a8a4b8e739
kiwix: serve the full english Wikipedia
2022-12-16 05:58:51 +00:00
2550601179
serve w.uninsane.org through kiwix-serve
2022-12-16 02:25:57 +00:00
8fe304d6c1
trust-dns: split the service into a generic config interface
2022-12-15 11:17:50 +00:00
700fef7df3
servo: mediawiki: remove dead commented-out code
2022-12-15 11:17:50 +00:00
01db7e1f23
servo: install mediawiki
2022-12-15 11:17:50 +00:00
58ad87df8e
vpns: add us-mi[ami]
2022-12-13 04:26:00 +00:00
5fc894cda9
vpn: fix us-atlanta -> us-atl to match interface length limit
2022-12-13 04:13:01 +00:00
005a79e680
vpn: factor out more helpers
2022-12-13 03:55:18 +00:00
0f5279bbca
add us-atlanta VPN
2022-12-13 03:26:23 +00:00
e9b3b7ebab
simplify ovpn impl
2022-12-13 03:17:27 +00:00
46788fe565
servo: make uninsane.org NS records consistent with upstream
2022-12-13 01:00:16 +00:00
115f8d7054
servo: vpn services are part of 'wireguard-wg0'
...
this makes it so if we restart the wireguard connection, the services
themeselves _also_ restart. that should avoid leaving any of them in an
orphaned namespace
2022-12-12 11:53:34 +00:00
ac44b04d99
servo: trust-dns: note about maybe using dig
instead of diff'ing the config
2022-12-12 11:35:47 +00:00
afff0aff19
servo: trust-dns: fix up the timers/ddns reliability
2022-12-12 11:33:20 +00:00
f0086dc5bd
servo: trust-dns: implement some dynamic DNS shim
2022-12-12 10:30:08 +00:00
acabd34f28
servo: net: forward http requests from vpn -> host w/o NATing the source address
...
this ensures we have access to the source IP in our host-side logs
2022-12-12 05:21:29 +00:00
d0e6b82739
make it so wireguard-wg0 is restartable
2022-12-11 17:07:53 +00:00
38c5b82a08
servo: fold wg0 setup into one single service
...
it doesn't restart cleanly (maybe i can't kill a netns while stuff lives
inside it?). problem for another day.
2022-12-11 16:46:55 +00:00
89def1a073
servo: remove dead net code
2022-12-11 16:15:43 +00:00
ad2ed370d9
servo: split the firewall rules across services
2022-12-11 16:12:23 +00:00
3e8f7a9ba2
servo: use ISP-provided DNS resolvers by default
...
this is really hacky and i hate it, but there's not a lot of good
options.
2022-12-11 16:03:41 +00:00
c5ac792c13
servo: connect wg0 via IP addr instead of hostname
...
i think this fixes the connectivity issues i've seen.
2022-12-11 12:48:50 +00:00
bd1624bef9
servo: un-firewall tcp port 53 to fix trust-dns over TCP
2022-12-11 12:48:11 +00:00
3ae53d7f32
services: add RestartSec
to anything which auto-restarts
...
this is to prevent rapid restart failures from killing the service
permanently.
2022-12-10 13:28:46 +00:00
e7f2d41b1f
servo: forward DNS to root ns without NAT'ing the source address
2022-12-10 13:28:19 +00:00
3394a79e2b
trust-dns: restart on failure
...
if the network isn't up, won't be able to bind to eth, and fails.
2022-12-10 13:02:17 +00:00
b01501663d
trust-dns: listen on each address explicitly
2022-12-10 12:29:10 +00:00
cbd5ccd1c8
desko: disable wifi
2022-12-10 12:27:02 +00:00
3a7eb294c7
servo: fix jackett DNS entry
2022-12-10 09:47:28 +00:00
2014d5ce77
servo: bridge port 80/53 from ovpns to native using iptables instead of socat
...
i should probably narrow the rules to match specifically things destined
for the ovpns address, but for now this should work.
2022-12-09 14:16:48 +00:00
a979521a98
servo: enable ddns against freedns.afraid.org
2022-12-08 14:30:17 +00:00
77881be955
trust-dns: document SOA parameters
2022-12-08 14:23:35 +00:00
0450b4d9a6
trust-dns: fix SOA
2022-12-08 00:46:32 +00:00
edea64a41c
trust-dns: move nameserver to subdomain ns1,ns2
2022-12-08 00:39:22 +00:00
90e479592f
trust-dns: enable port 53 forward
2022-12-08 00:06:20 +00:00
52bbe4e9f4
trust-dns: don't restart on failure
...
for in case anything goes wrong
2022-12-07 12:17:03 +00:00
ab176b8d4b
servo: enable trust-dns (experimental)
2022-12-07 12:15:35 +00:00
b4314bd919
mess with XMPP stuff. ejabberd: enable mam, some other acl's that probably aren't used
...
prosody is still broken
2022-12-07 01:31:17 +00:00
c3957d81c2
ejabberd: enable MUC
2022-12-07 00:08:08 +00:00
c2db9fe28e
periodically archive my torrents so i don't lose them again
2022-12-06 07:17:19 +00:00
7f285a8254
ejabberd: enable some more modules which don't conflict
2022-12-06 07:05:59 +00:00
b0664d81ab
ejabberd: enable mod_pubsub, mod_avatar
...
i'm able to do this without breaking federation now,
but it doesn't seem to fullly work.
2022-12-05 02:37:35 +00:00
8ba52bb9cd
ejabberd: enable mod_{carboncopy,last,offline,private,stream_mgmt}
2022-12-05 02:16:28 +00:00
20f0a19e25
ejabberd: fix federation: disable mod_pubsub and mod_avatar
...
now i can send messages FROM uninsane.org again
2022-12-05 00:47:48 +00:00
9dc17a3874
ejabberd: enable avatar support
...
haven't tested that it federates properly -- only that Dino is able to
set it.
2022-12-04 12:38:47 +00:00
2992644901
bluetooth: persist bluetooth earbuds connection
2022-12-04 11:33:03 +00:00
d5d89a10b9
bluetooth: add key for connecting to my car
2022-12-04 10:56:50 +00:00
7c36a0d522
bluetooth: share connections across machines
2022-12-03 11:05:09 +00:00
63c92a44ed
servo: ejabberd: enable file uploads
2022-12-03 08:57:10 +00:00
992efc1093
moby: persist pulseaudio volume status
2022-12-03 07:30:09 +00:00