37a43a2bd9
tsuki/gitea-runners: init
2024-06-09 15:25:47 +02:00
43cabb09ef
kasei/avahi: setup
2024-06-08 12:47:46 +02:00
5bdf629e2f
nix-ld: setup
2024-06-08 12:45:43 +02:00
89a667ec7e
nix: remove repl-flake experimental feature
2024-06-08 12:45:16 +02:00
8dc56e4aa7
treewide: override several programs to conform to xdg dir spec
2024-06-08 12:37:01 +02:00
9caab9f6a7
start update to nixpkgs 24.05 by updating kasei and common
2024-06-02 17:17:24 +02:00
8f73eaf1b4
fonts: fix deprecated option names
2024-06-02 16:36:22 +02:00
299eee4238
common: add more nix builder declarations
2024-06-02 16:34:07 +02:00
29579969a4
common: declare local flake registry
2024-06-02 16:32:23 +02:00
5dca478291
fcitx: use declarative config
2024-06-02 16:31:08 +02:00
a8bfbbc532
common: add h7x4 to wireshark group
2024-06-02 16:30:31 +02:00
4f561c1dae
gnupg: use curses pinentry
2024-06-02 16:30:09 +02:00
c902040ade
common: move sudo-lecture out of etc
2024-06-02 16:29:48 +02:00
347a731839
kasei: misc general config
2024-06-02 16:26:44 +02:00
fce206e772
kasei: setup keybase using module
2024-06-02 16:18:56 +02:00
dd800a3794
tsuki/nhk-scraper: WIP changes
2024-01-23 05:51:37 +01:00
9f2e7f7ac1
tsuki/nginx: remove proxmox vhost
2024-01-23 05:49:17 +01:00
df5f0dc9c4
tsuki/matrix: use postgres through socket
2024-01-23 05:46:24 +01:00
4f020f4cdd
tsuki/matrix: downscale workers
2024-01-23 05:46:06 +01:00
b8daea8fc1
tsuki/headscale: conditional config
2024-01-23 05:40:52 +01:00
4d2875d168
tsuki/hedgedoc: use upstream module
2024-01-23 05:40:19 +01:00
22f5345026
tsuki/hydra: harden server unit
2024-01-23 05:36:39 +01:00
ce5c3666b9
tsuki/jupyter: set up tmpdirs for notebooks
2024-01-23 05:35:58 +01:00
1ea23dc42e
tsuki: set system.stateVersion
2024-01-23 05:35:20 +01:00
56df2f5e10
tsuki: lowercase hostname
2024-01-23 05:33:48 +01:00
8ce9100913
kanidm: explicitly bind to localhost
2024-01-23 05:32:34 +01:00
d629eedaaf
tsuki/navidrome: conditional config
2024-01-23 05:31:26 +01:00
72e7626e9d
tsuki/postgres: tune for bare metal setup
2024-01-23 05:31:06 +01:00
f49d3665fc
tsuki/vaultwarden: disable invitations
2024-01-23 05:30:14 +01:00
fe50d92f8c
tsuki/vaultwarden: conditional config
2024-01-23 05:29:57 +01:00
3d2825d1ec
tsuki/samba: init
2024-01-23 05:29:17 +01:00
1efd3d4f0a
tsuki/kanidm: set up backups
2024-01-23 05:27:43 +01:00
851d0c1fd0
tsuki/prometehus: set up slice for exporters
2024-01-23 05:26:22 +01:00
0d3e805611
tsuki: move to bare metal, set up zfs
2024-01-23 05:24:47 +01:00
3a52ba8901
treewide: update to nixos 23.11
2023-12-18 20:59:48 +01:00
b1650e91a6
kasei: split services into services
directory
2023-12-11 13:27:40 +01:00
7193a12ac2
tsuki/services: remove some uses of secret ports
2023-10-06 18:27:21 +02:00
3d613d1ac9
tsuki/invidious: use socket activation
2023-10-06 18:27:19 +02:00
424fea0dc8
tsuki/jupyter: use socket activation
2023-10-06 18:27:18 +02:00
5bb10df9e1
tsuki/borg: partial systemd hardening
...
There's still quite a bit to do, but the service fails on a weird option
that I've not been able to pin down. At least this is better than
nothing ¯\_(ツ)_/¯
2023-10-06 18:27:17 +02:00
450d26cf4b
tsuki/atuin: use socket activation
2023-10-06 18:27:16 +02:00
aca2962eec
tsuki/vaultwarden: use socket activation
2023-10-06 18:27:15 +02:00
caedfe1810
tsuki/matrix/stickers: use new module and add lots of stickerpacks
2023-10-06 18:27:14 +02:00
6663a8f280
tsuki/atuin: systemd harden
2023-07-28 22:25:50 +02:00
dec150ae98
gpg agent: systemwide -> homemanager
2023-07-28 22:23:43 +02:00
5f7eb0c8a5
tsuki/prometheus: add exporters for hedgedoc and gitea
2023-07-28 22:09:43 +02:00
d74ed2d045
tsuki/grafana: enable oauth2, misc hardening
2023-07-28 22:05:23 +02:00
816a46603a
tsuki/vaultwarden: systemd harden
2023-07-28 22:05:22 +02:00
b5874e2bcd
tsuki/navidrome: init
2023-07-28 22:05:22 +02:00
c2026eefeb
tsuki/nginx: small refactor
2023-07-28 22:05:22 +02:00