Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Refactor(services): Remove dead code | Soispha | 2023-06-18 |
| | |||
* | Build(flake): Update | Soispha | 2023-06-17 |
| | |||
* | Fix(system/services/acme): Add multiple domains | Soispha | 2023-06-17 |
| | |||
* | Fix(system/services/nginx): Switch to git-sync | Soispha | 2023-06-17 |
| | |||
* | Feat(system/services/git-sync): Add | Soispha | 2023-06-17 |
| | |||
* | Merge branch 'keycloak' into develop | sils | 2023-06-06 |
|\ | |||
| * | Fix(system/services/keycloak): Correct path to passwordfile | sils | 2023-06-06 |
| | | |||
| * | Fix(system/services/keycloak): Change value of 'passwordFile' to path | sils | 2023-06-06 |
| | | |||
| * | Feat(system/services): Enable keycloak | sils | 2023-06-06 |
| | | |||
| * | Feat(system/services/keycloak): Add keycloak | sils | 2023-06-06 |
| | | |||
| * | Feat(system/file_system_layout): Add bindmount for postgresql | sils | 2023-06-06 |
| | | |||
* | | Feat(system/packages): Add git-crypt to standard packages to minimize | sils | 2023-06-06 |
|/ | | | | pain while rebuilding | ||
* | Fix(system/services/opensshd): Rename passwordAuthentication to | sils | 2023-06-06 |
| | | | | settings.PassowrdAuthentication | ||
* | Fix(system/mail): give certificateScheme string as value | sils | 2023-06-06 |
| | |||
* | Fix(hosts/server1): Rename boot.cleanTmpDir to boot.tmp.cleanOnBoot | sils | 2023-06-06 |
| | |||
* | Fix(system/packages): Explicitly enable zsh to make Nix Vars available | sils | 2023-06-06 |
| | |||
* | Build(flake): Update | sils | 2023-06-06 |
| | | | | This updates the Version of NixOS used. | ||
* | Revert: Remove Conduit | sils | 2023-06-06 |
| | | | | | | It didn't deploy either and we'd probably use synapse anyway This reverts commit fbba7df4b7c9de5b1926612647e1d9d06b7d22cf. | ||
* | Feat(system/matrix/conduit): Add matrix-conduit | Soispha | 2023-05-20 |
| | |||
* | Build(cog): Add | sils | 2023-05-20 |
| | | | | Co-authored-by: Soispha <soispha@vhack.eu> | ||
* | Build(git-crypt): Add collaborator | sils | 2023-05-20 |
| | | | | | | New collaborators: D9C3B27F Silas <sils@sils.li> | ||
* | Build(flake): Update | Soispha | 2023-05-20 |
| | |||
* | Style(system): Format | Soispha | 2023-05-20 |
| | |||
* | Refactor(system/mail): Hide user emails | Soispha | 2023-05-20 |
| | |||
* | Build(git-crypt): Add | Soispha | 2023-05-20 |
| | |||
* | Chore(flake): Update | Soispha | 2023-05-02 |
| | |||
* | Fix(update): Remove | Soispha | 2023-05-02 |
| | | | | It will (at some point) be installed through direnv, when it is in nixpkgs. | ||
* | Chore(flake): Update | Soispha | 2023-04-29 |
| | |||
* | Feat(update): Use update flake | Soispha | 2023-04-29 |
| | | | | This comes with better dependency handling and further visual upgrades. | ||
* | Chore(flake): Update | Soispha | 2023-04-27 |
| | |||
* | Merge pull request 'Fix(system/services/nginx): Correct path to index.html' ↵ | sils | 2023-04-21 |
|\ | | | | | | | | | | | (#30) from website into develop Reviewed-on: https://codeberg.org/vhack.eu/nixos-server/pulls/30 | ||
| * | Fix(system/services/nginx): Correct path to index.html | sils | 2023-04-21 |
|/ | |||
* | Merge pull request 'Feat(system/services/nginx): Change to declarative ↵ | sils | 2023-04-21 |
|\ | | | | | | | | | | | websites' (#29) from server1_webpage into develop Reviewed-on: https://codeberg.org/vhack.eu/nixos-server/pulls/29 | ||
| * | Feat(system/services/nginx): Change to declarative websites | Soispha | 2023-04-19 |
| | | |||
* | | Merge pull request 'server1_build' (#25) from server1_build into server1 | sils | 2023-04-20 |
