summary refs log tree commit diff stats
Commit message (Collapse)AuthorAge
...
| | * Feat(system/mail): Use '/' to separate mailboxesene2023-03-18
| | | | | | | | | | | | | | | This is something that just makes the file system easier to traverse, but isn't really necessary.
| | * Fix(system/mail): Declare the password directlyene2023-03-18
| | | | | | | | | | | | | | | | | | As outlined in commit 19f0808, placing a password hash in the world readable nix-store is perfectly safe as long as the hashing function is not reversible, which should be a necessity for a password hash.
| | * Fix(system/users): Remove unneeded root ssh login keysene2023-03-18
| | | | | | | | | | | | | | | All users are in the wheel group, thus direct login as root is no longer needed.
| | * Fix(system/mail): Make extraVirtualAliases fairerene2023-03-18
| | |
| | * Fix(system/mail): Disable protocols with STARTTLSene2023-03-18
| | | | | | | | | | | | | | | | | | This is inherently unsafe because it requires an unencrypted handshake. Considering that all protocols also work directly with TLS i.e., the encrypted variant, disabling this shouldn't be a drawback.
| | * Chore(flake): Updateene2023-03-18
| | |
| | * Refactor: Use better file layoutene2023-03-18
| | |
| | * Fix: Try to fix ipv6sils2023-03-07
| | |
| | * Feat: Added admin@vhack.eu mailsils2023-03-07
| | |
| | * Fix: Add imap and smtp subdomains to certsils2023-03-07
| | |
| | * Feat: Add mailserversils2023-03-07
| | |
| * | Merge branch 'server1_network' into server1_developene2023-03-20
| |\ \
| | * | Fix(hosts/server1/networking): Correct ipv6ene2023-03-19
| | | | | | | | | | | | | | | | The used ips were straight up wrong.
| | * | Fix(hosts/server1/networking): Fix Gatewaysene2023-03-19
| |/ / |/| | | | | | | | | | | Assigning a specific interface for a gateway should make it easier for nixos to configure it.
| * | Revert "Revert "Merge pull request 'Feat: Add Website' (#17) from ↵ene2023-03-20
|/ / | | | | | | | | | | | | server1_nginx into server1"" This reverts commit b0599a3d23878da7335e6ae754ebffbd9ac7cbc3. This may seem ridiculous, and it is, but some things are just necessary.
* | Fix(services): Remove Minecraftene2023-03-19
| | | | | | | | This doesn't compile.
* | Revert "Merge pull request 'Feat: Add Website' (#17) from server1_nginx into ↵ene2023-03-19
| | | | | | | | | | | | | | | | | | server1" This reverts commit 563521c360073d5c28d2553ec4e1792eb2b14258, reversing changes made to c50431b189e982a631d2d4864b304f33169bacdb. This is necessary, because it makes a stable base unavailable.
* | Merge pull request 'Feat: Add Website' (#17) from server1_nginx into server1sils2023-03-07
|\| | | | | | | Reviewed-on: https://git.sils.li/vhack.eu/nixos-server/pulls/17
| * Feat: Add Websitesils2023-03-07
|/ | | | | This provides an html file located at /srv/www/vhack.eu/index.html over https.
* Merge pull request 'Merge to server1' (#16) from server1_develop into server1ene2023-02-08
|\ | | | | | | Reviewed-on: https://git.sils.li/vhack.eu/nixos-server/pulls/16
| * Merge branch 'server1_minecraft2' into server1ene2023-02-08
| |\
| | * Fix: Made the Minecraft config compileene2023-02-04
| |/ |/| | | | | | | Someone put a string, where a list of strings belonged. I took the freedom to change that.
| * Merge branch 'server1_flake' into server1ene2023-02-08
|/|
| * Feat: Use default.nixene2023-02-05
| |
| * Fix: correct host name and convenience changesene2023-02-05
| | | | | | | | | | | | | | | | | | | | We used the domain name instead of the host name, which obviously doesn't work for multiple host. In addition to that I changed some directory to make importing easier and enabled the "nix-command" and "flakes" experimental options, to make the `nix flake check` command usable. Refs: #15
| * Flake: Changed the configuration to a flakeene2023-02-04
| | | | | | | | Nix flakes make a lot of things very easy.
