Drift/pvv-nixos-config
17
6
Fork 1
Code Issues Pull Requests 8 Actions Wiki Activity
1,089 Commits 43 Branches 0 Tags
prometheus-stats-through-nginx-over-https
Commit Graph

138 Commits

Author SHA1 Message Date
oysteikt 966081ebfc bicep/mysql: enable userstat
Build topology graph / evals (push) Successful in 2m45s
Details
Eval nix flake / evals (push) Successful in 7m58s
Details
2026-06-03 15:31:27 +09:00
oysteikt 39d313579c bicep/mysql: rotate slow query logs
Build topology graph / evals (push) Successful in 2m26s
Details
Eval nix flake / evals (push) Successful in 6m23s
Details
2026-06-03 15:21:18 +09:00
oysteikt 0c45345050 bicep/matrix-ooye harden
Build topology graph / evals (push) Successful in 2m42s
Details
Eval nix flake / evals (push) Successful in 4m48s
Details
2026-05-28 16:07:36 +09:00
oysteikt 788f23bf04 bicep/matrix-hookshot: harden
Build topology graph / evals (push) Successful in 2m23s
Details
Eval nix flake / evals (push) Successful in 4m43s
Details
2026-05-28 15:58:04 +09:00
oysteikt 8416014aeb bicep/mjolnir: harden 2026-05-28 15:58:04 +09:00
oysteikt 6237a0a0e7 bicep/minecraft-heatmap: remove ExecStartPre bash wrapper 2026-05-28 03:03:38 +09:00
oysteikt 2c819776f8 treewide/nginx: enable kTLS for a bunch more virtualHosts
Eval nix flake / evals (push) Failing after 2m45s
Details
Build topology graph / evals (push) Successful in 3m51s
Details
2026-05-27 23:36:18 +09:00
danio 09163b77da Revert "bicep/matrix/livekit: open the rtc ports"
Build topology graph / evals (push) Successful in 2m49s
Details
Eval nix flake / evals (push) Successful in 5m24s
Details 
This reverts commit 4a67eddf52.
 2026-05-23 23:23:41 +02:00
oysteikt 5745648f87 bicep/postgres/repack: use local unix socket
Build topology graph / evals (push) Successful in 2m48s
Details
Eval nix flake / evals (push) Successful in 4m22s
Details
2026-05-22 15:59:59 +09:00
oysteikt 2c34a93abf bicep/postgres/repack: don't kill connections on timeout
Eval nix flake / evals (push) Successful in 3m51s
Details
Build topology graph / evals (push) Successful in 3m56s
Details
2026-05-22 15:57:57 +09:00
oysteikt 0d7f05e56d bicep/postgres: add cleanup timers
Build topology graph / evals (push) Successful in 2m53s
Details
Eval nix flake / evals (push) Successful in 4m6s
Details
2026-05-21 04:14:34 +09:00
danio 4a67eddf52 bicep/matrix/livekit: open the rtc ports
Build topology graph / evals (push) Successful in 3m55s
Details
Eval nix flake / evals (push) Successful in 4m8s
Details
2026-05-20 20:04:33 +02:00
felixalb 8db3034baf Run shellcheck
Eval nix flake / evals (pull_request) Successful in 4m11s
Details
Build topology graph / evals (push) Successful in 2m53s
Details
Eval nix flake / evals (push) Successful in 4m7s
Details
2026-05-08 09:31:35 +02:00
oysteikt 7e39bf3ba2 bicep/matrix/ooye: add rsync pull target for principal backups
Build topology graph / evals (push) Successful in 6m11s
Details
Eval nix flake / evals (push) Successful in 10m9s
Details
2026-02-13 18:26:55 +09:00
danio c455c5a7e3 bicep/matrix/livekit: fix matrix domain in livekit, allow dan's server as well
Build topology graph / evals (push) Successful in 6m15s
Details
Eval nix flake / evals (push) Successful in 8m48s
Details
2026-02-11 22:58:19 +01:00
oysteikt 91de031896 treewide: limit rsync pull target access to principal
