summary refs log tree commit diff stats
Commit message (Collapse)AuthorAge
* fix(treewide): stop using none-existent etebase user and groupSilas Schöffel2024-06-01
|
* fix(nix-sync): Explicitly set the `network-online.target` dependencyBenedikt Peetz2024-06-01
|
* fix(disko): explicitely state type of main diskSilas Schöffel2024-06-01
|
* feat(etebase)!: disable etebase-serverSilas Schöffel2024-06-01
| | | | | | Sadly, it's author didn't manage to update to a newer version of django before the used version (3.2) reached EOL and was affected by CVE-2024-27351. It's unreasonable to continue using it.
* fix(system/services/invidious): set db.user to invidiousSilas Schöffel2024-06-01
| | | | | This also changes the dbname to "invidious" which isn't mentioned in the commit message as it's the default in nixpkgs.
* fix(treewide): use invidious-router module provided by nixpkgsSilas Schöffel2024-06-01
|
* chore(flake): override simple-nixos-mailserver.inputs.utilsSilas Schöffel2024-06-01
|
* build(flake): updateSilas Schöffel2024-06-01
| | | | | | | | | | | | | | | | | | | | | | | | | Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/8d37c5bdeade12b6479c85acd133063ab53187a0' (2024-05-09) → 'github:ryantm/agenix/c2fc0762bbe8feb06a2e59a364fa81b3a57671c9' (2024-05-24) • Updated input 'crane': 'github:ipetkov/crane/27025ab71bdca30e7ed0a16c88fd74c5970fc7f5' (2024-05-09) → 'github:ipetkov/crane/480dff0be03dac0e51a8dfc26e882b0d123a450e' (2024-05-29) • Updated input 'disko': 'github:nix-community/disko/f236f6df36e7e8077ff33304a1bf5dbc5c6b7122' (2024-05-14) → 'github:nix-community/disko/0274af4c92531ebfba4a5bd493251a143bc51f3c' (2024-05-31) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/21b7c1e62f1856bb793d41198ef4760058c6ebd5' (2024-05-14) → 'github:NixOS/nixpkgs/21959d8d44197094aebc74ead6ca4a53bcce0adb' (2024-06-01) • Updated input 'rust-overlay': 'github:oxalica/rust-overlay/1d8fcbbfcfd3476c2665384a46ee9d07ef2b4dd9' (2024-05-14) → 'github:oxalica/rust-overlay/ab69b67fac9a96709fbef0b899db308ca714a120' (2024-06-01) • Updated input 'simple-nixos-mailserver/utils': 'github:numtide/flake-utils/5021eac20303a61fafe17224c087f5519baed54d' (2020-11-14) → 'github:numtide/flake-utils/d465f4819400de7c8d874d50b982301f28a84605' (2024-02-28) • Added input 'simple-nixos-mailserver/utils/systems': 'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09)
* build(flake): update simple-nixos-mailserver to masterSilas Schöffel2024-06-01
|
* feat(system/services/nginx)!: Change meaning of `root` keyBenedikt Peetz2024-06-01
| | | | | | | | | | | | The `root` key was rather useless (it was always just the `/etc/.../<domain>` path.). This change gives it a real meaning. See the 'BREAKING CHANGE' section for more information. BREAKING CHANGE: Previously the `root` key denoted the _absolute_ root of a repository. Now it just denotes the root relative (i.e. a path within the built repository) to the repos cloning position. You should just remove the absolute part of the path (that, which is not an output in your built repository)
* feat(flake): update nixpkgs to 24.05Silas Schöffel2024-06-01
|
* feat(system/services/nginx): add wkd for sils.liSilas Schöffel2024-05-26
|
* feat(system/services/nginx): add wkd for s-schoeffel.deSilas Schöffel2024-05-26
|
* fix(system/services/nginx/hosts): Update trinitrix source git pathBenedikt Peetz2024-05-26
|
* feat(system/services/nginx): Add the trinitrix websiteBenedikt Peetz2024-05-25
|
* feat(system/services/nginx): Add the GPG WKDBenedikt Peetz2024-05-25
|
* build(flake): updateSilas Schöffel2024-05-14
