summary refs log tree commit diff stats
Commit message (Collapse)AuthorAge
...
* feat(flake): Add `git-bug`Benedikt Peetz2024-06-28
|
* fix(peertube/secrets): Improve smtp secretBenedikt Peetz2024-06-27
|
* feat(peertube): InitBenedikt Peetz2024-06-27
|
* fix(nix-sync): Change last occurrences of `repo.path` to `repoPath`Benedikt Peetz2024-06-15
| | | | | | | Using `repo.path` (with the slash on the end) results in operations on the directory, which is the symlink target. Using `repoPath` (without the slash) instead results in the intended operations on the symlink itself.
* fix(secrets.nix): Remove non-existent `settings.age` secret fileBenedikt Peetz2024-06-13
| | | | | | This file was renamed to the `hmac.age` file in 320cc252c1e59de8fed8993b3a527839bc0963a6, but was actually never removed from the `secrets.nix` list.
* refactor(modules/etesync): Move to a complete moduleBenedikt Peetz2024-06-13
|
* refactor(modules): Ensure strict coherence to patternsBenedikt Peetz2024-06-13
|
* fix(impermanence): Re-active etesync moduleBenedikt Peetz2024-06-13
|
* fix(git-server): enable http-clone through cgitSilas Schöffel2024-06-11
|
* fix(libreddit): Remove manual module overrideBenedikt Peetz2024-06-11
| | | | The fixes have been up streamed into `nixpkgs` by now.
* refactor(flake): Use camelCase for `pkgsUnstable`Benedikt Peetz2024-06-11
|
* fix(etesync-server): Re-activateBenedikt Peetz2024-06-11
|
* flake.lock: UpdateBenedikt Peetz2024-06-11
| | | | | | | | | | | | | | | | | | | | | | | Flake lock file updates: • Updated input 'crane': 'github:ipetkov/crane/55e7754ec31dac78980c8be45f8a28e80e370946?narHash=sha256-1hZ/txnbd/RmiBPNUs7i8UQw2N89uAK3UzrGAWdnFfU%3D' (2024-06-04) → 'github:ipetkov/crane/17d9e9dedd58dde2c562a4296934c6d6a0844534?narHash=sha256-hGLeRxSEeFz9WvmQ4s4AuMJ5InLSZvoczDdXkWSFi1A%3D' (2024-06-09) • Updated input 'disko': 'github:nix-community/disko/398acc470f7c2d68621db01900f053e6000129c4?narHash=sha256-eq9gP060TqWqRf2k4WO5FrG49rVq5Jy3Ptusg0CFdds%3D' (2024-06-07) → 'github:nix-community/disko/c1cfbfad7cb45f0c177b35b59ba67d1b5fc7ca82?narHash=sha256-nlh/2uD5p2SAdkn6Zuey20yaR5FFWvhL3poapDGNE4Y%3D' (2024-06-10) • Updated input 'impermanence': 'github:nix-community/impermanence/a33ef102a02ce77d3e39c25197664b7a636f9c30?narHash=sha256-VUXLaPusCBvwM3zhGbRIJVeYluh2uWuqtj4WirQ1L9Y%3D' (2024-02-26) → 'github:nix-community/impermanence/27979f1c3a0d3b9617a3563e2839114ba7d48d3f?narHash=sha256-7C5lCpiWiyPoIACOcu2mukn/1JRtz6HC/1aEMhUdcw0%3D' (2024-06-09) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/8e0a5f16b7bf7f212be068dd302c49888c6ad68f?narHash=sha256-BKjQ9tQdsuoROrojHZb7KTAv95WprqCkNFvuzatfEo0%3D' (2024-06-07) → 'github:NixOS/nixpkgs/f589903f0c98110b2ad5fdd764950a99ec26715e?narHash=sha256-RmiZ7RBRO7D5pZKy4yhdtPkfezWUXjUTUD0JBxq1%2B14%3D' (2024-06-09) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/9bbc9cf36dcfdb4300824fd134ad506794205c0c?narHash=sha256-CdbkVYeP%2Br1yqxujYhNVXTyoQTupOY92Awe2dcupkvw%3D' (2024-06-08) → 'github:NixOS/nixpkgs/f12b3b98676c3a9c9373576965743fa30b972b31?narHash=sha256-Eg2U1nwo5JBmsZ/2RAqXv/4E9clucexY/76P8kMC9Gs%3D' (2024-06-10) • Updated input 'rust-overlay': 'github:oxalica/rust-overlay/6dc3e45fe4aee36efeed24d64fc68b1f989d5465?narHash=sha256-wqbRwq3i7g5EHIui0bIi84mdqZ/It1AXBSLJ5tafD28%3D' (2024-06-08) → 'github:oxalica/rust-overlay/abfe5b3126b1b7e9e4daafc1c6478d17f0b584e7?narHash=sha256-24h/qKp0aeI%2BEw13WdRF521kY24PYa5HOvw0mlrABjk%3D' (2024-06-10)
* fix(gitolite): change user to gitSilas Schöffel2024-06-07
|
* fix(fail2ban): increase max retry number to 7Silas Schöffel2024-06-05
|
* fix(git-server): enable SSL for cgitSilas Schöffel2024-06-05
|
* feat(treewide): add git-server moduleSilas Schöffel2024-06-05
|
* fix(nix-sync): Don't try to exit in a subshellBenedikt Peetz2024-06-05
| | | | | | | | The `(cmd1 && cmd2)` pattern works, but fails with commands like `exit` as the parentheses start a new subshell, which the `exit` command will then close instead of exiting the main shell. The curly brackets have the intended effect here, as they simply group the commands together.
