oysteikt/nix-dotfiles
1
1
Fork 0
Code Issues 138 Pull Requests Activity
410 Commits 5 Branches 0 Tags
setup-ra-multiplexer
Commit Graph

410 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
h7x4
6cd17fb71c README: big update (👍ᐛ )👍 2023-10-06 18:27:20 +02:00
h7x4
3d613d1ac9 tsuki/invidious: use socket activation 2023-10-06 18:27:19 +02:00
h7x4
424fea0dc8 tsuki/jupyter: use socket activation 2023-10-06 18:27:18 +02:00
h7x4
5bb10df9e1 tsuki/borg: partial systemd hardening 
There's still quite a bit to do, but the service fails on a weird option
that I've not been able to pin down. At least this is better than
nothing ¯\_(ツ)_/¯
 2023-10-06 18:27:17 +02:00
h7x4
450d26cf4b tsuki/atuin: use socket activation 2023-10-06 18:27:16 +02:00
h7x4
aca2962eec tsuki/vaultwarden: use socket activation 2023-10-06 18:27:15 +02:00
h7x4
caedfe1810 tsuki/matrix/stickers: use new module and add lots of stickerpacks 2023-10-06 18:27:14 +02:00
h7x4
87eeb522a2 home/shell: make mainProgram selection better 2023-10-06 17:19:50 +02:00
h7x4
550b9f1b1b home/gdb: init 2023-10-06 17:18:49 +02:00
h7x4
ad262195f6 home/packages: add lots of unused packages 2023-10-06 17:17:15 +02:00
h7x4
5a2e34b89e home/shell: add aliases for ofborg evals 2023-10-06 17:16:38 +02:00
h7x4
9038f3ea54 home/git: add rebase-author alias 2023-10-06 17:14:02 +02:00
h7x4
92eb44e7ad home/shell: remove and update a few aliases 2023-07-29 12:59:23 +02:00
h7x4
f85724dea0 home/shell: split alias tree functionality into module and config 2023-07-29 12:49:17 +02:00
h7x4
6663a8f280 tsuki/atuin: systemd harden 2023-07-28 22:25:50 +02:00
h7x4
dec150ae98 gpg agent: systemwide -> homemanager 2023-07-28 22:23:43 +02:00
h7x4
5f7eb0c8a5 tsuki/prometheus: add exporters for hedgedoc and gitea 2023-07-28 22:09:43 +02:00
h7x4
f7e25149c7 home: remove a few unused packages and services 2023-07-28 22:05:23 +02:00
h7x4
d74ed2d045 tsuki/grafana: enable oauth2, misc hardening 2023-07-28 22:05:23 +02:00
h7x4
816a46603a tsuki/vaultwarden: systemd harden 2023-07-28 22:05:22 +02:00
h7x4
0137f4f5a9 lib: remove upstreamed function repeat (replicate) 2023-07-28 22:05:22 +02:00
h7x4
b5874e2bcd tsuki/navidrome: init 2023-07-28 22:05:22 +02:00
h7x4
c2026eefeb tsuki/nginx: small refactor 2023-07-28 22:05:22 +02:00
h7x4
e6605b3a73 common/sshd: socket activate 2023-07-28 22:05:21 +02:00
h7x4
c98a1a0541 tsuki/jupyter: harden security with sops and systemd 2023-07-28 22:00:07 +02:00
h7x4
fdace82c2f modules: move colors to home/modules, explicitly import all 2023-07-28 21:48:15 +02:00
h7x4
4456244f2d modules: add modules for socket activation 2023-07-28 21:32:13 +02:00
h7x4
f1e8c87acd tsuki/configuration.nix: remove a few unused imports 2023-07-12 23:43:23 +02:00
h7x4
1f5832074b tsuki/taskserver: (unfinished) start setting up taskserver and taskwarrior 2023-07-12 23:42:07 +02:00
h7x4
6c2bd3f2d5 tsuki/invidious: remove redundant code, add comments 2023-07-12 23:38:41 +02:00
h7x4
394a932988 tsuki/nginx: misc: 
- Move temporary website into its own file
- Collect all http uris into upstreams
- Convert some upstreams to UNIX sockets, as changed in the last few
  commits
 2023-07-12 23:36:57 +02:00
h7x4
24a02d386c tsuki/hedgedoc: misc: 
- Experiment with reducing the number of options in the module
- Use UNIX socket behind nginx
- "Upstream" systemd hardening to module
 2023-07-12 23:34:23 +02:00
h7x4
5ea58f1b98 tsuki/gitea: use UNIX socket behind gitea 2023-07-12 23:30:39 +02:00
h7x4
fd052eea5a tsuki/grafana: use UNIX socket behind nginx 2023-07-12 23:27:10 +02:00
h7x4
1f3b5addd3 tsuki/hedgedoc: misc: 
- configure oauth2 (this requires a custom module for now,
    will be resolved in 23.11)
- harden systemd service
- add systemd requires list
- use socket postgres uri
 2023-07-12 02:30:00 +02:00
h7x4
96617500df flake.nix: update several inputs, nixpkgs 23.05 2023-07-12 02:09:54 +02:00
h7x4
5250d40457 grub: remove version, attr for 23.05 2023-07-12 02:06:41 +02:00
h7x4
cf42debf37 tsuki/invidious: misc: 
- bind to 127.0.0.1
- depend on postgresql systemd unit
 2023-07-12 02:06:41 +02:00
h7x4
c8db83b925 tsuki/plex: harden systemd unit 2023-07-12 02:06:41 +02:00
h7x4
20de3c260f tsuki/postgres: misc: 
- add postgresql backup service
- harden systemd unit
- increase max_connections
 2023-07-12 02:06:40 +02:00
h7x4
82ea6e9f5a tsuki: add timed nhk easy news scraper 2023-07-12 02:06:40 +02:00
h7x4
dddc92877c tsuki/matrix/matrix-appservice-irc: enable lainchan irc bouncer 2023-07-12 02:06:40 +02:00
h7x4
68b181fc05 tsuki/matrix/mx-puppet-discord: disable temporarily 
This still uses an old version of node that is disabled
in nixpkgs 23.05, disabling for now
 2023-07-12 02:06:39 +02:00
h7x4
98745298c7 tsuki/matrix/mautrix-facebook: disable 
Got banned one too many times, disabling for now.
 2023-07-12 02:06:39 +02:00
h7x4
8a42e97014 tsuki/monitoring: misc: 
- Secure grafana better, it had secrets in the nix store
- Set up prometheus exporters for nginx and php-fpm
- Add urls for dashboards
- Disable automatic updates
 2023-07-12 02:06:39 +02:00
h7x4
25b6f0f3e9 tsuki/vaultwarden: add vaultwarden, password manager 2023-07-12 02:06:38 +02:00
h7x4
40e95ce030 tsuki/borg: set up borgbackup 2023-07-12 02:06:37 +02:00
h7x4
0e3a4c35d2 tsuki/atuin: set up atuin server 2023-07-12 02:06:16 +02:00
h7x4
fc0e4f6c52 tsuki/nginx/www: real website dead, add temporary website 2023-07-12 02:04:57 +02:00
h7x4
e0250a1572 home/atuin: set up sync 2023-07-12 02:04:56 +02:00