8e8168ec28
add splatmoji package and sway config
2022-12-16 07:46:06 +00:00
28397807fc
gpt2tc: disable, because the mirror is unreliable
2022-12-16 07:08:55 +00:00
42ebb9a155
sane-private-do: run a command with the private store unlocked; then re-lock it
2022-12-16 06:10:44 +00:00
a8a4b8e739
kiwix: serve the full english Wikipedia
2022-12-16 05:58:51 +00:00
2550601179
serve w.uninsane.org through kiwix-serve
2022-12-16 02:25:57 +00:00
199a49755a
create a kiwix-serve
service
2022-12-16 02:15:17 +00:00
8c7700688f
nixpatches: add kiwix-tools package that's being upstreamed
2022-12-16 01:22:38 +00:00
8fe304d6c1
trust-dns: split the service into a generic config interface
2022-12-15 11:17:50 +00:00
700fef7df3
servo: mediawiki: remove dead commented-out code
2022-12-15 11:17:50 +00:00
01db7e1f23
servo: install mediawiki
2022-12-15 11:17:50 +00:00
df6e8f1562
Merge branch 'master' of git.uninsane.org:colin/nix-files
2022-12-15 09:59:53 +00:00
1f0a40c81f
snippets: add nixos wiki
2022-12-15 09:54:32 +00:00
995b41d1e8
flake: update nixpkgs-stable 22.05 -> 22.11
2022-12-14 22:32:41 +00:00
7674735d42
Merge branch 'master' of git.uninsane.org:colin/nix-files
2022-12-14 12:28:58 +00:00
329693c9ce
pin grpc & users, until the grpc aarch64 build is fixed
2022-12-14 12:27:24 +00:00
5ae3bb2f6c
sane-rcp: allow a destination
2022-12-14 10:07:02 +00:00
e0b1aef127
snippets: add sci-hub
2022-12-14 09:52:07 +00:00
9b8363dfb4
firefox addons: bypass-paywalls-clean: update hash
2022-12-14 08:00:42 +00:00
58ad87df8e
vpns: add us-mi[ami]
2022-12-13 04:26:00 +00:00
5fc894cda9
vpn: fix us-atlanta -> us-atl to match interface length limit
2022-12-13 04:13:01 +00:00
07e6ec2533
sane-scripts: better vpn factoring
2022-12-13 04:11:58 +00:00
005a79e680
vpn: factor out more helpers
2022-12-13 03:55:18 +00:00
0f5279bbca
add us-atlanta VPN
2022-12-13 03:26:23 +00:00
e9b3b7ebab
simplify ovpn impl
2022-12-13 03:17:27 +00:00
7a83c1d6df
trust-dns: use upstream build
2022-12-13 02:03:09 +00:00
46788fe565
servo: make uninsane.org NS records consistent with upstream
2022-12-13 01:00:16 +00:00
a473ef6db3
flake update: nixpkgs: 2022-12-02 -> 2022-12-11; others
...
```
• Updated input 'mobile-nixos':
'github:nixos/mobile-nixos/25eec596116553112681d72ee4880107fc3957fa' (2022-11-19)
→ 'github:nixos/mobile-nixos/5ee45cc1f8e43f4af14ee17ccef9156b0db8cd77' (2022-12-04)
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/b72b8b94cf0c012b0252a9100a636cad69696666' (2022-12-02)
→ 'github:NixOS/nixpkgs/64e0bf055f9d25928c31fb12924e59ff8ce71e60' (2022-12-11)
• Updated input 'nixpkgs-stable':
'github:NixOS/nixpkgs/5d7d1d5f742e6bb57dd2e3d7b433fb4010c7af22' (2022-12-02)
→ 'github:NixOS/nixpkgs/7b9eeb856cbf976482fa8d1cb295ea03fb3e1277' (2022-12-10)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/8295b8139ef7baadeb90c5cad7a40c4c9297ebf7' (2022-11-29)
→ 'github:Mic92/sops-nix/da98a111623101c64474a14983d83dad8f09f93d' (2022-12-04)
• Removed input 'sops-nix/nixpkgs-22_05'
• Added input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/86370507cb20c905800527539fc049a2bf09c667' (2022-12-04)
```
2022-12-13 00:52:54 +00:00
3627d47f12
firefox: add uBlacklist
2022-12-13 00:44:38 +00:00
115f8d7054
servo: vpn services are part of 'wireguard-wg0'
...
this makes it so if we restart the wireguard connection, the services
themeselves _also_ restart. that should avoid leaving any of them in an
orphaned namespace
2022-12-12 11:53:34 +00:00
ac44b04d99
servo: trust-dns: note about maybe using dig
instead of diff'ing the config
2022-12-12 11:35:47 +00:00
afff0aff19
servo: trust-dns: fix up the timers/ddns reliability
2022-12-12 11:33:20 +00:00
f0086dc5bd
servo: trust-dns: implement some dynamic DNS shim
2022-12-12 10:30:08 +00:00
acabd34f28
servo: net: forward http requests from vpn -> host w/o NATing the source address
...
this ensures we have access to the source IP in our host-side logs
2022-12-12 05:21:29 +00:00
d0e6b82739
make it so wireguard-wg0 is restartable
2022-12-11 17:07:53 +00:00
dc09b7b9b2
Merge branch 'master' of git.uninsane.org:colin/nix-files
2022-12-11 16:48:16 +00:00
38c5b82a08
servo: fold wg0 setup into one single service
...
it doesn't restart cleanly (maybe i can't kill a netns while stuff lives
inside it?). problem for another day.
2022-12-11 16:46:55 +00:00
89def1a073
servo: remove dead net code
2022-12-11 16:15:43 +00:00
ad2ed370d9
servo: split the firewall rules across services
2022-12-11 16:12:23 +00:00
3e8f7a9ba2
servo: use ISP-provided DNS resolvers by default
...
this is really hacky and i hate it, but there's not a lot of good
options.
2022-12-11 16:03:41 +00:00
028ecfe93f
snippets: add HN
2022-12-11 13:14:24 +00:00
c5ac792c13
servo: connect wg0 via IP addr instead of hostname
...
i think this fixes the connectivity issues i've seen.
2022-12-11 12:48:50 +00:00
bd1624bef9
servo: un-firewall tcp port 53 to fix trust-dns over TCP
2022-12-11 12:48:11 +00:00
3ae53d7f32
services: add RestartSec
to anything which auto-restarts
...
this is to prevent rapid restart failures from killing the service
permanently.
2022-12-10 13:28:46 +00:00
e7f2d41b1f
servo: forward DNS to root ns without NAT'ing the source address
2022-12-10 13:28:19 +00:00
3394a79e2b
trust-dns: restart on failure
...
if the network isn't up, won't be able to bind to eth, and fails.
2022-12-10 13:02:17 +00:00
b01501663d
trust-dns: listen on each address explicitly
2022-12-10 12:29:10 +00:00
cbd5ccd1c8
desko: disable wifi
2022-12-10 12:27:02 +00:00
cf857eaf9f
zsh: more cd aliases (knowledge, secrets)
2022-12-10 12:16:16 +00:00
3a7eb294c7
servo: fix jackett DNS entry
2022-12-10 09:47:28 +00:00
2ccb470adc
packages: add tcpdump
2022-12-10 02:56:00 +00:00