de9b1e6197
prosody: docs: not about watch:stanzas
2023-10-20 10:17:20 +00:00
f43bb446c8
prosody: move to own directory
2023-10-20 10:16:23 +00:00
6191542805
nix-serve: port 5000 -> 5001; prosody: enable proxy65 on port 5000
2023-10-20 04:48:30 +00:00
b8f13cd965
prosody/coturn: debugging (this config works with JMP.chat)
2023-10-20 03:14:36 +00:00
77b4e7ff09
slightly better prosody + coturn integration
...
still not able to receive incoming calls, but i pass more prosody self-checks
2023-10-17 09:43:55 +00:00
827d9626d6
ports: actually forward ovpns ports into the root namespace
2023-10-17 09:42:13 +00:00
cdfcf1a46d
sftpgo: dont activate until we have network
2023-10-17 09:41:07 +00:00
e8c4555be7
prosody: partial integration with coturn
...
still missing something, which breaks inbound calls
2023-10-17 01:16:59 +00:00
0092ccacbe
ejabberd: ensure coturn isnt running
2023-10-17 01:16:36 +00:00
184e37e2dc
derived-secrets: make the mode configurable
...
this should probably be moved into sane.fs proper at some point
2023-10-17 01:16:08 +00:00
5a2382f61c
prosody: remove dead code
2023-10-16 08:05:00 +00:00
f6c56969bc
xmpp: switch from ejabberd to prosody
2023-10-16 07:56:47 +00:00
476b481fd7
moby: dont ship the rtl8723cs *bluetooth* firmware
...
it seems to conflict with Wake on Lan
2023-10-14 10:20:47 +00:00
ea4063340d
moby: prioritize headset audio out
2023-10-14 10:19:31 +00:00
aaf9dbac1e
ship gdb, mercurial
2023-10-12 01:59:28 +00:00
2de947d96e
wowlan: move the implementation into sxmo_suspend.sh instead of a systemd service
2023-10-10 09:26:48 +00:00
85e5d30b0f
wowlan module: port to rtl8723cs-wowlan python script
2023-10-10 08:34:02 +00:00
330864c866
moby: ship rtl8723cs-wowlan script
2023-10-10 08:03:45 +00:00
1ffaa232d8
sxmo: bemenu: configure via package override, not profile
...
this is just easier to integrate, rather than ensuring everywhere gets
the env var
2023-10-09 00:25:03 +00:00
a9ddfb2752
WIP: sxmo: port to systemd
2023-10-09 00:25:03 +00:00
7a75cad65f
Dino: bump input latency to 20ms
2023-10-07 08:09:50 +00:00
03d3ea4965
moby: ship the geoclue where-am-i helper on PATH
2023-10-07 04:34:15 +00:00
bc3ad7dfa5
moby: gps: restrict geoclue to only my user
2023-10-07 04:27:14 +00:00
2097c3ad77
moby: gps: document some findings
2023-10-07 04:25:44 +00:00
a6ea5da7a1
moby: disable legacy PulseAudio stuff
2023-10-07 01:27:16 +00:00
98a6671e95
moby: decrease the amount of samples Dino drops while in a call
2023-10-07 00:58:11 +00:00
243a4c6f0d
moby: gps: document some maps programs
2023-10-07 00:21:40 +00:00
a586611aa0
docs: moby: gps: link to geoclue/gnome-maps support channels
2023-10-05 08:05:35 +00:00
d7120a14f4
moby: gps: fixup geoclue notes
2023-10-04 05:36:22 +00:00
6c6e1ee84b
moby: add gps-related services to the "dialout" group
2023-10-03 01:01:06 +00:00
83586ce483
trust-dns: cleanup some typos
2023-10-02 22:33:54 +00:00
e20c4d01e6
trust-dns: fix missing "mkdir" during service startup
2023-10-02 22:12:09 +00:00
01cad7b702
trust-dns: perform more specialization via structured config instead of sed
2023-10-02 22:02:46 +00:00
48715546e2
trust-dns: split into separate (restartable) services
2023-10-02 21:30:51 +00:00
67a9134130
moby: switch default browser back to epiphany
2023-10-02 05:10:00 +00:00
bdf049d9e4
moby: wowlan: also wake on ARP requests (experimental)
2023-09-28 20:55:18 +00:00
9205e076c5
modules/wowlan: move options to "ipv4" attrset for future protocol expansion
2023-09-28 20:09:04 +00:00
9a16b1cda7
ntfy: add a lengthy proxy_read_timeout to prevent hangups
2023-09-27 18:25:36 +00:00
742ed50960
moby: configure wake-on-lan
2023-09-27 01:04:53 +00:00
d2890ecbba
ntfy-sh: dont autostart except on moby
...