Build topology graph / evals (push) Successful in 7m35s
Details
Eval nix flake / evals (push) Successful in 7m54s
Details
2026-01-31 11:14:18 +09:00
oysteikt cec69d89a8 bicep/{postgres,mysql}: fix old backup deletion (again)
Build topology graph / evals (push) Successful in 3m56s
Details
Eval nix flake / evals (push) Successful in 9m28s
Details
2026-01-30 13:26:10 +09:00
oysteikt af0bf7b254 bicep/{postgres,mysql}: fix old backup deletion
Build topology graph / evals (push) Successful in 3m22s
Details
Eval nix flake / evals (push) Successful in 9m8s
Details
2026-01-29 14:57:46 +09:00
oysteikt bcf8b1607f bicep/{postgres,mysql}: use hardlink for latest backup file
Build topology graph / evals (push) Successful in 3m22s
Details
Eval nix flake / evals (push) Successful in 7m51s
Details
2026-01-29 14:53:07 +09:00
oysteikt 1d46fd1ec6 bicep/{postgres,mysql}: keep multiple backups, point at latest with symlink
Build topology graph / evals (push) Successful in 5m22s
Details
Eval nix flake / evals (push) Successful in 9m18s
Details
2026-01-29 14:16:34 +09:00
oysteikt bac53be707 bicep/{postgres,mysql}: use zstd for backup compression
Build topology graph / evals (push) Successful in 5m13s
Details
Eval nix flake / evals (push) Successful in 9m25s
Details
2026-01-29 13:50:35 +09:00
oysteikt f08bd96b74 bicep/{postgres,mysql}: move backups to /data
Build topology graph / evals (push) Successful in 3m22s
Details
Eval nix flake / evals (push) Successful in 9m13s
Details
2026-01-29 13:41:06 +09:00
oysteikt 8774c81d23 bicep/{postgres,mysql}: custom backup units
Build topology graph / evals (push) Successful in 3m22s
Details
Eval nix flake / evals (push) Successful in 7m56s
Details
2026-01-29 13:32:28 +09:00
oysteikt d6eca5c4e3 bicep/{postgres,mysql}: split config into several files
Build topology graph / evals (push) Successful in 5m27s
Details
Eval nix flake / evals (push) Successful in 7m57s
Details
2026-01-29 13:18:25 +09:00
oysteikt 49d1122ee5 bicep/mysql: enable slow query logs
Build topology graph / evals (push) Successful in 3m26s
Details
Eval nix flake / evals (push) Successful in 7m44s
Details
2026-01-28 14:55:52 +09:00
oysteikt 31bbf4b25f bicep/synapse: enable auto-compressor timer
Build topology graph / evals (push) Successful in 3m23s
Details
Eval nix flake / evals (push) Successful in 9m4s
Details
2026-01-28 14:50:57 +09:00
oysteikt 2f7e1439d0 bicep/mysql: pin version, upgrade from 11.4 -> 11.8
Build topology graph / evals (push) Successful in 4m21s
Details
Eval nix flake / evals (push) Successful in 9m9s
Details
2026-01-28 14:01:14 +09:00
oysteikt fa31a84bd2 bicep/postgres: upgrade from 15 -> 18 2026-01-28 14:00:25 +09:00
oysteikt 949661113e bicep/mysql: move backup dir
Build topology graph / evals (push) Successful in 3m52s
Details
Eval nix flake / evals (push) Successful in 7m42s
Details
2026-01-27 20:47:40 +09:00
oysteikt f442c4d65f bicep/minecraft-heatmap: gate remaining config behind cfg.enable
Build topology graph / evals (push) Has been cancelled
Details
Eval nix flake / evals (push) Has been cancelled
Details
2026-01-27 20:44:20 +09:00
oysteikt 690aee634b bicep/postgres: gate remaining config behind cfg.enable 2026-01-27 20:44:20 +09:00
oysteikt 2ed1c83858 bicep/{postgres,mysql}: add rsync pull targets for backups 2026-01-27 20:39:12 +09:00
