518d2f60c0
pleroma: port ExifTool config
...
the old path is deprecated, if my syslog is to be believed.
2022-10-25 04:11:47 -07:00
174bc539bc
moby: enable a statically-assigned but encrypted password
2022-10-24 07:39:50 -07:00
4c4b73f693
refactor: helpers/set-hostname.nix
becomes machines/instantiate.nix
2022-10-24 06:06:11 -07:00
9151f58b37
desko: set a password
2022-10-24 01:59:36 -07:00
8dd267db30
servo: goaccess: anonymize IPs and hide the 'HOSTS' panel
2022-10-24 00:16:42 -07:00
b658b93c64
lappy: store the hashed user passwd in git and decrypt it into /etc/passwd on boot
...
this approach lets me persist the password. persisting /etc/shadow
directly wasn't so feasible. populating /etc/shadow at activation time
is something nix already does and is easy to plug into.
so we store the passwd hash in this repo, but encrypt it to the
destination machine's ssh pubkey to add enough entropy that it's not
brute-forceable through the public git repo.
2022-10-23 06:53:06 -07:00
2b14648587
servo: persist the maildir
...
this way i don't lose my mail on every reboot...
wow i can't believe it took me this long to make the connection.
2022-10-22 07:00:56 -07:00
187a52527b
refactor: squash env
directory
2022-10-22 03:56:50 -07:00
3851136398
nginx/goaccess: opt-in *specific* hosts for public logs
...
the other hosts are by default private. mostly because they're just
internal services where i'm the primary user.
2022-10-21 22:38:38 -07:00
635fee1bda
nginx: include hostname in log so goaccess can group on it
2022-10-21 22:00:49 -07:00
5048ee1ce5
servo: fix RSS feeds.nix invalid reference (fix build)
2022-10-21 21:59:17 -07:00
e787dc29c6
servo: enable goaccess
for metrics/monitoring
...
TODO: change the nginx log format to include virtualhost and enable
goaccess to group by host
2022-10-21 09:55:49 -07:00
d9caf70c6c
home-manager: remove 'enable' option
2022-10-21 07:43:20 -07:00
48ff8e9ca7
more feedbackd user definition to phosh
2022-10-20 19:59:03 -07:00
e11f903aec
create/deply ~/private
: an encrypted filesystem
...
it uses gocryptfs -- a newer alternative to EncFS -- to encrypt
paths and data (but not metadata) onto an underlying backing filesystem
2022-10-18 05:29:36 -07:00
fdb77ac588
matrix-appservice-discord: remove
...
i use mx-puppet now. it works better and requires no patching (at least
yet. maybe it will in the future to support threads).
2022-10-15 02:25:57 -07:00
05cb85fd9b
freshrss: import my feeds on start
...
it's a little clunky in that it seems to need some refreshes
before it gets them, but it works.
2022-10-15 01:41:53 -07:00
fae87d3fbc
servo: pleroma: switch logging from debug -> warn
2022-10-15 00:39:55 -07:00
fcf60bae35
servo: persist the freshrss data
2022-10-13 21:49:54 -07:00
43123e78cb
servo: use user/group names instead of ids for service dir ownership
2022-10-13 18:00:59 -07:00
9305d44fde
servo: add freshrss service
2022-10-13 17:52:43 -07:00
711778a975
servo: nginx stateless deployment of the main blog
...
i.e. no need to run `make publish` when rebuilding the blog anymore.
instead, push blog changes, then `nix flake update; nixos-rebuild switch`
2022-10-11 05:27:51 -07:00
c71346e9b8
servo: matrix: enable mx-puppet-discord for better Discord bridging
2022-10-07 04:33:23 -07:00
f5576c3667
servo: matrix: rename discord.nix
-> discord-appservice.nix
...
