Commit graph

1629 commits

Author SHA1 Message Date
Benjamin Bädorf 6f3885d0ca
Remove doubled openssh configs in paranoia module 2022-10-03 04:07:48 +02:00
Benjamin Bädorf 8529a15177
Be more paranoid
The paranoia mode now also enables the firewall and closes down a couple
of small openSSH holes. `noexec` on the whole FS is left out as it will
make every existing PubSolarOS installation panic.
2022-10-03 04:03:09 +02:00
Benjamin Bädorf 22445ea19e
Merge pull request 'ci: fix upload target path' (#138) from fix/iso-publish-upload-path into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/138
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-03 00:59:57 +00:00
teutat3s f2ecc2d8b9
ci: fix upload target path 2022-10-03 02:30:08 +02:00
teutat3s 741e4bfef1
Merge pull request 'iso: add PubSolarOS naming, drone pipeline' (#137) from feature/our-super-iso-label into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/137
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-02 23:33:44 +00:00
teutat3s 986680cc26
bootstrap iso: add PubSolarOS naming, drone pipeline
adjustments to include a symlink to the latest iso built
2022-10-03 01:30:34 +02:00
Benjamin Bädorf 40e327d60b
Merge pull request 'Update inputs in flake.lock' (#133) from update/flake-lock into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/133
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-02 12:04:35 +00:00
teutat3s e801958494
Update inputs in flake.lock 2022-10-02 04:10:50 +02:00
hensoko 1181cd6fea
Improve core module (#132)
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/132
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-02 01:17:34 +00:00
teutat3s a4545fa1d2
Merge pull request 'Fix swayidle, lock, waybar menu' (#131) from fix/swayidle-waybar-menu into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/131
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-01 23:47:53 +00:00
teutat3s 612e5e35c0
Fix swayidle, lock, waybar menu 2022-10-02 01:19:48 +02:00
teutat3s a7f5b9de2a
Merge pull request 'bootstrap: host needs digga's bootstrapIso module' (#129) from fix/bootstrap-host-missing-isoimage-module into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/129
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
Reviewed-by: hensoko <hensoko@noreply.example.org>
2022-09-01 14:41:29 +00:00
teutat3s 0fbabc23b9
bootstap: host needs digga's bootstrapIso module 2022-09-01 15:35:04 +02:00
teutat3s 0c11e9119e
Merge pull request 'Fixes for hosts rebuilding with ISO config, fixes for swaylock, swayidle' (#128) from fix/iso-hosts-swaylock-swayidle into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/128
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-09-01 13:29:15 +00:00
teutat3s 1767dcb076
Fix swayidle service
- add missing \
- reference swaylock-bg script from pkgs
2022-09-01 14:38:10 +02:00
teutat3s d563b1d469
Fix swaylock-bg, now a bash script
- reference jq from pkgs
- shellcheck fixes
2022-09-01 14:37:14 +02:00
teutat3s b7ba1b7ba9
Fix hosts rebuilding with ISO config after #125
See: https://github.com/divnix/digga/pull/455#issuecomment-1231789444

Upstream fix found in e1b09712fe/nixos/default.nix (L85-L88)
2022-09-01 14:34:57 +02:00
teutat3s 0ce3a30211
Merge pull request 'Use more descriptive drone secret names' (#127) from fix/ci-publish-iso into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/127
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-08-29 16:43:08 +00:00
teutat3s 2fa84ab4aa
Use more descriptive drone secret names 2022-08-29 16:47:31 +02:00
teutat3s 272bbd40ed
Merge pull request 'Fix Build ISO ci step' (#126) from fix/bootstrap-iso-ci into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/126
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-08-29 13:30:11 +00:00
teutat3s 7b5696435a
Fix Build ISO ci step, use
'.#nixosConfigurations.bootstrap.config.system.build.isoImage'
2022-08-29 15:19:13 +02:00
teutat3s 132b2b1a91
Merge pull request 'Use our digga fork to fix bootstrap iso builds' (#125) from fix/bootstrap-iso into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/125
Reviewed-by: hensoko <hensoko@noreply.example.org>
2022-08-29 13:11:06 +00:00
teutat3s c1b672fe70
Fix conflicting definition values, force use of
our defined value.

