Commit graph

482 commits

Author SHA1 Message Date
Rouven Seifert d5ab09207a
core: set zsh as default shell for the root user 2024-04-16 21:44:48 +02:00
Rouven Seifert 375674b1b4
nginx: fix the http3 wordpress fix 2024-04-16 20:51:16 +02:00
Rouven Seifert 08893439e7
http3: attempt a fix for wordpress sites 2024-04-16 20:36:44 +02:00
Rouven Seifert 0d4283f109
Revert "nginx: disable http3 to prevent wordpress error"
This reverts commit 8606e89c03.
2024-04-16 20:32:29 +02:00
Rouven Seifert c534e2a8e1
nix-serve: use nix-serve-ng 2024-04-12 11:21:52 +02:00
Rouven Seifert c04bef7173
forgejo: move into dedicated folder and enable initial action support 2024-04-11 15:27:10 +02:00
Lyn Fugmann cc98ba62b3
forgejo: add migration fix patch 2024-04-11 14:04:10 +02:00
Rouven Seifert 5edc459dba
mailman: prevent sending emails to unknown accounts 2024-04-10 10:46:18 +02:00
Jonas Gaffke 8606e89c03 nginx: disable http3 to prevent wordpress error 2024-04-09 18:38:59 +02:00
Rouven Seifert 3b48a937c8
nightline & ewsp: add www. subdomain 2024-04-04 17:12:38 +02:00
Rouven Seifert a0132fa7cf
nginx: enable http3 2024-04-03 14:59:57 +02:00
Rouven Seifert 7e03d4574f
treewide: formatting 2024-03-28 22:10:39 +01:00
Rouven Seifert aa86572079
activation: remove initrd 2024-03-28 22:08:25 +01:00
Rouven Seifert 6bfd7c8e9c
logging: give up on dates in logrotate 2024-03-28 22:02:09 +01:00
Rouven Seifert d482e15bcb
forgot about tomate 2024-03-28 21:01:32 +01:00
Rouven Seifert 4334b5ef50
treewide: minor cleanups 2024-03-28 20:55:47 +01:00
Rouven Seifert f2af8d0a75
quitte: move back to bare-metal
Das Proxmox ist tot. Lang lebe NixOS!
2024-03-28 18:06:41 +01:00
tenksom e18a99c452 fixing user groups for websides
Co-authored-by: fugi <me@fugi.dev>
Co-authored-by: tenksom <joachim@stramke.com>
2024-03-28 16:01:12 +01:00
Rouven Seifert 4f1f88a779
nginx: streamline all forceSSL and enableACME directives in one file 2024-03-25 19:34:47 +01:00
Rouven Seifert ddd2514cdb
activation script: fix kernel warning 2024-03-19 11:30:00 +01:00
Jonas Gaffke ba2f0fb86b
grav: try dex login 2024-03-17 15:48:54 +01:00
tenksom 30b4bf9540
fixing wrong timezone on ftp 2024-03-16 22:41:36 +01:00
Rouven Seifert 1e689b6c40
Merge pull request #86 from fsr/log-retention
core: configure log retention
2024-03-15 11:33:15 +01:00
Rouven Seifert d3da0eab79
rspamd: fix dmarc domain 2024-03-15 00:10:19 +01:00
Rouven Seifert 66a554a13b
core: configure log retention 2024-03-14 23:59:42 +01:00
Rouven Seifert 7023c328d9
mail: move mailman options to mailman.nix 2024-03-14 00:09:06 +01:00
Rouven Seifert 39320d987c
matrix: move into folder 2024-03-12 12:34:20 +01:00
Rouven Seifert fea01b0b2e
courses: move into folder 2024-03-12 12:11:44 +01:00
Rouven Seifert 527651706e
options: move to tree root 2024-03-12 12:06:21 +01:00
Rouven Seifert 01bcc9ecad
refactor: streamline core modules into dedicated folder 2024-03-12 12:03:29 +01:00
Rouven Seifert b429e6468f
refactor: streamline all websites into one folder 2024-03-12 11:49:01 +01:00
Rouven Seifert 71fdea75be
refactor: split mail into modules 2024-03-12 11:41:04 +01:00
Rouven Seifert 736c84cce9
treewide: ran deadnix 2024-03-11 22:49:12 +01:00
Rouven Seifert 05a5e085d8 ftp: fix content type for komplefprüfungen 2024-03-11 12:04:31 +01:00
Rouven Seifert d1fca836b9
mail: match smtp banner to rDNS 2024-03-08 14:41:03 +01:00
Rouven Seifert 8fe2173040
rspamd: fix rspamd signing for mailman
Mails to the big mailing lists currently fail dkim checking since we add
a footer and rewrite the subject. To not trigger DMARC fails, we sign all
outgoing mails from local networks with our domain.