this is in contrast to e.g. mx-discord-puppet, which i'll be trying soon
2022-10-07 02:16:01 -07:00
b437ddacd9
servo: disable matrix irc bridge by just not importing the nix file
2022-10-07 02:04:25 -07:00
68bda8aea7
servo: migrate ipfs options (to kubo)
2022-10-06 23:47:16 -07:00
0e9993923d
servo: matrix: move irc config to own file
2022-10-06 02:19:44 -07:00
cc12b87d0e
servo: matrix: use username/groupname instead of uid/gid for impermanence
2022-10-06 01:55:25 -07:00
a5393c3c84
servo: matrix: break the discord bridge out of default.nix
2022-10-06 01:54:46 -07:00
e1cd1be48d
Merge branch 'staging/discord'
2022-10-06 01:38:49 -07:00
37b931418d
servo: matrix-appservice-discord: disable annoying quirks
...
like bad edits, bot replies, etc.
2022-10-06 01:35:00 -07:00
a3db626a00
servo: matrix-appservice-discord: hide keys in sops, and enable.
2022-10-05 22:38:20 -07:00
ca239ca3e6
matrix: set up Discord bridge
...
verified working after i fill in the Discord secrets, but i need to find
a way to provide those outside of the nix store.
2022-10-05 22:02:07 -07:00
47f378e7fc
servo: consolidate service enumeration to services/default.nix
2022-10-04 23:08:03 -07:00
5f277f8653
moby: fix up CMA allocations so fractal (gui app) works
...
this probably enables other apps like Element; untested
2022-10-04 02:25:59 -07:00
5929286397
update nixpkgs: 2022-09-30 -> 2022-10-02
...
have to add nixpkgs stable to pin electrum to a buildable version
```
• Updated input 'mobile-nixos':
'github:nixos/mobile-nixos/42a30393b5eccaf7f73104fc39a71f0801340f5f' (2022-10-01)
→ 'github:nixos/mobile-nixos/efa5b5fae930370753d2e09361b38d10f0e0a00d' (2022-10-03)
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/10ecda252ce1b3b1d6403caeadbcc8f30d5ab796' (2022-09-30)
→ 'github:NixOS/nixpkgs/59d2991d4256cdca1c0cda45d876c80a0fe45c31' (2022-10-02)
```
2022-10-03 13:49:01 -07:00
5682a3e5f1
moby: remove some dead/commented-out code
2022-10-02 20:43:52 -07:00
7d4a7df2dd
replace deprecated runCommandNoCC
with runCommand
(fixes imgs.moby build)
2022-10-01 23:51:29 -07:00
7d62212c24
moby: disable nixos documentation
...
it slows down the build too much to be worth it
2022-09-30 04:44:29 -07:00
529e47a5fa
disable the pinephone proximity sensor
...
it's just bad UX.
2022-09-28 05:33:08 -07:00
bb7e2ee70a
moby: enable hardware.driSupport
...
not extensively tested, but the basics seem to work.
2022-09-27 23:23:37 -07:00
5ed7888710
moby: switch to manjaro alsa UCM files
...
the "internal speaker" is broken -- not sure if this minor change will
fix that or not
2022-09-26 01:42:31 -07:00
29d3a6f9b2
moby: ship alsa UCM2 files for pinephone
...
hopefully this will fix audio problems?
2022-09-26 00:46:38 -07:00
d8b2b73463
pleroma: enable debugging
2022-09-24 14:06:47 -07:00
38f55661c2
sane: tame matrix and transmission log levels
2022-09-23 23:03:31 -07:00
863f6a8c7b
gitea: decrease log level from info to warn
2022-09-23 15:48:29 -07:00
b3a4a95e28
servo: disable jellyfin to stop syslog spam
...
i also don't use it much anymore. mostly navidrome.
may be useful in future when i want DLNA support.
2022-09-23 15:29:33 -07:00
554bb5a84f
gitea: port config to nixos-unstable
2022-09-23 06:23:35 -07:00
cdbfa2d177
moby: limit boot entries to 10
2022-09-21 03:25:23 -07:00
8ff7e22ac8
lappy: enable the LAN nix cache
...
might want to be smarter about this, but for now it lets us reuse large
packages built on desko instead of rebuilding them locally.
2022-09-18 02:07:34 -07:00