Commit graph

364 commits

Author SHA1 Message Date
Rouven Seifert 075bc2b6fa
nginx: split logs per vhost 2023-11-13 09:51:07 +01:00
Lyn Fugmann 3e70f7a0fc
element-web: disable identity server 2023-11-10 15:42:58 +01:00
Rouven Seifert 2496192efc nextcloud: configure redis 2023-11-09 18:03:04 +01:00
Jonas Gaffke 5de01790c4 nextcloud: enable HEIC image preview 2023-11-09 15:35:26 +01:00
Jonas Gaffke 0dab62ebff postgres: increse max_connections to 1000 2023-11-09 15:29:42 +01:00
Lyn Fugmann 7e17d77b1d
nextcloud: migration changes 2023-11-08 18:40:11 +01:00
Rouven Seifert 0eeac8391d mail: enable imap_filter_sieve 2023-11-03 11:08:42 +01:00
Rouven Seifert 85e6ebbc29
fail2ban: disable tor lists
some people have legimitate interest in accessing our services via tor
in case of abuse out of these networks this commit can be reverted
2023-11-02 22:50:23 +01:00
Rouven Seifert a9d4543da7
rspamd: whitelist tu networks 2023-11-01 22:45:21 +01:00
Rouven Seifert dd50175c58
httpd: limit number of spawned processes 2023-10-28 17:35:14 +02:00
Rouven Seifert 245d5bc498
fail2ban: use nftables 2023-10-28 17:34:55 +02:00
Rouven Seifert 7b3925deca
courses-phil: use systemd credentials to load the secrets 2023-10-23 15:08:33 +02:00
Rouven Seifert 8eaf733126
fail2ban: whitelist tu ranges 2023-10-23 11:57:01 +02:00
Rouven Seifert 0899143b8c
formatting 2023-10-23 10:47:40 +02:00
Rouven Seifert 303888dfd9
nixify the manual 2023-10-23 10:27:30 +02:00
Rouven Seifert 75be7e22a3
mail: add keyword blacklist 2023-10-21 00:49:24 +02:00
quitte 5270ab09e6 add btop package 2023-10-20 21:38:28 +02:00
Rouven Seifert 3763b8b106
fail2ban: enable incremental bantime 2023-10-20 16:57:02 +02:00
Rouven Seifert a8d1444ef9
Merge pull request #76 from fsr/fail2ban-mail
fail2ban: setup postfix and dovecot
2023-10-20 12:27:58 +02:00
Rouven Seifert 0712f02d40
fail2ban: setup postfix and dovecot 2023-10-19 14:24:11 +02:00
quitte 2058b8f955 add infoscreen, manual and sharepic websites 2023-10-19 11:54:15 +02:00
Rouven Seifert c360abe7d9
ftp: remove TUD private subnet
was added on kaki back then. Probably because of some routing misconfigurations
let's embrace some hope that this is now fixed
2023-10-18 23:30:16 +02:00
Rouven Seifert ddc7179312
kanboard: add short domain 2023-10-16 11:59:06 +02:00
quitte 94c9be356c kanboard: first version 2023-10-15 13:38:48 +02:00
quitte 8c7ffab70e mautrix-telegram: enable again and small fix 2023-10-09 21:19:05 +02:00
Rouven Seifert 3d18969471
nginx: disable ip anonymizing 2023-10-08 13:43:04 +02:00
Rouven Seifert 5820741dd2
matrix: move to ifsr.de 2023-10-08 13:42:29 +02:00
Lyn Fugmann d48fb6c13a
setup fail2ban
block tor exit nodes
2023-10-04 18:49:12 +02:00
Rouven Seifert 23fb7747fb
Revert "temporarily show participants again in the course-management"
This reverts commit 39db962a2c.
