00329a8bd3
servo: switch from jellyfin -> minidlna
2024-11-17 22:15:55 +00:00
697edc20fc
servo: prosody: harden systemd serivice
2024-11-17 21:11:36 +00:00
a1ed37fada
systemd: fix polkit rules so "systemd-run" isnt allowed by default
2024-11-17 20:57:01 +00:00
97089c6bd1
todo.md: sync
2024-11-17 17:15:33 +00:00
85103c61aa
polyunfill: re-enable /etc/pam.d/systemd-user
...
it's needed by systemd --user, and hence by gitea
2024-11-17 17:08:39 +00:00
01309b66cc
programs: shadow: remove pam session supression (this is presently dead code anyway)
2024-11-17 17:08:39 +00:00
7783de5d54
users: split pam stuff out of default.nix and disable
2024-11-17 17:08:39 +00:00
7ec6d28c65
servo: gitea: cleanup
2024-11-17 17:08:39 +00:00
2058045011
systemd-user-sessions: re-enable
...
this is actually probably necessary, else systemd user session fails with error PAM
2024-11-17 16:26:02 +00:00
09ed5a271d
disable the systemd --user instance in a less hacky way, which hopefully causes fewer gitea-related errors
2024-11-17 16:18:18 +00:00
f723aa008c
NUR: hopefully fix the NUR eval errors
...
see: <https://github.com/nix-community/NUR/actions/runs/11879057301/job/33100486232#step:4:2171 >
2024-11-17 13:56:42 +00:00
5c001d5677
mpv: associate with tiktok
2024-11-17 12:11:22 +00:00
6b5da3c61f
nixpkgs-bootstrap: 0-unstable-2024-11-14 -> 0-unstable-2024-11-16
2024-11-17 06:05:23 +00:00
11bce103a0
nixpkgs-wayland: 0-unstable-2024-11-09 -> 0-unstable-2024-11-16
2024-11-17 06:04:44 +00:00
39fd6b4309
firefox-extensions.{sponsorblock,ublacklist} -> latest
2024-11-17 06:04:28 +00:00
21f4b1d9f1
opencellid: 0-unstable-2024-11-14 -> 0-unstable-2024-11-16
2024-11-17 06:02:42 +00:00
186ff0b085
uninsane-dot-org: -> latest
2024-11-16 21:23:55 +00:00
444ca4353b
nginx: uninsane.org: block archive.org, google bot from select pages
2024-11-16 17:11:49 +00:00
e179d71bfa
uninsane-dot-org: 0-unstable-2024-10-27 -> 0-unstable-2024-11-16
2024-11-16 14:34:13 +00:00
db2137d756
ccache: disable
2024-11-15 05:22:54 +00:00
4e008c3420
nixpkgs-bootstrap.master: 0-unstable-2024-11-09 -> 0-unstable-2024-11-14
2024-11-15 05:07:30 +00:00
39ff8252c2
sops-nix: assets-unstable-2024-10-26 -> assets-unstable-2024-11-11
2024-11-15 05:07:13 +00:00
50be4729b0
syshud: 0-unstable-2024-11-07 -> 0-unstable-2024-11-12
2024-11-15 05:06:56 +00:00
b27e5d4c7d
uassets: 0-unstable-2024-11-09 -> 0-unstable-2024-11-14
2024-11-15 05:06:34 +00:00
f38ce77d41
opencell-id: 2024-11-09 -> 2024-11-14
2024-11-15 05:06:19 +00:00
5788edbbc5
feeds: subscribe to Innuendo Studios
2024-11-14 14:25:16 +00:00
0f8152569b
servo: replace one of the /mnt/pool disks
2024-11-14 03:18:48 +00:00
8bd4402faf
todo.md: setup a real calendar system
2024-11-13 14:19:16 +00:00
18ce2e07a5
todo.md: note that /mnt/.servo_ftp has some problem
2024-11-13 14:17:38 +00:00
9de483a706
pkgs/assorted: fix pythonImportsCheckHook to be in nativeCheckInputs so it doesnt run on cross
2024-11-13 13:47:52 +00:00
7b88c9c644
sane.fs: dont have local-fs.target depend on any of my (persistence) bind mounts
...
otherwise it's too easy for local-fs to hang (/mnt/persist/private), or fail (/mnt/pool), and i lose critical things like *networking*
this was only working because on servo the /mnt/persist/private deps caused a cycle and systemd just _removed_ local-fs.target
2024-11-13 12:05:31 +00:00
d37e7fb5e8
servo: jellyfin: systemd: explicitly depend on /var/media
2024-11-13 12:03:15 +00:00
568ff01bc1
seatd: remove --bunpen-debug=4 flag
2024-11-13 11:47:47 +00:00
f5684b7c06
servo/fs: remove local-fs.target ordering dep on /mnt/pool
...
this is incremental work toward being able to boot (especially to networking) while my media disks are unplugged
2024-11-13 11:07:36 +00:00
8d1c714ba0
hosts/common: clean up the journald persistence to support both *private* or plaintext storage, by config
2024-11-13 09:14:30 +00:00
cffc826746
hosts/common: persist systemd journal in a way thats encrypted AND doesnt break boot
2024-11-12 11:48:36 +00:00
fed25f44d5
dyn-dns: allow services to subscribe *only* to change events, and not require DNS always be available
...
also switch back exclusively to UPnP / local source of trust
2024-11-12 04:06:24 +00:00
6513d927d4
hickory-dns: allow empty DNS substitutions, and handle those by filtering out the corresponding record
2024-11-12 04:05:25 +00:00
4779ad8f41
dyn-dns: better implementation
2024-11-12 02:31:50 +00:00
2134a9c738
WIP: dyn-dns: try a smarter trigger scheme, but im getting weird "resource" errors with systemd path units
2024-11-12 01:09:23 +00:00
5aa6c9b8c7
dyn-dns: when DNS changes, restart immediately instead of blocking on another dyn-dns.service query
...
the new behavior though causes dyn-dns consumers to be started even before we've learned the IP. that sort of matches the semantics of the module though. not sure the best design yet
2024-11-11 23:41:58 +00:00
388c58f656
servo: slim dependencies so that local-fs.target can be reached even if my media drives are inaccessible
...
this means some services which need access (like sftpgo) fail to start if the drive is unavailable
2024-11-11 20:40:13 +00:00
f3ee312dad
modules/ssh: start sshd as early in the boot as possible
...
this allows more scenarios to be recoverable
2024-11-11 20:35:47 +00:00
3fb2656ff5
smartd: enable periodic drive self-tests
2024-11-11 15:42:27 +00:00
bb09575028
programs: btrfs: better sandboxing
2024-11-11 12:41:48 +00:00
ce43b00707
todo.md: sync
2024-11-11 11:11:55 +00:00
ec5e8a3269
netns: simplify the host -> netns response tunneling
...
i don't actually need any route table that's higher priority than 'local'
2024-11-11 11:02:42 +00:00
4604117184
programs: assorted: ensure everything that needs X(wayland) gets X(wayland)
2024-11-11 10:24:37 +00:00
c202e02d51
feeds: subscribe to ICM.museum
2024-11-11 09:03:52 +00:00
f6369bce8d
servo: doof: dont proxy DNS inside the net namespace
2024-11-11 02:46:06 +00:00
