Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2025-12-23 20:21:19 -05:00
Code Issues Projects Releases Packages Wiki Activity

Commit graph

  • c04decfd39 certbot: switch main profile from tlsserver to shortlived main Daniel Micay 2025-12-21 17:46:22 -05:00
  • 21412c52e3 update journald.conf Daniel Micay 2025-12-19 13:04:21 -05:00
  • 19fed3b37c remove obsolete Rage4 anycast setup from ns1 Daniel Micay 2025-12-17 22:45:45 -05:00
  • fce755c216 remove unused php-legacy packages from discuss.grapheneos.org Daniel Micay 2025-12-17 22:45:06 -05:00
  • a348ef1486 add python redis libraries to matrix.grapheneos.org Daniel Micay 2025-12-17 22:44:21 -05:00
  • 698eb7aa6b pacman: avoid extracting synapse worker example Daniel Micay 2025-12-17 07:08:39 -05:00
  • d9c1a7920d add yto.releases.grapheneos.org server Daniel Micay 2025-12-16 22:24:07 -05:00
  • 7883a60c87 switch to fastly pacman mirror Daniel Micay 2025-12-16 14:05:36 -05:00
  • 2f63a5d2c7 drop separate loading of microcode image Daniel Micay 2025-12-16 01:13:15 -05:00
  • 9691c8dbc4 migrate attestation, forum and Mastodon to netcup Daniel Micay 2025-12-15 01:46:31 -05:00
  • 46bbdf4e37 add hosts_netcup for matrix.grapheneos.org Daniel Micay 2025-12-14 06:21:31 -05:00
  • 45f70c48d8 update pacman.conf Daniel Micay 2025-12-13 16:58:42 -05:00
  • ac5a5208f7 fully migrate to GrapheneOS AS anycast IPv4 Daniel Micay 2025-12-12 16:05:48 -05:00
  • 4aa646c0f3 add sao.grapheneos.org server Daniel Micay 2025-12-10 03:38:46 -05:00
  • 00fdd34c1c deploy-initial-vps: update Arch ISO image version Daniel Micay 2025-12-10 03:20:34 -05:00
  • fd6536a5f7 add valkey to matrix.grapheneos.org Daniel Micay 2025-12-09 18:40:36 -05:00
  • 3ce34953a2 migrate to new server for Matrix Daniel Micay 2025-12-08 05:19:04 -05:00
  • 9ec41b5ae0 deploy-initial-vps: remove legacy tls group creation Daniel Micay 2025-12-08 00:09:41 -05:00
  • 1a9c1daf23 remove ovh-mitigation script Daniel Micay 2025-12-06 00:57:46 -05:00
  • abca76d110 switch to explicit sshd listen addresses Daniel Micay 2025-12-06 00:51:01 -05:00
  • 9f40af22b7 add IPv6 addresses for BGP tests Daniel Micay 2025-12-05 04:50:18 -05:00
  • 09529aec2d systemd: fix ordering nginx after syslog-ng Daniel Micay 2025-12-01 22:02:30 -05:00
  • 4261d61fa4 nftables: rename network and web rulesets Daniel Micay 2025-12-01 18:21:48 -05:00
  • 13da7aec26 nftables: remove unused rulesets Daniel Micay 2025-12-01 18:04:20 -05:00
  • 054a309f64 certbot-replicate: add dnsdist support Daniel Micay 2025-11-30 23:09:36 -05:00
  • 72950717af switch to arbitrary system gid for tls group Daniel Micay 2025-11-30 23:45:58 -05:00
  • bf96962c90 move session-ticket-keys directory into /etc/tls Daniel Micay 2025-11-30 22:55:14 -05:00
  • 1840eecbb8 nftables: update network SSH allowlist Daniel Micay 2025-11-30 16:25:30 -05:00
  • c677e729ec add sao.ns1.grapheneos.org server Daniel Micay 2025-11-29 20:35:40 -05:00
  • 2afc488760 set BuyVM static IPv6 prefix length to 48 Daniel Micay 2025-11-29 18:51:35 -05:00
  • 8c9bb5d038 remove networkd configuration for retired servers Daniel Micay 2025-11-29 18:44:18 -05:00
  • 9a991b5238 add alias for certbot with log rotation disabled Daniel Micay 2025-11-29 06:43:42 -05:00
  • 3338d6e041 certbot: disable log rotation for setup commands Daniel Micay 2025-11-28 22:15:10 -05:00
