Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions docs/admin/authentication.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
| n8n | Forward Auth | nginx에서 인증 후 이메일 헤더 전달 (Headscale ACL + Forward Auth 이중 보호) |
| Grafana | Forward Auth | Tailnet에서만 접근 가능한 관리자 대시보드 |
| Gatus | 없음 | Tailnet에서만 접근 가능한 공개 상태 페이지 (Authentik dashboard tile만 표시) |
| MULTI-evolve | Forward Auth | 연구자/관리자용 Streamlit UI |
| Nixbot | GitHub OAuth | CI/CD 대시보드 접근 |

### RAGFlow UI-only residue cleanup
Expand Down
1 change: 1 addition & 0 deletions docs/admin/terraform.md
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ terragrunt plan
| `n8n.sjanglab.org` | `sjanglab-admins`, `sjanglab-researchers` |
| `status.sjanglab.org` | 인증 없음 (Authentik dashboard tile만 관리) |
| `logging.sjanglab.org` | `sjanglab-admins` |
| `multievolve.sjanglab.org` | `sjanglab-admins`, `sjanglab-researchers` |

### Headscale

Expand Down
180 changes: 174 additions & 6 deletions flake.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions flake.nix
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,8 @@
};

# Applications.
multievolve-nix.url = "github:mulatta/multievolve-nix/nixos-module-service";

niks3 = {
url = "github:Mic92/niks3";
inputs.nixpkgs.follows = "nixpkgs";
Expand Down
13 changes: 13 additions & 0 deletions hosts/eta.nix
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,12 @@ in
remoteUser = "acme-sync-logging";
remoteHost = hosts.rho.wg-admin;
}
{
domain = "multievolve.sjanglab.org";
serviceName = "acme-sync-multievolve-to-psi";
remoteUser = "acme-sync-multievolve";
remoteHost = hosts.psi.wg-admin;
}
{
domain = "vault.sjanglab.org";
serviceName = "acme-sync-vaultwarden-to-tau";
Expand All @@ -66,6 +72,13 @@ in
group = "acme";
};

security.acme.certs."multievolve.sjanglab.org" = {
dnsProvider = "cloudflare";
environmentFile = config.sops.secrets.cloudflare-credentials.path;
webroot = null;
group = "acme";
};

security.acme.certs."vault.sjanglab.org" = {
dnsProvider = "cloudflare";
environmentFile = config.sops.secrets.cloudflare-credentials.path;
Expand Down
1 change: 1 addition & 0 deletions hosts/psi.nix
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
../modules/borgbackup/psi/client.nix
../modules/monitoring/vector
../modules/harmonia
../modules/multievolve
# ../modules/vllm
../modules/db-sync/databases.nix
../modules/docling
Expand Down
1 change: 1 addition & 0 deletions modules/gatus/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ in
(mkExtEndpoint "Nixbot" "ci")
(mkExtEndpoint "Nixbot PostgreSQL" "ci")
(mkExtEndpoint "Docling" "ai")
(mkExtEndpoint "MULTI-evolve" "ai")
# tau
(mkExtEndpoint "Nextcloud" "apps")
(mkExtEndpoint "n8n" "apps")
Expand Down
5 changes: 5 additions & 0 deletions modules/headscale/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,11 @@
type = "A";
value = "100.64.0.2"; # rho headscale IP
}
{
name = "multievolve.sjanglab.org";
type = "A";
value = "100.64.0.1"; # psi headscale IP
}
{
name = "vault.sjanglab.org";
type = "A";
Expand Down
Loading
Loading