| Commit message (Collapse) | Author |
|
It is sort of standard to ignore connections over the unencrypted port
25, thus we are doing the same.
|
|
|
|
I just think this is easier to read.
|
|
This is something that just makes the file system easier to traverse, but
isn't really necessary.
|
|
As outlined in commit 19f0808, placing a password hash in the world
readable nix-store is perfectly safe as long as the hashing function is
not reversible, which should be a necessity for a password hash.
|
|
All users are in the wheel group, thus direct login as root is no longer
needed.
|
|
|
|
This is inherently unsafe because it requires an unencrypted handshake.
Considering that all protocols also work directly with TLS i.e., the
encrypted variant, disabling this shouldn't be a drawback.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This provides an html file located at /srv/www/vhack.eu/index.html over
https.
|
|
|
|
We used the domain name instead of the host name, which obviously
doesn't work for multiple host. In addition to that I changed some
directory to make importing easier and enabled the "nix-command" and
"flakes" experimental options, to make the `nix flake check` command
usable.
Refs: #15
|
|
Nix flakes make a lot of things very easy.
|
|
Someone put a string, where a list of strings belonged. I took the
freedom to change that.
|
|
We run a headless server, so some things, like emergency boot mode, don't really make sense. This
import disables these.
|
|
|
|
|
|
Saving hashed passwords should be relatively safe, as long as the hashing
algorithm isn't flawed. Considering, that we use yescrypt with higher
than average parameters ('jFT' instead of 'j9T'), we should be safe for
now.
|
|
|
|
This reverts commit 5a137ce8b8f4b1dcfee03d001938c0fa25df842f.
|
|
resolve conflicts with target branch
|
|
The passwords will be stored in a specific password file, which because it
isn't part of this repository is secure.
Refs: #9
|