summary refs log tree commit diff stats
path: root/system/secrets/backup/backuppass.age (unfollow)
Commit message (Collapse)Author
2024-06-05fix(git-server): enable SSL for cgitSilas Schöffel
2024-06-05feat(treewide): add git-server moduleSilas Schöffel
2024-06-05fix(nix-sync): Don't try to exit in a subshellBenedikt Peetz
The `(cmd1 && cmd2)` pattern works, but fails with commands like `exit` as the parentheses start a new subshell, which the `exit` command will then close instead of exiting the main shell. The curly brackets have the intended effect here, as they simply group the commands together.
2024-06-05fix(nix-sync): Ensure that the `target` for `ln` never ends with a `/`Benedikt Peetz
Otherwise, `ln` tries to create the symlink _in_ the target directory.
2024-06-05fix(nix-sync): Add code-path to create a repo's path, if absentBenedikt Peetz
2024-06-01fix(nix-sync): Ensure that the service can write to all needed pathsBenedikt Peetz
Previously, the generated service _could_ write to the directory, but wanted to create the directory, if it was absent. Creating this directory, requires to be able to write in the parent directory. This is fixed, by ensuring that the parent directories are included.
2024-06-01fix(treewide): stop using none-existent etebase user and groupSilas Schöffel
2024-06-01fix(nix-sync): Explicitly set the `network-online.target` dependencyBenedikt Peetz
2024-06-01fix(disko): explicitely state type of main diskSilas Schöffel
2024-06-01feat(etebase)!: disable etebase-serverSilas Schöffel
Sadly, it's author didn't manage to update to a newer version of django before the used version (3.2) reached EOL and was affected by CVE-2024-27351. It's unreasonable to continue using it.
2024-06-01fix(system/services/invidious): set db.user to invidiousSilas Schöffel
This also changes the dbname to "invidious" which isn't mentioned in the commit message as it's the default in nixpkgs.
2024-06-01fix(treewide): use invidious-router module provided by nixpkgsSilas Schöffel
2024-06-01chore(flake): override simple-nixos-mailserver.inputs.utilsSilas Schöffel
2024-06-01build(flake): updateSilas Schöffel
Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/8d37c5bdeade12b6479c85acd133063ab53187a0' (2024-05-09) → 'github:ryantm/agenix/c2fc0762bbe8feb06a2e59a364fa81b3a57671c9' (2024-05-24) • Updated input 'crane': 'github:ipetkov/crane/27025ab71bdca30e7ed0a16c88fd74c5970fc7f5' (2024-05-09) → 'github:ipetkov/crane/480dff0be03dac0e51a8dfc26e882b0d123a450e' (2024-05-29) • Updated input 'disko': 'github:nix-community/disko/f236f6df36e7e8077ff33304a1bf5dbc5c6b7122' (2024-05-14) → 'github:nix-community/disko/0274af4c92531ebfba4a5bd493251a143bc51f3c' (2024-05-31) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/21b7c1e62f1856bb793d41198ef4760058c6ebd5' (2024-05-14) → 'github:NixOS/nixpkgs/21959d8d44197094aebc74ead6ca4a53bcce0adb' (2024-06-01) • Updated input 'rust-overlay': 'github:oxalica/rust-overlay/1d8fcbbfcfd3476c2665384a46ee9d07ef2b4dd9' (2024-05-14) → 'github:oxalica/rust-overlay/ab69b67fac9a96709fbef0b899db308ca714a120' (2024-06-01) • Updated input 'simple-nixos-mailserver/utils': 'github:numtide/flake-utils/5021eac20303a61fafe17224c087f5519baed54d' (2020-11-14) → 'github:numtide/flake-utils/d465f4819400de7c8d874d50b982301f28a84605' (2024-02-28) • Added input 'simple-nixos-mailserver/utils/systems': 'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09)
2024-06-01build(flake): update simple-nixos-mailserver to masterSilas Schöffel
2024-06-01feat(system/services/nginx)!: Change meaning of `root` keyBenedikt Peetz
The `root` key was rather useless (it was always just the `/etc/.../<domain>` path.). This change gives it a real meaning. See the 'BREAKING CHANGE' section for more information. BREAKING CHANGE: Previously the `root` key denoted the _absolute_ root of a repository. Now it just denotes the root relative (i.e. a path within the built repository) to the repos cloning position. You should just remove the absolute part of the path (that, which is not an output in your built repository)
2024-06-01feat(flake): update nixpkgs to 24.05Silas Schöffel
2024-05-26feat(system/services/nginx): add wkd for sils.liSilas Schöffel