* fix(nix-sync): Ensure that the `target` for `ln` never ends with a `/`Benedikt Peetz2024-06-05
| | | | Otherwise, `ln` tries to create the symlink _in_ the target directory.
* fix(nix-sync): Add code-path to create a repo's path, if absentBenedikt Peetz2024-06-05
|
* fix(nix-sync): Ensure that the service can write to all needed pathsBenedikt Peetz2024-06-01
| | | | | | | Previously, the generated service _could_ write to the directory, but wanted to create the directory, if it was absent. Creating this directory, requires to be able to write in the parent directory. This is fixed, by ensuring that the parent directories are included.
* fix(treewide): stop using none-existent etebase user and groupSilas Schöffel2024-06-01
|
* fix(nix-sync): Explicitly set the `network-online.target` dependencyBenedikt Peetz2024-06-01
|
* fix(disko): explicitely state type of main diskSilas Schöffel2024-06-01
|
* feat(etebase)!: disable etebase-serverSilas Schöffel2024-06-01
| | | | | | Sadly, it's author didn't manage to update to a newer version of django before the used version (3.2) reached EOL and was affected by CVE-2024-27351. It's unreasonable to continue using it.
* fix(system/services/invidious): set db.user to invidiousSilas Schöffel2024-06-01
| | | | | This also changes the dbname to "invidious" which isn't mentioned in the commit message as it's the default in nixpkgs.
* fix(treewide): use invidious-router module provided by nixpkgsSilas Schöffel2024-06-01
|
* chore(flake): override simple-nixos-mailserver.inputs.utilsSilas Schöffel2024-06-01
|
* build(flake): updateSilas Schöffel2024-06-01
| | | | | | | | | | | | | | | | | | | | | | | | | Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/8d37c5bdeade12b6479c85acd133063ab53187a0' (2024-05-09) → 'github:ryantm/agenix/c2fc0762bbe8feb06a2e59a364fa81b3a57671c9' (2024-05-24) • Updated input 'crane': 'github:ipetkov/crane/27025ab71bdca30e7ed0a16c88fd74c5970fc7f5' (2024-05-09) → 'github:ipetkov/crane/480dff0be03dac0e51a8dfc26e882b0d123a450e' (2024-05-29) • Updated input 'disko': 'github:nix-community/disko/f236f6df36e7e8077ff33304a1bf5dbc5c6b7122' (2024-05-14) → 'github:nix-community/disko/0274af4c92531ebfba4a5bd493251a143bc51f3c' (2024-05-31) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/21b7c1e62f1856bb793d41198ef4760058c6ebd5' (2024-05-14) → 'github:NixOS/nixpkgs/21959d8d44197094aebc74ead6ca4a53bcce0adb' (2024-06-01) • Updated input 'rust-overlay': 'github:oxalica/rust-overlay/1d8fcbbfcfd3476c2665384a46ee9d07ef2b4dd9' (2024-05-14) → 'github:oxalica/rust-overlay/ab69b67fac9a96709fbef0b899db308ca714a120' (2024-06-01) • Updated input 'simple-nixos-mailserver/utils': 'github:numtide/flake-utils/5021eac20303a61fafe17224c087f5519baed54d' (2020-11-14) → 'github:numtide/flake-utils/d465f4819400de7c8d874d50b982301f28a84605' (2024-02-28) • Added input 'simple-nixos-mailserver/utils/systems': 'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09)
* build(flake): update simple-nixos-mailserver to masterSilas Schöffel2024-06-01
|
* feat(system/services/nginx)!: Change meaning of `root` keyBenedikt Peetz2024-06-01
| | | | | | | | | | | | The `root` key was rather useless (it was always just the `/etc/.../<domain>` path.). This change gives it a real meaning. See the 'BREAKING CHANGE' section for more information. BREAKING CHANGE: Previously the `root` key denoted the _absolute_ root of a repository. Now it just denotes the root relative (i.e. a path within the built repository) to the repos cloning position. You should just remove the absolute part of the path (that, which is not an output in your built repository)
