diff --git a/common/etc/ssh/sshd_config b/common/etc/ssh/sshd_config index ef5b326..578dca2 100644 --- a/common/etc/ssh/sshd_config +++ b/common/etc/ssh/sshd_config @@ -9,5 +9,4 @@ PubkeyAcceptedKeyTypes sk-ssh-ed25519@openssh.com,ssh-ed25519 Ciphers chacha20-poly1305@openssh.com AllowUsers root Subsystem sftp internal-sftp -ClientAliveInterval 60 Include /usr/etc/ssh/sshd_config.d/40-ssh-key-dir.conf diff --git a/container-config/nginx-home/push b/container-config/nginx-home/push new file mode 100644 index 0000000..e06259d --- /dev/null +++ b/container-config/nginx-home/push @@ -0,0 +1,14 @@ +server { + server_name push.strypsteen.com; + listen 443 ssl; + listen [::]:443 ssl; + include snippets/headers.conf; + location / { + set $upstream home.server.home.arpa; + proxy_pass http://$upstream:8003; + include snippets/proxy.conf; + proxy_http_version 1.1; + proxy_set_header Connection upgrade; + proxy_set_header Upgrade $http_upgrade; + } +} diff --git a/containers/code-server/Containerfile b/containers/code-server/Containerfile index 26967a5..bb7a77b 100644 --- a/containers/code-server/Containerfile +++ b/containers/code-server/Containerfile @@ -1,6 +1,6 @@ FROM quay.io/fedora/fedora-toolbox:41 RUN dnf up -y -RUN dnf install -y bash-color-prompt clang gcc hyperfine java-devel libvirt llvm mtools nodejs-npm openssl-devel parted poetry postgresql-server python3-ipykernel python3-pip qemu-system-x86-core rustup systemd-container vim-enhanced +RUN dnf install -y bash-color-prompt clang clang-tools-extra gcc hyperfine java-devel libvirt llvm mtools nodejs-npm openssl-devel parted poetry postgresql-server python3-ipykernel python3-pip qemu-system-x86-core rustup systemd-container vim-enhanced RUN dnf install -y https://github.com/coder/code-server/releases/download/v4.93.1/code-server-4.93.1-amd64.rpm RUN mkdir /etc/systemd/system/user@.service.d RUN mkdir /var/lib/systemd/linger diff --git a/home/etc/containers/systemd/ntfy.container b/home/etc/containers/systemd/ntfy.container new file mode 100644 index 0000000..edfd6e1 --- /dev/null +++ b/home/etc/containers/systemd/ntfy.container @@ -0,0 +1,15 @@ +[Container] +Image=docker.io/binwiederhier/ntfy +Network=nginx.network +Exec=serve +Volume=ntfy.volume:/var/lib/ntfy:U,Z +Environment=NTFY_AUTH_DEFAULT_ACCESS=write-only +Environment=NTFY_AUTH_FILE=/var/lib/ntfy/auth.db +Environment=NTFY_BASE_URL=https://push.strypsteen.com +Environment=NTFY_BEHIND_PROXY=true +Environment=NTFY_CACHE_FILE=/var/lib/ntfy/cache.db +Environment=NTFY_ENABLE_LOGIN=true +PublishPort=10.0.1.2:8003:80 +AutoUpdate=registry +[Install] +WantedBy=multi-user.target diff --git a/home/etc/containers/systemd/ntfy.volume b/home/etc/containers/systemd/ntfy.volume new file mode 100644 index 0000000..e69de29 diff --git a/infra/etc/containers/systemd/loki.container b/infra/etc/containers/systemd/loki.container index c388273..79c85ae 100644 --- a/infra/etc/containers/systemd/loki.container +++ b/infra/etc/containers/systemd/loki.container @@ -1,7 +1,7 @@ [Container] Image=docker.io/grafana/loki Network=nginx.network -Exec=-config.file=/etc/loki/local-config.yaml -log.level=warn -reporting.enabled=false +Exec=-config.file=/etc/loki/local-config.yaml -log.level=warn -reporting.enabled=false -querier.split-queries-by-interval=24h Volume=loki.volume:/loki:U,Z AutoUpdate=registry [Install] diff --git a/k8s/talos.yaml b/k8s/talos.yaml index 5c45ab7..892d927 100644 --- a/k8s/talos.yaml +++ b/k8s/talos.yaml @@ -1,6 +1,6 @@ machine: install: - image: factory.talos.dev/installer-secureboot/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.7.6 + image: factory.talos.dev/installer-secureboot/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.8.0 systemDiskEncryption: state: provider: luks2