6129fbf2b3
lemmy: upstream the proxy headers
2024-04-26 16:44:43 +00:00
f3d2dee470
lemmy: fix federation (broke due to invalid HTTP signatures)
2024-04-26 10:31:47 +00:00
3d207ab7bb
coturn: allocate 256 ports instead of 16
2024-04-26 08:47:52 +00:00
95447eb765
goaccess: fix missing state dir
2024-04-26 08:47:09 +00:00
593268f620
coturn: run inside ovpns namespace
2024-04-26 08:01:34 +00:00
d0de6a9254
sftpgo: reduce the passive port range
...
hopefully this eases the load on the upstream firewall's UPNP service
2024-04-22 12:08:23 +00:00
12f2798140
servo: sftpgo: move to own directory
2024-04-22 12:05:16 +00:00
f10bb6c86c
sftpgo: adjust file mode to be compatible with Kodi
2024-04-20 08:07:00 +00:00
317996b609
clightning-sane: document the status
command more
2024-04-19 07:29:20 +00:00
135f63480b
clightning-sane: add a help message
2024-04-19 07:29:20 +00:00
f59f13588f
jackett/transmission/slskd: validate public IP address before starting
2024-04-18 20:05:59 +00:00
a36ff517e7
servo: slskd: disable
2024-04-18 06:55:56 +00:00
60c370df3f
sftpgo: fix domain name in banner
2024-04-18 05:01:57 +00:00
d80852c6c1
sftpgo: re-enable password login
2024-04-18 04:58:59 +00:00
62b3047fff
sftpgo: support FTPS
2024-04-18 04:34:41 +00:00
9a9ffcbea9
transmission: fix faulty "find" expression (thanks shellcheck!)
2024-04-17 23:32:00 +00:00
733efcfaf7
servo: nginx: forceSSL for anything media related
2024-04-17 22:49:24 +00:00
b34d984572
servo: transmission: remove noisy files upon torrent completion
2024-04-17 20:47:00 +00:00
e2b58e1b77
servo: transmission: be extra strict about requiring VPN
2024-04-17 19:52:11 +00:00
b7e5bc5972
servo: sftpgo: disable external access
2024-04-17 19:41:57 +00:00
13c1f01a6b
servo: pleroma: migrate port 4000 -> 4040
...
port 4000 is used by NFS
2024-04-16 18:57:54 +00:00
5f281f57de
servo: transmission: inline nested torrent directories
2024-04-16 18:25:41 +00:00
089e434e3f
servo: transmission: fix group permissions of media when copying them to public dir
2024-04-16 16:31:10 +00:00
fce3436c88
servo: expose Milkbags to the internet :)
2024-04-08 06:55:09 +00:00
f7e4504764
pict-rs: remove no-transcoding patch (it doesnt apply anymore)
2024-04-04 19:09:12 +00:00
7ab148ea58
servo: migrate /var/media to be 100% on zfs pool
2024-04-04 06:20:50 +00:00
410097480f
docs: servo: fs: fix setfacl typo
2024-04-03 09:48:10 +00:00
f5fadbe4cf
transmission: place torrents in a separate directory, and copy them to the main media directory on completion
2024-04-03 09:48:10 +00:00
d3ad661970
servo: zfs: enable reflink support
2024-03-31 03:48:34 +00:00
5ed29ceb47
servo: /var/media: fixup permissions so everything is r/w by "media" group, including sftpgo
2024-03-28 23:14:40 +00:00
725ab13628
servo: nfs: allow UDP NFSv3 connections
2024-03-27 00:54:58 +00:00
c6a1f310a0
servo: net: actually assert that ovpns exists if we fail to add it
2024-03-26 11:13:10 +00:00
1d494513a9
slskd: document common errors/flakiness
2024-03-26 11:04:21 +00:00
3cf42db7dc
slskd: fix for more recent nixpkgs
2024-03-26 10:47:20 +00:00
098cd2051e
sftpgo: expose to the WAN
2024-03-14 13:11:44 +00:00
691a7d7ff7
sftpgo: configure for credential-gated r/w access
2024-03-14 13:11:44 +00:00
c7c2785ad8
sftpgo_external_auth_hook: refactor
2024-03-14 13:11:44 +00:00
4c1a7fc910
sftpgo: port auth program to python
2024-03-14 13:11:44 +00:00
41a141dba6
servo: disable navidrome
2024-03-05 18:48:25 +00:00
4d6d79cc81
servo: /var/lib/uninsane/media -> /var/media
2024-03-05 18:44:30 +00:00
53d76920e4
servo: persist more specifically the /var/lib/uninsane/media directory
2024-03-05 18:39:23 +00:00
d5643a6a5d
assorted static-nix-shell packages: use srcRoot
2024-02-25 17:37:38 +00:00
c6ebcfe66e
servo: port legacy /var/lib users over to "method = bind" persistence
...
i may wittle these down in the future
2024-02-23 15:49:54 +00:00
c23e4dc9c7
servo: note why i use file.text instead of symlink.text here
2024-02-23 08:14:27 +00:00
478747a96e
modules/persist: change default mounting method to symlink
...
this changes the plaintext and cryptClearOnBoot stores: private was already symlink-based.
this isn't strictly necessary: the rationale is:
1. `mount` syscall *requires* CAP_SYS_ADMIN (i.e. superuser/suid).
that's causing problems with sandboxing, particularly ~/private.
that doesn't affect other stores *yet*, but it may in the future.
2. visibility. i.e. it makes *clear* where anything is persisted.
if `realpath` doesn't evaluate to `/nix/persist`, then it's not
persisted.
2024-02-23 07:06:29 +00:00
5ff1d014b8
servo: transmission: fix user agent
2024-02-17 01:35:40 +00:00
4002a57e03
servo: transmission: advertise as 3.00 to deal with old trackers
2024-02-16 12:58:08 +00:00
74a0b0d125
gitea: serve phone-case-cq/ build files as proper html/js content type
2024-02-16 12:07:28 +00:00
cd0a046776
dovecot: remove dead code
2024-02-02 20:47:55 +00:00
27edee0bbf
dovecot2: fix sieves
2024-02-02 20:47:20 +00:00