# Changelog All notable changes to this project will be documented in this file. See [conventional commits](https://www.conventionalcommits.org/) for commit guidelines. - - - ## v0.3.0 - 2023-07-10 #### Bug Fixes - **(host/server1)** Use working path to disk - (26b6c91) - Soispha - **(system/disks)** Change partitioning scheme to support gpt/bios boot - (40458f4) - Soispha - **(system/impermanence/m/mail)** Add rspamd dir - (a0d04e5) - Soispha - **(system/impermanence/m/users)** Make /home readable - (8c1dd93) - Soispha - **(system/secrets)** Update after redeploy - (778f8ad) - Soispha - **(system/secrets)** Ensure that ssh host key is available in stage 2 - (5bb8cb3) - Soispha - **(system/services/keycloak)** Use agenix to store passwd - (265eb9d) - Soispha - **(system/services/nix-sync)** Nix build needs access to /proc/stat - (123a8d9) - Soispha - **(treewide)** Move all persistent dirs to impermanence to set permissions - (7815ef2) - Soispha #### Documentation - **(notes)** Add section about redeployment - (3ea6a58) - Soispha #### Features - **(flake)** Add agenix module - (78b566e) - Soispha - **(system/disks)** Add disko - (d176a33) - Soispha #### Miscellaneous Chores - **(.gitattributes)** Remove removed acme path - (81cf12b) - Soispha #### Refactoring - **(system/impermanence)** Move to own directory - (2a6b022) - Soispha - - - ## v0.2.0 - 2023-07-07 #### Bug Fixes - **(system)** Import everything - (a1758ed) - Soispha - **(system)** Import everything - (07f1e4a) - Soispha - **(system/fs-layout)** Remove persistent dir as it's now in /srv - (ce36bb2) - Soispha - **(system/fs_layout/impermanence)** Make sshd dir 755 - (4fdf20b) - Soispha - **(system/services)** Move acmeWebRoot back to /var/lib/acme - (532412a) - Soispha - **(system/services)** Inherit acmeRoot manually - (80e5776) - Soispha - **(system/services/acme)** Leave certs generation to nixos - (1f6ff65) - Soispha - **(system/services/git-sync)** Use correct systemd options - (77e512a) - Soispha - **(system/services/git-sync)** Switch to str to avoid impurity - (a8ffaea) - Soispha - **(system/services/git-sync)** Purge assertion, as we're always on linux - (74a735b) - Soispha - **(system/services/mail)** Tell git-crypt new users.nix location - (cdea671) - sils - **(system/services/nginx)** Set the correct acme webRoot - (252d983) - Soispha - **(system/services/nginx)** Create nix-sync cache through impermanence - (869d74c) - Soispha - **(system/services/nginx)** Remove slash from acme webroot - (bec5cf4) - Soispha - **(system/services/nginx)** Actually enable git-sync - (374c499) - Soispha - **(system/services/nginx/hosts)** Inherit acmeRoot setting - (990cb3c) - Soispha - **(system/services/nix-sync)** Guard deletion of `repo.path` - (16da0f2) - Soispha - **(system/services/nix-sync)** Pull before rebuilding - (3df8d67) - Soispha - **(system/services/nix-sync)** Generate the needed repo paths - (5bed7c8) - Soispha - **(system/services/nix-sync)** Rebuild website on gc - (393f0e6) - Soispha - **(system/services/nix-sync)** Really remove last reference to git-sync - (0b36dbd) - Soispha - **(system/services/nix-sync)** Small typos in ExecStart - (0ac9885) - Soispha - **(system/services/nix-sync)** Use cache directory - (6e18fa4) - Soispha - **(system/services/nix-sync)** Use correct git urls - (9f9a140) - Soispha - **(system/services/nix-sync)** Generate root independent of path - (a505c18) - Soispha - **(system/services/nix-sync)** Add the cachePath rw - (dd84945) - Soispha - **(system/services/nix-sync)** Add '/etc/nginx/websites' to kept dirs - (6a5b874) - Soispha - **(system/services/nix-sync)** Remove slash from cachePath - (33398b1) - Soispha - **(system/services/nix-sync)** Add some required paths to unit - (e6b778b) - Soispha - **(system/services/nix-sync)** Generate