664b21e5f1
enable eg25-manager (experimental)
2023-08-10 07:27:38 +00:00
8dc568d52e
ship mate.engrampa as archive manager (after getting it to cross compile)
2023-08-07 03:43:37 +00:00
dcf97b70e1
programs: use the declPackageSet helper
2023-08-02 21:20:50 +00:00
1ba877b325
upnp-forward: add a timeout to the unit
...
especially, this lets the target die, and the timer restart, when the UPNP stuff hangs
2023-07-31 11:06:04 +00:00
9ca8c74ed7
feeds: add wireshark podcast
2023-07-31 00:11:47 +00:00
f59da7ad0f
feeds: add minding our way
2023-07-28 01:14:28 +00:00
183457444c
feeds: add Ezra Klein show
2023-07-28 01:08:19 +00:00
28a91723b8
feeds: add Atlas Obscura podcast
2023-07-28 01:06:15 +00:00
535bbd2c0b
sane.{programs,user}.fs: pass fs values onto sane.fs unmerged
...
notably, this allows ~/.config/zsh/.zshrc to be specified by more than one location, and for the values to not overwrite one another
2023-07-18 11:25:27 +00:00
11a4b7006e
upnp-forwards: fix timer to actually run every hour
2023-07-18 09:54:06 +00:00
23e95ba2ba
modules: fs: symlink.text: allow specifying it multiple times
2023-07-18 02:17:25 +00:00
ebcc0c269e
trust-dns: remove from this repo
...
it's fully upstreamed into nixpkgs now
2023-07-16 12:27:23 +00:00
8788a8c67a
servo: upnp-forwards.timer: fix to invoke upnp-forwards.target instead of upnp-forwards.service
2023-07-15 22:08:55 +00:00
088286d8f7
mime: support multiple implementors of the same association, with different priorities
2023-07-15 10:11:31 +00:00
55d64eb598
programs: factor out a sane.programs.<foo>.mime schema
2023-07-15 08:44:18 +00:00
44b15ba8ed
users: apply default permissions to any user who goes through the sane.users module
2023-07-14 23:56:01 +00:00
e38bf42506
trust-dns: migrate module to nixpkgs repo
2023-07-13 09:57:11 +00:00
8b3521d08f
fixup sxmo persistence (prev two commits don't build
2023-07-13 07:17:09 +00:00
4a7398da2f
trust-dns: finish hardening
2023-07-13 01:33:31 +00:00
8e94d77b0f
ports: create a separate systemd service per port forward
...
this allows one failed forward to not take down all forwards
2023-07-11 01:56:59 +00:00
f765e3d030
sane-ip-check: also store the upnp gateway
2023-07-11 00:55:04 +00:00
452260f7c7
trust-dns: don't run as root
2023-07-10 09:00:37 +00:00
b648aca505
trust-dns: link to docs in service file
2023-07-10 08:12:07 +00:00
8c4af55f82
trust-dns: apply some hardening (still need more)
2023-07-10 08:00:45 +00:00
23fb37a3e9
fs: have nodes require their parent instead of the weaker want
...
this may fix it so spurious (failed) mounts of ~/private *don't* create a bunch of directories that later cause a real mount to be impossible
2023-07-10 05:58:30 +00:00
db72f5e11f
fs: generated.script.scriptArgs -> generated.command
2023-07-08 11:15:23 +00:00
8753e5e0c6
fs: remove legacy generated.script.script option
2023-07-08 11:15:23 +00:00
558b35fee0
prepare fs.generated.script users to not assume a shell
2023-07-08 11:15:23 +00:00
3ce2716fbe
fs: factor out the ensureSymlink/ensureDir/ensurePerms scripts
2023-07-08 10:35:10 +00:00
e9293dbe07
fs: fix raciness that was causing ensure-xyz services to run multiple times per boot
2023-07-08 09:08:59 +00:00
f18d624fd9
fs: avoid creating a new script for every fs entry
2023-07-08 09:00:49 +00:00
8f57394cd2
persist: create the backing path as a dependency of the VFS path
2023-07-08 02:08:18 +00:00
01b8a28a52
programs.fs: remove extraneous wantedBeforeBy clause
...