error: The option 'services.getty.autologinUser' has conflicting definition values:
       - In '/nix/store/zyh8f18z0m1r9jppvdcdivfvfxg0j3fv-source/nixos/modules/profiles/installation-device.nix': "nixos"
       - In '/nix/store/w82qigr5jqv9c6jhdrpdwixydk3rmbzw-source/modules/graphical': "pub-solar"
2022-08-29 11:55:20 +02:00
teutat3s 209eed069c
Add comment how to build isoImage 2022-08-29 11:53:55 +02:00
teutat3s 242de215d6
Switch to our digga fork, include upstream PR
divnix/digga#455 to fix bootstrap iso builds
2022-08-27 13:49:55 +02:00
teutat3s 6122021435
Bump flake.lock 2022-08-27 13:48:32 +02:00
Benjamin Bädorf 27e961da2c
Merge pull request 'feature/tests' (#91) from feature/tests into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/91
2022-08-26 00:20:18 +00:00
Benjamin Bädorf 51de365ae7
Merge branch 'main' into feature/tests 2022-08-25 23:21:15 +00:00
Benjamin Bädorf c7affb6533
Merge pull request 'Barebones ci-runner module' (#108) from feature/ci-runner-onecommit into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/108
Reviewed-by: hensoko <hensoko@noreply.example.org>
2022-08-25 21:46:22 +00:00
teutat3s 8c3bd94ba2
Merge branch 'main' into feature/tests 2022-08-25 17:09:37 +02:00
teutat3s 6db8ab0a98
Merge pull request 'Import the full environment again' (#124) from fix/env581a8829 into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/124
Reviewed-by: teutat3s <teutates@mailbox.org>
Reviewed-by: hensoko <hensoko@noreply.example.org>
2022-08-25 14:14:16 +00:00
teutat3s c2e5d8df3c
ci: better matrix notify template message,
prefix manta path with ci/ and set target filename for mput
2022-08-25 16:06:56 +02:00
teutat3s 8feaa494cb
ci: add matrix notify step, fix ssh key id 2022-08-25 16:06:48 +02:00
teutat3s 553e23baf9
ci: add upload artifacts step 2022-08-25 16:06:37 +02:00
teutat3s 472560e1c1
Restructure CI:
build ISO on each push to main branch

tags with v* and t* names trigger a test VM

pull requests trigger a basic check building host PubSolarOS
2022-08-25 16:06:33 +02:00
teutat3s 8be1bd53d3
wip: first PubSolarOS iso test using the NixOS
test suite:

https://nixos.org/manual/nixos/stable/index.html#sec-nixos-tests
2022-08-25 16:06:25 +02:00
Benjamin Bädorf 8fc8ac2d58
Fix service startup for ci-runner 2022-08-25 15:25:34 +02:00
Benjamin Bädorf a643701e49
Merge branch 'main' into feature/ci-runner-onecommit 2022-08-25 13:20:52 +00:00
Benjamin Bädorf dbee2f03e7
Import the full environment again 2022-08-25 15:17:38 +02:00
Benjamin Bädorf b16299965c
Merge pull request 'Fix hibernation' (#120) from fix/hibernation into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/120
Reviewed-by: hensoko <hensoko@noreply.example.org>
2022-08-25 09:58:20 +00:00
Benjamin Bädorf 6d1d683b23
Fix swayidle command, add hibernation on lid close, fix env
The swayidle command in the service was straight up broken, this commit
fixes that.

Environment Variables set in the `session-variables` file are now
correctly imported across the system. This fixes `EDITOR` defaulting to
`nano`.
2022-08-25 00:13:23 +02:00
Benjamin Bädorf 40799ed5b6
Merge pull request 'feature/pin-zsh-plugins-to-deterministic-versions' (#123) from feature/pin-zsh-plugins-to-deterministic-versions into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/123
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-08-24 22:05:08 +00:00
teutat3s de03f0f42f
zsh: correctly pin plugins to commits instead of
branch names, to prevent errors like:
error: hash mismatch in fixed-output derivation '/nix/store/n7w9jd46zx4rzy9a24abxv3lcx1ikn1j-source.drv':
         specified: sha256-0pzkKPdzyQXTe8usaSaM1Iivi2UHQrSJrh5V2pRd0Gg=
            got:    sha256-9vc4cMBCNOmPOyzGwnPeMrXXyQUq4pC9Du3AWl9+Rys=
2022-08-24 23:19:18 +02:00
teutat3s f7eda8ca1c
zsh: bundle plugins within our config 2022-08-24 23:19:13 +02:00
hensoko ad0402fd93
Merge pull request 'Disable NetworkManager-wait-online system service' (#121) from feature/disable-networkmanager-wait-online into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/121
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-08-24 20:50:45 +00:00
hensoko 9d83f32bd8
Merge pull request 'Use iwd as wifi backend' (#122) from feature/use-iwd-as-networkmanager-wifi-backend into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/122
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-08-24 20:50:18 +00:00
Hendrik Sokolowski 8efc4c2f9e
Use iwd as wifi backend
iwd is a lightweight wireless connection backend that was initiated by
developers of intel. It is supposed to be faster.
2022-08-24 21:49:59 +02:00
Hendrik Sokolowski 57f608ecde
Disable NetworkManager-wait-online system service
This service is presumably useful for devices that need to ensure there
is an active internet connection before starting other systemd units.
This is neither the case for end-user devices as the an active internet
connection is only needed after login nor the case for server-like
systems as they normally have a static / dhcp-based network configuration
which does not require switchable network configuration profiles.
2022-08-24 21:47:58 +02:00
Benjamin Bädorf dc8257f31f
Fix hibernation
The resumeDevice and kernel `resume` parameter were being used wrong.

Only `boot.resumeDevice` is necessary, and it should point at the _block
device_ that holds the swapfile. If you are running on encrypted
volumes, this means you will need to use the name of the *decrypted
block device* on which the swapfile sits.
2022-08-24 18:46:35 +02:00
Benjamin Bädorf 80e71ca547
Merge pull request 'nix: set nix.package to force overlays/overrides.nix to apply' (#119) from fix/nix-version-from-latest into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/119
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-08-24 13:13:20 +00:00