it's easier to troubleshoot when there's only one subscriber...
2023-09-26 14:48:54 +00:00
fad9c8f483
ntfy: run on a non-443 port
2023-09-26 13:51:27 +00:00
a265dd28dd
ntfy-sh: configure auth, simplify proxying
2023-09-25 17:34:50 +00:00
865777b7ba
enable ntfy (and manually integrate with matrix)
2023-09-23 21:09:04 +00:00
7b38ec3f8f
docs: irc: mention mnt-reform channel location
2023-09-23 11:20:45 +00:00
2f12fd8ae7
ejabberd: port config to structured nix attrs
2023-09-22 22:50:51 +00:00
6d7ff7ea86
fix trust-dns to resolve when invoked from VPN
2023-09-22 18:54:12 +00:00
00d831e755
wg-home: fix DNS forwarding
...
ugh, this is a mess, but it seems to work
2023-09-22 14:36:56 +00:00
63d65a453c
trust-dns: spin up a separate server to wg-home requests, also forwarding them to upstream
2023-09-22 12:36:48 +00:00
2b48adfbef
gnome-calls: don't auto-start
2023-09-21 19:44:11 +00:00
7f944ad4a1
dino: autostart (on moby)
2023-09-21 19:40:12 +00:00
c1d62bdbc2
wg-quick: allow clients to contact the internet
2023-09-19 12:36:57 +00:00
9d1ebd38ce
wg-home: don't infer role from ip address, but set it explicitly
2023-09-19 11:38:51 +00:00
05bbc5d18f
moby: switch to linux-megous-firmware for firmware
2023-09-19 10:09:24 +00:00
f493f005a9
lappy: switch back to sway
2023-09-16 15:11:01 +00:00
61428a5c8b
unify fonts across sway and sxmo
2023-09-16 14:59:12 +00:00
38f839fb60
servo: fix over-broad "passwordFile" fix
2023-09-16 08:42:05 +00:00
321cc62ca0
passwordFile -> hashedPasswordFile to fix deprecation warning
2023-09-16 08:17:48 +00:00
f54d5a68ff
trust-dns: 0.22.1 -> 0.23.0
2023-09-13 02:53:06 +00:00
d92b393f01
hardware/x86_64.nix: split these options into more relevant files
...
also makes it so we dont ship opengl on platforms where we dont need it (servo)
2023-09-07 10:24:20 +00:00
f8d807225f
swaync: fix backlight controls for moby
2023-09-07 08:54:43 +00:00
7f8ce68182
transmission: disable the incomplete dir
2023-09-07 06:14:11 +00:00
edf936820a
transmission: fix permission-related errors
2023-09-07 06:14:11 +00:00
5efeb6ca50
lappy: sxmo: set noidle
2023-09-06 00:46:08 +00:00
d1741c60dc
sxmo: clean up our hook injections
2023-09-05 17:21:02 +00:00
409baf0321
moby: lift background into sway config
2023-09-05 16:13:23 +00:00
233a81c7d8
sxmo: more logging around power_button/volume_button
2023-09-05 09:14:32 +00:00
905934cad2
moby: disable blueberry app, since it doesnt compile
2023-09-04 11:31:07 +00:00
e89805cd17
sxmo: have sway launch sxmo -- not the other way around
...
