fa4a576703
refactor: zsh: enable VTE with programs.zsh.vteIntegration
instead of manual sourcing
2023-01-28 09:30:45 +00:00
abb0a3c94e
refactor: move xdg.nix -> xdg-dirs.nix
2023-01-28 09:27:10 +00:00
32612e6acb
refactor: sort the mime associations
2023-01-28 09:26:29 +00:00
e0a3979b65
refactor: mimeapps: port from home-manager -> nixos
2023-01-28 09:23:41 +00:00
4d84ca0878
refactor: xdg.conf: move out of home-manager
2023-01-28 03:57:35 +00:00
1ae8ab2550
refactor: ~/.cache/nix-index: persist in common/users.nix instead of home-manager
2023-01-28 03:48:37 +00:00
ed1380ba70
libreoffice config: move out of home-manager
2023-01-28 03:45:51 +00:00
e1b8d3ccc3
zsh: move out of home-manager
2023-01-28 03:40:26 +00:00
4026334e51
neovim: move out of home-manager
2023-01-28 00:20:40 +00:00
f2c61d64b7
mpv: move out of home-manager
2023-01-27 08:12:37 +00:00
4603f0fd8e
kitty: move out of home-manager
2023-01-27 08:09:03 +00:00
7df18686e0
git: move out of home-manager
2023-01-27 07:57:42 +00:00
76c0c3dc6a
vlc: move out of home-manager
2023-01-27 07:34:07 +00:00
796988bdeb
sublime-music: move out of home-manager
2023-01-27 07:33:23 +00:00
31d28ccf23
ssh: move out of home-manager
2023-01-27 07:19:04 +00:00
a298678622
splatmoji: move out of home-manager
2023-01-27 07:18:13 +00:00
32eb3b1998
newsflash: move out of home-manager
2023-01-27 07:17:27 +00:00
7a726b8d08
keyring: move out of home-manager
2023-01-27 07:15:45 +00:00
3edbb1c873
gpodder: move out of home-manager
2023-01-27 07:12:29 +00:00
d94687e8cc
gfeeds: move out of home-manager
2023-01-27 07:11:31 +00:00
641ffc3452
firefox: move out of home-manager
2023-01-27 07:09:10 +00:00
fa8016db67
aerc: migrate out of home-manager directory
2023-01-27 07:08:03 +00:00
aa24eebf40
all hosts: declare $host-hn as an alias to speak with that host over the Home Network vpn
2023-01-27 03:18:49 +00:00
d419e10f10
moby: bump CMA 384M -> 512M
2023-01-26 23:41:22 +00:00
6006b84f9e
moby: disable metamask
2023-01-26 23:35:57 +00:00
b3b914bc2e
disable i2p on all hosts (i don't use it)
2023-01-26 23:35:29 +00:00
b358cbe02a
feeds: rifters: port to db
2023-01-26 00:07:29 +00:00
64cd562824
feeds: IEEE spectrum: port to db
2023-01-26 00:05:50 +00:00
749f59a4af
feeds: palladium: port to db
2023-01-26 00:04:17 +00:00
77d5ff623e
feeds: Profectus: port to db
2023-01-26 00:02:55 +00:00
6386abb8c6
feeds: SemiAccurate: port to db
2023-01-26 00:01:28 +00:00
28f8434c53
feeds: vitalik.ca: port to db
2023-01-26 00:00:16 +00:00
30fafb4837
feeds: sagacious suricata: port to db
2023-01-25 23:59:23 +00:00
c7205ed668
feeds: bunnie juang: port to db
2023-01-25 23:58:43 +00:00
c69c6612fe
feeds: Daniel Janus: port to db
2023-01-25 23:57:53 +00:00
6951b277ad
feeds: ian henry: port to db
2023-01-25 23:57:00 +00:00
1167c9bd0c
feeds: bitbashing: port to db
2023-01-25 23:56:22 +00:00
1fb2ddbecc
feeds: jefftk: port to db
2023-01-25 23:52:00 +00:00