2023-10-02 17:32:52 +02:00
quitte a9c8c03f08 userdir: disable php error display 2023-10-01 19:17:29 +02:00
Rouven Seifert 39db962a2c
temporarily show participants again in the course-management 2023-09-29 17:49:45 +02:00
quitte 6d277b6814 courses-phil: add redirects 2023-09-28 13:34:58 +02:00
quitte 3c17c0ad6a course-phil: on-metal fixes 2023-09-27 15:08:12 +02:00
Rouven Seifert a5d29c3338 sops: set sopsfile 2023-09-27 14:25:03 +02:00
Rouven Seifert 8908b3bbff courses: phil: init as container 2023-09-27 14:20:11 +02:00
Rouven Seifert e4b26a640b
mail: set mailUser and mailGroup 2023-09-27 11:12:07 +02:00
Rouven Seifert aa1f91c5b4
mail: fix typo 2023-09-27 11:04:37 +02:00
Rouven Seifert 201fef3084
added global spam filtering script 2023-09-27 11:03:10 +02:00
Rouven Seifert 71f4c64022
nextcloud upgrade to 27 2023-09-24 16:06:10 +02:00
Rouven Seifert 1b36010ad9
mail: disable pam authentication 2023-09-22 13:46:49 +02:00
Rouven Seifert 92efae76ed
rspamd: formatting fix 2023-09-21 21:50:36 +02:00
Rouven Seifert 7c15108f3d
rspamd: enable the neural module
so we can throw some buzzwords
2023-09-21 21:49:00 +02:00
Rouven Seifert 3b59947673
rspamd: configure dynamic blacklisting 2023-09-21 21:20:48 +02:00
quitte b35703040b nix: allow fetching the index from github 2023-09-20 22:20:49 +02:00
quitte bed0f24e94 format 2023-09-20 14:09:55 +02:00
quitte e739a60e66 userdir, zsh fixes 2023-09-20 14:07:50 +02:00
Rouven Seifert 06ec7d6e32
fix double promptinit 2023-09-19 21:08:53 +02:00
Rouven Seifert 0197610e3f
fix promptinit 2023-09-19 20:44:11 +02:00
Rouven Seifert dc65c4c5c7
don't use zsh as the default shell 2023-09-19 20:30:30 +02:00
Rouven Seifert e4e1cfd3d6
zsh: add agdsn config and comma 2023-09-19 16:03:41 +02:00
Hendrik Wolff da97f9e750 mail: Enable listescape globally 2023-09-19 14:37:07 +02:00
quitte 77c2248eee add helix editor 2023-09-19 10:33:03 +02:00
Rouven Seifert 9393915efe
mail: disable the quota check for now 2023-09-18 09:48:55 +02:00
Rouven Seifert 3c98566664
Merge pull request #67 from fsr/domain-refactor
Remove fsr domain option and use the native networking ones
2023-09-17 20:31:03 +02:00
Rouven Seifert 02cd8440f1
refactor: ran deadnix 2023-09-17 20:14:32 +02:00
Rouven Seifert 62825e357f
refactor: fsr.domain -> networking.domain 2023-09-17 20:10:55 +02:00
Hendrik Wolff b357dd8590 mail: Fix formatting of extraConfig 2023-09-17 17:05:02 +02:00
Hendrik Wolff 7ba1281909 mail: Enable the listescape plugin
Make it possible to use special characters like `.` in mail directories.
