Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2025-11-27 01:56:16 -05:00
Code Issues Projects Releases Packages Wiki Activity
853 commits 1 branch 0 tags 3.5 MiB
Commit graph

853 commits

This branch
This branch
All branches
Author SHA1 Message Date
Daniel Micay
2425756c2a pacreport: add syslog-ng configuration sub-directory 2025-11-15 06:21:45 -05:00
Daniel Micay
0db92863c3 reboot: add BGP integration 2025-11-14 21:27:51 -05:00
Daniel Micay
da67af9299 add lon.ns1.grapheneos.org 2025-11-14 17:17:09 -05:00
Daniel Micay
79255e34b3 switch to geolocation-based pkgbuild.com mirror 2025-11-14 05:36:02 -05:00
Daniel Micay
4caf974bf4 nftables: include our own anycast addresses 2025-11-14 05:35:58 -05:00
Daniel Micay
af9b254ff6 ns2: add IPv4 address from our anycast /24 2025-11-14 05:35:58 -05:00
Daniel Micay
b600418a27 networkd: add comments for anycast addresses 2025-11-14 05:35:58 -05:00
Daniel Micay
4c9be33036 networkd: remove unnecessary [Address] sections 2025-11-14 05:35:58 -05:00
Daniel Micay
21b9f52b4a add mia.ns2.grapheneos.org server 2025-11-14 05:35:58 -05:00
Daniel Micay
d682b05846 replace remaining OVH ns1 servers with Vultr 2025-11-14 05:35:58 -05:00
Daniel Micay
6819359c45 add IPv6 address from our /48 announced from BuyVM 2025-11-11 03:39:21 -05:00
Daniel Micay
80c8b239d5 add bird to ns2.grapheneos.org to use our IP space 2025-11-11 03:39:21 -05:00
Daniel Micay
f1859e38cc hosts: add list of Vultr instances 2025-11-11 03:39:21 -05:00
Daniel Micay
70cccd1e21 add IPv6 address from our /48 announced from Vultr 2025-11-11 03:39:21 -05:00
Daniel Micay
c4b5da59d5 nftables: ns1: add fq priority configuration 2025-11-11 03:39:21 -05:00
Daniel Micay
77795f92f6 replace 1.ns1.grapheneos.org server with sea.ns1.grapheneos.org 2025-11-11 03:39:21 -05:00
Daniel Micay
396086759b add lax.ns1.grapheneos.org server 2025-11-10 04:04:21 -05:00
Daniel Micay
72e3a980aa replace 0.ns1.grapheneos.org server with nyc.ns1.grapheneos.org 2025-11-09 23:20:09 -05:00
Daniel Micay
fa9e6de004 add mia.ns1.grapheneos.org server 2025-11-09 18:57:21 -05:00
Daniel Micay
8c57177aef deploy-initial-vps: handle mkinitcpio.conf split 2025-11-09 17:55:16 -05:00
Daniel Micay
cae80e26ab deploy-initial-vps: update Arch ISO image version 2025-11-09 17:55:12 -05:00
Daniel Micay
a76f259c23 certbot: add nominatim.staging.grapheneos.org 2025-11-08 23:28:40 -05:00
Daniel Micay
3b5589f117 certbot: rename 0.grapheneos.org to bhs0.grapheneos.org 2025-11-08 23:19:37 -05:00
Daniel Micay
c808621659 syslog-ng: add receive timestamps to nginx logs 
Since nginx only uses 1 second precision for the error logs and syslog
timestamps, we can use receive time on the syslog-ng side. We can switch
to source time once nginx adds RFC 5424 support which is currently in an
open pull request but will likely require changes to add a configuration
option for it. Our approach to working around this within nginx doesn't
work perfectly since $msec generates the time on-demand separately from
the timestamp used by $time_iso8601.
 2025-11-08 14:56:27 -05:00
Daniel Micay
c9fae6c345 syslog-ng: split nginx configuration into conf.d 2025-11-08 13:44:52 -05:00
Daniel Micay
3682298d01 syslog-ng: raise frac-digits to 3 2025-11-08 02:41:34 -05:00
Daniel Micay
a05232d2f6 add syslog-ng include directory 2025-11-08 01:41:56 -05:00
Daniel Micay
fa03067604 add script for checking reverse DNS 2025-11-07 23:51:33 -05:00
Daniel Micay
c15a09758b update lax.releases.grapheneos.org IPv6 address 2025-11-07 23:51:17 -05:00
Daniel Micay
459455286d use journald reload support added in systemd 258 2025-11-07 23:23:09 -05:00
Daniel Micay
4a5e91de42 count: handle nginx logs being done with syslog-ng 2025-11-07 21:56:47 -05:00
Daniel Micay
c3d7324536 certbot: merge 0.grapheneos.network into 0.grapheneos.org 2025-11-06 22:44:58 -05:00
Daniel Micay
7551794b6c grapheneos.org: switch to location-based server names 2025-11-06 22:44:33 -05:00
Daniel Micay
0195d84f25 add missing reserved ports entries for unbound 2025-11-06 22:06:47 -05:00
Daniel Micay
3c248a9bd0 add deploy-hostname script 2025-11-06 19:54:19 -05:00
Daniel Micay
ddc56da224 new naming convention for staging server hostnames 2025-11-06 19:54:09 -05:00
Daniel Micay
9e6b18e3b2 ns2.grapheneos.org: switch to location-based server names 2025-11-06 19:27:39 -05:00
Daniel Micay
2cf774ca19 releases.grapheneos.org: switch to location-based server names 2025-11-06 19:01:50 -05:00
Daniel Micay
99b32fe4a9 grapheneos.social: switch to Node.js 24 LTS 2025-11-06 11:59:13 -05:00
Daniel Micay
cb8701e6d7 nftables: style fix 2025-11-06 11:59:13 -05:00
Daniel Micay
bafb23d0ec deploy-bootloader: deploy systemd-boot-update.service.d 2025-11-06 11:59:13 -05:00
Daniel Micay
63b6247438 drop unnecessary inclusion of / in fstab 2025-11-06 11:59:13 -05:00
Daniel Micay
40351149bb add mkinitcpio.conf for servers with mdraid 2025-11-06 11:59:13 -05:00
Daniel Micay
a999a00c88 split metal and mdraid server types 2025-11-06 11:59:13 -05:00
Daniel Micay
76b88bbffa update mkinitcpio.conf 2025-11-06 11:59:13 -05:00
Daniel Micay
c9b84fdb79 logrotate: use better size+time rotation approach 2025-11-06 11:58:40 -05:00
Daniel Micay
5f2e4a45c3 logrotate: preserve existing file owner/group/mode 
wmtp and btmp are reliably created by systemd at boot with the proper
permissions which also means missingok can be dropped.
 2025-11-05 23:45:10 -05:00
Daniel Micay
eeb00c5bda logrotate: default to delayed compression with opt-in to no delay 2025-11-05 23:32:48 -05:00
Daniel Micay
04722cdd95 Revert "remove obsolete nvim tmpfiles.d configuration" 
This reverts commit 2967eb02d7.
 2025-11-05 20:24:57 -05:00
Daniel Micay
a0563b249b ssh: use AcceptEnv for COLORTERM 2025-11-05 20:23:39 -05:00