it's provided by `sane.user.fs`
2023-07-08 02:06:44 +00:00
b42207882e
programs.persist: fix to allow any options that underlying persist allows
2023-07-08 02:06:18 +00:00
0a519eddb4
persist: allow persisting of individual files, not just directories
...
i actually do already, with ~/.ssh/id_ed25519 -- it works only as a fluke
2023-07-08 01:31:14 +00:00
acf89a041e
modules/programs: cleanup with statements
2023-07-03 07:55:05 +00:00
9340d5f391
programs: remove explicit default definitions
2023-07-03 07:49:44 +00:00
9f1d61c781
programs: remove quadratic behavior
2023-07-03 07:16:24 +00:00
83e48eabad
WIP: decrease quadratic operations in modules/programs.nix
2023-07-03 07:04:57 +00:00
9b9273b725
programs: call out some quadratic behavior; i can try to fix it in the future
2023-07-03 06:41:48 +00:00
ccaff668c1
sane-lib: path: fix from bug; tidy
2023-07-03 05:28:53 +00:00
9777e5f83c
trust-dns: rework the module to be more suitable for upstreaming
...
still need to do hardening and docs
2023-07-02 08:21:33 +00:00
3df165593c
web browser: set $BROWSER environment variable
...
this gets used as fallback by e.g. xdg-email
2023-06-30 08:50:58 +00:00
dbd312e9bd
guest: enable access to shelvacu
2023-06-29 09:11:22 +00:00
68cda2006b
cleanup/refactor users
2023-06-28 03:46:29 +00:00
6676935ee1
feeds: add The Linux Experiment
2023-06-28 03:05:45 +00:00
40ec4d6ce0
programs: allow programs to ship system-level environment variables
2023-06-27 10:24:48 +00:00
0751e748ea
feeds: add PostmarketOS podcast
2023-06-25 22:22:32 +00:00
ec3a7067b6
modules/programs.nix: fix eval error when a program is suggestedBy multiple enabled packages
2023-06-23 02:05:26 +00:00
3d56117d65
gocryptfs: remove "defaults" flag
2023-06-10 23:21:42 +00:00
1724ac60e5
feeds: update URL for The Intercept
2023-06-10 23:08:51 +00:00
bf168c7f0f
feeds: update URL for Deconstructed
2023-06-10 22:59:44 +00:00
4fd4efa22f
DNS: split the zone generation out of trust-dns
...
this is in preparation for upstreaming parts of this into nixpkgs
2023-06-08 00:32:28 +00:00
c44f69a01f
modules/services/dyn-dns: specifc sane-ip-check* more irectly
2023-06-07 08:00:43 +00:00
adbc2a76c3
modules/ports.nix: specify sane-ip-port-forward more directly
2023-06-07 08:00:43 +00:00
d6bde02dfe
feeds: update URL for Acquired podcast
2023-06-01 00:04:54 +00:00
d07bb03936
feeds: update URL/title for _ACQ2_
2023-05-31 23:57:08 +00:00
1ab2f42ff4
feeds: update URL for _The Portal_
2023-05-31 23:54:46 +00:00
287817056f
refactor: sane.services.wan-ports -> sane.ports
2023-05-31 04:25:39 +00:00
5cc7ced859
dns: rework so that we branch to the LAN v.s. WAN results based on source IP of the query -- not interface.
...
this simplifies the UPnP forwards and the OVPN routing
2023-05-31 00:56:52 +00:00
4dc5378b3e
dns: give different results based on which port the request arrives from
...
WAN and VPN requests are served by local port 1053 and `wan.uninsane.org`.
LAN requests are served by port 53 and `servo.lan.uninsane.org`.
i'm not *super* fond of this. a recursive resolver of uninsane.org via the VPN will only ever get WAN addresses (broken).
we may prefer to do IP-based responses, maybe via the same Linux firewall rules that forward from VPN namespace to root namespace
2023-05-30 12:00:30 +00:00
35c9f2bf60
servo: enable UPnP port forwarding timer
2023-05-28 20:38:24 +00:00
c1ddddddc0
ports: hide behind services.sane.wan-ports
...
