Drift/pvv-nixos-config
17
6
Fork 1
Code Issues Pull Requests 7 Actions Wiki Activity
999 Commits 57 Branches 0 Tags
3141b1f76b574c19be1475f3ef3b57e8a8f0cfdf
Commit Graph

999 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
oysteikt 3141b1f76b bekkalokk/vaultwarden: remove redundant hardening
Eval nix flake / evals (push) Successful in 3m51s
Details 
This has already been upstreamed
 2026-05-22 17:51:03 +09:00
oysteikt 475f6a8c9b bekkalokk/vaultwarden: add rsa key to sops
Eval nix flake / evals (push) Successful in 4m25s
Details
2026-05-22 17:49:31 +09:00
oysteikt 9c1687f8f2 bekkalokk/vaultwarden: use envvar keys 
It seems like the nixpkgs module is compensating for previous config
that might've ended up in a file, which are now being turned into
screaming snake case environment variables. Let's just name them as they
are supposed to be named instead of having the upstream module translate
them.
 2026-05-22 17:08:31 +09:00
oysteikt 0f53bcd731 bekkalokk/roundcube: add des_key to sops 2026-05-22 17:08:31 +09:00
felixalb f433ae1e15 ustetind: remove from sops
Build topology graph / evals (push) Successful in 2m30s
Details
Eval nix flake / evals (push) Successful in 4m45s
Details 
rg -. to the rescue
 2026-05-22 10:01:15 +02:00
oysteikt 5745648f87 bicep/postgres/repack: use local unix socket
Build topology graph / evals (push) Successful in 2m48s
Details
Eval nix flake / evals (push) Successful in 4m22s
Details
2026-05-22 15:59:59 +09:00
oysteikt 2c34a93abf bicep/postgres/repack: don't kill connections on timeout
Eval nix flake / evals (push) Successful in 3m51s
Details
Build topology graph / evals (push) Successful in 3m56s
Details
2026-05-22 15:57:57 +09:00
oysteikt 9ebc947eab ustetind: bai bai 👋
Build topology graph / evals (push) Successful in 2m48s
Details
Eval nix flake / evals (push) Successful in 6m47s
Details
2026-05-22 15:41:28 +09:00
oysteikt 6fcc19f0a2 base/fluentbit: init
Build topology graph / evals (push) Successful in 2m51s
Details
Eval nix flake / evals (push) Successful in 4m7s
Details
2026-05-22 15:32:13 +09:00
oysteikt 9224f04bd1 base/promtail: remove 2026-05-22 15:32:13 +09:00
vegardbm 9c93f15569 change agekey for ildkule and update keys
Build topology graph / evals (push) Successful in 2m31s
Details
Eval nix flake / evals (push) Successful in 5m8s
Details 
update keys
 2026-05-21 17:27:11 +02:00
oysteikt 5d6c153007 kommode/gitea: fix dump command
Build topology graph / evals (push) Successful in 2m33s
Details
Eval nix flake / evals (push) Successful in 4m1s
Details
2026-05-21 17:54:54 +09:00
oysteikt 8b483a92f8 ildkule: set fsType for bindmounts 2026-05-21 17:52:47 +09:00
oysteikt 0d7f05e56d bicep/postgres: add cleanup timers
Build topology graph / evals (push) Successful in 2m53s
Details
Eval nix flake / evals (push) Successful in 4m6s
Details
2026-05-21 04:14:34 +09:00
danio 4a67eddf52 bicep/matrix/livekit: open the rtc ports
Build topology graph / evals (push) Successful in 3m55s
Details
Eval nix flake / evals (push) Successful in 4m8s
Details
2026-05-20 20:04:33 +02:00
oysteikt 08a23bd380 base/hardening: ban a few more modules
Build topology graph / evals (push) Successful in 2m53s
Details
Eval nix flake / evals (push) Successful in 4m2s
Details
2026-05-20 23:15:25 +09:00
