Commit graph

2280 commits

Author SHA1 Message Date
teutat3s 02c145697b
Pull in upstream commits from https://github.com/divnix/digga/pull/490
Improved flake-compat

Get the rev from the flake.lock file. Shouldn't be an issue for
first time users as the guide instructs users to generate a lock
file. `builtins.file` was used in accordance with nix.dev
reccommendations.

https://nix.dev/anti-patterns/language#reproducibility-referencing-top-level-directory-with

Rm tempfix
2022-11-07 11:24:59 +01:00
teutat3s c860d5e3f6
Merge pull request 'Update drone-config' (#143) from feature/update-drone-config-for-kvm-tests into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/143
Reviewed-by: teutat3s <teutates@mailbox.org>
2022-10-29 20:40:26 +00:00
Hendrik Sokolowski 630d0afc5e
Update drone-config 2022-10-29 03:57:08 +02:00
Benjamin Bädorf e26ffd2725
Merge pull request 'Embrace nvfetcher' (#145) from feature/embrace-nvfetcher into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/145
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-29 00:43:30 +00:00
Benjamin Bädorf 6824cf70f3
Merge pull request 'Improve hibernation logic' (#148) from feature/improve-hibernation-logic into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/148
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-24 19:35:28 +00:00
teutat3s ab603a9708
secrets: --rekey 2022-10-24 17:33:45 +02:00
teutat3s 60e15166c8
teutat3s: init age-plugin-yubikey to encrypt secrets
It seems yubikey-agent still has to be SIGHUP'ed before using agenix:
like so:
killall -HUP yubikey-agent

Read more on how to set this up here:
https://github.com/ryantm/agenix/issues/115