27608cb8c7
feeds: pomeroyb: port to db
2023-01-25 23:51:12 +00:00
33ee59e80d
feeds: miniature-calendar: port to db
2023-01-25 23:49:52 +00:00
edacc28e4a
feeds: smbc: port to db
2023-01-25 23:45:49 +00:00
99780e30bc
feeds: pbfcomics: port to db
2023-01-25 23:45:16 +00:00
140dd05bd1
feeds: xkcd: port to db
2023-01-25 23:44:06 +00:00
c35bc92ac9
feeds: Sean Carrol/Preposterous Universe: port to db
2023-01-25 23:40:55 +00:00
16b92f98e7
feeds: put a num on it: port to db
2023-01-25 23:38:58 +00:00
576b63da9c
feeds: sideways view: port to db
2023-01-25 23:35:39 +00:00
e434add20d
feeds: Overcoming Bias: port to db
2023-01-25 23:34:30 +00:00
d288086aa2
feeds: roots of progress: port to db
2023-01-25 23:32:53 +00:00
e9c0f692d8
feeds: gwern: port to db
2023-01-25 23:32:11 +00:00
5a75d0f56b
feeds: richardcarrier: port to db
2023-01-25 23:29:58 +00:00
a222cf18a3
feeds: port slimemoldtimemold to db
2023-01-25 23:29:17 +00:00
45b9ee763b
feeds: applied divinity studies: port to db
2023-01-25 23:28:23 +00:00
50a2196495
feeds: unintended consequences: port to db
2023-01-25 23:27:15 +00:00
e4419ffad4
feeds: stpeter.im: port to db
2023-01-25 23:26:23 +00:00
ae3ba64fc3
feeds: dshr.org: port to db
2023-01-25 23:25:11 +00:00
948b2489d3
feeds: port austinvernon to db
2023-01-25 22:50:41 +00:00
abe491b563
feeds: port lynalden to db
2023-01-25 22:49:45 +00:00
9911593a63
feeds: port benedict evans to db
2023-01-25 22:48:57 +00:00
f72e901f57
feeds: port balaji to db
2023-01-25 22:22:06 +00:00
2047222233
RSS: add philosopher.coach
2023-01-25 21:27:18 +00:00
5d33cb66d6
feeds: add Julia Evans
2023-01-25 10:55:50 +00:00
6fded1f256
feeds: add Matt Webb
2023-01-25 10:36:10 +00:00
1d1c528abc
feeds: add Merveilles forum
2023-01-25 10:31:51 +00:00
35fdd2788f
feeds: add Emerge podcast
2023-01-25 10:28:15 +00:00
77cb951545
feeds: port congressionaldish to db
2023-01-25 09:46:10 +00:00
33d7819619
trust-dns: add a "quiet" option and enable it
2023-01-25 08:18:29 +00:00
0846abb6bf
signald: update, and persist the /var/lib/signald accounts directory
2023-01-25 06:38:27 +00:00
f3568462c2
fix matrix-synapse after nixpkgs update
2023-01-25 03:46:05 +00:00
358b673344
moby: bump CMA 256MB -> 384MB
2023-01-23 07:42:51 +00:00
d9c101689d
feeds: add lwn.net
2023-01-22 23:48:08 +00:00
ccbb573681
nit: remove dead comment in feeds.nix
2023-01-22 23:47:22 +00:00
f5c270233f
feeds: add Tales From The Bridge (podcast)
2023-01-22 23:46:11 +00:00
bf92bb48be
feeds: subscribe to project-insanity.org
2023-01-22 23:40:43 +00:00
2037b425d6
feeds: add Seattle Nice podcast
2023-01-21 09:41:20 +00:00
de74c4e7d5
RSS: add Drew Devault
2023-01-21 06:21:34 +00:00
34a5f3f49b
flake update: nixpkgs 2023-01-15 -> 2023-01-19
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/6dccdc458512abce8d19f74195bb20fdb067df50' (2023-01-15)
→ 'github:nixos/nixpkgs/d7705c01ef0a39c8ef532d1033bace8845a07d35' (2023-01-19)