2024-03-07 14:56:21 +01:00
Rouven Seifert b9559cf5ce
pad: wiki: add robots.txt 2024-03-06 20:59:11 +01:00
Rouven Seifert c04e11a958
mailman: add robots.txt 2024-03-06 20:49:02 +01:00
Lyn Fugmann 71cb425527
Merge remote-tracking branch 'origin/portunus2' 2024-03-06 12:44:18 +01:00
Rouven Seifert 08e43cf903
Merge pull request #82 from fsr/opendkim
Disable opendkim
2024-03-05 17:25:47 +01:00
Rouven Seifert 1955aa3cb2
rspamd: change dkim selector 2024-03-05 17:11:59 +01:00
Rouven Seifert c36a242b35
rspamd: remove faulty allow_hdrfrom_mismatch option 2024-03-05 17:05:37 +01:00
Lyn Fugmann 2d7ed61384
use portunus from nixos-unstable 2024-03-05 15:24:28 +01:00
Rouven Seifert 71bc8234a2
opendkim: disable 2024-03-04 22:44:53 +01:00
Rouven Seifert 8e8cc54f75 mail: configure periodically sent dmarc aggregate reports 2024-03-04 22:40:04 +01:00
Rouven Seifert a1bfa3f7e1
ldap: switch to sssd on quitte 2024-03-04 22:14:24 +01:00
Rouven Seifert a3e15cc105
rspamd: migrate redis to unix sockets 2024-03-04 19:47:09 +01:00
Rouven Seifert 4e1cf47b7b
mail: test rspamd signing with rspamd 2024-03-04 12:08:50 +01:00
Lyn Fugmann 0cf95c4c34
Add hendrik's pgp and ssh keys 2024-02-29 16:24:21 +01:00
Lyn Fugmann 4f5148fbf4
Show warning when kernel version changes 2024-02-29 12:03:02 +01:00
Lyn Fugmann 7f70ae990c
ftp: custom 403 error page 2024-02-27 14:06:06 +01:00
Rouven Seifert 794b565e07
nix-serve: fix port 2024-02-25 23:16:47 +01:00
Rouven Seifert a364e28bb8
nix-serve: init at cache.ifsr.de 2024-02-25 23:10:43 +01:00
Rouven Seifert f9fca746f7
decisions: fix secret 2024-02-22 12:20:21 +01:00
Rouven Seifert d84ad31126
mail: configure optional archive mailbox
This enables the 'Archive' special use for Mailboxes according to
RFC 6154 [0]. Most Mailclients support this out of the box

[0] https://www.rfc-editor.org/rfc/rfc6154.html
2024-02-21 14:02:26 +01:00
Rouven Seifert 22ca2010a0
initrd: fix command to unlock disk 2024-02-19 11:35:22 +01:00
Rouven Seifert fecff52804
ewsp: fix nginx group 2024-02-18 14:58:29 +01:00
tenksom a97f94e4b1 fixed nginx group for nightline 2024-02-18 12:54:21 +01:00
Jonas Gaffke b9a216ad59
decisions: add dex openid connect client 2024-02-05 22:01:11 +01:00
quitte ef42822101 Merge branch 'main' of github.com:fsr/fruitbasket 2024-02-04 13:08:18 +01:00
quitte bf6585a833 decisions: fix typs 2024-02-04 13:08:14 +01:00
quitte 594e672df4 decisions: add timer for tex to db 2024-02-04 13:07:41 +01:00
Rouven Seifert 6d6585c78f
formatting 2024-02-03 20:49:47 +01:00
Jonas Gaffke 81a83d7989
strukturbot: move to quitte 2024-02-03 20:48:34 +01:00
Rouven Seifert 826758e138
decisions: init secrets 2024-02-03 20:17:06 +01:00
Jonas Gaffke cd10890f1b
decisions: init 2024-02-03 20:05:52 +01:00
Rouven Seifert 2e5f4fbe23
