Commit graph

571 commits

Author SHA1 Message Date
126db6e3cb dns: now have a proper primary and secondary 2023-05-21 19:38:13 +01:00
1e9b63e13d dns: added more otehr domains, will tidy up config better later 2023-05-21 19:06:30 +01:00
be0868b860 dns: added a reverse dns option 2023-05-21 19:05:47 +01:00
d3e1e3e67f dns: added csn.ul.ie 2023-05-21 16:18:53 +01:00
9618d87c67 dns: parametrised the config 2023-05-21 16:18:39 +01:00
c42b13b990 fix: ports are numbers not strings 2023-05-21 12:23:57 +01:00
81b41087fe feat: added ldaps 2023-05-21 12:17:06 +01:00
ad2c9dad6b fix: better handling of domain 2023-05-21 12:08:26 +01:00
6e58eac8c1 fix: properly use the port 2023-05-21 12:05:19 +01:00
b15b07ae36 fix: move base into teh config 2023-05-21 12:02:52 +01:00
48a23519e9 fix: got permissions "working" for teh password reset, not ideal though 2023-05-21 03:09:24 +01:00
60e33e2abb ldap: give users a home dir 2023-05-21 01:39:01 +01:00
e73e15f524 ldap: client is properly working now 2023-05-21 01:38:19 +01:00
67a0d1b8bf fix: had to give the file the right permissions
Also need to restart openlpad.service on password change
2023-05-21 00:19:20 +01:00
ee28f2047a fix: nano was adding a new line on close 2023-05-21 00:18:29 +01:00
32577ecebc fix: typo in name 2023-05-20 22:20:06 +01:00
47c615d7a5 fix: moved the group permissions into teh base config 2023-05-20 22:17:21 +01:00
4e664ce1bc feat: ldap now has secrets properly stored 2023-05-20 21:33:04 +01:00
b61a645824 secrets ldap: set up teh secrets for teh ldap 2023-05-20 21:28:15 +01:00
144f3bce54 ldap: got a tool to manage the password resets and ssh key 2023-05-20 19:33:08 +01:00
f8312b76ef ldap: working config to limit groups 2023-05-20 17:26:14 +01:00
c17a28d7a9 ldap: now got skMemberOf to replace memberof (memberof does not work on unixgroups) 2023-05-20 15:26:03 +01:00
0c57b35778 ldap: is working as intended, working on scripting to add and manage users 2023-05-20 03:08:30 +01:00
f6183c1b10 podman: was working, now it isnt AGHHHHHHHHH 2023-05-19 19:15:22 +01:00
bc8b294469 doc: added the commands to make them easier to follow 2023-05-19 18:28:35 +01:00
f8bb79adbd fix: typos 2023-05-19 18:21:33 +01:00
614d905dfd docker: now using podman
had to reboot to make ti come into effect
2023-05-19 18:18:41 +01:00
7e380d6932 ldap: a mostly working ldaish setup 2023-05-18 21:59:23 +01:00
baa226cacf ldap: cant have uppercase letters in username 2023-05-16 23:58:34 +01:00
a930a980dc secret: added kitt and rekeyed 2023-05-16 23:18:40 +01:00
1a08dd66f9 retired: if ash is dead then no need for this either 2023-05-16 23:18:05 +01:00
53696c927e ldap: first attempt at ldap 2023-05-16 22:23:04 +01:00
fbbefc1e2a retired: Ash never got a chance to be online 2023-05-16 22:08:24 +01:00
1738ed16a5 fmt: small tidyup 2023-05-16 18:34:53 +01:00
4ef6c14a32 feat: basic gitlab setup 2023-05-16 16:40:49 +01:00
960a5c8772 nodes: not using ash 2023-05-10 11:41:30 +01:00
a5d6ca55ed firewall: I think this is the correct network config for the firewall 2023-05-10 11:40:28 +01:00
5579de7e7c dns: fixed issue that could cause a DOS attach (via DNS amplification)
ITD's router was setting teh IP of all external traffic as 193.1.99.65, which was part of the 193.1.99.64/26 subnet.
The fix is to explisitly list all our IP's
2023-05-05 14:40:27 +01:00
d750b046d1 dns: go back to basically an earlier config 2023-04-29 02:35:58 +01:00
ec8b458d75 dns: use a hash to make a unique config file 2023-04-29 01:54:17 +01:00
e8254a0d65 minecraft: got the classic server and maps up and running 2023-04-27 01:47:17 +01:00
f39934a437 secrets: reorganised it so it makes more sense who has access to what secrets 2023-04-27 01:46:51 +01:00
81afc614a3 minecraft: fix up the paths 2023-04-27 00:49:55 +01:00
b85410e895 minecraft: use a better proxy 2023-04-26 02:18:21 +01:00
de87d97fbc fmt: reduced nesting to make it easier to read/understand 2023-04-26 02:01:29 +01:00
3eac87bbd8 games: split it up into 3 different services for easier management 2023-04-26 01:52:47 +01:00
733b867f47 games: split minecraft out into its own folder for manageability 2023-04-26 00:24:54 +01:00
2603cf9584 games: turns out I wasnt treating it properly like a docker-compose file 2023-04-26 00:09:31 +01:00
4052aeac6b dns: setup dnssec (need to backup the required folders later)
Also it cleared out the spam of errors
2023-04-25 15:11:02 +01:00
c0f160faa3 dns: use epoch for the serial instead of YYYYMMDDSS.
Lacking hours/min could mean that the YYYYMMDD could remain the same but the SS would decrece, which is not what we want
2023-04-25 14:31:19 +01:00