this lets me treat sxmo as just some nice scripts which run atop an existing DE (sway), rather than the opposite
can share more code with my desktop/laptop
2023-09-04 11:10:30 +00:00
680ab2c189
lappy: fix sxmo polyfill
2023-09-04 10:01:29 +00:00
10095e3ce5
sxmo: rename greeter option: {,->greetd-}sway-gtkgreet
2023-09-04 01:06:57 +00:00
4d75c3d97a
ejabberd: document more compat & how to admin
2023-09-02 08:36:32 +00:00
90511ed765
ejabberd: support matrix: clarify client support
2023-09-02 08:36:32 +00:00
aa3b85511f
ejabberd: docs: update federation/support matrix
2023-09-02 08:36:32 +00:00
357b6ef06e
nfs: expose playground as a read/write dir
2023-09-01 10:08:29 +00:00
4fdf74fdbe
export: enforce a quota
2023-09-01 03:37:33 +00:00
15e09573d5
exports: consolidate nfs and sftpgo mounts into /var/export
2023-09-01 01:23:35 +00:00
d6479ca148
nfs/sftpgo: combine into "exports" nix directory
2023-09-01 00:39:22 +00:00
cf9558f166
WIP: sftp: define playground as a btrfs subvolume
2023-09-01 00:35:43 +00:00
3f748164e4
ftp: add a playground directory
2023-08-31 12:56:30 +00:00
815a8b52b6
refactor: sftpgo: define permissions via nix config
2023-08-31 12:56:30 +00:00
639a4cfe50
ftp: grant read access to LAN
2023-08-31 12:56:30 +00:00
bf302f70f1
servo: ejabberd: give each TURN port a unique upnp description
...
i think some impls expect the description to be unique?
2023-08-29 11:46:40 +00:00
bdcccbd894
ejabberd: forward TURN ports over UPnP
2023-08-29 07:22:48 +00:00
4201aa7466
gui: sxmo: default to sxmo-utils-latest variant of the package
2023-08-28 09:56:02 +00:00
304482cc9b
moby: ModemManager: make quieter
2023-08-28 08:09:19 +00:00
ad9db91812
moby: ship eg25-control on user profile
2023-08-28 08:03:27 +00:00
dc64193a62
moby: generalize sun4i init failure to displayManager *and* greetd
2023-08-26 19:57:43 +00:00
7f1e959ece
moby: gps: grant geoclue access to all users
2023-08-22 08:49:04 +00:00
794df4d762
moby: geoclue: restrict to just "colin" user
2023-08-22 07:20:31 +00:00
d6b262a28e
moby: enable geoclue service
2023-08-22 07:15:14 +00:00
5d349ce042
moby: init GPS during boot
2023-08-22 04:53:40 +00:00
940711878b
eg25-control: make own package
2023-08-22 04:41:54 +00:00
75048efcf3
eg25_gps_init.py: allow CLI config of modem control points
2023-08-22 04:36:37 +00:00
8cc5199d9b
FIXUP
2023-08-22 04:35:51 +00:00
3f60bacd38
eg25_gps_init: allow finer CLI control
2023-08-22 04:32:11 +00:00
8fb705dde4
eg25-gps-init: document the SIM requirement
2023-08-21 19:39:55 +00:00
79777cd4ae
eg25-gps-init: improve docs
2023-08-21 11:14:16 +00:00
fabd1e3b64
eg25-gps-init: fixup docs
2023-08-21 10:42:27 +00:00
bcb6beef05
check in a script to initialize the eg25 gps
...
not part of the deployed system: has to be run manually
2023-08-21 10:33:39 +00:00
89b5e8145d
lemmy: pict-rs: remove unused options
2023-08-20 05:01:24 +00:00
0edab7ed64
lemmy: port to new pict-rs and enable video
2023-08-20 05:00:35 +00:00
7bd6c0c14d
WIP: moby: launch ModemManager in debug mode
...
this lets me use mmcli --command=...
