summary refs log tree commit diff stats
path: root/system/services/libreddit (unfollow)
Commit message (Collapse)Author
2024-06-28fix(peertube): Ensure that the nginx reverse proxy worksBenedikt Peetz
2024-06-28feat(flake): Add `git-bug`Benedikt Peetz
2024-06-27fix(peertube/secrets): Improve smtp secretBenedikt Peetz
2024-06-27feat(peertube): InitBenedikt Peetz
2024-06-15fix(nix-sync): Change last occurrences of `repo.path` to `repoPath`Benedikt Peetz
Using `repo.path` (with the slash on the end) results in operations on the directory, which is the symlink target. Using `repoPath` (without the slash) instead results in the intended operations on the symlink itself.
2024-06-13fix(secrets.nix): Remove non-existent `settings.age` secret fileBenedikt Peetz
This file was renamed to the `hmac.age` file in 320cc252c1e59de8fed8993b3a527839bc0963a6, but was actually never removed from the `secrets.nix` list.
2024-06-13refactor(modules/etesync): Move to a complete moduleBenedikt Peetz
2024-06-13refactor(modules): Ensure strict coherence to patternsBenedikt Peetz
2024-06-13fix(impermanence): Re-active etesync moduleBenedikt Peetz
2024-06-11fix(git-server): enable http-clone through cgitSilas Schöffel
2024-06-11fix(libreddit): Remove manual module overrideBenedikt Peetz
The fixes have been up streamed into `nixpkgs` by now.
2024-06-11refactor(flake): Use camelCase for `pkgsUnstable`Benedikt Peetz
2024-06-11fix(etesync-server): Re-activateBenedikt Peetz
2024-06-11flake.lock: UpdateBenedikt Peetz
Flake lock file updates: • Updated input 'crane': 'github:ipetkov/crane/55e7754ec31dac78980c8be45f8a28e80e370946?narHash=sha256-1hZ/txnbd/RmiBPNUs7i8UQw2N89uAK3UzrGAWdnFfU%3D' (2024-06-04) → 'github:ipetkov/crane/17d9e9dedd58dde2c562a4296934c6d6a0844534?narHash=sha256-hGLeRxSEeFz9WvmQ4s4AuMJ5InLSZvoczDdXkWSFi1A%3D' (2024-06-09) • Updated input 'disko': 'github:nix-community/disko/398acc470f7c2d68621db01900f053e6000129c4?narHash=sha256-eq9gP060TqWqRf2k4WO5FrG49rVq5Jy3Ptusg0CFdds%3D' (2024-06-07) → 'github:nix-community/disko/c1cfbfad7cb45f0c177b35b59ba67d1b5fc7ca82?narHash=sha256-nlh/2uD5p2SAdkn6Zuey20yaR5FFWvhL3poapDGNE4Y%3D' (2024-06-10) • Updated input 'impermanence': 'github:nix-community/impermanence/a33ef102a02ce77d3e39c25197664b7a636f9c30?narHash=sha256-VUXLaPusCBvwM3zhGbRIJVeYluh2uWuqtj4WirQ1L9Y%3D' (2024-02-26) → 'github:nix-community/impermanence/27979f1c3a0d3b9617a3563e2839114ba7d48d3f?narHash=sha256-7C5lCpiWiyPoIACOcu2mukn/1JRtz6HC/1aEMhUdcw0%3D' (2024-06-09) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/8e0a5f16b7bf7f212be068dd302c49888c6ad68f?narHash=sha256-BKjQ9tQdsuoROrojHZb7KTAv95WprqCkNFvuzatfEo0%3D' (2024-06-07) → 'github:NixOS/nixpkgs/f589903f0c98110b2ad5fdd764950a99ec26715e?narHash=sha256-RmiZ7RBRO7D5pZKy4yhdtPkfezWUXjUTUD0JBxq1%2B14%3D' (2024-06-09) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/9bbc9cf36dcfdb4300824fd134ad506794205c0c?narHash=sha256-CdbkVYeP%2Br1yqxujYhNVXTyoQTupOY92Awe2dcupkvw%3D' (2024-06-08) → 'github:NixOS/nixpkgs/f12b3b98676c3a9c9373576965743fa30b972b31?narHash=sha256-Eg2U1nwo5JBmsZ/2RAqXv/4E9clucexY/76P8kMC9Gs%3D' (2024-06-10) • Updated input 'rust-overlay': 'github:oxalica/rust-overlay/6dc3e45fe4aee36efeed24d64fc68b1f989d5465?narHash=sha256-wqbRwq3i7g5EHIui0bIi84mdqZ/It1AXBSLJ5tafD28%3D' (2024-06-08) → 'github:oxalica/rust-overlay/abfe5b3126b1b7e9e4daafc1c6478d17f0b584e7?narHash=sha256-24h/qKp0aeI%2BEw13WdRF521kY24PYa5HOvw0mlrABjk%3D' (2024-06-10)
2024-06-07fix(gitolite): change user to gitSilas Schöffel
