +01:00
Jonas Gaffke 5b2ca5141c mysql: bind to localhost 2024-02-02 21:13:44 +01:00
Rouven Seifert c0c9249e5a
remove old wiki module 2024-02-02 21:09:58 +01:00
Rouven Seifert e1325a329a
wiki: move to wiki 2024-02-02 21:08:30 +01:00
Jonas Gaffke 454394981e quitte: add nightline and fsrewsp sites 2024-02-02 20:26:37 +01:00
Rouven Seifert dbe12fbfeb
ese: move to quitte 2024-02-02 19:54:06 +01:00
Jonas Gaffke cc09c14143 quitte: add mysql 2024-02-02 17:41:34 +01:00
Rouven Seifert b8c31b4e4a
initrd: fix network 2024-01-29 16:23:56 +01:00
Rouven Seifert ccd6290fb7
Merge pull request #81 from fsr/initrd-ssh
quitte: enable ssh in initrd
2024-01-29 16:11:00 +01:00
Rouven Seifert 48683c6b2f
nextcloud: update to nextcloud28 2024-01-29 16:04:51 +01:00
Rouven Seifert 0e2d68fb26
postfix: fix format 2024-01-28 14:26:12 +01:00
Rouven Seifert 583990556e
postfix: lift message size limit 2024-01-28 14:25:02 +01:00
Lyn Fugmann 316ffbb9e0
quitte: enable ssh in initrd 2024-01-25 19:40:22 +01:00
Rouven Seifert ffeb47cd5e
verify mail senders 2024-01-24 16:02:58 +01:00
Rouven Seifert 93baff94f1
formatting 2024-01-13 17:40:20 +01:00
Rouven Seifert 01f5df464f
zammad: set loglevel to warn 2024-01-13 17:36:22 +01:00
Rouven Seifert 1d4da79c16
fix forgejo homedir 2024-01-10 15:23:56 +01:00
Rouven Seifert 94c2a2de5d
fix integer formatting 2024-01-07 01:22:42 +01:00
Rouven Seifert d6571ac695
bacula: restrict port to agdsn networks 2024-01-07 01:16:37 +01:00
Rouven Seifert 0084a02568
git: set loglevel to WARN
- gitea is crawled by some bots and logs every request
2024-01-06 16:07:48 +01:00
Rouven Seifert bde7d0b3d4
matrix: disable spammy logging 2024-01-06 16:01:32 +01:00
Jonas Gaffke 9f465f4f66 dex: customize login page 2024-01-05 16:49:29 +01:00
quitte 693154fe1a padlist: dex openid connect login instead of basic auth 2024-01-05 15:57:32 +01:00
Jonas Gaffke 2ed00fb4c0 quitte: add vscode server 2024-01-01 17:23:01 +01:00
Rouven Seifert 86cd033cba
forgejo: fix prestart 2023-12-26 17:56:32 +01:00
Rouven Seifert b8e950d5d0
postfix: apply fix against smtp mail smuggling 2023-12-22 23:39:09 +01:00
Rouven Seifert 12fd11d18e
postgres: fix table names in backup 2023-12-18 12:06:09 +01:00
Rouven Seifert 11bdb6b8f7
zsh: disable root git reminder 2023-12-18 12:04:35 +01:00
Jonas Gaffke cc39b86e78 base: add unzip package 2023-12-15 16:03:17 +01:00
Jonas Gaffke 956908e981 userdir: add robots.txt 2023-12-15 15:48:40 +01:00
Jonas Gaffke 9607dd1b54 wiki: format 2023-12-15 12:05:43 +01:00
Jonas Gaffke 3aeec71dd4 wiki: add SyntaxHighlight extension 2023-12-15 12:02:15 +01:00
Jonas Gaffke 5ce0b2d4ec wiki: update extensions 2023-12-15 11:19:38 +01:00
Rouven Seifert 7022528b62
fix phil postgres 2023-12-14 17:32:13 +01:00
Rouven Seifert f57babf97c
use new bacula fixes 2023-12-14 15:51:52 +01:00
Rouven Seifert 8acfe6ee0c