2023-08-18 10:05:32 +00:00
b083ce87be
eg25-manager: disable
2023-08-17 10:56:32 +00:00
17b90fc697
eg25-manager: configure without modemmanager support
2023-08-17 08:34:32 +00:00
2c4d30b5ec
postgresql: tune db parameters
...
fixes pleroma timeouts
2023-08-17 01:28:37 +00:00
d0af645af8
pleroma: add missing "prepare: :named" config
2023-08-17 01:28:33 +00:00
69efecb2ef
postgresql: update 13 -> 15
2023-08-16 11:09:22 +00:00
056e6d358e
moby: switch back to megi kernel (manjaro kernel has graphical glitches)
2023-08-16 10:59:58 +00:00
a50b8e6373
moby: split the old linux-manjaro config into its own package & update it
2023-08-16 10:10:42 +00:00
6751a74063
moby: kernel: better docs
2023-08-16 09:08:35 +00:00
8a0efb3e40
servo: bump /tmp space to 32 GB
2023-08-11 07:10:25 +00:00
b013123669
moby: note for future self about a new display-manager failure case
2023-08-11 05:01:48 +00:00
664b21e5f1
enable eg25-manager (experimental)
2023-08-10 07:27:38 +00:00
44059b34c7
don't ship unused sane-scripts
2023-08-02 21:09:16 +00:00
5cd05d8762
programs: split consoleUtils into separate normal/desktop sets
2023-07-30 11:59:38 +00:00
7b21ede5c4
moby: enable gpsd
2023-07-25 12:05:41 +00:00
219bb02cb8
refactor: moby: cleaner way to disable gestures
2023-07-25 10:56:29 +00:00
2df59f7c7d
moby: rename firmware.nix -> bootloader.nix
2023-07-25 10:52:58 +00:00
11a7370a76
moby: sxmo: dont auto-start gestures daemon
2023-07-24 21:46:23 +00:00
6ed550b813
moby: theme bemenu to match desktop background
2023-07-24 03:33:50 +00:00
512b5d78d4
moby: update bg, and add the blur/fade to the image instead of to conky
2023-07-22 10:56:06 +00:00
75fe6226c8
moby: use librewolf as default browser again
2023-07-21 21:29:48 +00:00
556664f10d
sxmo: start lisgd by default again
...
patching it out the way i was is incompatible with the upstream patch which
makes its enablement status persistent
2023-07-21 21:28:42 +00:00
bc46dc310d
sxmo: define a background
2023-07-21 21:28:26 +00:00
5ed33d90cf
moby: fix sidebery disable type
2023-07-18 20:06:36 +00:00
ad16e50081
sxmo: configure screenshot directory
2023-07-18 10:40:54 +00:00
9f6760a37f
moby: doc: add resources
2023-07-18 10:39:44 +00:00
532a78e2b2
desko: disable wpa_supplicant
2023-07-18 10:02:25 +00:00
b4d58a1515
sxmo: do restart lisgd on rotation, but don't enable lisgd by default
...
the restart logic is racy, and lisgd with autorotate becomes unusable after long enough
2023-07-17 19:53:19 +00:00
57681bfa6d
moby: re-enable firefox, but still default to epiphany
2023-07-16 12:26:31 +00:00
9058caac1d
moby: firefox: disable sideberry
2023-07-16 12:25:42 +00:00
83b76dc47e
moby: fix occasional blank screen on boot
2023-07-16 00:37:09 +00:00
20b8e2934c
moby: don't ship firefox
2023-07-15 10:11:45 +00:00
29b53d934f
trust-dns: apply PR feedback
2023-07-15 09:07:57 +00:00
77e5f82b31
programs: rename web-browser -> firefox
2023-07-15 08:51:36 +00:00
e5cca42717
servo: fix sane.nixcache path
2023-07-15 00:40:31 +00:00
e6a989bc92
nginx/pleroma: correct an old todo
2023-07-15 00:08:05 +00:00
ab7068c819
lappy: remove some dead ipfs code
2023-07-14 23:44:47 +00:00
746af067dc
moby: increase menu lines in landscape mode
2023-07-14 23:41:52 +00:00
2f5c33b2b4
nixcache: tidy up substituter config
2023-07-14 22:33:33 +00:00
fdc18821ca
servo: matrix-appservice-irc: remove completed todo
2023-07-14 22:11:59 +00:00
6b1baefaa7
moby: link to some config references
2023-07-14 06:48:02 +00:00
85483cde79
moby: allow video group to write to front-facing LEDs
2023-07-14 06:47:32 +00:00
8feafbb615
pinephone: fix flashlight permissions, the proper way (udev)
2023-07-14 05:55:44 +00:00
962ffeab7e
re-enable zramSwap on all devices
...