user and group if set to default - (39abbf7) - Soispha - **(system/services/nix-sync)** Rename units to nix-sync-<domain> - (844ff55) - Soispha - **(system/services/nix-sync)** Use correct shell escape for paths - (3c42c6b) - Soispha - **(system/services/nix-sync)** Use correct writeScript function - (4ef4b09) - Soispha - **(system/services/nix-sync)** Fully rename to nix-sync - (c35eeac) - Soispha - **(system/services/openssh)** Set correct permissions on ssh dir - (f3f8e43) - Soispha - **(system/services/openssh)** Rename to 'openssh' as the 'd' is a typo - (99d4b3b) - Soispha #### Build system - **(cog)** Remove 'prod' from whitelist as it's deprecated - (661a2d4) - Soispha - **(flake)** Update - (2f10834) - Soispha #### Documentation - **(system/services/nix-sync)** Change last remnant from git-sync - (1fe7e31) - Soispha #### Features - **(system/file_system_layout)** Add impermanence - (1c4672d) - Soispha - **(system/services/nix-sync)** Split unit into a timer and unit - (42d44c6) - Soispha - **(system/services/nix-sync)** Remodel git-sync to make it useful - (3f2fedf) - Soispha #### Miscellaneous Chores - **(.gitattributes)** Remove removed acme path - (99ae5c9) - Soispha #### Refactoring - **(system/impermanence)** Move to own directory - (2c6c07e) - Soispha - **(system/services/mail)** Move mail to services as it's one - (32ab086) - Soispha - **(system/services/nginx)** Adapt to new nix-sync module - (9b88691) - Soispha - **(system/services/nix-sync)** Consolidate into repoCachePath - (1c93755) - Soispha #### Style - **(system/fs_layouts)** Merge attrsets - (d0a8582) - Soispha - **(system/services/nginx)** Use nested attr set for acme options - (9fc5517) - Soispha - - - ## v0.1.0 - 2023-06-19 #### Bug Fixes - **(acme)** Store certs permanently. - (ab3c9aa) - sils - **(hosts/server1)** Rename boot.cleanTmpDir to boot.tmp.cleanOnBoot - (1412408) - sils - **(hosts/server1/networking)** Correct ipv6 - (9243e3d) - ene - **(hosts/server1/networking)** Fix Gateways - (7937ec7) - ene - **(hosts/server1/networking)** Remove ipv6 route - (8711fb2) - ene - **(services)** Remove Minecraft - (58e24a9) - ene - **(system/hardware)** Use actually needed modules and UUID - (7881651) - ene - **(system/mail)** give certificateScheme string as value - (1ed867d) - sils - **(system/mail)** Allow opening ports in the firewall - (cb92ffc) - ene - **(system/mail)** Change placeholder - (ecb274b) - ene - **(system/mail)** Only accept connections on safe ports - (083a7cb) - ene - **(system/mail)** Declare the password directly - (414ad16) - ene - **(system/mail)** Make extraVirtualAliases fairer - (6ba9c14) - ene - **(system/mail)** Disable protocols with STARTTLS - (f77f884) - ene - **(system/packages)** Explicitly enable zsh to make Nix Vars available - (9f86401) - sils - **(system/services)** Allow minecraft-server, which is sadly unfree - (c543776) - sils - **(system/services)** Ignore unnecessary inputs - (84310c9) - sils - **(system/services/acme)** Add multiple domains - (b21b38c) - Soispha - **(system/services/fail2ban)** Make db persistent - (1fc72de) - ene - **(system/services/keycloak)** Correct path to passwordfile - (85c28d5) - sils - **(system/services/keycloak)** Change value of 'passwordFile' to path - (816e85b) - sils - **(system/services/minecraft)** Reduce simulation-distance - (d2a7b0b) - sils - **(system/services/minecraft)** Finetuning - (e002d4e) - sils - **(system/services/minecraft)** Remove to make compile - (055f4e0) - ene - **(system/services/nginx)** Switch to git-sync - (d4b710d) - Soispha - **(system/services/nginx)** Correct path to index.html - (541a891) - sils - **(system/services/opensshd)** Rename passwordAuthentication to - (973a461) - sils - **(system/services/rust-motd)** Quote ssl-cert names - (f21504a) - ene - **(system/services/rust-motd)** Add fail2ban binary - (64a554d) - ene - **(system/users)** Remove unneeded root ssh login keys - (dc4334d) - ene - **(update)** Remove - (02957ce) - Soispha - Try to fix ipv6 - (c7507b1) - sils - Add imap and smtp subdomains to cert - (db52be2) - sils - correct host name and convenience changes - (cb69f4a) - ene - Made the Minecraft config compile - (e55ac14) - ene - Resolve merge conflicts - (cf63e41) - ene - revert changes in configuration.nix - (5a137ce) - sils - Changed setting names - (977f8c1) - ene - changed to TOML config - (6ab5e73) - ene - typo in programs field - (a116678) - ene - Import pkgs - (f5ab486) - sils - Import pkgs - (2238e70) - sils - Import Minecraft Configuration - (69c6e30) - sils #### Build system - **(cog)** Add - (556adb7) - sils - **(flake)** Update - (6c1700e) - Soispha - **(flake)** Update - (84fcf9e) - sils - **(flake)** Update - (62f1fef) - Soispha - **(flake)** Enable direnv integration - (c5755e3) - Soispha - **(git-crypt)** Add collaborator - (0b75981) - sils - **(git-crypt)** Add - (eeb9d28) - Soispha - Add update script - (58e3d0b) - Soispha #### Documentation - **(License)** Add - (98d8394) - Soispha - **(contributing)** Add - (39abe7c) - Soispha #### Features - **(system/file_system_layout)** Add bindmount for postgresql - (7348002) - sils - **(system/mail)** Add other users, so the admin thing works - (f2ab842) - ene - **(system/mail)** Use '/' to separate mailboxes - (a24dc7d) - ene - **(system/matrix/conduit)** Add matrix-conduit - (fbba7df) - Soispha - **(system/packages)** Add git-crypt to standard packages to minimize - (2564aed) - sils - **(system/services)** Add minecraft server - (08c7fa6) - sils - **(system/services)** Enable keycloak - (4254157) - sils - **(system/services/fail2ban)** Add dovecot jail - (dce980d) - ene - **(system/services/fail2ban)** Add fail2ban - (8d8ad7a) - ene - **(system/services/git-sync)** Add - (357f78e) - Soispha - **(system/services/keycloak)** Add keycloak - (97baac0) - sils - **(system/services/nginx)** Change to declarative websites - (a67e54e) - Soispha - **(system/services/rust-motd)** Info about filesystems - (f84a9f6) - ene - **(system/services/rust-motd)** Show status of ssl-certs - (4758e58) - ene - **(update)** Use update flake - (77dfff2) - Soispha - Added admin@vhack.eu mail - (9296259) - sils - Add mailserver - (820efec) - sils - Add Website - (7b16ff9) - sils - Use default.nix - (1b73e04) - ene - Imported the headless profile - (ec7f43a) - ene - Track last login in motd - (6e0f58c) - ene - Save passwords in hashed form directly - (19f0808) - ene - User configuration, with secure passwords - (211ab56) - ene - Added a nice motd through rust-motd - (b5b56d4) - ene - Added /boot as persistent subvolume - (128e406) - ene - Switch to inpersistent temproot. - (b32d3da) - sils - Separate nix from root - (4f0c0ee) - sils - Switch root into subvolume - (30e47b3) - sils - Added support for btrfs - (a96d535) - ene - Some security for ssh - (78aae0b) - ene #### Miscellaneous Chores - **(flake)** Update - (09cea3e) - Soispha - **(flake)** Update - (a6968f5) - Soispha - **(flake)** Update - (9d54dad) - Soispha - **(flake)** Update and add follows for inputs - (1c9c108) - Soispha - **(flake)** Update - (8ed3979) - sils - **(flake)** Update - (1cacce0) - ene #### Refactoring - **(services)** Remove dead code - (127488e) - Soispha - **(system/hardware)** Move hardware to host - (0b55d02) - ene - **(system/mail)** Hide user emails - (bb4af29) - Soispha - Use better file layout - (5a0cb28) - ene #### Revert - Remove Conduit - (9465eb6) - sils #### Style - **(system)** Format - (f7110fd) - Soispha - **(system/mail)** Reorder options - (d6fbe64) - ene - - - Changelog generated by [cocogitto](https://github.com/cocogitto/cocogitto).