2024-05-26feat(system/services/nginx): add wkd for s-schoeffel.deSilas Schöffel
2024-05-26fix(system/services/nginx/hosts): Update trinitrix source git pathBenedikt Peetz
2024-05-25feat(system/services/nginx): Add the trinitrix websiteBenedikt Peetz
2024-05-25feat(system/services/nginx): Add the GPG WKDBenedikt Peetz
2024-05-14build(flake): updateSilas Schöffel
Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/1381a759b205dff7a6818733118d02253340fd5e' (2024-04-02) → 'github:ryantm/agenix/8d37c5bdeade12b6479c85acd133063ab53187a0' (2024-05-09) • Updated input 'crane': 'github:ipetkov/crane/a5eca68a2cf11adb32787fc141cddd29ac8eb79c' (2024-04-24) → 'github:ipetkov/crane/27025ab71bdca30e7ed0a16c88fd74c5970fc7f5' (2024-05-09) • Updated input 'disko': 'github:nix-community/disko/a816daa384dd754b7586f51157fc2e1a44e76073' (2024-04-25) → 'github:nix-community/disko/f236f6df36e7e8077ff33304a1bf5dbc5c6b7122' (2024-05-14) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/4c268f5790f5e697d7e377dfdf21605d3aa123c3' (2024-04-25) → 'github:NixOS/nixpkgs/8a4282c38b6cbea9f0989c0eafc6ce1837a26442' (2024-05-13) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/9a4f20210147ecaec0269ec02506be2696635ee7' (2024-04-25) → 'github:NixOS/nixpkgs/21b7c1e62f1856bb793d41198ef4760058c6ebd5' (2024-05-14) • Updated input 'rust-overlay': 'github:oxalica/rust-overlay/9a2a11479b94afaf1ecc46384b27abda0d3d5f9d' (2024-04-25) → 'github:oxalica/rust-overlay/1d8fcbbfcfd3476c2665384a46ee9d07ef2b4dd9' (2024-05-14)
2024-05-14feat(system/users/soispha): Set a new gpg-based ssh keyBenedikt Peetz
2024-04-26feat(system/servies): remove snapperSilas Schöffel
We handle backups with restic
2024-04-25feat(system/services/fail2ban): add postfix jailSilas Schöffel
This bans IP Addresses which fail to login into postfix at least 3 times in 600 seconds.
2024-04-25style(system/services/mastodon): format with alejandraSilas Schöffel
2024-04-25fix(system/impermanence/mods/mail.nix): fix typoSilas Schöffel
2024-04-25build(flake): updateSilas Schöffel
2024-04-25fix(system/services/mastodon): change back to stable packageSilas Schöffel
2024-04-24fix(mail): persist additional state directoriesSilas Schöffel
This preserves mail state to prevent running out of memory and thus makes our mailsetup more reliable.
2024-04-24fix(treewide): move former git-crypted files to correct locationSilas Schöffel
They were accidentally added at the wrong location in dd4b6bcfc16c7c795b697195eb6703966352d9f4
2024-04-02fix(system/services/taskserver): Add required kernel settingsSoispha
These are the defaults, but I think it is better to explicitly state them to ensure that we don't suffer from a mistake, when we think about changing them in the future.
2024-03-29chore(git-crypt): Remove `.git-crypt` directorySoispha
2024-03-29chore(git-crypt): Re-add previously encrypted files in decrypted formSoispha
2024-03-29chore(git-crypt): Remove `git-crypt` and associated encrypted filesSoispha
2024-03-29fix(gitattributes): Remove unused taskserver pathsSoispha
2024-03-29refactor(system/services/taskserver): Move away from git-cryptSoispha
2024-03-29style(system/secrets): Sort `secret.nix` and `default.nix` alphabeticallySoispha
2024-03-28fix(system/services/libreddit): correct binary location in systemd serviceSilas Schöffel
This is a manual fix until we get this merged into nixpkgs Co-authored-by: Benedikt Peetz <benedikt.peetz@b-peetz.de>
2024-03-28feat(system/servics/libreddit): Use the continued redlib packageSoispha
Fixes: #87
2024-03-28build(flake): UpdateSoispha
2024-03-19fix(system/impermanence/mods/users.nix): add /root/.ssh as persistent directorysils
2024-03-10fix(system/services/invidious-router): add new healthcheck configsils
2024-03-10build(flake): updatesils
2024-02-25fix(system/services/invidious-router): remove invidious.vhack.eu from ↵sils
instance list This is necessary because of a bug in our instance which causes search to fail under certain circumstances.
2024-02-21style(system/services/invidious-router): one list entry per linesils
2024-02-21fix(system/services/invidious-router): change allowed_status_codes type to intsils
2024-02-21fix(system/services/invidious-router): bind to 127.0.0.1sils
2024-02-21build(flake): updatesils