jonmro/pvv-nixos-config
1
0
Fork 0
forked from Drift/pvv-nixos-config
Code Pull Requests Activity
1,098 Commits 17 Branches 0 Tags
a776a5a5feb705a8c88a42edd499caabb4e28546
Commit Graph

1098 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
oysteikt a776a5a5fe temmie/userweb: explicitly override mod_perl and mod_userdir 2026-06-16 19:07:57 +09:00
oysteikt ed57744ec3 temmie/userweb: add more patterns to denylist 2026-06-16 16:07:32 +09:00
oysteikt 226db1f46e temmie/userweb: add more DirectoryIndex variants 2026-06-16 16:07:32 +09:00
oysteikt 51e1656177 temmie/userweb: disable ~pvv 2026-06-16 15:53:52 +09:00
oysteikt 47d2dcf9ff temmie/userweb: add bro server to userweb slice 2026-06-16 03:37:28 +09:00
oysteikt 254b1d9b14 temmie/userweb: split into more modules 2026-06-16 03:33:28 +09:00
oysteikt 2301672a21 temmie/userweb: run log processors as separate systemd units 
This lets us divide up some of the logic making httpd itself less
brittle, and also reduces the amount of privileges for httpd.
 2026-06-16 02:56:28 +09:00
felixalb 7145abadf3 flake: update input pvv-nettsiden 2026-06-13 16:59:50 +02:00
oysteikt b533b09c8f base/various: add to slice system-monitoring 2026-06-13 04:45:39 +09:00
oysteikt 526b55c49a {ildkule/prometheus,base}: send stats over HTTPS through nginx 2026-06-13 02:54:28 +09:00
oysteikt e80189c6eb temmie/userweb: stop cating passwd on startup 2026-06-13 01:41:05 +09:00
oysteikt 56a51e4c6f temmie/userweb: mount homedirs under /amd 2026-06-13 01:39:20 +09:00
oysteikt f54109f6f3 temmie/userweb: set handlers for php and perl scripts 2026-06-13 01:26:27 +09:00
vegardbm 5763a76136 user/vegardbm: change shell to zsh and add ssh key 2026-06-08 11:35:44 +02:00
oysteikt b57a935b4c base/rsyslogd: init 2026-06-08 12:58:37 +09:00
oysteikt b4582a160f skrot/dibbler: rotate database password 2026-06-07 17:58:33 +09:00
oysteikt ac094d350d base/timesyncd: specify ntp servers 2026-06-07 17:52:54 +09:00
oysteikt b848e0f1cc temmie/userweb: add log processor for apache 2026-06-07 06:03:18 +09:00
oysteikt c671329b93 temmie/userweb: inject users from passwd into httpd sandbox 2026-06-07 05:28:24 +09:00
vegardbm e6a3d43493 modules/drumknotty: use correct screen window name for dibbler 2026-06-05 22:14:02 +02:00
oysteikt cafc95db8f bicep/mjolnir: use nodejs v22 2026-06-06 04:43:58 +09:00
oysteikt 2d6b09cb32 bikkje: label ports in firewall port list 2026-06-06 04:08:16 +09:00
oysteikt ce0af2f6e4 flake.nix: add app for building gitea workflows locally 2026-06-06 04:05:26 +09:00
oysteikt 88892115b5 base: enable autoScrub for all btrfs machine by default 2026-06-06 04:05:26 +09:00
oysteikt 8a290d30e7 modules/drumknotty: split into several parts 
This also fixes a few issues, such as enabling `createLocalDatabase` for
multiple programs, and wraps all the screen logic within a screenrc
file. Some assertions were also added to avoid some easy-to-make
mistakes.
 2026-06-05 14:21:35 +02:00
vegardbm 3197c6a5e3 attach with dibbler window selected 2026-06-05 14:21:35 +02:00
vegardbm f8dcaddefb use main branch for worblehat after merge 2026-06-05 14:21:28 +02:00
vegardbm 009d89f959 set default settings for worblehat and dibbler 2026-06-05 14:09:06 +02:00
vegardbm 21bba3ec7e add worblehat daemons 2026-06-05 14:09:06 +02:00
vegardbm 9552351776 add database password for worblehat 2026-06-05 14:09:06 +02:00
vegardbm 7e754ade71 drumknotty: init 2026-06-05 14:08:58 +02:00
oysteikt fcd81aed00 packages/ooye: 3.5.1 -> 3.6.0 2026-06-04 19:17:29 +09:00
oysteikt 966081ebfc bicep/mysql: enable userstat 2026-06-03 15:31:27 +09:00
oysteikt 39d313579c bicep/mysql: rotate slow query logs 2026-06-03 15:21:18 +09:00
oysteikt 3386153b8b ildkule/prometheus/exim: make scheme explicit 2026-06-03 13:35:13 +09:00
oysteikt 56906241f6 bekkalokk/roundcube: temporary fix for webmail redirects 2026-06-01 03:52:09 +09:00
oysteikt 3fe71d21f6 bekkalokk/roundcube: webdir moved to public_html within package 2026-06-01 02:57:43 +09:00
oysteikt 074d240595 base: tag generation as auto if built by auto upgrade service 2026-06-01 01:00:50 +09:00
oysteikt 1ce3372683 lupine/binfmt: enable 2026-06-01 01:00:50 +09:00
adriangl 5f14c15679 feat: add radicale to bekkalokk 2026-06-01 00:59:54 +09:00
oysteikt e05eab4ddf {georg,brzeczyszczykiewicz}: use sane IPv6 addresses 2026-05-29 16:04:52 +09:00
oysteikt 64843087be kommode/gitea: only allow webhooks to external hosts 
We don't have any servers with intranet IPs, and we want webhooks that
hook back to kommode to pass through its firewall.
 2026-05-29 12:58:26 +09:00
oysteikt 0c45345050 bicep/matrix-ooye harden 2026-05-28 16:07:36 +09:00
oysteikt 788f23bf04 bicep/matrix-hookshot: harden 2026-05-28 15:58:04 +09:00
oysteikt 8416014aeb bicep/mjolnir: harden 2026-05-28 15:58:04 +09:00
oysteikt 654eeb83d8 base: tag generation as dirty if built from uncommitted source code 2026-05-28 04:39:49 +09:00
oysteikt 5bf0de1d0d bekkalokk/website/fetch-gallery: use proper shellscript builder 2026-05-28 03:58:08 +09:00
oysteikt a550bbf1e0 bekkalokk/roundcube: use specialized builder for nginx root dir 2026-05-28 03:46:59 +09:00
oysteikt 6d9bd8256f kommode/gitea/install-customization: disable networking 2026-05-28 03:15:47 +09:00
oysteikt 5c859d9809 kommode/gitea/install-customization: remove ExecStart bash wrapper 2026-05-28 03:15:06 +09:00