this is critical on moby, though even with this swap, we run out of CMA (videoram) instead -- just later
2023-07-13 23:37:30 +00:00
d3d9b30f29
consolidate /tmp fs into hosts/modules/roles
2023-07-13 22:04:28 +00:00
41f4d8e85a
trust-dns: specify zone via shorthand
2023-07-13 10:04:20 +00:00
e38bf42506
trust-dns: migrate module to nixpkgs repo
2023-07-13 09:57:11 +00:00
ffec91a52c
moby: disable zsh deadlines
2023-07-13 08:12:05 +00:00
527607e38f
desko: use sane.programs.steam
2023-07-13 06:27:54 +00:00
d4e6001431
moby: increase workspaces from 4 -> 5
2023-07-12 08:24:13 +00:00
cded837255
moby: sort sxmo prefs alphabetically
2023-07-12 08:24:13 +00:00
e5a81f0a45
moby: update env tunables
2023-07-12 06:45:47 +00:00
abc9f4c464
moby: sxmo: switch SXMO_SWAY_SCALE back to default of 2
2023-07-10 09:07:17 +00:00
452260f7c7
trust-dns: don't run as root
2023-07-10 09:00:37 +00:00
db93bd42ed
moby: ship megapixels camera app
2023-07-10 01:18:40 +00:00
445bc08a0c
desko: disable guest account
2023-07-09 18:49:36 +00:00
0a519eddb4
persist: allow persisting of individual files, not just directories
...
i actually do already, with ~/.ssh/id_ed25519 -- it works only as a fluke
2023-07-08 01:31:14 +00:00
799cbccdbe
desko: disable devPkgs
2023-07-07 06:30:19 +00:00
b7a77375b2
pleroma: block FB/IG/Meta's threads.net instance
2023-07-05 21:36:55 +00:00
07d7994176
pleroma: simplify proxy settings & make log level configurable
2023-07-05 09:04:50 +00:00
1d11c9b342
servo: persist media/datasets
...
it has to be under media so that transmission can see it
2023-07-05 09:04:50 +00:00
2131e638aa
desko: enable some dev-related packages
...
useful as i hack on Helix
2023-07-04 10:27:59 +00:00
e6cdd5450c
moby: specify wvkbd layers explicitly
2023-07-03 22:19:50 +00:00
27964c9c40
moby: mark kernel compression todo item as complete
2023-07-02 23:14:18 +00:00
262592b26a
programs: better way to ship jellyfin-media-player only on desktops
2023-07-02 23:12:12 +00:00
9777e5f83c
trust-dns: rework the module to be more suitable for upstreaming
...
still need to do hardening and docs
2023-07-02 08:21:33 +00:00
154711432f
pleroma: link to docs
2023-07-02 04:33:34 +00:00
ac97accd32
moby: ship gThumb
2023-06-29 20:23:53 +00:00
dbd312e9bd
guest: enable access to shelvacu
2023-06-29 09:11:22 +00:00
c19a0af6d7
desko: enable distccd
2023-06-28 04:16:20 +00:00
cffb54c293
sxmo: give a little more time before transitioning from screen lock -> screen off
2023-06-27 08:10:01 +00:00
36c181c147
matrix-irc: fix oftc connection
2023-06-27 08:08:27 +00:00
d41ad9db01
lappy: fix build (syntax error)
2023-06-24 09:39:58 +00:00
d6720f3601
sxmo: lift device-specific config out of the sxmo-utils & into the hosts
2023-06-23 10:24:47 +00:00
ed2480f48c
matrix-appservice-irc: fix permissions errors
2023-06-21 06:12:08 +00:00
bb1a2c9dcb
moby: remove ~/.config/sxmo/profile in favor of the nixos-level config options
...
