Benjamin Yule Bädorf
e127ae6062
core/networking: harden all the things
2024-03-30 15:35:32 +01:00
Benjamin Yule Bädorf
d5ce7067e1
pie/dns: fix b12f.io DNS
2024-02-16 11:18:35 +01:00
Benjamin Yule Bädorf
1169873bac
networking: remove pie from hosts file, add droppie-initrd
2024-02-08 23:29:44 +01:00
Benjamin Yule Bädorf
3e0f8438c1
initrd/networking: manually set networking
2024-02-04 01:05:28 +01:00
Benjamin Bädorf
ce1e00d5b0
pie/networking: fix dns resolver collision
2024-02-01 22:37:47 +01:00
Benjamin Bädorf
39b340f825
core: use latest linux kernel by default
2024-01-29 23:04:30 +01:00
Benjamin Bädorf
28786af37b
feat: use systemd-resolved so VPN & WG DNS works
2024-01-24 21:02:10 +01:00
Benjamin Bädorf
29e183b0c7
feat: use ACME and nginx instead of caddy
2023-11-14 18:44:46 +01:00
Benjamin Bädorf
282691cd64
fix: use lib.mkDefault for timezone
2023-11-06 23:30:40 +01:00
Benjamin Bädorf
2fbaa24cb5
feat: update droppie shutdown, default to UTC
2023-11-06 21:50:28 +01:00
Benjamin Bädorf
540736c3ba
chore: directly connect clients to pie for lower latency dns
2023-11-06 21:43:48 +01:00
Benjamin Bädorf
544f323b0c
fix: wireguard networking and https on services
2023-11-01 16:27:29 +01:00
Benjamin Bädorf
615ef9a856
fix: passwordless sudo only for yule
2023-10-26 14:09:43 +02:00
Benjamin Bädorf
cec9562e15
feat: frikandel as wireguard hub
2023-10-24 17:56:14 +02:00
Benjamin Bädorf
ece9705f67
feat: update passwords
2023-10-10 11:56:36 +02:00
Benjamin Bädorf
6f6140f660
feat: add backups for firefly and paperless
2023-10-09 22:52:28 +02:00
Benjamin Bädorf
6fabfdc431
fix: fixes to networking and pie services
2023-10-09 10:43:53 +02:00
Benjamin Bädorf
747481c4ea
fix: get networking on pie working properly
2023-10-08 19:32:00 +02:00
Benjamin Bädorf
fe8ebd083f
feat: add ISOs, limit core config size
2023-10-07 21:11:08 +02:00
Benjamin Bädorf
93bcf469ab
refactor: move fully away from modules & profiles distinction
2023-10-07 16:45:42 +02:00
Benjamin Bädorf
078e738a31
refactor: more printing to pie
2023-10-07 14:06:28 +02:00
Benjamin Bädorf
13ad9a26f3
refactor: Remove digga
2023-10-03 13:13:52 +02:00
Benjamin Bädorf
a99c0f0336
fix: Fix cups, caddy, and paperless copy script
2023-09-01 19:11:01 +02:00
Benjamin Bädorf
e7d686feb7
Merge branch 'main' into b12f
2023-07-18 12:44:47 +02:00
teutat3s
a6bec82fb7
core: use linux 6.1
2023-06-13 15:05:53 +02:00
teutat3s
97239d1fbb
inputs: switch to nixos-23.05
2023-06-13 14:24:52 +02:00
Benjamin Bädorf
b90170a587
Update to NixOS 23.05
2023-06-11 22:54:11 +02:00
Benjamin Bädorf
260eb077d0
Merge branch 'main' into b12f
2023-06-01 18:39:23 +02:00
Akshay Mankar
91353938af
modules/networking: Use mkDefault for caddy config
2023-04-17 20:05:42 +02:00
teutat3s
029be00eab
Merge pull request 'cachix: remove unused binary caches' ( #209 ) from cachix/remove-unused-caches into main
...
Reviewed-on: pub-solar/os#209
Reviewed-by: hensoko <hensoko@gssws.de>
2023-04-15 19:03:51 +02:00
Benjamin Bädorf
dcb77f9056
Merge branch 'main' into b12f
2023-04-03 11:46:57 +02:00
teutat3s
52c2ca9f13
nix.conf: add back required experimental features
2023-03-27 18:54:29 +02:00
teutat3s
972e3f1569
cachix: default binary cache is nixos.org, no need
...
to specify it explicitly (results in double entry in nix.conf)
Also force our nix.extraOptions because digga tries real hard to put
their binary caches there:
0595ae70cd/modules/nix-config.nix (L19-L23)
2023-03-27 18:09:46 +02:00
teutat3s
d0470d5aaf
flake: pull in changes from digga upstream
...
See:
54ede8e591...0595ae70cd
?diff=unified
2023-03-27 13:48:39 +02:00
Hendrik Sokolowski
25126fd8ca
Make resumeDevice optional
2023-02-26 21:51:25 +01:00
Hendrik Sokolowski
858fd257a4
define settings as defaults
2023-02-26 21:51:13 +01:00
Benjamin Bädorf
892aa2e4fa
Update paperless module
2023-02-07 15:56:19 +01:00
Benjamin Bädorf
9b53a8c982
Merge branch 'main' into b12f
2023-01-28 22:27:52 +01:00
teutat3s
00677fb11f
Merge branch 'main' into feature/alejandra-treefmt
2023-01-28 21:40:44 +01:00
teutat3s
ea6d2caa9d
networking: don't wait for network-online
...
It failed upon deployment with deploy-rs and caused it to rollback
2023-01-28 15:22:10 +01:00
Benjamin Bädorf
12ebe35ece
Update paperless
2022-11-28 11:39:28 +01:00
teutat3s
f97cf1d0e9
nix: use new nix.settings syntax
2022-11-26 04:40:22 +01:00
teutat3s
73bf158392
Run treefmt command
2022-11-20 23:28:23 +01:00
teutat3s
24b8b9f060
Switch to alejandra for formatting
...
Use treefmt
For context, see upstream PR: https://github.com/divnix/digga/pull/491
2022-11-20 23:23:28 +01:00
Benjamin Bädorf
490f064940
Merge branch 'main' into b12f
2022-10-26 15:59:58 +02:00
Hendrik Sokolowski
eece344083
Make resume_offset optional
2022-10-23 18:33:52 +02:00
Benjamin Bädorf
d7bbd78486
Merge branch 'main' into b12f
2022-10-17 16:01:09 +02:00
teutat3s
d43bd80580
core: disable SSH passwordAuthentication by default
2022-10-05 11:58:26 +02:00
Benjamin Bädorf
5da560ef56
Open up SSH by default
2022-10-03 04:55:14 +02:00
Benjamin Bädorf
8529a15177
Be more paranoid
...
The paranoia mode now also enables the firewall and closes down a couple
of small openSSH holes. `noexec` on the whole FS is left out as it will
make every existing PubSolarOS installation panic.
2022-10-03 04:03:09 +02:00