colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
2,562 Commits 125 Branches 1 Tag 19 MiB
staging/nixpkgs-2023-06-27
Commit Graph

2562 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Colin
e68ca3d600 toy around with explicitly spinning down the hard drive during shutdown 
abandon the concept. it requires a systemd rebuild, and therefore
almost all of userspace. not worth it yet. maybe buy a powered hub.
 2022-05-18 10:40:28 +00:00
Colin
32e00dac9d postgres: document some useful admin commands 1980-01-01 00:54:42 +00:00
Colin
72c2aed6d9 enable swap 1980-01-01 00:53:55 +00:00
Colin
f8a8ae8999 switch to pi-specific 5.10 kernel 
this includes the pi-400 dtb, so no more manual patching.

might be worth removing the explicit kernel modules packaged into the initrd (if possible?)
 2022-05-17 21:19:54 +00:00
Colin
b74b590b6e configuration: document the nix eval command. 2022-05-17 09:29:56 +00:00
Colin
6a8e49b00c uboot: decrease loglevel from 8 (debug full details) => 7 (debug) 
it doesn't actually make a notable difference. boot is still spammy.
i think i either get:
- debug messages compiled in and shown by default, or
- debug messages not compiled in

i'll settle for the former.
 2022-05-17 09:28:02 +00:00
Colin
61ff0eae4b uboot: split the patches apart and disable the verbose logging 
logging still has *some* verbosity. i may turn it down further.
 2022-05-17 09:10:26 +00:00
Colin
09cb37dee2 net: update ovpn config 2022-05-17 07:45:31 +00:00
Colin
b5ce0f9fea Pleroma: restart on failure (fixes slow DB startups) 2022-05-17 07:24:26 +00:00
Colin
a4f8a3042d document useful nix CLI tools 2022-05-17 06:44:40 +00:00
Colin
23a4633514 include fatresize in the env. 
it's useful for resizing the /boot partition
 2022-05-17 06:44:21 +00:00
Colin
a39564118f net: disable wlan0 2022-05-17 06:44:02 +00:00
Colin
3bc0a13ad1 cfg/hardware: include the contents of the scan/not-detected.nix file 2022-05-17 06:43:24 +00:00
Colin
e42256fa7f move boot config into cfg/hardware.nix 2022-05-17 05:47:43 +00:00
Colin
5ca049dcbe cfg/users: document how to create ssh keys 2022-05-17 02:11:52 +00:00
Colin
1064867194 migrate the nix install to an external USB drive. 
this requires a patch to uboot:
- uboot thinks the drive has a capacity of 0 (i.e. 'unknown'). unclear precisely why. could be noncompliant drive firmware, or a timeout somewhere.

and a patch to the rpi bootloader:
- in order to trampoline into the rpi-4 uboot.

and custom kernel modules in the initrd:
- in order to detect the USB hub (rpi fw).

additionally, i'm MANUALLY placing `bcm2711-rpi-400.dtb` into `/boot/nixos/..-linux-5.10.111-dtbs/broadcom`.
i'll want to do this automatically over time.

i hope to simplify much of this over time: this is just the first thing which works after a couple days of hacking at it.
 2022-05-17 01:58:12 +00:00
Colin
aeb8319154 services: add duplicity b2 backup cron job 2022-05-11 23:04:26 +00:00
Colin
0a63e53512 matrix: screen registrations by redirecting the activation emails 2022-05-11 06:41:34 +00:00
Colin
a1bbd16b94 gitea: achieve manual account approval via email intercepting 
flow: user signs up, with email. their activation email is redirected to me.
if they look good, i forward that email.
 2022-05-10 23:15:01 +00:00
Colin
44ce66b7ec gitea: enable registration behind captcha + manual approval 
unfortunately gitea doesn't notify me of user applications.
so new users will want to contact me out-of-band.
 2022-05-10 07:34:49 +00:00
Colin
d6a37e6398 matrix: document how to add a new user 2022-05-10 01:18:07 +00:00
Colin
4db73019ee nginx: enable matrix web client at web.matrix.uninsane.org 2022-05-10 00:45:38 +00:00
Colin
b804fd338e update pleroma 2.4.51 -> 2.4.52 (tip/4605efe272016a5ba8ba6e96a9bec9a6e40c1591) 2022-05-09 22:48:43 +00:00
Colin
151f8b0824 Pleroma: enable emoji 
or maybe they were enabled by manually placing them in the right
directory :-)

