e6c4a20b83
hosts/plover: update miscellaneous parts of the services
2023-10-17 18:32:23 +08:00
23e32b45ac
hosts/plover: add Bind to be managed by nginx
2023-10-14 14:06:43 +08:00
1775a0febc
hosts/plover: update Bind systemd service config
2023-10-14 14:05:14 +08:00
680ec43428
hosts/plover: fix Vouch proxy settings
2023-10-14 14:04:38 +08:00
3e8987d26e
hosts/plover: update Wezterm mux server config with nginx
2023-10-14 14:04:27 +08:00
0b253e0553
hosts/plover: update Vouch proxy settings and secrets permissions
2023-10-14 11:26:33 +08:00
ac134281f8
hosts/plover: add back the custom Gitea logos
2023-10-14 11:25:26 +08:00
1ad6e7e8c5
hosts/plover: fix Grafana provider strings in settings
2023-10-14 11:14:44 +08:00
107241f553
hosts/plover: fix duplicate nginx shared memory zone
2023-10-14 11:14:09 +08:00
9527896251
hosts/plover: update Grafana and PostgreSQL integration
2023-10-14 11:01:57 +08:00
7430d992f2
hosts/plover: fix nginx code for Grafana server
2023-10-13 16:55:39 +08:00
2632b75bf2
hosts/plover: properly add nginx upstreams
...
Even though this is unlikely to be scaled further, we're just being good
sysadmins (or at least roleplaying as one).
2023-10-13 16:48:02 +08:00
8fbdc73478
hosts/plover: update Grafana settings
2023-10-11 13:06:41 +08:00
3ee04bb812
chore: reformat codebase
2023-10-09 20:48:01 +08:00
2dbb3ed68c
services/vouch-proxy: restructure for multiple instances
...
This resolves some cases where the admin does not have all of their
users within the protected domain and some in others.
2023-10-09 20:43:13 +08:00
46e38d0c96
hosts/plover: update Vouch proxy config
2023-10-09 20:26:11 +08:00
cd93122b07
hosts/plover: enable Kanidm LDAP server
2023-10-09 22:09:33 +08:00
2af2326b16
hosts/plover: update Grafana nginx and secrets config
2023-10-09 22:09:15 +08:00
a6fcc6eec6
hosts/plover: update Wezterm mux server config
...
It's not fully working but we'll get there.
2023-10-08 03:29:06 +08:00
97916aaa05
hosts/plover: init Prometheus monitoring daemon
2023-10-08 03:28:35 +08:00
6ec18948b5
hosts/plover: init Vouch proxy server
2023-10-08 03:28:14 +08:00
0eadf55fd5
hosts/plover: init Grafana server
2023-10-08 03:27:47 +08:00
f489c50aa9
hosts/plover: refactor Gitea config
2023-10-08 03:26:53 +08:00
c35b72352e
hosts/plover: update Bind config generation
2023-10-08 03:26:07 +08:00
61f8457584
hosts/plover: update nginx configuration
2023-10-04 15:53:43 +08:00
ccb05b35ae
hosts/plover: remove unused bindings
2023-10-04 13:29:29 +08:00
5f5dc2a14e
hosts/plover: add kTLS for various services
2023-10-03 15:52:42 +08:00
4c71c61768
hosts/plover: add nginx content caching for select services
2023-10-03 15:50:46 +08:00
56c0e245ca
hosts/plover: remove Portunus as LDAP server
...
It is also replaced with Kanidm (though read-only from its user store).
2023-09-28 18:48:17 +08:00
3d9351a99b
hosts/plover: delete Keycloak service entirely
...
It is now completely replaced with Kanidm.
2023-09-28 18:46:31 +08:00
8e91973c70
config: add comments
2023-09-28 18:33:00 +08:00
862fd5a07a
hosts/plover: replace Keycloak with Kanidm as SSO application
2023-09-28 18:29:09 +08:00
4adc573fcf
hosts/plover: fix string interpolation for integer
2023-09-21 21:26:13 +08:00
b31cc58adc
hosts/plover: refactor bindings
2023-09-21 12:53:18 +08:00
c3ff202b84
hosts/plover: fix credentials permission for Bind service
2023-09-21 12:52:53 +08:00
7368027cdb
hosts/plover: add DH parameters for nginx
2023-09-21 11:37:09 +08:00
0eb19acc40
hosts/plover: enable DNS-over-HTTPS for Bind server
2023-09-21 11:36:43 +08:00
eed4160b85
hosts/plover: reduce service capability
2023-09-20 11:04:45 +08:00
fbce914870
hosts/plover: cleanup Bind configuration
2023-09-19 23:45:30 +08:00
05895e11fa
hosts/plover: consolidate Bind config into configFile
2023-09-19 23:45:08 +08:00
7dacbe6963
chore: reformat codebase
2023-08-31 09:59:56 +08:00
1a74104845
hosts/plover: update Gitea files
2023-08-03 19:39:19 +08:00
101f3771a1
hosts/plover: update Wezterm mux server configuration
2023-07-28 08:53:32 +08:00
eef1ff0b32
hosts/plover: update Bind service settings
2023-07-27 22:20:50 +08:00
0ae9b2033e
hosts/plover: update Gitea tmpfiles configuration
2023-07-27 13:36:19 +08:00
187b32e7bb
hosts/plover: update Wezterm mux server config
...
This should also fix the ACME certificate self-signed permissions error
since there is no `wezterm` group (or user). We're just using systemd's
dynamic user feature in our service.
2023-07-27 13:36:05 +08:00
760e1a3233
hosts/plover: fix Keycloak pre-start script
2023-07-27 10:25:32 +08:00
9c2e3ee1bf
hosts/plover: fix Bind9 pre-start script
2023-07-27 10:25:06 +08:00
87de61fba8
hosts/plover: add Keybase verification key
2023-07-22 10:39:23 +08:00
a2ab1f09a8
hosts/plover: fix Vaultwarden hardened service
2023-07-20 10:42:43 +08:00
