ac134281f8
hosts/plover: add back the custom Gitea logos
2023-10-14 11:25:26 +08:00
1ad6e7e8c5
hosts/plover: fix Grafana provider strings in settings
2023-10-14 11:14:44 +08:00
107241f553
hosts/plover: fix duplicate nginx shared memory zone
2023-10-14 11:14:09 +08:00
9527896251
hosts/plover: update Grafana and PostgreSQL integration
2023-10-14 11:01:57 +08:00
7430d992f2
hosts/plover: fix nginx code for Grafana server
2023-10-13 16:55:39 +08:00
2632b75bf2
hosts/plover: properly add nginx upstreams
...
Even though this is unlikely to be scaled further, we're just being good
sysadmins (or at least roleplaying as one).
2023-10-13 16:48:02 +08:00
025a3b5db4
hosts/plover: update secrets
2023-10-13 14:24:23 +08:00
4587a4165f
config: migrate from Terraform CLI to OpenTofu CLI
2023-10-13 14:24:10 +08:00
90210fde9c
hosts/plover: add Grafana secrets
2023-10-11 23:17:45 +08:00
8fbdc73478
hosts/plover: update Grafana settings
2023-10-11 13:06:41 +08:00
3ee04bb812
chore: reformat codebase
2023-10-09 20:48:01 +08:00
2dbb3ed68c
services/vouch-proxy: restructure for multiple instances
...
This resolves some cases where the admin does not have all of their
users within the protected domain and some in others.
2023-10-09 20:43:13 +08:00
4c6a19b3a7
hosts/plover: add secrets for Vouch proxy
2023-10-09 20:26:33 +08:00
46e38d0c96
hosts/plover: update Vouch proxy config
2023-10-09 20:26:11 +08:00
cd93122b07
hosts/plover: enable Kanidm LDAP server
2023-10-09 22:09:33 +08:00
2af2326b16
hosts/plover: update Grafana nginx and secrets config
2023-10-09 22:09:15 +08:00
0830ff0458
hosts/plover: update foodogsquared.one DNS zone
2023-10-08 14:40:57 +08:00
a6fcc6eec6
hosts/plover: update Wezterm mux server config
...
It's not fully working but we'll get there.
2023-10-08 03:29:06 +08:00
97916aaa05
hosts/plover: init Prometheus monitoring daemon
2023-10-08 03:28:35 +08:00
6ec18948b5
hosts/plover: init Vouch proxy server
2023-10-08 03:28:14 +08:00
0eadf55fd5
hosts/plover: init Grafana server
2023-10-08 03:27:47 +08:00
f489c50aa9
hosts/plover: refactor Gitea config
2023-10-08 03:26:53 +08:00
c35b72352e
hosts/plover: update Bind config generation
2023-10-08 03:26:07 +08:00
fc5eb2b0e2
hosts/plover: update Wezterm mux server config
2023-10-05 12:27:59 +08:00
61f8457584
hosts/plover: update nginx configuration
2023-10-04 15:53:43 +08:00
ccb05b35ae
hosts/plover: remove unused bindings
2023-10-04 13:29:29 +08:00
24b70bf04a
hosts/plover: change backup schedule to daily
2023-10-04 13:28:43 +08:00
5f5dc2a14e
hosts/plover: add kTLS for various services
2023-10-03 15:52:42 +08:00
4c71c61768
hosts/plover: add nginx content caching for select services
2023-10-03 15:50:46 +08:00
c410ece05a
treewide: remove options attribute for modules
2023-10-02 14:26:11 +08:00
56c0e245ca
hosts/plover: remove Portunus as LDAP server
...
It is also replaced with Kanidm (though read-only from its user store).
2023-09-28 18:48:17 +08:00
3d9351a99b
hosts/plover: delete Keycloak service entirely
...
It is now completely replaced with Kanidm.
2023-09-28 18:46:31 +08:00
8e91973c70
config: add comments
2023-09-28 18:33:00 +08:00
013f751ea4
hosts/plover: update DNS zone
2023-09-28 18:32:31 +08:00
862fd5a07a
hosts/plover: replace Keycloak with Kanidm as SSO application
2023-09-28 18:29:09 +08:00
4adc573fcf
hosts/plover: fix string interpolation for integer
2023-09-21 21:26:13 +08:00
b31cc58adc
hosts/plover: refactor bindings
2023-09-21 12:53:18 +08:00
c3ff202b84
hosts/plover: fix credentials permission for Bind service
2023-09-21 12:52:53 +08:00
7368027cdb
hosts/plover: add DH parameters for nginx
2023-09-21 11:37:09 +08:00
0eb19acc40
hosts/plover: enable DNS-over-HTTPS for Bind server
2023-09-21 11:36:43 +08:00
eed4160b85
hosts/plover: reduce service capability
2023-09-20 11:04:45 +08:00
fbce914870
hosts/plover: cleanup Bind configuration
2023-09-19 23:45:30 +08:00
05895e11fa
hosts/plover: consolidate Bind config into configFile
2023-09-19 23:45:08 +08:00
7dacbe6963
chore: reformat codebase
2023-08-31 09:59:56 +08:00
1a74104845
hosts/plover: update Gitea files
2023-08-03 19:39:19 +08:00
3fc2d6dbc3
hosts: update system state version to 23.11
2023-08-03 13:29:00 +08:00
101f3771a1
hosts/plover: update Wezterm mux server configuration
2023-07-28 08:53:32 +08:00
eef1ff0b32
hosts/plover: update Bind service settings
2023-07-27 22:20:50 +08:00
0ae9b2033e
hosts/plover: update Gitea tmpfiles configuration
2023-07-27 13:36:19 +08:00
187b32e7bb
hosts/plover: update Wezterm mux server config
...
This should also fix the ACME certificate self-signed permissions error
since there is no `wezterm` group (or user). We're just using systemd's
dynamic user feature in our service.
2023-07-27 13:36:05 +08:00