```
2023-01-21 05:33:15 +00:00
f2d22231a3
freshrss: force sync feeds on every launch. requires to login as user "colin"
2023-01-21 03:50:27 +00:00
5d78bc6704
moby: enable wireguard/home VPN
2023-01-20 22:40:58 +00:00
4da19a6d34
servo: remove users.nix; move autologinUser -> default.nix
2023-01-20 22:16:47 +00:00
2f75925678
servo: lift pleroma user def out of toplevel -> pleroma.nix
2023-01-20 22:15:26 +00:00
55a1856e87
servo: lift git user def out of toplevel -> gitea.nix
2023-01-20 22:14:14 +00:00
2ee0f4efe2
servo: navidrome: give non-private dir and fix perms
2023-01-20 22:11:15 +00:00
9af157b294
moby: enable the client role
2023-01-20 11:37:43 +00:00
a653311f04
wg-home: enable dynamicEndpointRefreshSeconds to be robust against intermittent failure
2023-01-20 10:34:30 +00:00
f4d6ecb1cf
wg-home: use the DNS endpoint for connecting to my home VPN
2023-01-20 10:34:04 +00:00
c2e5a0a2fc
wg-home: when acting as client, allow server to relay all other clients' messages
2023-01-20 10:20:33 +00:00
c316e51344
desko: enable wg-home
2023-01-20 07:59:11 +00:00
f4f0c1bdd6
servo: fix broken config/typo
2023-01-20 07:45:54 +00:00
6a2374e046
wg-home: unify server and client config
2023-01-20 07:42:31 +00:00
708cb841fe
wg-home: auto-generate peer list from hosts.nix config
2023-01-20 07:22:34 +00:00
094b7223c7
servo: wireguard secret is auto-generated
2023-01-20 07:11:37 +00:00
f6dfc9cf29
hosts: migrate IP addresses into hosts/modules
2023-01-20 07:07:45 +00:00
7c2ab92302
wg-home: derive wireguard key from ssh privkey
2023-01-20 06:57:49 +00:00
7c18d77046
wg-home: make wireguard pubkeys configurable; we'll want one per host
2023-01-20 06:09:57 +00:00
02f316f7f8
tweak wg-home to where i can get a p2p connection between lappy and servo
2023-01-20 05:38:14 +00:00
df848b3262
wg-home: use separate host key than client key
2023-01-20 05:10:51 +00:00
a3a7b6c563
hosts: split wifi and bluetooth pairings into the "client" role
2023-01-20 04:25:08 +00:00
038a9034d7
hosts: remove the is-target attribute and opt into roles via the config system instead
2023-01-20 00:13:13 +00:00
5a232eb832
servo: fix secrets path
2023-01-19 23:57:40 +00:00
9301b95dbb
wg-home: move to shared module so that host and client config can be adjacent
2023-01-19 23:55:56 +00:00
d13bcc49ab
refactor hosts directory, and move ssh keys out of modules/data
...
longer-term, i want hosts/by-name to define host-specific data
that's accessible via the other hosts (things like pubkeys).
also the secrets management needs some rethinking. there's really not
much point in me specifiying where *exactly* a secret comes from at its
use site. i should really be specifying secret store manifests; i.e.
"servo.yaml contains secrets X Y and Z", and leaving the rest up to
auto-computing.
2023-01-19 23:23:43 +00:00
35e28041cd
flake update: nixpkgs-stable: 2023-01-15 -> 2023-01-17
...
