| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Delete all old code and configuration to start from scratch with Guix only | EuAndreh | 2022-03-07 | 7 | -0/+0 |
| | | | | | | | | | | | Delete files related to: - Terraform - opt/* - scripts/deploy - secrets/* - git-crypt - Nix | ||||
| * | opt/secrets/: Add | EuAndreh | 2021-07-29 | 1 | -0/+0 |
| | | |||||
| * | Remove terraform state | EuAndreh | 2021-03-07 | 2 | -0/+0 |
| | | |||||
| * | Add WIP servers/nixvps/ | EuAndreh | 2021-02-25 | 1 | -0/+0 |
| | | |||||
| * | Delete Vultr vps resources | EuAndreh | 2021-02-23 | 2 | -0/+0 |
| | | |||||
| * | mv secrets/mail/ -> secrets/vps/mail/ | EuAndreh | 2021-02-21 | 2 | -0/+0 |
| | | |||||
| * | Update tfstate file | EuAndreh | 2021-01-16 | 2 | -0/+0 |
| | | |||||
| * | Remove old secrets/base-image-old-password.txt | EuAndreh | 2021-01-16 | 1 | -0/+0 |
| | | |||||
| * | Checkpoint: Working vps.tf declaration after Vultr migration | EuAndreh | 2021-01-15 | 2 | -0/+0 |
| | | |||||
| * | Remove secrets/terraform/tfstate-backups/ | EuAndreh | 2021-01-15 | 2 | -0/+0 |
| | | |||||
| * | Remove secrets/terraform/plan-files/ and terraform-apply.sh | EuAndreh | 2021-01-15 | 81 | -0/+0 |
| | | |||||
| * | vps.tf: Add CNAME "*" subdomain alias | EuAndreh | 2020-11-28 | 3 | -0/+0 |
| | | |||||
| * | Terraform: Add email DNS records (DKIM, DMARC, SPF) | EuAndreh | 2020-11-26 | 17 | -0/+0 |
| | | |||||
| * | Remove default.nix and shell.nix | EuAndreh | 2020-11-18 | 3 | -0/+0 |
| | | |||||
| * | Remove most Nix files | EuAndreh | 2020-11-18 | 10 | -0/+0 |
| | | |||||
| * | Add base Guix configuration and start switching to it | EuAndreh | 2020-11-16 | 5 | -0/+0 |
| | | | | | | | | | | | | | | | | | - remove NixOS stateVersion from .envrc; - add guix-reconfigure.sh; - add vps.scm with initial Guix system configuration; - update vps.tf to use the new "base-guix" snapshot. The "base-guix" image doesn't need a password. The "andreh" users has one, but it is configured for not requiring it when running commands as "sudo". The expected minimal steps one has to go through for privilege scalation is via the SSH private key, and accessing the VPS via SSH. Since password login is disabled and root can't login via SSH either, only the private SSH key allows access to the server. After that, the attacker will be able to run commands as root. | ||||
| * | Forget existing resource to start working on new VPS | EuAndreh | 2020-11-16 | 1 | -0/+0 |
| | | |||||
| * | Update terraform generated files | EuAndreh | 2020-11-02 | 5 | -0/+0 |
| | | |||||
| * | Use SQLite instead of PostgreSQL: simplify operations and backup | EuAndreh | 2020-09-23 | 1 | -0/+0 |
| | | |||||
| * | Remove mautrix files | EuAndreh | 2020-09-22 | 1 | -0/+0 |
| | | | | | | Instead create a module from the mautrix-whatsapp and start using mautrix-telegram module from nixpkgs. | ||||
| * | Initial setup for Telegram in Matrix, but it is still not working | EuAndreh | 2020-09-19 | 2 | -0/+0 |
| | | |||||
| * | Refactor vps-configuration.nix: Split secrets from config and envsubst vars | EuAndreh | 2020-09-06 | 19 | -2/+0 |
| | | | | | Also rename thingTLD to thingDomain. | ||||
| * | Use dynamic toggle for prosody | EuAndreh | 2020-09-06 | 1 | -0/+0 |
| | | |||||
| * | Add mediator documentation | EuAndreh | 2020-09-02 | 1 | -0/+0 |
| | | |||||
| * | Add cement documentation | EuAndreh | 2020-09-02 | 1 | -0/+0 |
| | | |||||
| * | Build new VPS server from snapshot using bigger machine | EuAndreh | 2020-08-29 | 4 | -0/+0 |
| | | | | | | | | I'm using the snapshot here because I don't have any backup system yet, ¯\_(ツ)_/¯ This should be reverted on vps.tf after applying, and I should get down to doing automatic backups. | ||||
| * | Add ci-logs from static files | EuAndreh | 2020-08-28 | 1 | -0/+0 |
| | | |||||
| * | Enable automatic backup for VPS server | EuAndreh | 2020-08-25 | 3 | -0/+0 |
| | | |||||
| * | Add pires-prod deployment | EuAndreh | 2020-08-25 | 1 | -0/+0 |