fix checks 2023-12-14 15:42:10 +01:00
Rouven Seifert 2eb832c8a9
better homedir creation 2023-12-12 13:04:03 +01:00
Rouven Seifert 1789ac741d
formatting 2023-12-12 13:01:08 +01:00
Rouven Seifert 220136af25
tomate: init sssd 2023-12-12 12:57:47 +01:00
Rouven Seifert 2b5706b987
zammad: enable backup 2023-11-29 23:29:59 +01:00
Rouven Seifert fd5e0108f6
quitte: allow ldaps access 2023-11-28 23:00:41 +01:00
Lyn Fugmann 964183a0e7
userdir: increase upload size limit 2023-11-28 18:34:51 +01:00
Rouven Seifert e86fdf1819
tomate: init 2023-11-28 11:37:35 +01:00
Lyn Fugmann b972d22997
matrix: use upstream ldap plugin
it has been updated and supports reading bind_password from a file now
2023-11-17 20:38:36 +01:00
quitte 8a8af52ec7 zammad: init 2023-11-17 18:18:35 +01:00
Rouven Seifert 127ab9d92e
rspamd: add more headers 2023-11-16 00:07:22 +01:00
Rouven Seifert 7ad0c7d98e
bacula: close udp port
not needed for operation
2023-11-14 13:20:41 +01:00
Rouven Seifert 121a9f001e
ssh: enable mosh 2023-11-13 14:20:18 +01:00
Lyn Fugmann fe946150d7 nginx: refactor, remove hard coded vhost names 2023-11-13 11:12:58 +01:00
Rouven Seifert 87a5486114
nginx: fix newline 2023-11-13 10:04:12 +01:00
Rouven Seifert 075bc2b6fa
nginx: split logs per vhost 2023-11-13 09:51:07 +01:00
Lyn Fugmann 3e70f7a0fc
element-web: disable identity server 2023-11-10 15:42:58 +01:00
Rouven Seifert 2496192efc nextcloud: configure redis 2023-11-09 18:03:04 +01:00
Jonas Gaffke 5de01790c4 nextcloud: enable HEIC image preview 2023-11-09 15:35:26 +01:00
Jonas Gaffke 0dab62ebff postgres: increse max_connections to 1000 2023-11-09 15:29:42 +01:00
Lyn Fugmann 7e17d77b1d
nextcloud: migration changes 2023-11-08 18:40:11 +01:00
Rouven Seifert 0eeac8391d mail: enable imap_filter_sieve 2023-11-03 11:08:42 +01:00
Rouven Seifert 85e6ebbc29
fail2ban: disable tor lists
some people have legimitate interest in accessing our services via tor
in case of abuse out of these networks this commit can be reverted
2023-11-02 22:50:23 +01:00
Rouven Seifert a9d4543da7
rspamd: whitelist tu networks 2023-11-01 22:45:21 +01:00
Rouven Seifert dd50175c58
httpd: limit number of spawned processes 2023-10-28 17:35:14 +02:00
Rouven Seifert 245d5bc498
fail2ban: use nftables 2023-10-28 17:34:55 +02:00
Rouven Seifert 7b3925deca
courses-phil: use systemd credentials to load the secrets 2023-10-23 15:08:33 +02:00
Rouven Seifert 8eaf733126
fail2ban: whitelist tu ranges 2023-10-23 11:57:01 +02:00
Rouven Seifert 0899143b8c
formatting 2023-10-23 10:47:40 +02:00
Rouven Seifert 303888dfd9
nixify the manual 2023-10-23 10:27:30 +02:00
Rouven Seifert 75be7e22a3
mail: add keyword blacklist 2023-10-21 00:49:24 +02:00
quitte 5270ab09e6 add btop package 2023-10-20 21:38:28 +02:00
Rouven Seifert 3763b8b106
fail2ban: enable incremental bantime 2023-10-20 16:57:02 +02:00
Rouven Seifert a8d1444ef9