oysteikt 28b67c3578 base/mitigations: blacklist modules for copyfail and pintheft 2026-05-20 23:15:25 +09:00
vegardbm e5804c043a README: add gluttony
Build topology graph / evals (push) Successful in 2m52s
Details
Eval nix flake / evals (push) Successful in 4m7s
Details
2026-05-20 06:24:26 +02:00
vegardbm 9c227f3022 update gluttony IPs and boot device
Build topology graph / evals (push) Successful in 2m54s
Details
Eval nix flake / evals (push) Successful in 4m7s
Details
2026-05-20 06:07:41 +02:00
felixalb 69fdf709d7 grr: fix the heccin quotes
Build topology graph / evals (push) Successful in 3m53s
Details
Eval nix flake / evals (push) Successful in 4m7s
Details
2026-05-19 16:38:34 +02:00
adriangl 30ec70fa5f fix: ildkule grub duplicated devices, format nix files
Build topology graph / evals (push) Successful in 4m1s
Details
Eval nix flake / evals (push) Successful in 4m40s
Details
2026-05-19 16:26:36 +02:00
adriangl 1024b428ac feat: ildkule disco config
Eval nix flake / evals (push) Failing after 2m24s
Details
Build topology graph / evals (push) Successful in 2m29s
Details
2026-05-19 12:16:39 +02:00
adriangl 1e6b692fbf fix: updated ildkule config and ips to match trd1 new setup
Build topology graph / evals (push) Successful in 2m39s
Details
Eval nix flake / evals (push) Successful in 4m42s
Details
2026-05-19 11:37:05 +02:00
vegardbm beac6e91dd flake.lock: bump pvv-nettsiden
Build topology graph / evals (push) Successful in 2m55s
Details
Eval nix flake / evals (push) Successful in 4m38s
Details
2026-05-17 16:58:04 +02:00
oysteikt 0fd41c214a flake.{nix,lock}: bump deps
Eval nix flake / evals (push) Successful in 4m7s
Details
Build topology graph / evals (push) Successful in 6m27s
Details
2026-05-13 01:19:35 +09:00
oysteikt 5c1ee958ea flake.{nix,lock}: bump roowho2
Build topology graph / evals (push) Successful in 2m34s
Details
Eval nix flake / evals (push) Successful in 4m7s
Details
2026-05-12 00:25:55 +09:00
oysteikt d8e97715c9 flake.lock: bump pvv-nettsiden 2026-05-12 00:24:56 +09:00
oysteikt 33297b0436 treewide: lib.cli.toGNUCommandLineShell -> lib.cli.toCommandLineShellGNU
Build topology graph / evals (push) Successful in 2m33s
Details
Eval nix flake / evals (push) Successful in 4m7s
Details
2026-05-11 23:09:50 +09:00
oysteikt be33c95c83 bekkalokk/website: more logging, specify timeouts, ban spooky funcs, fake sendmail
Build topology graph / evals (push) Successful in 2m33s
Details
Eval nix flake / evals (push) Successful in 4m5s
Details
2026-05-11 21:14:08 +09:00
oysteikt 2abf36a9af packages/simplesamlphp: 2.4.3 -> 2.5.0
Build topology graph / evals (push) Successful in 2m52s
Details
Eval nix flake / evals (push) Successful in 4m1s
Details
2026-05-11 16:12:15 +09:00
oysteikt a60be532ce packages/mediawiki-extensions: bump all 2026-05-11 16:11:10 +09:00
oysteikt 9c142fd56f kommode/gitea: remove deprecated config options
Build topology graph / evals (push) Successful in 2m34s
Details
Eval nix flake / evals (push) Successful in 4m37s
Details
2026-05-11 16:00:51 +09:00
oysteikt b98e8679e6 temmie/userweb: set same phpOptions for env and apache
Build topology graph / evals (push) Successful in 2m30s
Details
Eval nix flake / evals (push) Successful in 4m3s
Details
2026-05-11 14:54:56 +09:00
