|
9fc5b83b61
|
refactor: servo: hardcode OVPN-related IP addresses in far fewer places
|
2024-06-17 22:00:39 +00:00 |
|
|
0d99293b2f
|
servo: split the doof/ovpns netns config into its own module
a big thing this gets me is that the attributes (like IP addresses) are now accessible via 'config' an i won't have to hardcode them so much
|
2024-06-17 09:25:10 +00:00 |
|
|
b3890b82dc
|
servo: http/https: expose to doof
|
2024-06-17 07:55:53 +00:00 |
|
|
1af7b613bd
|
servo: doof: respond to DNS queries
|
2024-06-17 07:39:52 +00:00 |
|
|
4c8695aae8
|
servo: fix missing route table for doof
|
2024-06-17 07:31:28 +00:00 |
|
|
d45e3fda5e
|
servo: trust-dns: enable on doof-net
|
2024-06-17 07:20:23 +00:00 |
|
|
456e0de872
|
servo: doof net: add the capability to forward ports
|
2024-06-17 07:20:23 +00:00 |
|
|
7825ddc123
|
servo: split out a "bridgedWireguardNamespace" helper for configuring ovpns VPN
i can re-use this to forward traffic over doof
|
2024-06-17 07:20:23 +00:00 |
|
|
dd47a5083c
|
servo: only forward ports to OVPN which are actually marked for visiblity
|
2024-06-17 06:29:09 +00:00 |
|
|
14d5d9eb5a
|
servo: net: remove dead Hurricane Electric code
|
2024-06-17 06:04:29 +00:00 |
|
Shelvacu
|
dc2c31f220
|
gitea: keep login session alive for 30 days
|
2024-06-14 03:34:42 +00:00 |
|
Shelvacu
|
bcab89dbfb
|
gitea: enable push-to-create for new repositories
|
2024-06-07 20:27:43 -07:00 |
|
|
56d84dea4d
|
hosts: remove unused (defaulted) option: boot.loader.efi.canTouchEfiVariables
|
2024-06-07 07:27:34 +00:00 |
|
|
8105e00b39
|
refactor: make system.stateVersion common across all hosts.
otherwise it's hairy to share nixos configs/modules between them
note that this alters the stateVersion for desko/lappy/rescue, but unlikely to matter
|
2024-06-04 15:58:53 +00:00 |
|
|
a5a635f00b
|
sftpgo: simplify my package override now that sftpgo 2.6.0 is merged
|
2024-06-01 16:22:22 +00:00 |
|
|
d8d11de9bc
|
sftpgo: replace deprecated "crypt" with "passlib"
|
2024-06-01 13:01:19 +00:00 |
|
|
07194d062a
|
servo: nfs: disable
|
2024-06-01 12:45:10 +00:00 |
|
|
84f2006115
|
servo: fix gitea
|
2024-05-30 12:12:06 +00:00 |
|
|
b159240b7f
|
servo: import ovpn privkey
|
2024-05-26 14:37:33 +00:00 |
|
|
18ec5505c4
|
servo: re-enable slskd
routing seems stable
|
2024-05-24 02:58:09 +00:00 |
|
|
c21ddca1fd
|
servo: doof tunnel: enable IPv6 and forward-DNS records
|
2024-05-20 05:47:04 +00:00 |
|
|
47da8e55f3
|
servo: disable jackett/slskd/transmission temporarily
|
2024-05-20 05:08:58 +00:00 |
|
|
3b99bb497b
|
servo: bridge to doof.net
|
2024-05-20 05:08:32 +00:00 |
|
|
9873353d00
|
refactor: replace --replace substitutions with --replace-fail where applicable
|
2024-05-19 23:31:54 +00:00 |
|
|
3361f2bbe7
|
zsh: port to sane.programs
|
2024-05-18 08:10:34 +00:00 |
|
|
afb9d273ab
|
servo: re-enable slskd
|
2024-05-17 22:00:46 +00:00 |
|
|
5924d092f4
|
coturn: expand documentation
|
2024-05-16 09:41:53 +00:00 |
|
|
9d725a0974
|
servo: disable unused nixcache.uninsane.org
|
2024-05-16 02:46:23 +00:00 |
|
|
df4ef0ce5a
|
desko: disable nix-serve
|
2024-05-16 02:35:27 +00:00 |
|
|
d5e8974a4a
|
refactor: trust-dns: listenAddrs -> listenAddrsIpv4
|
2024-05-14 23:22:50 +00:00 |
|
|
e040a5b0c5
|
servo: trust-dns: remove hn-resolver
my hosts run their own recursive DNS resolvers now, so there's no need for the wireguard VPN to provide them with that
|
2024-05-14 23:20:19 +00:00 |
|
|
f3cf9e0bed
|
trust-dns: set it to NOT be the system resolver for servo
trust-dns recursor is too beta for servo
|
2024-05-14 09:03:10 +00:00 |
|
|
889b332ade
|
trust-dns: split the parts which are generalizable into their own file
i can try to build this into a recursive resolver for *all* my hosts
|
2024-04-30 14:35:56 +00:00 |
|
|
6129fbf2b3
|
lemmy: upstream the proxy headers
|
2024-04-26 16:44:43 +00:00 |
|
|
f3d2dee470
|
lemmy: fix federation (broke due to invalid HTTP signatures)
|
2024-04-26 10:31:47 +00:00 |
|
|
3d207ab7bb
|
coturn: allocate 256 ports instead of 16
|
2024-04-26 08:47:52 +00:00 |
|
|
95447eb765
|
goaccess: fix missing state dir
|
2024-04-26 08:47:09 +00:00 |
|
|
593268f620
|
coturn: run inside ovpns namespace
|
2024-04-26 08:01:34 +00:00 |
|
|
d0de6a9254
|
sftpgo: reduce the passive port range
hopefully this eases the load on the upstream firewall's UPNP service
|
2024-04-22 12:08:23 +00:00 |
|
|
12f2798140
|
servo: sftpgo: move to own directory
|
2024-04-22 12:05:16 +00:00 |
|
|
f10bb6c86c
|
sftpgo: adjust file mode to be compatible with Kodi
|
2024-04-20 08:07:00 +00:00 |
|
|
317996b609
|
clightning-sane: document the status command more
|
2024-04-19 07:29:20 +00:00 |
|
|
135f63480b
|
clightning-sane: add a help message
|
2024-04-19 07:29:20 +00:00 |
|
|
f59f13588f
|
jackett/transmission/slskd: validate public IP address before starting
|
2024-04-18 20:05:59 +00:00 |
|
|
a36ff517e7
|
servo: slskd: disable
|
2024-04-18 06:55:56 +00:00 |
|
|
60c370df3f
|
sftpgo: fix domain name in banner
|
2024-04-18 05:01:57 +00:00 |
|
|
d80852c6c1
|
sftpgo: re-enable password login
|
2024-04-18 04:58:59 +00:00 |
|
|
62b3047fff
|
sftpgo: support FTPS
|
2024-04-18 04:34:41 +00:00 |
|
|
9a9ffcbea9
|
transmission: fix faulty "find" expression (thanks shellcheck!)
|
2024-04-17 23:32:00 +00:00 |
|
|
733efcfaf7
|
servo: nginx: forceSSL for anything media related
|
2024-04-17 22:49:24 +00:00 |
|