```
• Updated input 'nixpkgs-stable':
'github:nixos/nixpkgs/2f9fd351ec37f5d479556cd48be4ca340da59b8f' (2023-01-15)
→ 'github:nixos/nixpkgs/b83e7f5a04a3acc8e92228b0c4bae68933d504eb' (2023-01-17)
```
2023-01-19 10:52:15 +00:00
58a5a8b56d
wg_home_privkey: move secret to common file
2023-01-19 09:47:44 +00:00
e6d4ff3c6a
experimental wg-home VPN shared across my devices
2023-01-19 09:45:03 +00:00
be29ad8bd8
servo: rename wg0 interface -> wg-ovpns
2023-01-19 09:35:07 +00:00
6967c331e2
matrix: fix synapse/signal permissions
2023-01-18 01:50:28 +00:00
bb983a5328
servo: ship with signaldctl
2023-01-17 10:31:21 +00:00
10d69fb0a4
mautrix-signal: configure correct permissions so that i can use the bridge
2023-01-17 07:57:24 +00:00
98ae1a8513
matrix: persist the mautrix-signal directory
2023-01-16 11:58:21 +00:00
72a2ab78f3
matrix: allow mautrix-signal to communicate with signald
2023-01-16 11:54:32 +00:00
487af9b492
fs: fix /var/lib/private to have expected mode (0700)
2023-01-16 11:43:43 +00:00
472d25c056
mautrix-signal: define the shared secrets statically
2023-01-16 11:43:17 +00:00
9eafacad12
mautrix-signal: get a *little* closer to working
...
it looks like mautrix-signal reads the appserver token (AS_TOKEN) from
its config file -- which we place in the nix store. as such, we have no
easy way of getting the token from registration.yaml over to
mautrix-signal. this is presumably what the environmentFile stuff is
meant for, but it doesn't *really* help much.
i think it makes sense to pursue coffeetables' nix-matrix-appservices
module, which has good-looking AS_TOKEN support:
<https://gitlab.com/coffeetables/nix-matrix-appservices >
2023-01-16 10:22:44 +00:00
0eb46a3179
add mautrix-signal (experimental)
2023-01-16 09:03:56 +00:00
b4e19c037e
ejabberd: TODO: fix acme/nginx group membership
2023-01-16 05:59:52 +00:00
926decbea5
persist ~/.cache/nix
2023-01-14 23:21:15 +00:00
fd7acc8fc8
let host nix (i.e. nix-shell, nix-locate) know about our patched nixpkgs and overlays
2023-01-13 09:41:05 +00:00
0f25cba331
moby kernel: disable config option that would break build
2023-01-13 04:40:34 +00:00
39959e912d
cross: fix cross compilation by setting both local AND crossSystem
2023-01-13 04:40:34 +00:00
b1741a18e1
feeds: include "title" in the output OPML -- when it exists
2023-01-13 04:13:44 +00:00
110ab1a794
feeds: fix snowden to not be a podcast
2023-01-11 16:20:53 +00:00
7d5a81e542
feeds: port Civboot
2023-01-11 16:11:46 +00:00
1af2a3f329
feeds: port Michael Malice
2023-01-11 16:05:25 +00:00
3fa9e910a9
feeds: port Matrix Live
2023-01-11 16:03:00 +00:00
6befc40700
feeds: migrate Decoder
2023-01-11 15:51:41 +00:00
29db2d8dc5
feeds: switch to working 60 minutes feed
2023-01-11 15:46:34 +00:00
36d8052982
feeds: disable 60 minutes
2023-01-11 15:41:25 +00:00
48115231a3
feeds: port acquired, FT
2023-01-11 15:32:42 +00:00
c1457f5bfb
feeds: port 99% Invisible
2023-01-11 15:25:32 +00:00
7dfaf77a71
feeds: port Sam Harris / Waking Up
2023-01-11 15:15:03 +00:00
72dc7029e6
feeds: port Dan Carlin
2023-01-11 15:06:18 +00:00
95f3215b00
feeds: port darknet diaries and radiolab
2023-01-11 15:03:24 +00:00
baac8df8c2
feeds: fix Econtalk; port Doctorow, 80000hrs, deconstructed, intercepted, Post, The Portal
2023-01-11 14:51:17 +00:00
dc6a08a12b
convert some of my feeds to db entries
2023-01-11 13:16:26 +00:00
2413e2eb5f
feeds: update ACX feed to its non-forwarded origin
2023-01-11 10:59:35 +00:00
bd5209c655
move cross compilation out of the flake and into the host definitions
2023-01-11 08:56:06 +00:00
33967554a5
servo: fix missing "lib" in nginx file
2023-01-09 13:25:56 +00:00
dbb78088f4