note that this reverts from a SXMO_SWAY_SCALE of 2.0 -> 1.5
there may be other idiomatic ways to tune that
2023-06-20 00:33:10 +00:00
95f6fd7082
jackett: use recommendedProxySettings so that returned URLs are correct
2023-06-20 00:28:46 +00:00
8e17e2beb2
lemmy: remove unsupported settings.federation.enabled option
2023-06-19 21:17:59 +00:00
3b958ba356
sftp: allow read-only anonymous FTP
2023-06-19 03:49:51 +00:00
d95042ab65
servo: partially enable a FTP server
...
disabled as i tidy it
strugging to enable an anonymous FTP user -- might not be possible without using the web admin interface
2023-06-17 10:15:30 +00:00
b81642ccc9
servo/nfs: fix netmask typo
2023-06-15 02:13:29 +00:00
57ca3e67b3
servo/nfs: export rw if the source is wireguard
2023-06-15 01:52:15 +00:00
bcca6b6096
servo: export some read-only NFS mounts
2023-06-15 01:38:09 +00:00
f52f56a34c
moby: no longer ship Jellyfin
2023-06-13 07:05:21 +00:00
79a7daca12
lemmy: more debugging
2023-06-11 11:24:15 +00:00
37cafcf610
moby: re-enable nautilus file browser
2023-06-10 22:54:27 +00:00
27d2f756d2
moby: tweak default apps (sxmo, jellyfin qt6)
2023-06-09 09:44:27 +00:00
0b71712208
moby: disable soundconverter to speed up the builds
2023-06-09 01:05:54 +00:00
e5ce7c02ef
programs: factor ffmpeg/yt-dlp & friends out of consoleUtils
2023-06-09 00:57:53 +00:00
4fd4efa22f
DNS: split the zone generation out of trust-dns
...
this is in preparation for upstreaming parts of this into nixpkgs
2023-06-08 00:32:28 +00:00
3dcd5629a7
moby: set ALSA_CONFIG_UCM2 in all the places it's needed
2023-06-06 07:54:08 +00:00
108c1d9d60
moby: don't set ALSA_CONFIG_UCM2 var within pulseaudio service
2023-06-01 09:38:51 +00:00
c6e16ebc13
alsa-ucm-conf: patch custom PinePhone conf into the upstream package rather than shipping *only* the PinePhone configs
...
this is more to faciliate a goal of eventually not shipping any custom audio profiles
i.e. stay close to how upstream does things until we reach that goal
-mnote that this doesn't actually override the alsa-ucm-conf nix package (yet).
doing so is costly
2023-06-01 09:19:45 +00:00
287817056f
refactor: sane.services.wan-ports -> sane.ports
2023-05-31 04:25:39 +00:00
5cc7ced859
dns: rework so that we branch to the LAN v.s. WAN results based on source IP of the query -- not interface.
...
this simplifies the UPnP forwards and the OVPN routing
2023-05-31 00:56:52 +00:00
4dc5378b3e
dns: give different results based on which port the request arrives from
...
WAN and VPN requests are served by local port 1053 and `wan.uninsane.org`.
LAN requests are served by port 53 and `servo.lan.uninsane.org`.
i'm not *super* fond of this. a recursive resolver of uninsane.org via the VPN will only ever get WAN addresses (broken).
we may prefer to do IP-based responses, maybe via the same Linux firewall rules that forward from VPN namespace to root namespace
2023-05-30 12:00:30 +00:00
35c9f2bf60
servo: enable UPnP port forwarding timer
2023-05-28 20:38:24 +00:00
c1ddddddc0
ports: hide behind services.sane.wan-ports
...
later i will use this to enable UPnP on relevant ports
2023-05-26 23:28:30 +00:00
5b80308074
servo: disable broken mx-discord-puppet
2023-05-26 21:04:54 +00:00