oysteikt ea092ec0b3 temmie/userweb: pass userdir user to sendmail through custom envvar
Build topology graph / evals (push) Successful in 2m49s
Details
Eval nix flake / evals (push) Successful in 4m38s
Details
2026-05-11 14:26:47 +09:00
oysteikt 5e50b617fb temmie/userweb: switch from postfix to nullmailer
Build topology graph / evals (push) Successful in 2m51s
Details
Eval nix flake / evals (push) Successful in 4m36s
Details
2026-05-11 13:52:58 +09:00
oysteikt 258c5a7b25 temmie/userweb: set up sendmail wrapper
Build topology graph / evals (push) Successful in 3m48s
Details
Eval nix flake / evals (push) Successful in 4m5s
Details
2026-05-11 12:26:39 +09:00
oysteikt b9eda3dc56 temmie/userweb: reduce package list
Build topology graph / evals (push) Successful in 2m59s
Details
Eval nix flake / evals (push) Successful in 4m5s
Details
2026-05-11 10:17:09 +09:00
vegardbm 2fcaf5893f fix deprecation warning for mediawiki update script
Build topology graph / evals (push) Successful in 2m56s
Details
Eval nix flake / evals (push) Successful in 5m1s
Details
2026-05-09 20:40:14 +02:00
oysteikt b009da31af temmie/userweb: deny a bunch of spooky directories by default
Build topology graph / evals (push) Successful in 3m57s
Details
Eval nix flake / evals (push) Successful in 5m13s
Details 
It should still be possible for the user to re-enable these with
`.htaccess`
 2026-05-10 03:33:43 +09:00
oysteikt e9a267e2a3 temmie/userweb: ignore collisions in fhs env
Build topology graph / evals (push) Successful in 3m51s
Details
Eval nix flake / evals (push) Successful in 4m14s
Details
2026-05-10 03:02:27 +09:00
oysteikt 338c2f2531 temmie/userweb: adjust perl and php env 
This adds and removes a few packages to make the environments closer to
how they are on tom
 2026-05-10 03:02:26 +09:00
felixalb 8db3034baf Run shellcheck
Eval nix flake / evals (pull_request) Successful in 4m11s
Details
Build topology graph / evals (push) Successful in 2m53s
Details
Eval nix flake / evals (push) Successful in 4m7s
Details
2026-05-08 09:31:35 +02:00
oysteikt f64f9c944e topology: hook skrot up to the switch at the office
Build topology graph / evals (push) Successful in 2m51s
Details
Eval nix flake / evals (push) Successful in 4m9s
Details
2026-05-08 16:27:01 +09:00
oysteikt baeb1e5e60 base/hardening: move hardening options from base/default
Build topology graph / evals (push) Successful in 3m57s
Details
Eval nix flake / evals (push) Successful in 4m45s
Details
2026-05-08 16:23:17 +09:00
oysteikt 86ca8dcdc3 base/hardening: ban a bunch more unimportant kernel modules 2026-05-08 16:23:17 +09:00
danio 11d1f8b442 bakke: the owls sick motorbike
Build topology graph / evals (push) Successful in 4m7s
Details
Eval nix flake / evals (pull_request) Successful in 4m40s
Details
Eval nix flake / evals (push) Successful in 4m11s
Details
2026-05-08 03:07:09 +02:00
felixalb d8115c4031 bakke: add shading 2026-05-08 03:06:06 +02:00
felixalb 0d41326d9f bakke: rest of the owl 2026-05-08 03:06:06 +02:00
felixalb 7baf3ffcb4 bakke: uninit 2026-05-08 03:06:06 +02:00
danio 45f10be9b4 secrets: delete skrott
Build topology graph / evals (push) Successful in 3m53s
Details
Eval nix flake / evals (push) Successful in 4m26s
Details
2026-05-08 03:01:11 +02:00