  • ed1f869841 use more consistent journald max use and max file size Daniel Micay 2025-11-26 13:59:14 -05:00
  • f0e24df323 set a default value for hosts_conntrack_size Daniel Micay 2025-11-26 10:40:37 -05:00
  • 253113acc8 replace OVH website/network servers with BuyVM Daniel Micay 2025-11-24 21:37:01 -05:00
  • 20a42021aa deploy-certbot: fix typo Daniel Micay 2025-11-24 19:49:05 -05:00
  • 0f4ab49cae remove gra.grapheneos.org server Daniel Micay 2025-11-24 12:20:10 -05:00
  • 831ed3b096 replace hio.grapheneos.org with sea.grapheneos.org Daniel Micay 2025-11-23 22:56:05 -05:00
  • 7a13f1b31e remove secondary Beauharnois web/network server Daniel Micay 2025-11-23 14:55:53 -05:00
  • 9bb6a4ee36 add syd.grapheneos.org server Daniel Micay 2025-11-23 05:02:40 -05:00
  • 535e8dfa65 replace OVH Singapore servers with a Vultr server Daniel Micay 2025-11-22 08:15:44 -05:00
  • 79cb9a5b3a nftables: remove obsolete ns1 Rage4 IPv6 address Daniel Micay 2025-11-22 00:27:38 -05:00
  • fd8644bc06 add bom.ns1.grapheneos.org and syd.ns1.grapheneos.org servers Daniel Micay 2025-11-19 01:27:07 -05:00
  • 19d902bde8 note BuyVM anycast address is only a fallback Daniel Micay 2025-11-17 03:01:16 -05:00
  • b75ea9ca9b add tyo.ns1.grapheneos.org server Daniel Micay 2025-11-16 23:48:19 -05:00
  • c122f3f782 dns-stats: add IPv4 vs. IPv6 query stats Daniel Micay 2025-11-16 23:13:51 -05:00
  • 372553255a dns-stats: use simpler pdns_control command Daniel Micay 2025-11-16 09:54:18 -05:00
  • e66ad005be drop zerotier-one from ns1.staging.grapheneos.org Daniel Micay 2025-11-16 00:20:17 -05:00
  • 029ec73c3c networkd: set PreferredLifetime=0 for anycast IPs Daniel Micay 2025-11-15 20:49:10 -05:00
  • a0ba527f9d remove gra1.grapheneos.org and las0.grapheneos.org Daniel Micay 2025-11-15 18:23:30 -05:00
  • 1fad7ca6cd add fra.grapheneos.org and hio.grapheneos.org servers Daniel Micay 2025-11-15 17:17:02 -05:00
  • 79d4fc2b9c deploy-web: improve error checking Daniel Micay 2025-11-15 15:31:23 -05:00
  • 5a17e4ba8c make /var/log/nginx permissions match log files Daniel Micay 2025-11-15 15:25:52 -05:00
  • 2682ce9439 pacreport: add syslog-ng configuration sub-directory Daniel Micay 2025-11-15 06:21:45 -05:00
  • c7276bdc2d reboot: add BGP integration Daniel Micay 2025-11-14 21:20:15 -05:00
  • 209b1b5def add lon.ns1.grapheneos.org Daniel Micay 2025-11-14 17:17:09 -05:00
  • 9d9dbb906b switch to geolocation-based pkgbuild.com mirror Daniel Micay 2025-11-14 05:36:02 -05:00
  • 1883a539d0 nftables: include our own anycast addresses Daniel Micay 2025-11-13 23:26:56 -05:00
  • d2dcec7e02 ns2: add IPv4 address from our anycast /24 Daniel Micay 2025-11-13 05:09:25 -05:00
  • 0dfb05852f networkd: add comments for anycast addresses Daniel Micay 2025-11-13 05:01:24 -05:00
  • bb86e16179 networkd: remove unnecessary [Address] sections Daniel Micay 2025-11-13 04:26:11 -05:00
  • 5adb170069 add mia.ns2.grapheneos.org server Daniel Micay 2025-11-12 23:06:36 -05:00
  • 649e2b53c4 replace remaining OVH ns1 servers with Vultr Daniel Micay 2025-11-11 04:25:00 -05:00
  • 066fdd0d09 add IPv6 address from our /48 announced from BuyVM Daniel Micay 2025-11-11 00:30:59 -05:00
  • 68ac3a8726 add bird to ns2.grapheneos.org to use our IP space Daniel Micay 2025-11-11 00:19:27 -05:00
  • 60b879deb7 hosts: add list of Vultr instances Daniel Micay 2025-11-10 14:30:56 -05:00