2024-06-05fix(fail2ban): increase max retry number to 7Silas Schöffel
2024-06-05fix(git-server): enable SSL for cgitSilas Schöffel
2024-06-05feat(treewide): add git-server moduleSilas Schöffel
2024-06-05fix(nix-sync): Don't try to exit in a subshellBenedikt Peetz
The `(cmd1 && cmd2)` pattern works, but fails with commands like `exit` as the parentheses start a new subshell, which the `exit` command will then close instead of exiting the main shell. The curly brackets have the intended effect here, as they simply group the commands together.
2024-06-05fix(nix-sync): Ensure that the `target` for `ln` never ends with a `/`Benedikt Peetz
Otherwise, `ln` tries to create the symlink _in_ the target directory.
2024-06-05fix(nix-sync): Add code-path to create a repo's path, if absentBenedikt Peetz
2024-06-01fix(nix-sync): Ensure that the service can write to all needed pathsBenedikt Peetz
Previously, the generated service _could_ write to the directory, but wanted to create the directory, if it was absent. Creating this directory, requires to be able to write in the parent directory. This is fixed, by ensuring that the parent directories are included.
2024-06-01fix(treewide): stop using none-existent etebase user and groupSilas Schöffel
2024-06-01fix(nix-sync): Explicitly set the `network-online.target` dependencyBenedikt Peetz
2024-06-01fix(disko): explicitely state type of main diskSilas Schöffel
2024-06-01feat(etebase)!: disable etebase-serverSilas Schöffel
Sadly, it's author didn't manage to update to a newer version of django before the used version (3.2) reached EOL and was affected by CVE-2024-27351. It's unreasonable to continue using it.
2024-06-01fix(system/services/invidious): set db.user to invidiousSilas Schöffel
This also changes the dbname to "invidious" which isn't mentioned in the commit message as it's the default in nixpkgs.
2024-06-01fix(treewide): use invidious-router module provided by nixpkgsSilas Schöffel
2024-06-01chore(flake): override simple-nixos-mailserver.inputs.utilsSilas Schöffel
2024-06-01build(flake): updateSilas Schöffel
Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/8d37c5bdeade12b6479c85acd133063ab53187a0' (2024-05-09) → 'github:ryantm/agenix/c2fc0762bbe8feb06a2e59a364fa81b3a57671c9' (2024-05-24) • Updated input 'crane': 'github:ipetkov/crane/27025ab71bdca30e7ed0a16c88fd74c5970fc7f5' (2024-05-09) → 'github:ipetkov/crane/480dff0be03dac0e51a8dfc26e882b0d123a450e' (2024-05-29) • Updated input 'disko': 'github:nix-community/disko/f236f6df36e7e8077ff33304a1bf5dbc5c6b7122' (2024-05-14) → 'github:nix-community/disko/0274af4c92531ebfba4a5bd493251a143bc51f3c' (2024-05-31) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/21b7c1e62f1856bb793d41198ef4760058c6ebd5' (2024-05-14) → 'github:NixOS/nixpkgs/21959d8d44197094aebc74ead6ca4a53bcce0adb' (2024-06-01) • Updated input 'rust-overlay': 'github:oxalica/rust-overlay/1d8fcbbfcfd3476c2665384a46ee9d07ef2b4dd9' (2024-05-14) → 'github:oxalica/rust-overlay/ab69b67fac9a96709fbef0b899db308ca714a120' (2024-06-01) • Updated input 'simple-nixos-mailserver/utils': 'github:numtide/flake-utils/5021eac20303a61fafe17224c087f5519baed54d' (2020-11-14) → 'github:numtide/flake-utils/d465f4819400de7c8d874d50b982301f28a84605' (2024-02-28) • Added input 'simple-nixos-mailserver/utils/systems': 'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09)
2024-06-01build(flake): update simple-nixos-mailserver to masterSilas Schöffel