oysteikt 65d095feb1 bekkalokk/mediawiki, bicep/matrix/synapse: add keys for rsync targets 2026-01-27 18:55:03 +09:00
oysteikt 8a84069dcf bicep/mysql: use BindPaths to access dataDir
Build topology graph / evals (push) Successful in 3m24s
Details
Eval nix flake / evals (push) Successful in 7m16s
Details
2026-01-27 17:23:38 +09:00
oysteikt 79a46ce3f6 bicep/element: set default country code
Build topology graph / evals (push) Successful in 3m57s
Details
Eval nix flake / evals (push) Successful in 7m18s
Details
2026-01-27 04:11:40 +09:00
oysteikt a149f97ac0 bicep: bump stateVersion from 22.11 -> 25.11 2026-01-27 03:59:40 +09:00
oysteikt 73456de527 bekkalokk/mediawiki, bicep/matrix/synapse: leave principal rsync target stubs 2026-01-27 00:26:42 +09:00
oysteikt c3c98392ad bicep/hookshot: add passkey to sops
Build topology graph / evals (push) Successful in 3m23s
Details
Eval nix flake / evals (push) Successful in 8m31s
Details
2026-01-26 21:52:58 +09:00
oysteikt 1d47409d96 base: configure sops
Eval nix flake / evals (push) Failing after 3m11s
Details
Build topology graph / evals (push) Successful in 5m52s
Details
2026-01-22 16:48:59 +09:00
oysteikt 5f94345a91 hosts/various: enable qemu guest agent, disable smartd for vms by default
Eval nix flake / evals (push) Failing after 3m12s
Details
Build topology graph / evals (push) Successful in 3m23s
Details
2026-01-22 16:05:36 +09:00
oysteikt 28baf322ce hosts/various: formatting, add consistent warnings to stateVersion 2026-01-22 15:57:12 +09:00
oysteikt 12477aeb34 flake.nix: set default hostname for most nixos hosts 2026-01-22 15:49:50 +09:00
oysteikt 89ea5b321a hosts/various: use systemd-boot as default bootloader 2026-01-22 15:49:50 +09:00
oysteikt 9eb5cd869a bicep/element: fetch correct well-known file
Build topology graph / evals (push) Successful in 3m29s
Details
Eval nix flake / evals (push) Successful in 6m39s
Details
2026-01-21 14:34:35 +09:00
oysteikt 833a74a6fb bicep/matrix: remove some whitespace lol 2026-01-21 13:14:41 +09:00
oysteikt 93cf6f4a63 bicep/sshguard: disable
Build topology graph / evals (push) Successful in 4m5s
Details
Eval nix flake / evals (push) Successful in 7m41s
Details 
sshguard doesn't actually work as it currently stands, also the builtin
PerSourcePenalty functionality in SSH is more aggressive than sshguard
is able to catch anyway. It might've been reasonable if we were using it
for anything other than SSH, but it doesn't seem like we are.
 2026-01-21 11:13:27 +09:00
oysteikt 0f11cca8ec bicep/matrix: use sops templates to render structured files
Build topology graph / evals (push) Successful in 6m25s
Details
Eval nix flake / evals (push) Has been cancelled
Details
2026-01-21 11:08:26 +09:00
oysteikt d892acb331 bicep/matrix: have element-web source well-known from config
Build topology graph / evals (push) Successful in 4m4s
Details
Eval nix flake / evals (push) Successful in 6m39s
Details
2026-01-21 10:49:09 +09:00
oysteikt aa07687a94 bicep/matrix: add synapse config to help with livekit 2026-01-21 10:48:37 +09:00
oysteikt e5dd5b6325 bicep/matrix: attempt to set up livekit
Build topology graph / evals (push) Successful in 3m30s
Details
Eval nix flake / evals (push) Successful in 7m46s
Details
2026-01-21 10:14:08 +09:00