Another related issue:
https://github.com/FiloSottile/yubikey-agent/issues/63
2022-10-24 17:23:45 +02:00
teutat3s c0f991010f
Fix zsh z plugin script path 2022-10-24 15:29:12 +02:00
teutat3s 3aff6251b5
Merge branch 'main' into feature/embrace-nvfetcher 2022-10-24 15:25:45 +02:00
teutat3s ea6233f57e
zsh: fetch plugins using nvfetcher 2022-10-24 15:24:52 +02:00
Hendrik Sokolowski eece344083
Make resume_offset optional 2022-10-23 18:33:52 +02:00
teutat3s 574deec44c
Merge branch 'main' into teutat3s 2022-10-21 15:10:10 +02:00
teutat3s 51d03f0de7
Merge pull request 'drone: use our custom drone-scp image' (#146) from fix/drone-publish-iso-symlink into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/146
2022-10-21 13:08:52 +00:00
teutat3s e4418bfe0c
drone: use our custom drone-scp image 2022-10-20 18:29:20 +02:00
teutat3s 520e9546ed
Merge pull request 'Bump flake.lock' (#144) from bump/flake-lock into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/144
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-20 10:37:08 +00:00
teutat3s cf2b9e2c54
swaynotificationcenter: use version from nixpkgs-unstable 2022-10-19 17:13:18 +02:00
teutat3s 8bd5022d70
nvfetcher: remove unnecessary flake, use nixpkgs version 2022-10-19 17:12:12 +02:00
teutat3s e69c8fe9c7
Bump flake.lock 2022-10-18 17:02:23 +02:00
teutat3s 4520dece5f
neovim: use nvfetcher for custom plugins 2022-10-18 16:55:51 +02:00
teutat3s 10813c3dc0
secrets: update 2022-10-18 16:53:24 +02:00
teutat3s 1c58fdee89
Bump flake.lock 2022-10-18 16:52:12 +02:00
teutat3s a0d6fcdd44
tritonshell: update input URL 2022-10-18 16:49:40 +02:00
teutat3s 48d6bb64ac
waybar: use interface name wlp4s0 again
wpa_supplicant uses this one
2022-10-18 16:49:11 +02:00
teutat3s 5bfbbebcc6
zsh: fetch plugins using nvfetcher 2022-10-18 16:46:16 +02:00
teutat3s 0cb5ad876b
overlays: wik, swaynotificationcenter use nvfetcher 2022-10-18 16:46:04 +02:00
teutat3s 1cf3fad5b7
neovim: use nvfetcher for custom plugins 2022-10-18 16:24:43 +02:00
teutat3s 2d92c9d6a3
devops: use terraform 1.2.x 2022-10-17 22:15:44 +02:00
teutat3s b8273742e3
wifi: switch backend back to wpa_supplicant 2022-10-17 22:15:22 +02:00
teutat3s 28f1bd66f0
swayidle: adjust brightness after resume 2022-10-17 22:14:18 +02:00
teutat3s c88016af85
overlays: add gurk-rs, thunderbird, yubikey-agent 2022-10-17 22:12:44 +02:00
teutat3s 2b69ea89a4
Merge branch 'main' into teutat3s 2022-10-05 14:45:37 +02:00
Benjamin Bädorf bcf6ca5fe4
Merge pull request 'Fix base user ssh public keys' (#141) from fix/base-user-ssh-public-keys into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/141
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-05 11:19:41 +00:00
teutat3s d43bd80580
core: disable SSH passwordAuthentication by default 2022-10-05 11:58:26 +02:00
teutat3s f28d05e24e
Change user.publicKeys to a SSH keys string list 2022-10-05 11:57:51 +02:00
Benjamin Bädorf b7132c3744
Merge pull request 'Be more paranoid' (#139) from feature/more-paranoia into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/139
Reviewed-by: teutat3s <teutates@mailbox.org>
2022-10-03 18:36:05 +00:00
Benjamin Bädorf f3a5b2233a
Merge branch 'main' into feature/more-paranoia 2022-10-03 02:55:25 +00:00
Benjamin Bädorf 5da560ef56
Open up SSH by default 2022-10-03 04:55:14 +02:00
Benjamin Bädorf 65bb399df8
Merge pull request 'alacritty: improve selection and cursor colors' (#140) from fix/alacritty-selection-cursor-colors into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/140
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-03 02:48:39 +00:00
teutat3s b23e1e16a4
alacritty: improve selection and cursor colors 2022-10-03 04:11:16 +02:00
Benjamin Bädorf 6f3885d0ca
Remove doubled openssh configs in paranoia module 2022-10-03 04:07:48 +02:00
Benjamin Bädorf 8529a15177
Be more paranoid
The paranoia mode now also enables the firewall and closes down a couple
of small openSSH holes. `noexec` on the whole FS is left out as it will
make every existing PubSolarOS installation panic.
2022-10-03 04:03:09 +02:00
teutat3s aa65a39eff
Merge branch 'main' into teutat3s 2022-10-03 03:10:48 +02:00
Benjamin Bädorf 22445ea19e
Merge pull request 'ci: fix upload target path' (#138) from fix/iso-publish-upload-path into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/138
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-03 00:59:57 +00:00
teutat3s f2ecc2d8b9
ci: fix upload target path 2022-10-03 02:30:08 +02:00
teutat3s 741e4bfef1
Merge pull request 'iso: add PubSolarOS naming, drone pipeline' (#137) from feature/our-super-iso-label into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/137
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-02 23:33:44 +00:00
teutat3s 986680cc26
bootstrap iso: add PubSolarOS naming, drone pipeline
adjustments to include a symlink to the latest iso built
2022-10-03 01:30:34 +02:00
teutat3s 6e503bb161
neovim: update caddy json schema 2022-10-02 21:47:44 +02:00
teutat3s 0b155bc7dd
Merge branch 'main' into teutat3s 2022-10-02 14:06:18 +02:00
Benjamin Bädorf 40e327d60b
Merge pull request 'Update inputs in flake.lock' (#133) from update/flake-lock into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/133
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-02 12:04:35 +00:00
teutat3s e801958494
Update inputs in flake.lock 2022-10-02 04:10:50 +02:00