2023-09-17 16:40:12 +02:00
Rouven Seifert 220575d64b
formating 2023-09-17 16:01:51 +02:00
quitte a830d97bf9 mail migration: on-metal fixes 2023-09-17 16:00:19 +02:00
quitte e26b2c1ebe userdir: fix 403 2023-09-17 14:28:13 +02:00
Rouven Seifert b26bb94495
userdir: fix autoindex 2023-09-16 19:39:09 +02:00
Lyn Fugmann 460f9c46b3
make givenname optional in web interface 2023-09-15 19:24:27 +02:00
Rouven Seifert 0c12c14148
patch portunus to make givenname optional 2023-09-15 13:26:45 +02:00
Rouven Seifert b224f278c9
matrix, nextcloud: pin domain to staging 2023-09-15 13:04:24 +02:00
Rouven Seifert 4447cf06c4
manage all aliases in /etc/aliases 2023-09-15 12:56:19 +02:00
Rouven Seifert 5a49b73b33
postgres backup: add mailman 2023-09-14 16:03:29 +02:00
Rouven Seifert fcb4c6a36d
mailman: use postgresql 2023-09-14 14:54:09 +02:00
Rouven Seifert 8eb6545fc3
nextcloud: add legacy redicect 2023-09-06 14:22:56 +02:00
Rouven Seifert d8e3bb4689
Merge pull request #61 from fsr/imap-sieve
Mail: enable spam training through imap-sieve
2023-09-06 12:29:24 +02:00
Rouven Seifert 25d7e1bf63
ssh: add new key for rouven 2023-09-06 12:22:42 +02:00
Rouven Seifert 11b0903535
mail: put spam sieve scripts into /etc 2023-09-04 13:10:01 +02:00
Rouven Seifert a0f78133f6
mail: automatically subscribe to all important mailboxes and expunge spam 2023-09-04 11:58:23 +02:00
Rouven Seifert 76e5801d87
mail: enable spam training through imap-sieve 2023-09-04 11:58:22 +02:00
Rouven Seifert de6c5b4abf
mail: rename header x-spam to x-spam-flag 2023-09-04 10:45:21 +02:00
Rouven Seifert 04e983deb1
mail: enable spamassasin style spam headers 2023-09-04 10:29:44 +02:00
Rouven Seifert 99100ac27d
sogo: remove duplicate spam folder 2023-09-03 22:56:26 +02:00
Lyn Fugmann b68a325a3f
Merge remote-tracking branch 'origin/portunus-fixes' 2023-09-03 18:58:13 +02:00
Rouven Seifert 4c64f28a41
mail: clean sender data using header checks 2023-09-01 11:02:13 +02:00
Rouven Seifert 6dd628403c
networking: introduce rdns option 2023-09-01 10:42:22 +02:00
Rouven Seifert b3254db337
mail: update smtp_helo_hostname to match rDNS 2023-09-01 10:06:47 +02:00
Lyn Fugmann 7fdb6f9218
portunus: add patch to fix non-ascii character bug 2023-09-01 00:14:41 +02:00
quitte 202381d181 Merge remote-tracking branch 'origin/nextcloud' 2023-08-31 21:27:58 +02:00
Lyn Fugmann 39b54503d4
nextcloud: pin to version 25 for migration 2023-08-30 14:01:49 +02:00
Rouven Seifert 5ee9193a23
kpp: add redirect 2023-08-29 12:29:22 +02:00
Rouven Seifert 1a47ab4e52
kpp: move to ifsr.de 2023-08-29 12:27:13 +02:00
Rouven Seifert a83e2d7506
website: add bbb redirect 2023-08-28 19:19:19 +02:00
Rouven Seifert 1ba207e1c0
wiki: add vernetzung redirect
stura complained, actual wiki is on durian
2023-08-28 17:37:11 +02:00
quitte edc25956f5 wiki: add logo 2023-08-26 17:15:10 +02:00
quitte eadeaf4229 ldap: fix group syncing 2023-08-25 15:01:52 +02:00
Rouven Seifert 3dca54ace0
pad: set the listed tag by default 2023-08-24 20:36:30 +02:00
quitte 7fb4fa12ed undo formatting mistake 2023-08-24 16:48:19 +02:00
quitte 7d2c00ef1f nginx: fix regexes 2023-08-24 16:28:07 +02:00
Jonas Gaffke ebb066c027
enable free url 2023-08-24 16:25:15 +02:00
Rouven Seifert d669f15c49
website: pad: redirect legacy codimd pads 2023-08-24 15:33:52 +02:00
Lyn Fugmann 2ea2341e1b
nextcloud: change ldap user filter to posixAccount 2023-08-23 22:52:53 +02:00
Lyn Fugmann 91e5639123
nextcloud: refactor
- simplify database config
- run the whole preStart script as sudo, to reduce log clutter
2023-08-23 22:12:06 +02:00
Lyn Fugmann 46040f8d31
nextcloud: configure ldap automatically via nextcloud-occ cli 2023-08-23 20:56:24 +02:00
quitte 0eeb60a281 hydra: ldap fixes 2023-08-23 17:12:08 +02:00
Rouven Seifert d90e705738
hydra: init 2023-08-23 16:53:43 +02:00