refactor: cleanup instances where we map to attrs to be more resilient against duplicate names
2023-01-09 03:48:07 +00:00
f17ae1ca7b
refactor: avoid using // where we know the sets should be disjoint
2023-01-09 03:11:14 +00:00
b2774a4004
move pubkeys out a modules/data/ directory
2023-01-09 02:40:25 +00:00
a457fc1416
ssh: move sys config out of hosts/common
2023-01-08 08:43:23 +00:00
2c0b0f6947
ssh: explain why we specify host_keys the way we do instead of through sane.persist
2023-01-08 08:41:48 +00:00
fb57e9aa5b
cleanup the 'every user/group has an id' enforcement
2023-01-08 06:46:07 +00:00
af77417531
feeds: add Perry Bible Fellowship comic
2023-01-08 05:30:36 +00:00
eea80b575d
feeds: disable dilbert (it doesn't embed well)
2023-01-08 05:28:15 +00:00
6a209d27fd
freshrss: only show text and image feeds
2023-01-08 05:27:45 +00:00
e8f778fecd
feeds: convert to module
2023-01-08 05:24:56 +00:00
488036beb3
ssh: add git.uninsane.org host key back
2023-01-08 03:22:05 +00:00
00b681eca5
ssh: manager ourself instead of using home-manager
2023-01-08 03:14:47 +00:00
72d589cb2d
ssh: port to modules system
2023-01-08 03:07:57 +00:00
ea5552daa7
bluetooth: accept that LinkKeys are device/host-specific and stop trying to share them across machines
2023-01-07 11:31:35 +00:00
85a2fbc38a
bluetooth: dont persist /var/lib/bluetooth
2023-01-07 08:08:29 +00:00
c063ecd047
bluetooth keys: use sane.fs instead of activationScripts
...
also auto-determines the device ID, which was previously broken
2023-01-07 03:43:31 +00:00
cc9e2d8e15
net: simplify the iwd psk setup
2023-01-07 03:10:39 +00:00
bb41fb95fe
iwd: populate net config with systemd service, not activationScript
2023-01-07 03:03:19 +00:00
d852adf806
move keyring to private store
2023-01-07 02:04:28 +00:00
53edf4e6af
firefox: handle config files manually, instead of leveraging home-manager
2023-01-06 16:11:06 +00:00
0a48d79174
fs: introduce some helpers to make writing symlinks easier
2023-01-06 15:38:29 +00:00
493d317bb1
moby: override browser-cache persistence more cleanly
2023-01-06 13:28:18 +00:00
fe816e9110
persist: lift sane.persist.dirs.{home,sys} up one level
2023-01-06 11:29:13 +00:00
8217b22c86
rename impermanence -> persist
2023-01-06 10:04:51 +00:00
0977721af5
moby: fix to preserve browser cache across boots
2023-01-04 13:27:20 +00:00
cd5f8054c0
fs: rename "mountpt" -> "origin" to reflect that it doesnt have to be a device
2023-01-04 12:19:32 +00:00
3db388b105
servo: relocate ext
device to /mnt/impermanence/ext and fixup deps
2023-01-04 12:12:30 +00:00
2ba6116f10
fs/impermanence: more precisely control unit dependencies/ordering
2023-01-04 11:22:26 +00:00
abced7dd0d
navidrome: don't try to chown to an invalid user
2023-01-04 08:00:04 +00:00
247ad326b2
freshrss: be conservative and use explicit octal mode bits
2023-01-04 07:14:54 +00:00
170008f345
home.files symlinks: port to sane.fs
2023-01-04 07:14:38 +00:00
7b02477486
servo: define /etc/persist via sane impermanence module
2023-01-04 02:15:43 +00:00
a9ee26388c
guest account: make home-dir writable by other users
2023-01-04 01:09:23 +00:00
933063115b
moby: fix home-dirs for newer impermanence module
2023-01-04 00:47:48 +00:00
2d7b3750cd
impermanence: split the /home/colin perms fix into more appropriate places
2023-01-03 08:25:43 +00:00
5a2bbcce3b
move plaintext home-dirs out of home-manager module into users module
2023-01-03 07:35:42 +00:00
327e6b536f
impermanence: large refactor, and experimental bind mounting of things from ~/private
2023-01-03 07:22:37 +00:00
9e32211c12
impermanence: cange "encryptedClearOnBoot" to a broader "store" argument
...