| | | | | | | | | | | | | | | | | | | | | | | Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/1381a759b205dff7a6818733118d02253340fd5e' (2024-04-02) → 'github:ryantm/agenix/8d37c5bdeade12b6479c85acd133063ab53187a0' (2024-05-09) • Updated input 'crane': 'github:ipetkov/crane/a5eca68a2cf11adb32787fc141cddd29ac8eb79c' (2024-04-24) → 'github:ipetkov/crane/27025ab71bdca30e7ed0a16c88fd74c5970fc7f5' (2024-05-09) • Updated input 'disko': 'github:nix-community/disko/a816daa384dd754b7586f51157fc2e1a44e76073' (2024-04-25) → 'github:nix-community/disko/f236f6df36e7e8077ff33304a1bf5dbc5c6b7122' (2024-05-14) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/4c268f5790f5e697d7e377dfdf21605d3aa123c3' (2024-04-25) → 'github:NixOS/nixpkgs/8a4282c38b6cbea9f0989c0eafc6ce1837a26442' (2024-05-13) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/9a4f20210147ecaec0269ec02506be2696635ee7' (2024-04-25) → 'github:NixOS/nixpkgs/21b7c1e62f1856bb793d41198ef4760058c6ebd5' (2024-05-14) • Updated input 'rust-overlay': 'github:oxalica/rust-overlay/9a2a11479b94afaf1ecc46384b27abda0d3d5f9d' (2024-04-25) → 'github:oxalica/rust-overlay/1d8fcbbfcfd3476c2665384a46ee9d07ef2b4dd9' (2024-05-14)
* feat(system/users/soispha): Set a new gpg-based ssh keyBenedikt Peetz2024-05-14
|
* feat(system/servies): remove snapperSilas Schöffel2024-04-26
| | | | We handle backups with restic
* feat(system/services/fail2ban): add postfix jailSilas Schöffel2024-04-25
| | | | | This bans IP Addresses which fail to login into postfix at least 3 times in 600 seconds.
* style(system/services/mastodon): format with alejandraSilas Schöffel2024-04-25
|
* fix(system/impermanence/mods/mail.nix): fix typoSilas Schöffel2024-04-25
|
* build(flake): updateSilas Schöffel2024-04-25
|
* fix(system/services/mastodon): change back to stable packageSilas Schöffel2024-04-25
|
* fix(mail): persist additional state directoriesSilas Schöffel2024-04-24
| | | | | This preserves mail state to prevent running out of memory and thus makes our mailsetup more reliable.
* fix(treewide): move former git-crypted files to correct locationSilas Schöffel2024-04-24
| | | | They were accidentally added at the wrong location in dd4b6bcfc16c7c795b697195eb6703966352d9f4
* fix(system/services/taskserver): Add required kernel settingsSoispha2024-04-02
| | | | | | These are the defaults, but I think it is better to explicitly state them to ensure that we don't suffer from a mistake, when we think about changing them in the future.
* chore(git-crypt): Remove `.git-crypt` directorySoispha2024-03-29
|
* chore(git-crypt): Re-add previously encrypted files in decrypted formSoispha2024-03-29
|
* chore(git-crypt): Remove `git-crypt` and associated encrypted filesSoispha2024-03-29
|
* fix(gitattributes): Remove unused taskserver pathsSoispha2024-03-29
|
* refactor(system/services/taskserver): Move away from git-cryptSoispha2024-03-29
|
* style(system/secrets): Sort `secret.nix` and `default.nix` alphabeticallySoispha2024-03-29
|
* fix(system/services/libreddit): correct binary location in systemd serviceSilas Schöffel2024-03-28
| | | | | | This is a manual fix until we get this merged into nixpkgs Co-authored-by: Benedikt Peetz <benedikt.peetz@b-peetz.de>
* feat(system/servics/libreddit): Use the continued redlib packageSoispha2024-03-28
| | | | Fixes: #87
* build(flake): UpdateSoispha2024-03-28
|
* fix(system/impermanence/mods/users.nix): add /root/.ssh as persistent directorysils2024-03-19
|
* fix(system/services/invidious-router): add new healthcheck configsils2024-03-10
|
* build(flake): updatesils2024-03-10
|
* fix(system/services/invidious-router): remove invidious.vhack.eu from ↵sils2024-02-25
| | | | | | | instance list This is necessary because of a bug in our instance which causes search to fail under certain circumstances.
* style(system/services/invidious-router): one list entry per linesils2024-02-21
|
* fix(system/services/invidious-router): change allowed_status_codes type to intsils2024-02-21
|
* fix(system/services/invidious-router): bind to 127.0.0.1sils2024-02-21
|
* build(flake): updatesils2024-02-21
|
* fix(flake): override invidious-router-flake nixpkgs with nixpkgs-unstablesils2024-02-21
|
* fix(system/services/invidious-router): correct typosils2024-02-21
|
* feat(system/services/invidious-router): add extraDomainssils2024-02-19
|
* build(flake): updatesils2024-02-19
|
* feat(system/services/invidious-router): add configurationsils2024-02-19
|
* build(flake): update invidious-router-flakesils2024-02-19
|