either way, i should consider moving those out of the Pleroma state dir.
they really are more of a config option (alongside theming).
 2022-05-09 21:22:15 +00:00
Colin
c7f4d9ad1f Pleroma: enable registration and try to sync follower counts 2022-05-09 07:55:43 +00:00
Colin
c95ffcb9d5 Pleroma: switch back to log-level warn 
oops
 2022-05-09 00:39:13 +00:00
Colin
3352711dc0 pleroma: enable email services (e.g. password reset) 2022-05-09 00:37:49 +00:00
Colin
b5dd04e127 rename config/ -> cfg/ 
notably, this avoids the problem where `co<tab>` can't auto-complete the trailing slash.
`cf<tab>` autocompletes to `cfg/` in the same number of keystrokes :-)
 2022-05-08 22:01:22 +00:00
Colin
879b7f12fe move the config import details into the config subdir 2022-05-08 21:59:07 +00:00
Colin
fd26b200e9 matrix: irc: rizon: enable SASL 
with this (and a registered username), i'm able to connect to
channels which require auth.

i haven't actually received any messages yet, but i can view the user list
so it's working better than before :-)
 2022-05-08 08:44:31 +00:00
Colin
56f93cfb53 matrix: irc: rizon: configure a better bridge username 
also, the connectivity issue is resolved simply by restarting matrix-synapse.
it was reading an outdated matrix-appservice-irc resource file.
 2022-05-08 06:30:22 +00:00
Colin
c4e0b4cd01 Matrix: enable Rizon IRC bridge 
experimental. i don't seem to be able to see IRC users on Matrix yet,
but my Matrix user does show up on IRC.
it's a low-traffic room, so maybe i just need to be patient.
 2022-05-08 05:03:43 +00:00
Colin
55b043c80d config/net: re-enable the firewall now that SMTP is operational 2022-05-08 00:15:50 +00:00
Colin
b67882f32d postfix: enable submission service 
tested, verified: i can send mail from myself to myself :-)
i should test sending mail to an external account
 2022-05-07 04:39:54 +00:00
Colin
b53ff4f174 acme: procure a cert for mx.uninsane.org 
we can use this later to allow SMTPS
 2022-05-07 03:24:39 +00:00
Colin
93805c6602 enable dovecot for IMAP 
tested and working. still need to enable the submission service.
 2022-05-07 02:25:18 +00:00
Colin
07c8ff12a6 postfix: fix DKIM signing 
although gmail doesn't seem to be accepting my messages yet :'(
 2022-05-06 11:43:17 +00:00
Colin
fec0f3757a gitignore: nix result symlinks 2022-05-06 00:25:25 +00:00
Colin
fa3ed520e2 net: communicate with the OVPNs network locally instead of over the public internet 2022-05-06 00:22:36 +00:00
Colin
efe8a8447a config: restructure config tree and file names: 
```
config/
|- services/
|- |- <service-name>.nix
```
 2022-05-05 23:25:15 +00:00
Colin
0963dde548 transmission: tune storage directories/perms and rate limits 2022-05-05 22:47:36 +00:00
Colin
4dacec1480 net config: remove outdated comment 2022-05-05 21:45:04 +00:00
Colin
80b953e169 pleroma: decrease logging 2022-05-05 21:44:56 +00:00
Colin
3f2401391d transmission: launch only after ovpns is up 2022-05-04 00:10:50 +00:00
Colin
490a35cde0 enable Jackett for torrent searching 2022-05-04 00:10:32 +00:00
Colin
b7f9037807 enable transmission, protected behind rpc auth 2022-05-03 09:45:36 +00:00
Colin
10b3baeff4 add transmissionbt service. disabled until i can move it to the right netns 2022-05-03 02:13:42 +00:00
Colin
6688b3bc00 postfix: run behind ovpns 
this gives us a static IPv4 IP address which has an unblocked SMTP port.
 2022-05-03 00:44:15 +00:00
Colin
1bc5af002a fs-config: move / fs mount from hardware-configuration -> fs-configuration 2022-05-03 00:08:18 +00:00
Colin
69cc56134f sudo config: remove mkForce 
i don't know why these were forced. probably borrowed some weird snippet
from someone else when i was getting started 🤷
 2022-05-03 00:02:18 +00:00