  • fe999c541a add IPv6 address from our /48 announced from Vultr Daniel Micay 2025-11-10 14:23:59 -05:00
  • 5b82f11b25 nftables: ns1: add fq priority configuration Daniel Micay 2025-11-10 06:40:03 -05:00
  • 5256f2e4a4 replace 1.ns1.grapheneos.org server with sea.ns1.grapheneos.org Daniel Micay 2025-11-10 05:50:21 -05:00
  • f95fa51821 add lax.ns1.grapheneos.org server Daniel Micay 2025-11-10 04:04:21 -05:00
  • 951662aeca replace 0.ns1.grapheneos.org server with nyc.ns1.grapheneos.org Daniel Micay 2025-11-09 22:29:25 -05:00
  • 4aba8d355a add mia.ns1.grapheneos.org server Daniel Micay 2025-11-09 18:57:21 -05:00
  • f0682a9aa2 deploy-initial-vps: handle mkinitcpio.conf split Daniel Micay 2025-11-09 17:54:51 -05:00
  • cc83000202 deploy-initial-vps: update Arch ISO image version Daniel Micay 2025-11-09 17:29:50 -05:00
  • e78433dbf8 certbot: add nominatim.staging.grapheneos.org Daniel Micay 2025-11-08 23:28:40 -05:00
  • d0751e07c6 certbot: rename 0.grapheneos.org to bhs0.grapheneos.org Daniel Micay 2025-11-08 23:19:37 -05:00
  • b80f10f396 syslog-ng: add receive timestamps to nginx logs Daniel Micay 2025-11-08 14:43:41 -05:00
  • a45b8ada72 syslog-ng: split nginx configuration into conf.d Daniel Micay 2025-11-08 13:44:23 -05:00
  • 7a5535973b syslog-ng: raise frac-digits to 3 Daniel Micay 2025-11-08 02:41:26 -05:00
  • a511902b90 add syslog-ng include directory Daniel Micay 2025-11-08 01:41:31 -05:00
  • ce4fe06d6a add script for checking reverse DNS Daniel Micay 2025-11-07 23:51:33 -05:00
  • f36aa981cd update lax.releases.grapheneos.org IPv6 address Daniel Micay 2025-11-07 23:51:17 -05:00
  • 6e728a885c use journald reload support added in systemd 258 Daniel Micay 2025-11-07 23:23:09 -05:00
  • 51d23a1736 count: handle nginx logs being done with syslog-ng Daniel Micay 2025-11-07 21:55:42 -05:00
  • 5fe719250b certbot: merge 0.grapheneos.network into 0.grapheneos.org Daniel Micay 2025-11-06 22:44:58 -05:00
  • ebd44c9253 grapheneos.org: switch to location-based server names Daniel Micay 2025-11-06 22:16:52 -05:00
  • 3a720695c6 add missing reserved ports entries for unbound Daniel Micay 2025-11-06 22:06:47 -05:00
  • 5f5c590bbc add deploy-hostname script Daniel Micay 2025-11-06 19:54:19 -05:00
  • 37809b12ad new naming convention for staging server hostnames Daniel Micay 2025-11-06 19:49:58 -05:00
  • e3bcb9e87f ns2.grapheneos.org: switch to location-based server names Daniel Micay 2025-11-06 19:27:39 -05:00
  • 93e1d3866b releases.grapheneos.org: switch to location-based server names Daniel Micay 2025-11-06 18:26:51 -05:00
  • c354823e2e grapheneos.social: switch to Node.js 24 LTS Daniel Micay 2025-11-06 10:11:58 -05:00
  • 89686dc1a0 nftables: style fix Daniel Micay 2025-11-06 02:07:49 -05:00
  • f24f557736 deploy-bootloader: deploy systemd-boot-update.service.d Daniel Micay 2025-11-06 01:24:48 -05:00
  • 6c8ddbe012 drop unnecessary inclusion of / in fstab Daniel Micay 2025-11-06 01:07:02 -05:00
  • 1427e0c7c4 add mkinitcpio.conf for servers with mdraid Daniel Micay 2025-11-06 00:32:10 -05:00
  • 50729cadb9 split metal and mdraid server types Daniel Micay 2025-11-06 01:20:55 -05:00
  • 76b88bbffa update mkinitcpio.conf Daniel Micay 2025-11-06 00:16:15 -05:00
  • c9b84fdb79 logrotate: use better size+time rotation approach Daniel Micay 2025-11-05 23:46:15 -05:00