278cc98c6d
minor ejabberd config changes, simplify DNS %NATIVE% updating
2022-12-21 08:50:41 +00:00
55e09c2dbf
ejabberd: port to dns-dns; add experimental STUN/TURN support
...
during startup it says:
```
Ignoring TLS-enabled STUN/TURN listener
```
and later
```
Invalid certificate in /var/lib/acme/uninsane.org/fullchain.pem: at line 61: certificate is signed by unknown CA
```
the invalid cert thing has always been here. it's for the root cert. idk
if i need to tell ejabberd that one's self-signed, or what.
2022-12-20 03:26:08 +00:00
bd699c887c
sane-ssl-dump: new script to help debug ssl stuff
2022-12-20 03:25:07 +00:00
d60e5264f3
don't bind-mount /etc/ssh/host_keys: symlink them instead
2022-12-20 00:04:09 +00:00
97044bf70e
trust-dns: port to dyn-dns for determining WAN IP
...
although the systemd wantedBy directive is working,
`before` seems to be ignored when the unit fails. so on first run,
dyn-dns runs, fails (poor net connectivity), then trust-dns starts
(fails), then they both restart 10s later.
it's not great, but good enough. also, wan IP is persisted, so this
likely won't happen much in practice.
2022-12-19 13:12:23 +00:00
3122334a41
dyn-dns: fix to only react when the IP actually changes
2022-12-19 11:54:27 +00:00
0b2faef989
/etc/ssh/host_keys: fix endlessly stacked mounts
...
i believe this was mounting a new /etc/ssh/host_keys on every
activation, resulting in literally thousands of mounts and slowing down
later activations
2022-12-19 11:18:08 +00:00
8acd6ca4f1
create sane.services.dyn-dns to manage dynamic DNS stuff
...
not yet integrated into servo
2022-12-19 11:16:30 +00:00
8169f7c6b2
ddns-trust-dns: use ddns from router rather than ipinfo.io
2022-12-19 08:24:11 +00:00
cd1aa0b376
sane-vpn-*: reference sane-ip-check instead of duplicating
2022-12-19 06:19:13 +00:00
72b627100c
sane-scripts: simplify recursively referencing sane scripts
2022-12-19 06:18:44 +00:00
567c08460a
add sane-ip-check-router-wan to query WAN with a more trustworthy source
2022-12-19 05:59:44 +00:00
9b66aecf1b
trust-dns: port the remaining records to a structured format
...
SRV and MX _could_ have more structure (priority, etc).
not sure the best path there (option submodule, i guess).
2022-12-19 04:38:43 +00:00
16cb3b83a2
trust-dns: more idiomatic way to define SOA records
2022-12-19 04:00:27 +00:00
970438be8a
trust-dns: rename records option -> extraConfig
...
i'll be adding special options for records
2022-12-19 03:12:32 +00:00
51da29555e
sane-ip-reconnect: fix issue where we'd reconnect to the existing, subpar network
2022-12-19 01:47:30 +00:00
8a745a9b8a
ejabberd: enable STUN (with partial discovery support)
...
discovery is probably not working:
```
Won't auto-announce STUN/TURN service on port 3478 (udp) without public IP address, please specify 'turn_ipv4_address' and optionally 'turn_ipv6_address'
Won't auto-announce STUN/TURN service on port 3478 (tcp) without public IP address, please specify 'turn_ipv4_address' and optionally 'turn_ipv6_address'
```
no messages for the TLS implementation, so maybe that's working?
2022-12-19 01:22:20 +00:00
3505f3b9f3
ejabberd: provision cert for conference.xmpp.uninsane.org
...
i guess the cert already had that because of legacy prosody setup (?),
but we weren't setup so that new requests would work, i expect.
either that or all of these nginx entries aren't necessary?
2022-12-19 01:22:20 +00:00
444595e847
disable HE and afraid DDNS
2022-12-19 01:22:20 +00:00
3e1407c30b
new script to reconnect to best wifi network
2022-12-19 00:29:48 +00:00
0a744117a4
rename sane-check-ip -> sane-ip-check
2022-12-18 23:54:41 +00:00
a2935cedaa
snippets: add wikipedia search
2022-12-18 22:58:53 +00:00
22e46d52c2
trust-dns: distribute records across service files
2022-12-17 01:29:12 +00:00
1e0c213adf
split webconfig into each service file
2022-12-17 00:52:48 +00:00
3e1340ed61
enable i2p in firefox
2022-12-16 22:15:19 +00:00
341dd3f2b2
new zsh alias: ref -> cd ~/ref
2022-12-16 20:56:48 +00:00
1c9caa40bd
snippets: update nixos wiki to include search param
2022-12-16 20:35:33 +00:00
3be15c6d05
podcasts: add Michael Malice (is it any good? we'll see.)
2022-12-16 08:04:28 +00:00
8e8168ec28
add splatmoji package and sway config
2022-12-16 07:46:06 +00:00
28397807fc
gpt2tc: disable, because the mirror is unreliable
2022-12-16 07:08:55 +00:00
42ebb9a155
sane-private-do: run a command with the private store unlocked; then re-lock it
2022-12-16 06:10:44 +00:00
a8a4b8e739
kiwix: serve the full english Wikipedia
2022-12-16 05:58:51 +00:00
2550601179
serve w.uninsane.org through kiwix-serve
2022-12-16 02:25:57 +00:00
199a49755a
create a kiwix-serve service
2022-12-16 02:15:17 +00:00
8c7700688f
nixpatches: add kiwix-tools package that's being upstreamed
2022-12-16 01:22:38 +00:00
8fe304d6c1
trust-dns: split the service into a generic config interface
2022-12-15 11:17:50 +00:00
700fef7df3
servo: mediawiki: remove dead commented-out code
2022-12-15 11:17:50 +00:00
01db7e1f23
servo: install mediawiki
2022-12-15 11:17:50 +00:00
df6e8f1562
Merge branch 'master' of git.uninsane.org:colin/nix-files
2022-12-15 09:59:53 +00:00
1f0a40c81f
snippets: add nixos wiki
2022-12-15 09:54:32 +00:00
995b41d1e8
flake: update nixpkgs-stable 22.05 -> 22.11
2022-12-14 22:32:41 +00:00
7674735d42
Merge branch 'master' of git.uninsane.org:colin/nix-files
2022-12-14 12:28:58 +00:00
329693c9ce
pin grpc & users, until the grpc aarch64 build is fixed
2022-12-14 12:27:24 +00:00
5ae3bb2f6c
sane-rcp: allow a destination
2022-12-14 10:07:02 +00:00
e0b1aef127
snippets: add sci-hub
2022-12-14 09:52:07 +00:00
9b8363dfb4
firefox addons: bypass-paywalls-clean: update hash
2022-12-14 08:00:42 +00:00
58ad87df8e
vpns: add us-mi[ami]
2022-12-13 04:26:00 +00:00
5fc894cda9
vpn: fix us-atlanta -> us-atl to match interface length limit
2022-12-13 04:13:01 +00:00
07e6ec2533
sane-scripts: better vpn factoring
2022-12-13 04:11:58 +00:00
005a79e680
vpn: factor out more helpers
2022-12-13 03:55:18 +00:00
