magic_rb
|
87400566be
|
Move Gitea over to the kubernetes "cluster"
Signed-off-by: magic_rb <magic_rb@redalder.org>
|
2024-07-12 22:04:52 +02:00 |
|
magic_rb
|
cf97fd1553
|
Switch DNS provider
Signed-off-by: magic_rb <magic_rb@redalder.org>
|
2024-06-26 23:20:16 +02:00 |
|
magic_rb
|
eac01b655c
|
Account for nftables tables not existing on bootup
Signed-off-by: magic_rb <magic_rb@redalder.org>
|
2024-06-16 00:04:56 +02:00 |
|
magic_rb
|
b161392f01
|
Setup nftables dropped traffic logging somewhat
Signed-off-by: magic_rb <magic_rb@redalder.org>
|
2024-06-08 22:52:12 +02:00 |
|
magic_rb
|
aa32366c4a
|
Don't drop the firewall on failed nftables apply
Signed-off-by: magic_rb <magic_rb@redalder.org>
|
2024-06-08 22:51:58 +02:00 |
|
magic_rb
|
c411594226
|
Forward port 8344 to uk3s ingress
Signed-off-by: magic_rb <magic_rb@redalder.org>
|
2024-06-08 22:51:31 +02:00 |
|
magic_rb
|
dab6cb7594
|
Buildbot fully working with Gitea
Signed-off-by: magic_rb <magic_rb@redalder.org>
|
2024-04-27 22:10:15 +02:00 |
|
magic_rb
|
f47cbd1801
|
Setup blowhole to heater arma forwarding
Signed-off-by: magic_rb <magic_rb@redalder.org>
|
2024-04-13 19:39:19 +02:00 |
|
magic_rb
|
066ea797a5
|
Setup uk3s.nix on blowhole
Signed-off-by: magic_rb <magic_rb@redalder.org>
|
2024-04-07 13:24:38 +02:00 |
|
magic_rb
|
61862bda34
|
Lock down SSH access from outside
Signed-off-by: magic_rb <magic_rb@redalder.org>
|
2024-03-30 23:09:27 +01:00 |
|
magic_rb
|
3ca5d0387a
|
Switch arma IP again
Signed-off-by: magic_rb <magic_rb@redalder.org>
|
2024-03-06 14:49:52 +01:00 |
|
magic_rb
|
4e549e10d0
|
Firewall changes on blowhole
Signed-off-by: magic_rb <magic_rb@redalder.org>
|
2024-03-02 21:56:49 +01:00 |
|
magic_rb
|
b87986d6d7
|
Accept blowhole minecraft port
Signed-off-by: magic_rb <magic_rb@redalder.org>
|
2024-02-11 16:21:25 +01:00 |
|
magic_rb
|
52d2b22844
|
Use path instead of export in nftables service on blowhole
Signed-off-by: magic_rb <richard@brezak.sk>
|
2023-10-07 22:47:29 +02:00 |
|
magic_rb
|
985d7ea696
|
Switch the dhcp server on blowhole to kea
Signed-off-by: magic_rb <richard@brezak.sk>
|
2023-10-07 22:44:42 +02:00 |
|
Magic_RB
|
34bb23c67f
|
Initial implementation of microvm-extras
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-09-28 10:31:25 +02:00 |
|
Magic_RB
|
b7cdd44967
|
Increase dnscrypt-proxy cache size to 32768
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-07-28 14:34:00 +02:00 |
|
Magic_RB
|
16d3d01c23
|
Tune dnscrypt-proxy2 a tiny bit
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-07-28 00:22:54 +02:00 |
|
Magic_RB
|
cbc32aef09
|
Disable wlan on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-07-18 11:44:27 +02:00 |
|
Magic_RB
|
9bc92124ed
|
Adjust firewall on blowhole to new motherboard
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-07-09 23:54:19 +02:00 |
|
Magic_RB
|
de00d86dc4
|
Accept wireguard on the WAN interface
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-07-09 23:44:15 +02:00 |
|
Magic_RB
|
c38b7e1918
|
Allow communication between containers
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-06-19 01:10:07 +02:00 |
|
Magic_RB
|
64db0229c0
|
Fix failed evaluation without secrets in blowhole/firewall.nix
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-06-18 20:08:35 +02:00 |
|
Magic_RB
|
fed32ecfca
|
Possibly functional blowhole configuration
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-06-16 16:08:09 +02:00 |
|
Magic_RB
|
b673fb12c1
|
Clean out the repository
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-06-10 10:34:14 +02:00 |
|
Magic_RB
|
8ce216d3f3
|
Add second DoH endpoint to proxy
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-05-28 16:14:30 +02:00 |
|
Magic_RB
|
6fdfe3511a
|
Rename stubby to dnscrypt-proxy2 in nftables comment on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-05-28 12:51:14 +02:00 |
|
Magic_RB
|
1b63b0aa1a
|
Allow containers in Nomad to reach Nomad
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-05-28 12:50:39 +02:00 |
|
Magic_RB
|
6bab5c1707
|
Switch out stubby for dnscrypt-proxy2
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-05-28 12:48:13 +02:00 |
|
Magic_RB
|
eec8f409d6
|
Don't block outgoing DoT traffic, iifname doesn't work in output
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-04-04 00:41:25 +02:00 |
|
Magic_RB
|
d2374ad9f6
|
Revert "Add codespace container"
This reverts commit 48066a7e0d .