|\| | | | | | | | Reviewed-on: https://codeberg.org/vhack.eu/nixos-server/pulls/25 | ||
| * | Docs(contributing): Add | Soispha | 2023-04-18 |
| | | |||
| * | Docs(License): Add | Soispha | 2023-04-18 |
| | | | | | | | | | | | | | | | | | | | | See https://spdx.dev/resources/learn/ for information about 'LICENSE.spdx'. I'm not fully sure, if the spdx spec is correctly applied. The decision to go for the GPL-3.0-or-later is obviously open to be changed, if it should be desired. | ||
| * | Build: Add update script | Soispha | 2023-04-18 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows to group different update commands together and to raise awareness of the update task. The `grep '[^0-9]_[0-9] flake.lock'` is needed to check if multiple imports exists for the same input as nix will name them 'nixpkgs_1' 'nixpkgs_2' and so on. Having multiple inputs for the same thing just increases the needed storage space, if no other inputs are set to follow, but can break a flake's evaluation because of a partial update e.g., nixpkgs follows our version, but we leave rust-overlay unfollowed. This example would result in a newer cargo version (rust-overlay) getting combined with old packages (nixpkgs), which introduces the aforementioned partial update. | ||
| * | Build(flake): Enable direnv integration | Soispha | 2023-04-18 |
| | | | | | | | | | | | | | | | | | | | | [Direnv](https://github.com/direnv/direnv) in combination with [Nix integration](https://github.com/direnv/direnv/wiki/Nix) — in this case [Nix-direnv](https://github.com/nix-community/nix-direnv) — allows for reliable build environments (and some uncluttering of the PATH). Setting it up is rather easy, just see [Nix-direnv's install instructions](https://github.com/nix-community/nix-direnv#installation). | ||
| * | Chore(flake): Update and add follows for inputs | Soispha | 2023-04-18 |
| | | |||
* | | Merge pull request 'server1_develop' (#22) from server1_develop into server1 | sils | 2023-04-11 |
|\| | | | | | | | | | Reviewed-on: https://git.sils.li/vhack.eu/nixos-server/pulls/22 Reviewed-by: sils <sils@sils.li> | ||
| * | Chore(flake): Update | sils | 2023-04-08 |
| | | | | | | | | | | Shouldn't cause any trouble and is necessary to keep things secure. | ||
| * | Fix(system/mail): Allow opening ports in the firewall | ene | 2023-04-07 |
| | | | | | | | | | | | | | | | | | | | | | | As the previous configuration only opened some ports, receiving mail was impossible. This allows NSM to open the required ports directly, ensuring that none was missed. SECURITY: As all other options than SSL are still disabled, this change should not introduce unencrypted mail transfer. This has not been tested. | ||
| * | Fix(system/services/rust-motd): Quote ssl-cert names | ene | 2023-03-25 |
| | | |||
| * | Feat(system/services/rust-motd): Info about filesystems | ene | 2023-03-25 |
| | | |||
| * | Feat(system/services/rust-motd): Show status of ssl-certs | ene | 2023-03-25 |
| | | |||
| * | Fix(system/services/rust-motd): Add fail2ban binary | ene | 2023-03-25 |
| | | |||
| * | Merge pull request 'server1_fail2ban' (#24) from server1_fail2ban into ↵ | ene | 2023-03-25 |
| |\ | | | | | | | | | | | | | | | | server1_develop Reviewed-on: https://git.sils.li/vhack.eu/nixos-server/pulls/24 | ||
| | * | Feat(system/services/fail2ban): Add dovecot jail | ene | 2023-03-25 |
| | | | | | | | | | | | | This should reduce the log spam even further. | ||
| | * | Fix(system/services/fail2ban): Make db persistent | ene | 2023-03-25 |
| | | |