Commit graph

539 commits

Author SHA1 Message Date
Simon Bruder 8a1724fe43
shinobu/router: Clean up nftables rules 2023-09-21 12:59:12 +02:00
Simon Bruder 9c42cb0903
shinobu/router: Fix VPN bypass
This now actually works and I have a better understanding of nftables.
Some of my learnings are documented as comments in the rules.
2023-09-21 12:56:36 +02:00
Simon Bruder caac620ea6
shinobu/router: Add tracing infrastructure 2023-09-21 12:44:27 +02:00
Simon Bruder 1c24743911
shinobu/router: Fix naming of subnets in rules
This has no practical effect, but did cause confusion.
2023-09-21 11:31:00 +02:00
Simon Bruder b10b83c207
shinobu/router: Use dns over https
For some reason, this makes DNS more reliable.
2023-09-20 22:11:24 +02:00
Simon Bruder f1c70dce99
Revert "shinobu/router: Switch provider for wg-upstream"
This reverts commit 0bcc5d6141.

This leaves MSS clamping in place.
2023-09-19 12:23:38 +02:00
Simon Bruder c3365ba881
vueko/mail: Add alias 2023-09-12 15:00:51 +02:00
Simon Bruder aa85febe12
shinobu/router: Fix IPv6 networking
Previously, I did not have IPv6 upstream, so even a wrong configuration
worked. Now it uses a different routing table for IPv4 and IPv6, so it
also works on dual-stack upstreams.

However, how it worked without IPv6 forwarding enabled, is still a
mystery to me.
2023-09-12 15:00:51 +02:00
Simon Bruder bc08d06985
renge: Disable netbox
I don’t depend on it (yet) and lately, renge often runs out of memory
during backups.
2023-09-12 15:00:51 +02:00
Simon Bruder e7d740f03c
shinobu/router: Restrict wan 2023-09-12 15:00:51 +02:00
Simon Bruder 94fcee359a
shinobu/router: Reduce semicolon usage
Only use it where it is necessary
2023-09-12 15:00:51 +02:00
Simon Bruder 2dab79f0bc
shinobu/router: Use correct v6 address for vueko
It is not used (yet), therefore it went unnoticed.
2023-09-12 15:00:51 +02:00
Simon Bruder f88669f202
shinobu: Move physically 2023-09-12 15:00:51 +02:00
Simon Bruder 0bcc5d6141
shinobu/router: Switch provider for wg-upstream
The old provider was doing weird stuff with DNS that I wasn’t able to
debug well.

However, apparently, the old provider did MSS clamping on their side.
Therefore, it is now required that I do this on my side.
2023-09-12 15:00:51 +02:00
Simon Bruder 926d537986
vueko/mail: Add alias 2023-09-12 15:00:50 +02:00
Simon Bruder 986ad238f8
vueko/mail: Add alias 2023-09-12 15:00:50 +02:00
Simon Bruder 35a65b859a
vueko/mail: Add alias 2023-09-12 15:00:50 +02:00
Simon Bruder e217be3fc5
vueko/mail: Add alias 2023-09-12 15:00:50 +02:00
Simon Bruder 8dd64f4209
hitagi: Document front panel swap 2023-08-26 18:11:10 +02:00
Simon Bruder d26d1127bc
hitagi: Update installed RAM in readme 2023-08-26 18:10:28 +02:00
Simon Bruder b44662e3cc
vueko/mail: Add alias 2023-08-24 18:20:36 +02:00
Simon Bruder 26e6d05db3
vueko/mail: Add alias 2023-08-24 12:04:36 +02:00
Simon Bruder 98dc82f57b
vueko/mail: Add alias 2023-08-23 17:52:43 +02:00
Simon Bruder adafda75bd
vueko/mail: Add alias 2023-08-23 14:07:33 +02:00
Simon Bruder 2421b6dd4c
vueko/mail: Add alias 2023-08-22 22:22:28 +02:00
Simon Bruder 2f71839f58
vueko/mail: Add alias 2023-08-20 14:04:57 +02:00
Simon Bruder 0d92c932ed
fuuko/photoprism: Make reachable from outside
This is not that good, because if I am at home, I want to have a fast
connection without routing everything through the Internet first. I
currently work around this by using an ssh tunnel for this.
2023-08-19 17:30:52 +02:00
Simon Bruder 6b8931d538
hitagi: Use graphics packages from stable
Otherwise there is an impure version conflict.
2023-08-19 10:49:38 +02:00
Simon Bruder 49149fa1d4
fuuko/photoprism: Init 2023-08-18 22:17:02 +02:00
Simon Bruder 385cf15e02
renge/invidious: Use new hmac_key setting 2023-08-18 12:02:50 +02:00
Simon Bruder abcab70626
vueko/mail: Add domain and user 2023-08-17 13:51:45 +02:00
Simon Bruder 795b80e734
vueko/mail: Add alias 2023-08-14 09:51:19 +02:00
Simon Bruder 7f2ed58e19
fuuko: Do DHCP on both interfaces 2023-08-12 15:32:12 +02:00
Simon Bruder 0bdf13b3bd
renge/netbox: Add plugins 2023-08-12 13:59:03 +02:00
Simon Bruder 6f67715a65
renge/netbox: Init 2023-08-12 11:53:11 +02:00
Simon Bruder 72623c05d2
vueko/mail: Add alias 2023-08-12 10:12:28 +02:00
Simon Bruder 0f6a9a1bee
{renge,vueko}: Use correct IPv6 address 2023-08-12 01:00:37 +02:00
Simon Bruder 1ea28cf4b6
vueko/mail: Add alias 2023-08-10 14:50:10 +02:00
Simon Bruder bb0b66d9c1
fuuko: Add r8169 to initrd modules
This allows unlocking with the onboard NIC.
2023-08-08 15:32:00 +02:00
Simon Bruder f71cbedf14
shinobu/router: Exclude vueko from VPN 2023-08-08 14:20:21 +02:00
Simon Bruder 826929571b
shinobu/router: Switch to nftables 2023-08-08 14:19:48 +02:00
Simon Bruder ba1f9262fb
shinobu/router: Make wg-mullvad vendor neutral 2023-08-08 11:44:45 +02:00
Simon Bruder 751e9d51b9
shinobu: Change wg-mullvad peer 2023-08-08 11:42:52 +02:00
Simon Bruder 04b95467f8
vueko/mail: Add alias 2023-08-04 11:32:36 +02:00
Simon Bruder 25ff150b3d
prometheus: Add disk full alert 2023-08-02 23:22:19 +02:00
Simon Bruder ee745afd3d
vueko/mail: Add alias 2023-08-02 14:24:55 +02:00
Simon Bruder 23b81817ba
vueko/mail: Add alias 2023-07-28 22:48:39 +02:00
Simon Bruder 0bf2851100
vueko/mail: Add alias 2023-07-14 08:53:06 +02:00
Simon Bruder 527f6ac056
vueko/mail: Add alias 2023-07-04 20:29:56 +02:00
Simon Bruder 0a33de244f
fuuko/qbittorrent: Switch endpoint 2023-07-03 11:46:28 +02:00