Merge pull request #76 from fsr/fail2ban-mail
fail2ban: setup postfix and dovecot
2023-10-20 12:27:58 +02:00
Rouven Seifert 0712f02d40
fail2ban: setup postfix and dovecot 2023-10-19 14:24:11 +02:00
quitte 2058b8f955 add infoscreen, manual and sharepic websites 2023-10-19 11:54:15 +02:00
Rouven Seifert c360abe7d9
ftp: remove TUD private subnet
was added on kaki back then. Probably because of some routing misconfigurations
let's embrace some hope that this is now fixed
2023-10-18 23:30:16 +02:00
Rouven Seifert ddc7179312
kanboard: add short domain 2023-10-16 11:59:06 +02:00
quitte 94c9be356c kanboard: first version 2023-10-15 13:38:48 +02:00
quitte 8c7ffab70e mautrix-telegram: enable again and small fix 2023-10-09 21:19:05 +02:00
Rouven Seifert 3d18969471
nginx: disable ip anonymizing 2023-10-08 13:43:04 +02:00
Rouven Seifert 5820741dd2
matrix: move to ifsr.de 2023-10-08 13:42:29 +02:00
Lyn Fugmann d48fb6c13a
setup fail2ban
block tor exit nodes
2023-10-04 18:49:12 +02:00
Rouven Seifert 23fb7747fb
Revert "temporarily show participants again in the course-management"
This reverts commit 39db962a2c.
2023-10-02 17:32:52 +02:00
quitte a9c8c03f08 userdir: disable php error display 2023-10-01 19:17:29 +02:00
Rouven Seifert 39db962a2c
temporarily show participants again in the course-management 2023-09-29 17:49:45 +02:00
quitte 6d277b6814 courses-phil: add redirects 2023-09-28 13:34:58 +02:00
quitte 3c17c0ad6a course-phil: on-metal fixes 2023-09-27 15:08:12 +02:00
Rouven Seifert a5d29c3338 sops: set sopsfile 2023-09-27 14:25:03 +02:00
Rouven Seifert 8908b3bbff courses: phil: init as container 2023-09-27 14:20:11 +02:00
Rouven Seifert e4b26a640b
mail: set mailUser and mailGroup 2023-09-27 11:12:07 +02:00
Rouven Seifert aa1f91c5b4
mail: fix typo 2023-09-27 11:04:37 +02:00
Rouven Seifert 201fef3084
added global spam filtering script 2023-09-27 11:03:10 +02:00
Rouven Seifert 71f4c64022
nextcloud upgrade to 27 2023-09-24 16:06:10 +02:00
Rouven Seifert 1b36010ad9
mail: disable pam authentication 2023-09-22 13:46:49 +02:00
Rouven Seifert 92efae76ed
rspamd: formatting fix 2023-09-21 21:50:36 +02:00
Rouven Seifert 7c15108f3d
rspamd: enable the neural module
so we can throw some buzzwords
2023-09-21 21:49:00 +02:00
Rouven Seifert 3b59947673
rspamd: configure dynamic blacklisting 2023-09-21 21:20:48 +02:00
quitte b35703040b nix: allow fetching the index from github 2023-09-20 22:20:49 +02:00
quitte bed0f24e94 format 2023-09-20 14:09:55 +02:00
quitte e739a60e66 userdir, zsh fixes 2023-09-20 14:07:50 +02:00
Rouven Seifert 06ec7d6e32
fix double promptinit 2023-09-19 21:08:53 +02:00
Rouven Seifert 0197610e3f
fix promptinit 2023-09-19 20:44:11 +02:00
Rouven Seifert dc65c4c5c7
don't use zsh as the default shell 2023-09-19 20:30:30 +02:00
Rouven Seifert e4e1cfd3d6
zsh: add agdsn config and comma 2023-09-19 16:03:41 +02:00