* feat(flake): update nixpkgs to 24.05Silas Schöffel2024-06-01
|
* feat(system/services/nginx): add wkd for sils.liSilas Schöffel2024-05-26
|
* feat(system/services/nginx): add wkd for s-schoeffel.deSilas Schöffel2024-05-26
|
* fix(system/services/nginx/hosts): Update trinitrix source git pathBenedikt Peetz2024-05-26
|
* feat(system/services/nginx): Add the trinitrix websiteBenedikt Peetz2024-05-25
|
* feat(system/services/nginx): Add the GPG WKDBenedikt Peetz2024-05-25
|
* build(flake): updateSilas Schöffel2024-05-14
| | | | | | | | | | | | | | | | | | | | | | | Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/1381a759b205dff7a6818733118d02253340fd5e' (2024-04-02) → 'github:ryantm/agenix/8d37c5bdeade12b6479c85acd133063ab53187a0' (2024-05-09) • Updated input 'crane': 'github:ipetkov/crane/a5eca68a2cf11adb32787fc141cddd29ac8eb79c' (2024-04-24) → 'github:ipetkov/crane/27025ab71bdca30e7ed0a16c88fd74c5970fc7f5' (2024-05-09) • Updated input 'disko': 'github:nix-community/disko/a816daa384dd754b7586f51157fc2e1a44e76073' (2024-04-25) → 'github:nix-community/disko/f236f6df36e7e8077ff33304a1bf5dbc5c6b7122' (2024-05-14) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/4c268f5790f5e697d7e377dfdf21605d3aa123c3' (2024-04-25) → 'github:NixOS/nixpkgs/8a4282c38b6cbea9f0989c0eafc6ce1837a26442' (2024-05-13) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/9a4f20210147ecaec0269ec02506be2696635ee7' (2024-04-25) → 'github:NixOS/nixpkgs/21b7c1e62f1856bb793d41198ef4760058c6ebd5' (2024-05-14) • Updated input 'rust-overlay': 'github:oxalica/rust-overlay/9a2a11479b94afaf1ecc46384b27abda0d3d5f9d' (2024-04-25) → 'github:oxalica/rust-overlay/1d8fcbbfcfd3476c2665384a46ee9d07ef2b4dd9' (2024-05-14)
* feat(system/users/soispha): Set a new gpg-based ssh keyBenedikt Peetz2024-05-14
|
* feat(system/servies): remove snapperSilas Schöffel2024-04-26
| | | | We handle backups with restic
* feat(system/services/fail2ban): add postfix jailSilas Schöffel2024-04-25
| | | | | This bans IP Addresses which fail to login into postfix at least 3 times in 600 seconds.
* style(system/services/mastodon): format with alejandraSilas Schöffel2024-04-25
|
* fix(system/impermanence/mods/mail.nix): fix typoSilas Schöffel2024-04-25
|
* build(flake): updateSilas Schöffel2024-04-25
|
* fix(system/services/mastodon): change back to stable packageSilas Schöffel2024-04-25
|
* fix(mail): persist additional state directoriesSilas Schöffel2024-04-24
| | | | | This preserves mail state to prevent running out of memory and thus makes our mailsetup more reliable.
* fix(treewide): move former git-crypted files to correct locationSilas Schöffel2024-04-24
| | | | They were accidentally added at the wrong location in dd4b6bcfc16c7c795b697195eb6703966352d9f4
* fix(system/services/taskserver): Add required kernel settingsSoispha2024-04-02
| | | | | | These are the defaults, but I think it is better to explicitly state them to ensure that we don't suffer from a mistake, when we think about changing them in the future.
* chore(git-crypt): Remove `.git-crypt` directorySoispha2024-03-29
|
* chore(git-crypt): Re-add previously encrypted files in decrypted formSoispha2024-03-29
|