| | | |||||
| * | Add subdomain for pires documentation | EuAndreh | 2020-08-24 | 1 | -0/+0 |
| | | |||||
| * | Remove matterbridge code | EuAndreh | 2020-08-24 | 1 | -0/+0 |
| | | |||||
| * | WIP Fix Converse.js setup | EuAndreh | 2020-08-23 | 1 | -0/+0 |
| | | |||||
| * | Chage DNS record of prosody | EuAndreh | 2020-08-23 | 7 | -0/+0 |
| | | | | | | | Terraform file changes were du to me initially trying to do this via creating a SRV DNS record. However this is not required, because Prosody is already on the $TLD sever, the only difference being that it is listening on a different port. | ||||
| * | Update prosody user | EuAndreh | 2020-08-23 | 1 | -0/+0 |
| | | |||||
| * | Use fold to mkdir and chmod all data folders | EuAndreh | 2020-08-23 | 1 | -0/+0 |
| | | |||||
| * | Fix DATA_ROOT permissions | EuAndreh | 2020-08-22 | 1 | -0/+0 |
| | | |||||
| * | Remove old matterbridge configuration | EuAndreh | 2020-08-22 | 1 | -0/+0 |
| | | |||||
| * | Add songbooks documentation DNS address | EuAndreh | 2020-08-22 | 6 | -0/+0 |
| | | |||||
| * | WIP: reenable prosody and matterbridge, and add PDFs | EuAndreh | 2020-08-22 | 7 | -0/+0 |
| | | |||||
| * | Add songbooks documentatation | EuAndreh | 2020-08-20 | 1 | -0/+0 |
| | | |||||
| * | Checkpoint: Shut down Prosody and matterbridge | EuAndreh | 2020-08-19 | 1 | -0/+0 |
| | | | | | Full reasoning under "Decisions" section inside TODOs.org. | ||||
| * | Checkpoint: working matterbridge server | EuAndreh | 2020-08-18 | 1 | -0/+0 |
| | | | | | | | | | | | | | | | | | I was able to make matterbridge work, but only to realize that it doesn't support private groups on most services. So I can't use this as a replacement for other chat systems as I desired. I ended up using my conversations.im account due to the lack of MUC support in my current server. I was also able to setup the Converse client, but my Prosody server also doesn't have HTTP (or WebSockets, I don't remember) yet, so it didn't work for my server. So this may serve as a useful future reference, but I pan to turn off the matterbridge server itself. | ||||
| * | Checkpoint: Working Prosody server | EuAndreh | 2020-08-16 | 1 | -0/+0 |
| | | | | | Use NGINX to create TLS certificate and then share it with prosody. | ||||
| * | Use NGINX to handle the creation of certificates for prosody | EuAndreh | 2020-08-16 | 7 | -0/+0 |
| | | | | | | | | | | | | | | | | | | | After a terraform state rm '...' of the server and domain configuration, and recreating the instance again while leaving the dettached one running. I had to do this because I was experimenting too much with the domain and I hit the Let's Encrypt rate limit[0]. Because of that I'll recreate certificates less often so that doesn't happen in the new domain during development of the VPS. I'm not shure if this solution works, but I'll commit just as a checkpoint. I had to change the custom DNS nameservers from Digital Ocean to Vultr and that may take a while, so it's worth having this as a checkpoint in time while I'm off to other things. [0]: https://letsencrypt.org/docs/rate-limits/ | ||||
| * | Deploy "boneco" project at boneco.$TLD | EuAndreh | 2020-08-15 | 1 | -0/+0 |
| | | |||||
| * | Use new image with ownership of /etc/nixos/configuration.nix by user | EuAndreh | 2020-08-15 | 5 | -0/+1 |
| | | | | | | Useful reference: - https://discourse.nixos.org/t/can-i-move-etc-nixos-to-my-dotfiles-and-symlink-it-back-to-etc-nixos/4833/10 | ||||
| * | Add generated Terraform files | EuAndreh | 2020-08-14 | 4 | -0/+0 |
| | | |||||
| * | Add updated terraform files | EuAndreh | 2020-08-14 | 2 | -0/+0 |
| | | |||||
| * | Export borg key under secrets/ | EuAndreh | 2020-08-14 | 2 | -0/+0 |
| | | |||||
| * | Stop hardcoding the user in favor of $USER_NAME | EuAndreh | 2020-08-14 | 1 | -0/+0 |
| | | |||||
 |
index : server | |
| Setup and configuration for VPS and other personal server | External SSH Git service user |
| aboutsummaryrefslogtreecommitdiff |