later i will use this to enable UPnP on relevant ports
2023-05-26 23:28:30 +00:00
7e402ce974
dyn-dns: obtain IP address via UPnP
2023-05-26 22:40:50 +00:00
ace9d71d0e
nix-serve: fix typo
2023-05-18 11:07:51 +00:00
fb427e55e8
secrets: define these by crawling the repo to decrease duplication
2023-05-14 09:50:01 +00:00
318efe09e2
secrets: split desko.yaml into one-secret-per-file
2023-05-14 02:29:30 +00:00
9d6629ad12
feeds: subscribe tuxphones.com
2023-05-12 07:45:42 +00:00
59a2259105
feeds: add theregister.com
2023-05-09 22:53:06 +00:00
51c7ccd782
feeds: subscribe Morning Brew
2023-05-08 21:50:59 +00:00
74ed7bff11
programs: remove wantedBy from the fs, and make it implicit
2023-05-08 21:41:02 +00:00
89f28e63b4
fs: leave a note about trying lazyAttrs
2023-05-08 09:50:10 +00:00
f89f136041
sane.programs: allow per-program config (and port web-browser to use that)
2023-05-08 09:49:58 +00:00
2450bb6f06
refactor package layout to conform better with NUR expectations
2023-05-02 01:27:51 +00:00
44195a7d87
programs: ship /home secrets correctly
2023-04-26 03:46:18 +00:00
9c09d03e5c
programs: add per-program secrets
2023-04-26 00:19:33 +00:00
1f2c9a9a5e
refactor hosts/common/home to use sane.programs API
2023-04-24 07:22:33 +00:00
337fb9e9d9
sane.programs: allow programs to define files, as per sane.fs
2023-04-24 06:49:56 +00:00
e7f02c057e
steam: integrate into sane.programs, and enable for lappy
2023-04-23 23:21:08 +00:00
b11759a0a6
Merge branch 'master' of git.uninsane.org:colin/nix-files
2023-04-18 06:10:47 +00:00
6af0d54e7b
matrix: re-enable signal bridge
2023-04-18 06:10:17 +00:00
f87c115f7c
RSS: subscribe to JMP.chat
2023-04-18 05:50:47 +00:00
bf3e0ad790
feeds: subscribe to capitol hill seattle blog
2023-04-03 07:01:51 +00:00
a09736e60b
RSS: add Poorly Drawn Lines (comic)
2023-03-28 23:03:10 +00:00
bdfdcfd164
RSS: add... unpronouncable hacker :P
2023-03-28 23:03:06 +00:00
adf72fc9d4
modules/fs: escape shell args
2023-03-22 19:52:04 +00:00
f1b47e5de9
RSS: (re-)subscribe to UnNamed Reverse Engineering Podcast
2023-03-21 01:23:36 +00:00
3c6c466d87
RSS: subscribe to ACQ2 / Acquired 2 podcast
2023-03-21 01:02:11 +00:00
16bf03d8be
RSS: subscribe Maggie Killjoy/Cool People Who Did Cool Stuff
2023-03-21 00:56:10 +00:00
ca1015d579
feeds: add This Week In Rust
2023-03-16 11:02:37 +00:00
c5c1378f59
trust-dns: properly quote TXT records
2023-03-14 11:34:48 +00:00
0cf4c3ff80
feeds: add thisweek.gnome.org
2023-03-11 10:30:29 +00:00
dc1cd7a9a5
sane.persist: make it default-true for my hosts
2023-03-11 08:36:14 +00:00
eae8ef11c8
feeds: subscribe to MAPS
2023-03-08 23:35:45 +00:00
edf21e6837
feeds: subscribe to Daniel Huberman podcast
2023-03-08 23:09:24 +00:00
0ecc08b49d
feeds: subscribe to LessWrong Curated
2023-03-08 22:52:08 +00:00
6eb8191514
feeds: subscribe to Aaron Scott / textfiles.com
2023-03-08 09:41:27 +00:00
017aa335b1
servo: dyn-dns: have getIp command use a fallback
2023-02-21 11:25:34 +00:00
e0a6f8ea4a
flake: add host-pkgs.<host>.<pkg> output
...
this builds packages precisely as they are defined by the given host.
significant for testing whether a cross-compiled host builds things
correctly, for example.
2023-02-05 19:34:32 +00:00
7ce0c34f43
sway: specify dependent packages more idiomatically, and fix bug where phosh wasn't actually shipping its dependents
2023-02-04 00:43:00 +00:00
