summary refs log tree commit diff stats
path: root/secrets.nix (unfollow)
Commit message (Collapse)Author
3 daysbuild(flake.nix): Re-add `ragenix` to the devShellBenedikt Peetz
3 daysrefactor(hosts): Use a `by-name` structure and construct all host depended ↵Benedikt Peetz
values This allows us to outsource the host-handling from the `flake.nix` file.
3 daysfix(treewide): Add constant uids and gids to each user and groupBenedikt Peetz
This allows us to avoid persisting `/var/lib/nixos`.
3 daysdocs(CONTRIBUTING.md): RemoveBenedikt Peetz
The information is currently out-dated, was never really up-to-date and as such will not provide anything useful to new contributors. We should probably try to write it again at some point when our workflow has moved more from cathedral to bazaar.
3 daysrefactor(system/services/fail2ban): Migrate to `by-name`Benedikt Peetz
Additionally, I've changed to owner of the `/var/lib/fail2ban` directory to `root:root` as the main `fail2ban` service also runs under `root` and a `fail2ban` user is never created.
3 daysrefactor(system/services/rust-motd): Migrate to `by-name`Benedikt Peetz
3 daysfix(modules/impermanence): Don't always persist `/var/log` and `/var/lib/nixos`Benedikt Peetz
Persisting them, without marking the `/srv` containing fs as `neededForBoot` will result in a kernel panic in the init (because `impermanence` tries to mount these directories and fails as `/srv` is still missing.) Thus, each host, that sets `/srv` to `neededForBoot` should add these directories to `vhack.persist.directories`.
3 days<