jonmro/pvv-nixos-config
1
0
Fork 0
forked from Drift/pvv-nixos-config
Code Pull Requests Activity
1,115 Commits 17 Branches 0 Tags
170fb2a9800a6f5227915ee72a2a8d1906cf86e4
Commit Graph

140 Commits

Author SHA1 Message Date
oysteikt 170fb2a980 bicep/synapse: fix dbname option 2026-06-22 18:55:14 +09:00
oysteikt cdc3ad488b bicep/postgres: add script for updating all collations 2026-06-22 01:12:59 +09:00
oysteikt 966081ebfc bicep/mysql: enable userstat 2026-06-03 15:31:27 +09:00
oysteikt 39d313579c bicep/mysql: rotate slow query logs 2026-06-03 15:21:18 +09:00
oysteikt 0c45345050 bicep/matrix-ooye harden 2026-05-28 16:07:36 +09:00
oysteikt 788f23bf04 bicep/matrix-hookshot: harden 2026-05-28 15:58:04 +09:00
oysteikt 8416014aeb bicep/mjolnir: harden 2026-05-28 15:58:04 +09:00
oysteikt 6237a0a0e7 bicep/minecraft-heatmap: remove ExecStartPre bash wrapper 2026-05-28 03:03:38 +09:00
oysteikt 2c819776f8 treewide/nginx: enable kTLS for a bunch more virtualHosts 2026-05-27 23:36:18 +09:00
danio 09163b77da Revert "bicep/matrix/livekit: open the rtc ports" 
This reverts commit 4a67eddf52.
 2026-05-23 23:23:41 +02:00
oysteikt 5745648f87 bicep/postgres/repack: use local unix socket 2026-05-22 15:59:59 +09:00
oysteikt 2c34a93abf bicep/postgres/repack: don't kill connections on timeout 2026-05-22 15:57:57 +09:00
oysteikt 0d7f05e56d bicep/postgres: add cleanup timers 2026-05-21 04:14:34 +09:00
danio 4a67eddf52 bicep/matrix/livekit: open the rtc ports 2026-05-20 20:04:33 +02:00
felixalb 8db3034baf Run shellcheck 2026-05-08 09:31:35 +02:00
oysteikt 7e39bf3ba2 bicep/matrix/ooye: add rsync pull target for principal backups 2026-02-13 18:26:55 +09:00
danio c455c5a7e3 bicep/matrix/livekit: fix matrix domain in livekit, allow dan's server as well 2026-02-11 22:58:19 +01:00
oysteikt 91de031896 treewide: limit rsync pull target access to principal 2026-01-31 11:14:18 +09:00
oysteikt cec69d89a8 bicep/{postgres,mysql}: fix old backup deletion (again) 2026-01-30 13:26:10 +09:00
oysteikt af0bf7b254 bicep/{postgres,mysql}: fix old backup deletion 2026-01-29 14:57:46 +09:00
oysteikt bcf8b1607f bicep/{postgres,mysql}: use hardlink for latest backup file 2026-01-29 14:53:07 +09:00
oysteikt 1d46fd1ec6 bicep/{postgres,mysql}: keep multiple backups, point at latest with symlink 2026-01-29 14:16:34 +09:00
oysteikt bac53be707 bicep/{postgres,mysql}: use zstd for backup compression 2026-01-29 13:50:35 +09:00
oysteikt f08bd96b74 bicep/{postgres,mysql}: move backups to /data 2026-01-29 13:41:06 +09:00
oysteikt 8774c81d23 bicep/{postgres,mysql}: custom backup units 2026-01-29 13:32:28 +09:00
oysteikt d6eca5c4e3 bicep/{postgres,mysql}: split config into several files 2026-01-29 13:18:25 +09:00
oysteikt 49d1122ee5 bicep/mysql: enable slow query logs 2026-01-28 14:55:52 +09:00
oysteikt 31bbf4b25f bicep/synapse: enable auto-compressor timer 2026-01-28 14:50:57 +09:00
oysteikt 2f7e1439d0 bicep/mysql: pin version, upgrade from 11.4 -> 11.8 2026-01-28 14:01:14 +09:00
oysteikt fa31a84bd2 bicep/postgres: upgrade from 15 -> 18 2026-01-28 14:00:25 +09:00
oysteikt 949661113e bicep/mysql: move backup dir 2026-01-27 20:47:40 +09:00
oysteikt f442c4d65f bicep/minecraft-heatmap: gate remaining config behind cfg.enable 2026-01-27 20:44:20 +09:00
oysteikt 690aee634b bicep/postgres: gate remaining config behind cfg.enable 2026-01-27 20:44:20 +09:00
oysteikt 2ed1c83858 bicep/{postgres,mysql}: add rsync pull targets for backups 2026-01-27 20:39:12 +09:00
oysteikt 65d095feb1 bekkalokk/mediawiki, bicep/matrix/synapse: add keys for rsync targets 2026-01-27 18:55:03 +09:00
oysteikt 8a84069dcf bicep/mysql: use BindPaths to access dataDir 2026-01-27 17:23:38 +09:00
oysteikt 79a46ce3f6 bicep/element: set default country code 2026-01-27 04:11:40 +09:00
oysteikt a149f97ac0 bicep: bump stateVersion from 22.11 -> 25.11 2026-01-27 03:59:40 +09:00
oysteikt 73456de527 bekkalokk/mediawiki, bicep/matrix/synapse: leave principal rsync target stubs 2026-01-27 00:26:42 +09:00
oysteikt c3c98392ad bicep/hookshot: add passkey to sops 2026-01-26 21:52:58 +09:00
oysteikt 1d47409d96 base: configure sops 2026-01-22 16:48:59 +09:00
oysteikt 5f94345a91 hosts/various: enable qemu guest agent, disable smartd for vms by default 2026-01-22 16:05:36 +09:00
oysteikt 28baf322ce hosts/various: formatting, add consistent warnings to stateVersion 2026-01-22 15:57:12 +09:00
oysteikt 12477aeb34 flake.nix: set default hostname for most nixos hosts 2026-01-22 15:49:50 +09:00
oysteikt 89ea5b321a hosts/various: use systemd-boot as default bootloader 2026-01-22 15:49:50 +09:00
oysteikt 9eb5cd869a bicep/element: fetch correct well-known file 2026-01-21 14:34:35 +09:00
oysteikt 833a74a6fb bicep/matrix: remove some whitespace lol 2026-01-21 13:14:41 +09:00
oysteikt 93cf6f4a63 bicep/sshguard: disable 
sshguard doesn't actually work as it currently stands, also the builtin
PerSourcePenalty functionality in SSH is more aggressive than sshguard
is able to catch anyway. It might've been reasonable if we were using it
for anything other than SSH, but it doesn't seem like we are.
 2026-01-21 11:13:27 +09:00
oysteikt 0f11cca8ec bicep/matrix: use sops templates to render structured files 2026-01-21 11:08:26 +09:00
oysteikt d892acb331 bicep/matrix: have element-web source well-known from config 2026-01-21 10:49:09 +09:00