nextcloud: deprecate oc.ifsr.de 2024-02-02 21:53:54 +01:00
Rouven Seifert e198002d60
mysql: enable backups 2024-02-02 21:41:44 +01:00
Rouven Seifert e70b57490e
formatting 2024-02-02 21:18:42 +01:00
Jonas Gaffke 5b2ca5141c mysql: bind to localhost 2024-02-02 21:13:44 +01:00
Rouven Seifert c0c9249e5a
remove old wiki module 2024-02-02 21:09:58 +01:00
Rouven Seifert e1325a329a
wiki: move to wiki 2024-02-02 21:08:30 +01:00
Jonas Gaffke 454394981e quitte: add nightline and fsrewsp sites 2024-02-02 20:26:37 +01:00
Rouven Seifert dbe12fbfeb
ese: move to quitte 2024-02-02 19:54:06 +01:00
Jonas Gaffke cc09c14143 quitte: add mysql 2024-02-02 17:41:34 +01:00
Rouven Seifert b8c31b4e4a
initrd: fix network 2024-01-29 16:23:56 +01:00
Rouven Seifert ccd6290fb7
Merge pull request #81 from fsr/initrd-ssh
quitte: enable ssh in initrd
2024-01-29 16:11:00 +01:00
Rouven Seifert 48683c6b2f
nextcloud: update to nextcloud28 2024-01-29 16:04:51 +01:00
Rouven Seifert 0e2d68fb26
postfix: fix format 2024-01-28 14:26:12 +01:00
Rouven Seifert 583990556e
postfix: lift message size limit 2024-01-28 14:25:02 +01:00
Lyn Fugmann 316ffbb9e0
quitte: enable ssh in initrd 2024-01-25 19:40:22 +01:00
Rouven Seifert ffeb47cd5e
verify mail senders 2024-01-24 16:02:58 +01:00
Rouven Seifert 93baff94f1
formatting 2024-01-13 17:40:20 +01:00
Rouven Seifert 01f5df464f
zammad: set loglevel to warn 2024-01-13 17:36:22 +01:00
Rouven Seifert 1d4da79c16
fix forgejo homedir 2024-01-10 15:23:56 +01:00
Rouven Seifert 94c2a2de5d
fix integer formatting 2024-01-07 01:22:42 +01:00
Rouven Seifert d6571ac695
bacula: restrict port to agdsn networks 2024-01-07 01:16:37 +01:00
Rouven Seifert 0084a02568
git: set loglevel to WARN
- gitea is crawled by some bots and logs every request
2024-01-06 16:07:48 +01:00
Rouven Seifert bde7d0b3d4
matrix: disable spammy logging 2024-01-06 16:01:32 +01:00
Jonas Gaffke 9f465f4f66 dex: customize login page 2024-01-05 16:49:29 +01:00
quitte 693154fe1a padlist: dex openid connect login instead of basic auth 2024-01-05 15:57:32 +01:00
Jonas Gaffke 2ed00fb4c0 quitte: add vscode server 2024-01-01 17:23:01 +01:00
Rouven Seifert 86cd033cba
forgejo: fix prestart 2023-12-26 17:56:32 +01:00
Rouven Seifert b8e950d5d0
postfix: apply fix against smtp mail smuggling 2023-12-22 23:39:09 +01:00
Rouven Seifert 12fd11d18e
postgres: fix table names in backup 2023-12-18 12:06:09 +01:00
Rouven Seifert 11bdb6b8f7
zsh: disable root git reminder 2023-12-18 12:04:35 +01:00
Jonas Gaffke cc39b86e78 base: add unzip package 2023-12-15 16:03:17 +01:00
Jonas Gaffke 956908e981 userdir: add robots.txt 2023-12-15 15:48:40 +01:00
Jonas Gaffke 9607dd1b54 wiki: format 2023-12-15 12:05:43 +01:00
Jonas Gaffke 3aeec71dd4 wiki: add SyntaxHighlight extension 2023-12-15 12:02:15 +01:00