Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2024-10-01 00:55:42 -04:00
Code Issues Packages Projects Releases Wiki Activity
362 Commits 1 Branch 0 Tags 1.8 MiB
14e9cd5b76
Commit Graph

362 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel Micay
14e9cd5b76 use standard style for nftables sets 2024-03-24 16:23:54 -04:00
Daniel Micay
0ac67c38c3 allow IPv6 SSH for discuss.grapheneos.org 
This could be useful and disabling it isn't necessary for blocking IPv6
connections to the forum.
 2024-03-24 15:41:13 -04:00
Daniel Micay
7b64ffd4cd simplify nftables based on strong host model 2024-03-24 15:22:00 -04:00
Daniel Micay
59984a477c enforce strong host model via nftables 2024-03-24 14:36:24 -04:00
Daniel Micay
eb55afa3a8 reorganize sysctl configuration 2024-03-24 11:03:31 -04:00
Daniel Micay
51a4f8ca7a extend disabling ICMP redirects 2024-03-24 10:43:37 -04:00
Daniel Micay
ec2cbbdb4e enforce strict reverse path filtering via nftables 2024-03-23 13:35:49 -04:00
Daniel Micay
81fa5f8ebd use standard log rotation approach for wtmp/btmp 2024-03-20 23:43:48 -04:00
Daniel Micay
455ef92c18 disable chrony client log 
This is only needed to support clients using the interleaved mode. We
only use chrony as a server on our network servers and the clients are
only using SNTP via xtra-daemon so we don't need this. This frees up a
little bit of memory and avoids having a list of recent clients stored
in memory.
 2024-03-20 23:24:57 -04:00
Daniel Micay
e1df22a68f clean up session ticket rotation scripts 2024-03-20 22:55:40 -04:00
Daniel Micay
f35dc08868 split grapheneos.org hosts array 2024-03-18 21:10:47 -04:00
Daniel Micay
f6d6b0584b use larger journal for matrix.grapheneos.org too 2024-03-17 19:47:36 -04:00
Daniel Micay
bcfa2aef63 add basic inputrc 2024-03-14 15:48:53 -04:00
Daniel Micay
d5653b25f2 increase 0.grapheneos.network journal size 2024-03-12 11:40:26 -04:00
Daniel Micay
d57ca21e06 add sqlite-analyzer to attestation servers 2024-03-08 11:54:02 -05:00
Daniel Micay
e9d90bf88b lsof replaced with lsfd 2024-03-06 16:53:42 -05:00
Daniel Micay
c8d359af57 disable mkinitcpio fallback image 2024-03-04 13:13:58 -05:00
Daniel Micay
8591cb9354 raise 2.grapheneos.network journal size to 2G 2024-03-03 15:47:19 -05:00
Daniel Micay
14174e90f4 nginx-rotate-session-ticket-keys: drop unnecessary time sync 2024-03-03 09:57:30 -05:00
Daniel Micay
fb8775bb85 use checksum-based rsync 2024-03-03 09:55:02 -05:00
Daniel Micay
d8b70fce4f raise journal size for high log volume servers 2024-03-01 10:05:39 -05:00
Daniel Micay
16e3df0c39 raise max log size for OVH network instances 2024-02-29 13:58:38 -05:00
Daniel Micay
67a71a5cd3 count: drop 3rd gen Pixels 2024-02-24 19:19:59 -05:00
Daniel Micay
23207e99bf replace 4.releases.grapheneos.org server 2024-02-24 10:34:52 -05:00
Daniel Micay
c9cceb3bc0 explicit set XFS allocation group count 2024-02-24 10:28:10 -05:00
Daniel Micay
e0d5ff2fb2 enable deploy-initial script 2024-02-24 10:22:19 -05:00
Daniel Micay
b185e04a2c update install image to 2024.02.01 2024-02-24 10:21:24 -05:00
Daniel Micay
0899b7e984 update python dependencies 2024-02-23 13:04:36 -05:00
Daniel Micay
827324d15d stop generating unused en_US.UTF-8 locale 
We only use the C.UTF-8 locale now.
 2024-02-15 13:56:29 -05:00
Daniel Micay
5b25870f96 enable reboot on systemd crash caught systemd 2024-02-13 13:07:51 -05:00
Daniel Micay
2e7058e9c4 replace certbot log rotation with logrotate 2024-02-13 12:38:14 -05:00
Daniel Micay
e81e9feef3 replace MaxRetentionSec to stop excessive rotation 2024-02-13 11:30:56 -05:00
Daniel Micay
d39937fc6c disable currently unused energy aware scheduling 2024-02-12 16:13:45 -05:00
Daniel Micay
bd9a3d97d7 update python dependencies 2024-02-08 15:08:27 -05:00
Daniel Micay
81307b3bb9 add authorized_keys to gitignore 2024-02-03 17:48:56 -05:00
Daniel Micay
86d582ba2b add stripped down initial deployment script 2024-02-03 17:47:41 -05:00
Daniel Micay
154811ab1e add uptime to dns stats 2024-02-03 17:30:22 -05:00
Daniel Micay
963921413e add 8th generation Pixels to count script 2024-02-02 14:46:39 -05:00
Daniel Micay
a010e02c52 use leaner format for update log output 2024-02-02 07:26:36 -05:00
Daniel Micay
6989905361 add updatedb drop-in unit to pacreport exclusions 2024-02-01 18:01:06 -05:00
Daniel Micay
d583da0a65 disable sending console output to unused ttyS0 2024-02-01 16:39:33 -05:00
Daniel Micay
2fe25c5218 grub: remove extra space 2024-01-31 21:28:14 -05:00
Daniel Micay
69c7803b31 update python dependencies 2024-01-30 14:37:31 -05:00
Daniel Micay
4371062b71 add sshpass on mail.grapheneos.org 2024-01-26 00:41:51 -05:00
Daniel Micay
50de6d59c0 switch main domain for ECDSA mail server cert 2024-01-25 12:55:57 -05:00
Daniel Micay
88eba9a5fe update copyright notice 2024-01-25 01:57:18 -05:00
Daniel Micay
a5fa9f930f update certbot-ocsp-fetcher 2024-01-25 01:23:49 -05:00
Daniel Micay
0e3521564c replace mail.grapheneos.org server 2024-01-24 22:53:09 -05:00
Daniel Micay
da98484270 replace attestation.app server 2024-01-23 19:15:19 -05:00
Daniel Micay
7213c1745a replace 2.grapheneos.org and 2.grapheneos.network 2024-01-22 01:39:38 -05:00