|
|
6c7bb2b2a9
|
hosts/gms-01: enable crowdsec-firewall-bouncer
|
2025-11-10 15:37:09 -08:00 |
|
|
|
afc111a983
|
hosts/test-nixos: disable crowdsec-firewall-bouncer
|
2025-11-09 20:14:20 -08:00 |
|
|
|
0be7d44784
|
hosts: enable crowdsec-firewall-bouncer for hel-01 and nbg-01
|
2025-11-09 18:55:24 -08:00 |
|
|
|
bc69a69ddb
|
hosts/lax-01: fix reference to fwBouncerLapiKey
|
2025-11-09 18:22:29 -08:00 |
|
|
|
7d131891f2
|
hosts/lax-01: configure crowdsec-firewall-bouncer
|
2025-11-09 18:18:49 -08:00 |
|
|
|
0314578c32
|
hosts/test-nixos: use path attr of secret for apiKeyFile
|
2025-11-09 17:58:48 -08:00 |
|
|
|
35485dda87
|
hosts/test-nixos: enable crowdsec-firewall-bouncer
|
2025-11-09 17:47:43 -08:00 |
|
|
|
7d9f8aad20
|
hosts/app-01: remove owner attr from stirling env file
|
2025-11-02 21:06:43 -08:00 |
|
|
|
32bbf23e2f
|
hosts/app-01: add config and secrets for stirling-pdf
|
2025-11-02 20:51:15 -08:00 |
|
|
|
57f30e79d5
|
all files: run nixfmt formatter
|
2025-11-02 07:56:50 -08:00 |
|
|
|
208cb1f42a
|
hosts/riv-01: remove fileSystems entry
|
2025-11-02 01:47:41 -07:00 |
|
|
|
e5d2637e59
|
hosts/riv-01: add fileSystems entry
|
2025-11-02 01:45:21 -07:00 |
|
|
|
a0f19cd0a0
|
hosts/lax-01: run formatter on hardware-configuration
|
2025-11-02 01:40:13 -07:00 |
|
|
|
333e79fa1d
|
hosts/nbg-01: add params to disko module
|
2025-11-02 01:32:14 -07:00 |
|
|
|
dbd6d40341
|
hosts/riv-01: add disko module
|
2025-11-02 01:30:48 -07:00 |
|
|
|
19b6c88902
|
hosts/riv-01: new tailscale host for exit node
|
2025-11-02 01:19:31 -07:00 |
|
|
|
2b71a3f01f
|
hosts/print-01: change serverAlias to loopback IP, not localhost
|
2025-10-24 16:03:51 -04:00 |
|
|
|
241674cb83
|
hosts/lax-01: Hostsni -> HostSNI
|
2025-10-24 11:53:22 -04:00 |
|
|
|
46e4aa90de
|
hosts/lax-01: add iPhone ssh key
|
2025-10-24 08:12:22 -04:00 |
|
|
|
e7845c4800
|
hosts/lax-01: enable tailscale exit node
|
2025-10-20 10:01:39 -07:00 |
|
|
|
35eac0db2e
|
hosts/hel-01: add config and credentials for borg backups
|
2025-10-19 11:36:44 -07:00 |
|
|
|
4af5feb6c8
|
hosts/nbg-01: use correct repo path for borg backups
|
2025-10-19 11:31:27 -07:00 |
|
|
|
638f1d61fe
|
hosts/nbg-01: add borgmatic config
|
2025-10-19 11:27:43 -07:00 |
|
|
|
69bb2a900f
|
hosts/lax-01: add int port for db in container
|
2025-10-19 08:01:37 -07:00 |
|
|
|
2e4027f09b
|
hosts: cleanup formatting for sops.secrets blocks
|
2025-10-19 07:56:07 -07:00 |
|
|
|
a5952afb88
|
hosts/lax-01: enable sops credentials for borg
|
2025-10-19 07:53:05 -07:00 |
|
|
|
3658b6dd0d
|
hosts/lax-01: add borgmatic config
|
2025-10-19 07:46:14 -07:00 |
|
|
|
0fe2de0826
|
hosts/borg-01: add keys for hel-01,lax-01,nbg-01
|
2025-10-19 07:28:24 -07:00 |
|
|
|
b2d590a899
|
hosts: enable crowdsec-firewall-bouncer module for web-exposed hosts
|
2025-10-18 22:48:16 -07:00 |
|
|
|
cd1c09f28e
|
hosts/nbg-01: add config for crowdsec traefik bouncer
|
2025-10-18 15:23:22 -07:00 |
|
|
|
6fc106abad
|
hosts/lax-01: set permission for bouncer key to traefik
|
2025-10-18 15:08:55 -07:00 |
|
|
|
a373364c25
|
hosts/lax-01: enable crowdsec-traefik-bouncer module
|
2025-10-18 13:52:24 -07:00 |
|
|
|
a55d163bae
|
hosts/log-01: consolidate sops.secrets blocks
|
2025-10-18 13:50:37 -07:00 |
|
|
|
1d54f46eb5
|
services/crowdsec: move EnvironmentFile opt into module
|
2025-10-18 12:39:56 -07:00 |
|
|
|
a628d97de1
|
hosts/log-01: disable postgres database
|
2025-10-15 21:55:52 -07:00 |
|
|
|
3467638f24
|
hosts/lax-01: add mac ssh key
|
2025-10-15 13:24:10 -07:00 |
|
|
|
2e641fb37d
|
hosts/lax-01,nbg-01: redirect http traffic to https
|
2025-10-12 22:11:32 -07:00 |
|
|
|
1c6cb102e1
|
services/traefik: add set of middlewares as default for entryPoints
|
2025-10-12 21:42:02 -07:00 |
|
|
|
9459d24a49
|
hosts/log-01: add capi enroll token
|
2025-10-12 20:58:09 -07:00 |
|
|
|
1a5f1708d2
|
hosts/log-01: add capi enroll token
|
2025-10-12 20:56:18 -07:00 |
|
|
|
f7d22c3f06
|
hosts/log-01: add secrets file to crowdsec service env
|
2025-10-12 18:09:01 -07:00 |
|
|
|
45b534497b
|
hosts/log-01: enable CROWDSEC_SECRETS
|
2025-10-12 17:46:16 -07:00 |
|
|
|
8d6a8166ae
|
hosts/log-01: enable crowdsec and postgresql for log-01
|
2025-10-12 17:36:34 -07:00 |
|
|
|
8289331497
|
hosts/lax-01: enable ntfy service
|
2025-10-11 21:00:55 -07:00 |
|
|
|
a4b28c393b
|
hosts/nbg-01: place authentik@file in middlewares block
|
2025-10-11 16:43:07 -07:00 |
|
|
|
da48ce46e3
|
services/traefik: open ports 80 and 443 by default
|
2025-10-11 16:34:38 -07:00 |
|
|
|
9235b6d713
|
hosts/nbg-01: add authentik middleware
|
2025-10-11 16:27:52 -07:00 |
|
|
|
4913580f19
|
hosts/lax-01,nbg-01: open UDP/443
|
2025-10-11 16:26:51 -07:00 |
|
|
|
9860ce8a68
|
hosts/lax-01: set environmentFile for healthchecks module
|
2025-10-11 10:01:22 -07:00 |
|
|
|
46aff62bff
|
hosts/lax-01: add secrets file for healthchecks
|
2025-10-11 09:59:13 -07:00 |
|