2024-06-01feat(system/services/nginx)!: Change meaning of `root` keyBenedikt Peetz
The `root` key was rather useless (it was always just the `/etc/.../<domain>` path.). This change gives it a real meaning. See the 'BREAKING CHANGE' section for more information. BREAKING CHANGE: Previously the `root` key denoted the _absolute_ root of a repository. Now it just denotes the root relative (i.e. a path within the built repository) to the repos cloning position. You should just remove the absolute part of the path (that, which is not an output in your built repository)
2024-06-01feat(flake): update nixpkgs to 24.05Silas Schöffel
2024-05-26feat(system/services/nginx): add wkd for sils.liSilas Schöffel
2024-05-26feat(system/services/nginx): add wkd for s-schoeffel.deSilas Schöffel
2024-05-26fix(system/services/nginx/hosts): Update trinitrix source git pathBenedikt Peetz
2024-05-25feat(system/services/nginx): Add the trinitrix websiteBenedikt Peetz
2024-05-25feat(system/services/nginx): Add the GPG WKDBenedikt Peetz
2024-05-14build(flake): updateSilas Schöffel
Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/1381a759b205dff7a6818733118d02253340fd5e' (2024-04-02) → 'github:ryantm/agenix/8d37c5bdeade12b6479c85acd133063ab53187a0' (2024-05-09) • Updated input 'crane': 'github:ipetkov/crane/a5eca68a2cf11adb32787fc141cddd29ac8eb79c' (2024-04-24) → 'github:ipetkov/crane/27025ab71bdca30e7ed0a16c88fd74c5970fc7f5' (2024-05-09) • Updated input 'disko': 'github:nix-community/disko/a816daa384dd754b7586f51157fc2e1a44e76073' (2024-04-25) → 'github:nix-community/disko/f236f6df36e7e8077ff33304a1bf5dbc5c6b7122' (2024-05-14) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/4c268f5790f5e697d7e377dfdf21605d3aa123c3' (2024-04-25) → 'github:NixOS/nixpkgs/8a4282c38b6cbea9f0989c0eafc6ce1837a26442' (2024-05-13) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/9a4f20210147ecaec0269ec02506be2696635ee7' (2024-04-25) → 'github:NixOS/nixpkgs/21b7c1e62f1856bb793d41198ef4760058c6ebd5' (2024-05-14) • Updated input 'rust-overlay': 'github:oxalica/rust-overlay/9a2a11479b94afaf1ecc46384b27abda0d3d5f9d' (2024-04-25) → 'github:oxalica/rust-overlay/1d8fcbbfcfd3476c2665384a46ee9d07ef2b4dd9' (2024-05-14)
2024-05-14feat(system/users/soispha): Set a new gpg-based ssh keyBenedikt Peetz
2024-04-26feat(system/servies): remove snapperSilas Schöffel
We handle backups with restic
2024-04-25feat(system/services/fail2ban): add postfix jailSilas Schöffel
This bans IP Addresses which fail to login into postfix at least 3 times in 600 seconds.
2024-04-25style(system/services/mastodon): format with alejandraSilas Schöffel
2024-04-25fix(system/impermanence/mods/mail.nix): fix typoSilas Schöffel
2024-04-25build(flake): updateSilas Schöffel
2024-04-25fix(system/services/mastodon): change back to stable packageSilas Schöffel
2024-04-24fix(mail): persist additional state directoriesSilas Schöffel
This preserves mail state to prevent running out of memory and thus makes our mailsetup more reliable.
2024-04-24fix(treewide): move former git-crypted files to correct locationSilas Schöffel
They were accidentally added at the wrong location in dd4b6bcfc16c7c795b697195eb6703966352d9f4
2024-04-02fix(system/services/taskserver): Add required kernel settingsSoispha
These are the defaults, but I think it is better to explicitly state them to ensure that we don't suffer from a mistake, when we think about changing them in the future.
2024-03-29chore(git-crypt): Remove `.git-crypt` directorySoispha