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-04-03 18:40:20 +02:00 |
|
Magic_RB
|
48066a7e0d
|
Add codespace container
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-04-03 18:37:57 +02:00 |
|
Magic_RB
|
0328cac478
|
Fix ipv6 issues on blowhole which break adb
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-04-03 01:32:36 +02:00 |
|
Magic_RB
|
eae03c9699
|
fix DNS
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-03-28 00:06:49 +02:00 |
|
Magic_RB
|
a0a3ae2656
|
Get rid off the wireguard RestartSec hack
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-02-19 01:11:03 +01:00 |
|
Magic_RB
|
f923362537
|
Update inputs
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-02-19 01:03:49 +01:00 |
|
Magic_RB
|
648e6cf8c1
|
basic hostap config
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-02-14 20:18:11 +01:00 |
|
Magic_RB
|
dd50adb45f
|
Switch to the 4port intel NIC
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-02-10 00:30:41 +01:00 |
|
Magic_RB
|
0f2139f5e5
|
Make a dummy interface on blowhole until I get a physical one
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2023-02-02 10:13:40 +01:00 |
|
main
|
b1381511dd
|
Setup static IP support in dhcpd
Signed-off-by: main <magic_rb@redalder.org>
|
2022-12-21 23:19:13 +01:00 |
|
main
|
3e23308bf3
|
Fix Wireguard not being brought up after boot due to DNS failure
Signed-off-by: main <magic_rb@redalder.org>
|
2022-12-18 22:27:17 +01:00 |
|
main
|
2d3fe86f3f
|
Open port 80 on blowhole to vpn
Signed-off-by: main <magic_rb@redalder.org>
|
2022-12-07 23:01:44 +01:00 |
|
main
|
51c3c162bc
|
Fix wireguard failing to start due to DNS being late
Signed-off-by: main <magic_rb@redalder.org>
|
2022-11-27 20:21:53 +01:00 |
|
main
|
8b700b61cc
|
Make sure everything evaluates and builds even without secrets
Signed-off-by: main <magic_rb@redalder.org>
|
2022-11-23 20:48:59 +01:00 |
|
Magic_RB
|
5ec1c33f60
|
DNS related networking changes
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2022-09-26 18:46:20 +02:00 |
|
Magic_RB
|
cacd4ac151
|
Change DNS
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2022-09-17 11:55:51 +02:00 |
|
Magic_RB
|
9cb7a01750
|
Fix a little DNS issue on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2022-08-27 22:41:10 +02:00 |
|
Magic_RB
|
8e32993960
|
Enable internet access for Docker containers
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2022-08-27 22:40:29 +02:00 |
|
Magic_RB
|
2d342b2110
|
Firewall CNI compat
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2022-08-25 19:43:36 +02:00 |
|
Magic_RB
|
ecfbcc4517
|
Firewall stuff
Signed-off-by: Magic_RB <magic_rb@redalder.org>
|
2022-08-25 16:07:57 +02:00 |
|