* | Merge pull request 'Imported the headless profile' (#13) from ↵sils2023-02-04
|\| | | | | | | | | | | | | server1_headless into server1 Reviewed-on: https://git.sils.li/vhack.eu/nixos-server/pulls/13 Reviewed-by: sils <sils@sils.li>
| * Feat: Imported the headless profileene2023-02-04
|/ | | | | We run a headless server, so some things, like emergency boot mode, don't really make sense. This import disables these.
* Merge pull request 'User Configuration' (#12) from server1_users into server1sils2023-01-23
|\ | | | | | | | | Reviewed-on: https://git.sils.li/vhack.eu/nixos-server/pulls/12 Reviewed-by: sils <sils@sils.li>
| * Update: Save hashed password for silssils2023-01-23
| |
| * Feat: Track last login in motdene2023-01-21
| |
| * Feat: Save passwords in hashed form directlyene2023-01-21
| | | | | | | | | | | | | | Saving hashed passwords should be relatively safe, as long as the hashing algorithm isn't flawed. Considering, that we use yescrypt with higher than average parameters ('jFT' instead of 'j9T'), we should be safe for now.
| * Fix: Resolve merge conflictsene2023-01-21
| |
| * Merge branch 'server1' into server1_userssils2023-01-20
| |\ | |/ |/|
* | Merge pull request 'Remove ssh from the config file and make it's keys ↵sils2023-01-20
|\ \ | | | | | | | | | | | | | | | | | | persistent' (#9) from server1_ssh into server1 Reviewed-on: https://git.sils.li/vhack.eu/nixos-server/pulls/9 Reviewed-by: sils <sils@sils.li>
| * | Revert "Fix: revert changes in configuration.nix"sils2023-01-20
| | | | | | | | | | | | This reverts commit 5a137ce8b8f4b1dcfee03d001938c0fa25df842f.
| * | Merge branch 'server1' into server1_sshsils2023-01-20
| |\ \ | |/ / |/| |
| * | Fix: revert changes in configuration.nixsils2023-01-20
| | | | | | | | | | | | resolve conflicts with target branch
| * | Sec: Persistent ssh host keysene2023-01-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I changed the valid ssh-host-keys from both rsa and ed25519 to only ed25519 and moved them to `/srv/ssh` to make them persistent. In addition to that, I also increased the rounds for the ed25519 key to 1000. This fixes the ssh-host-key issue introduced by pull request #5. Fixes: #5
| | * Merge branch 'server1' into server1_userssils2023-01-20
| | |\ | |_|/ |/| |
* | | Merge pull request 'server1_rust-motd' (#11) from server1_rust-motd into server1sils2023-01-20
|\ \ \ | |/ / |/| | | | | | | | Reviewed-on: https://git.sils.li/vhack.eu/nixos-server/pulls/11 Reviewed-by: sils <sils@sils.li>
| * | Merge branch 'server1' into server1_rust-motdene2023-01-17
| |\ \ | |/ / |/| |
| * | Fix: Changed setting namesene2023-01-17
| | | | | | | | | | | | | | | The names of the settings in the GitHub repository are outdated, this commit changes the setting name to the real ones.
| * | Fix: changed to TOML configene2023-01-17
| | | | | | | | | | | | This module generates a TOML config from a nix set.
| * | Fix: typo in programs fieldene2023-01-17
| | |
| * | Feat: Added a nice motd through rust-motdene2023-01-17
| | | | | | | | | | | | I'm not sure if this is really helpful
| | * Feat: User configuration, with secure passwordsene2023-01-19
| |/ |/| | | | | | | | | | | The passwords will be stored in a specific password file, which because it isn't part of this repository is secure. Refs: #9
* | Merge pull request 'Feat: Added /boot as persistent subvolume' (#10) from ↵sils2023-01-17
|\ \ | |/ |/| | | | | | | | | server1_boot into server1 Reviewed-on: https://git.sils.li/vhack.eu/nixos-server/pulls/10 Reviewed-by: sils <sils@sils.li>
| * Feat: Added /boot as persistent subvolumeene2023-01-17
|/ | | | Co-authored-by: sils <sils@sils.li>
* Merge pull request 'Fix: Import pkgs and improve security' (#8) from ↵ene2023-01-15
|\ | | | | | | | | | | | | server1_minecraft into server1 Reviewed-on: https://git.sils.li/vhack.eu/nixos-server/pulls/8 Reviewed-by: ene <ene@sils.li>