in the future it can support ~/private as a backing store
2023-01-03 03:04:19 +00:00
be222c1d70
trust-dns: allow shorthand assignment of record lists
2023-01-02 13:23:52 +00:00
875e923197
declare ~/private in fileSystems and reuse for pamMount
2023-01-02 11:34:02 +00:00
3c726f148b
remove some stale references to mobile-nixos
2023-01-02 10:00:20 +00:00
5a273213f6
sops: remove sops.age.sshKeyPaths override: sops gets this from openssh config already
2022-12-30 03:49:31 +00:00
0a6d88dfc1
impermanence: simplify /etc/ssh/host_keys setup
2022-12-30 03:34:59 +00:00
50dfd482cf
document plans for better handling of /etc/ssh
2022-12-29 19:19:51 +00:00
9743aee79d
ssh keys: document the issues i'm seeing
2022-12-29 18:42:59 +00:00
aa1c1f40cb
WIP: impermanence rework (gut 3rd-party lib)
2022-12-29 16:38:58 +00:00
760f2ac66d
move ~/.cache into encrypted private dir
2022-12-29 01:17:40 +00:00
8e5ca11259
cleanup gocryptfs mounting
...
there's possibly some latent issues. i think my changes to the gocryptfs
package *might* not be necessary: if you work via the fuse front-door,
it's a lot harder to get it into these weird places.
2022-12-29 01:17:40 +00:00
121936620a
impermanence: add support for encrypted clear-on-boot storage
...
this is useful for when we need to store files to disk purely due to
their size, but don't actually want them to be persisted.
2022-12-29 01:17:40 +00:00
f5b49e014c
net: add parent's wifi
2022-12-29 00:57:36 +00:00
4bdb34775d
consolidate filesystems./ across devices
2022-12-28 01:36:22 +00:00
a0ac7fa98d
snippets: add secret snippets
2022-12-26 09:29:04 +00:00
b03043e513
add sane-bt-search script to search jackett/torrents
2022-12-26 09:05:26 +00:00
0713e3bad1
secrets: move bluetooth/vpn secret defn to toplevel nix file
2022-12-26 08:28:44 +00:00
d3a3f39756
move universal secrets out of net.nix -> secrets.nix
2022-12-26 08:09:58 +00:00
9b75d8705b
ejabberd: enable push notifications (verified working on iOS/Modal IM)
2022-12-22 14:12:15 +00:00
217ecec250
ejabberd: enable xmpps-{client,server} SRV records
2022-12-22 13:13:09 +00:00
1f99d44288
/home/colin: fix perms to 0700
2022-12-22 11:33:13 +00:00
0c35e2b3c1
servo: enable nsncd
2022-12-22 10:34:47 +00:00
c745612cfd
Merge branch 'master' of git.uninsane.org:colin/nix-files
2022-12-21 08:51:12 +00:00
278cc98c6d
minor ejabberd config changes, simplify DNS %NATIVE% updating
2022-12-21 08:50:41 +00:00
09c524a5b1
Merge remote-tracking branch 'origin/staging/nixpkgs-2022-12-18'
2022-12-21 07:47:55 +00:00
0db7f0857a
moby: reduce the number of configurations we keep in /boot
2022-12-21 06:33:50 +00:00