0edab7ed64
lemmy: port to new pict-rs and enable video
2023-08-20 05:00:35 +00:00
7bd6c0c14d
WIP: moby: launch ModemManager in debug mode
...
this lets me use mmcli --command=...
2023-08-18 10:05:32 +00:00
b083ce87be
eg25-manager: disable
2023-08-17 10:56:32 +00:00
17b90fc697
eg25-manager: configure without modemmanager support
2023-08-17 08:34:32 +00:00
2c4d30b5ec
postgresql: tune db parameters
...
fixes pleroma timeouts
2023-08-17 01:28:37 +00:00
d0af645af8
pleroma: add missing "prepare: :named" config
2023-08-17 01:28:33 +00:00
69efecb2ef
postgresql: update 13 -> 15
2023-08-16 11:09:22 +00:00
056e6d358e
moby: switch back to megi kernel (manjaro kernel has graphical glitches)
2023-08-16 10:59:58 +00:00
a50b8e6373
moby: split the old linux-manjaro config into its own package & update it
2023-08-16 10:10:42 +00:00
6751a74063
moby: kernel: better docs
2023-08-16 09:08:35 +00:00
8a0efb3e40
servo: bump /tmp space to 32 GB
2023-08-11 07:10:25 +00:00
b013123669
moby: note for future self about a new display-manager failure case
2023-08-11 05:01:48 +00:00
664b21e5f1
enable eg25-manager (experimental)
2023-08-10 07:27:38 +00:00
44059b34c7
don't ship unused sane-scripts
2023-08-02 21:09:16 +00:00
5cd05d8762
programs: split consoleUtils into separate normal/desktop sets
2023-07-30 11:59:38 +00:00
7b21ede5c4
moby: enable gpsd
2023-07-25 12:05:41 +00:00
219bb02cb8
refactor: moby: cleaner way to disable gestures
2023-07-25 10:56:29 +00:00
2df59f7c7d
moby: rename firmware.nix -> bootloader.nix
2023-07-25 10:52:58 +00:00
11a7370a76
moby: sxmo: dont auto-start gestures daemon
2023-07-24 21:46:23 +00:00
6ed550b813
moby: theme bemenu to match desktop background
2023-07-24 03:33:50 +00:00
512b5d78d4
moby: update bg, and add the blur/fade to the image instead of to conky
2023-07-22 10:56:06 +00:00
75fe6226c8
moby: use librewolf as default browser again
2023-07-21 21:29:48 +00:00
556664f10d
sxmo: start lisgd by default again
...
patching it out the way i was is incompatible with the upstream patch which
makes its enablement status persistent
2023-07-21 21:28:42 +00:00
bc46dc310d
sxmo: define a background
2023-07-21 21:28:26 +00:00
5ed33d90cf
moby: fix sidebery disable type
2023-07-18 20:06:36 +00:00
ad16e50081
sxmo: configure screenshot directory
2023-07-18 10:40:54 +00:00
9f6760a37f
moby: doc: add resources
2023-07-18 10:39:44 +00:00
532a78e2b2
desko: disable wpa_supplicant
2023-07-18 10:02:25 +00:00
b4d58a1515
sxmo: do restart lisgd on rotation, but don't enable lisgd by default
...
the restart logic is racy, and lisgd with autorotate becomes unusable after long enough
2023-07-17 19:53:19 +00:00
57681bfa6d
moby: re-enable firefox, but still default to epiphany
2023-07-16 12:26:31 +00:00
9058caac1d
moby: firefox: disable sideberry
2023-07-16 12:25:42 +00:00
83b76dc47e
moby: fix occasional blank screen on boot
2023-07-16 00:37:09 +00:00
20b8e2934c
moby: don't ship firefox
2023-07-15 10:11:45 +00:00
29b53d934f
trust-dns: apply PR feedback
2023-07-15 09:07:57 +00:00
77e5f82b31
programs: rename web-browser -> firefox
2023-07-15 08:51:36 +00:00
e5cca42717
servo: fix sane.nixcache path
2023-07-15 00:40:31 +00:00
e6a989bc92
nginx/pleroma: correct an old todo
2023-07-15 00:08:05 +00:00
ab7068c819
lappy: remove some dead ipfs code
2023-07-14 23:44:47 +00:00
746af067dc
moby: increase menu lines in landscape mode
2023-07-14 23:41:52 +00:00
2f5c33b2b4
nixcache: tidy up substituter config
2023-07-14 22:33:33 +00:00
fdc18821ca
servo: matrix-appservice-irc: remove completed todo
2023-07-14 22:11:59 +00:00
6b1baefaa7
moby: link to some config references
2023-07-14 06:48:02 +00:00
85483cde79
moby: allow video
group to write to front-facing LEDs
2023-07-14 06:47:32 +00:00
8feafbb615
pinephone: fix flashlight permissions, the proper way (udev)
2023-07-14 05:55:44 +00:00
962ffeab7e
re-enable zramSwap on all devices
...
this is critical on moby, though even with this swap, we run out of CMA (videoram) instead -- just later
2023-07-13 23:37:30 +00:00
d3d9b30f29
consolidate /tmp fs into hosts/modules/roles
2023-07-13 22:04:28 +00:00
41f4d8e85a
trust-dns: specify zone via shorthand
2023-07-13 10:04:20 +00:00
e38bf42506
trust-dns: migrate module to nixpkgs repo
2023-07-13 09:57:11 +00:00
ffec91a52c
moby: disable zsh deadlines
2023-07-13 08:12:05 +00:00
527607e38f
desko: use sane.programs.steam
2023-07-13 06:27:54 +00:00
d4e6001431
moby: increase workspaces from 4 -> 5
2023-07-12 08:24:13 +00:00
cded837255
moby: sort sxmo prefs alphabetically
2023-07-12 08:24:13 +00:00
e5a81f0a45
moby: update env tunables
2023-07-12 06:45:47 +00:00
abc9f4c464
moby: sxmo: switch SXMO_SWAY_SCALE back to default of 2
2023-07-10 09:07:17 +00:00
452260f7c7
trust-dns: don't run as root
2023-07-10 09:00:37 +00:00
db93bd42ed
moby: ship megapixels camera app
2023-07-10 01:18:40 +00:00
445bc08a0c
desko: disable guest account
2023-07-09 18:49:36 +00:00
0a519eddb4
persist: allow persisting of individual files, not just directories
...
i actually do already, with ~/.ssh/id_ed25519 -- it works only as a fluke
2023-07-08 01:31:14 +00:00
799cbccdbe
desko: disable devPkgs
2023-07-07 06:30:19 +00:00
b7a77375b2
pleroma: block FB/IG/Meta's threads.net instance
2023-07-05 21:36:55 +00:00
07d7994176
pleroma: simplify proxy settings & make log level configurable
2023-07-05 09:04:50 +00:00
1d11c9b342
servo: persist media/datasets
...
it has to be under media so that transmission can see it
2023-07-05 09:04:50 +00:00
2131e638aa
desko: enable some dev-related packages
...
useful as i hack on Helix
2023-07-04 10:27:59 +00:00
e6cdd5450c
moby: specify wvkbd layers explicitly
2023-07-03 22:19:50 +00:00
27964c9c40
moby: mark kernel compression todo item as complete
2023-07-02 23:14:18 +00:00
262592b26a
programs: better way to ship jellyfin-media-player only on desktops
2023-07-02 23:12:12 +00:00
9777e5f83c
trust-dns: rework the module to be more suitable for upstreaming
...
still need to do hardening and docs
2023-07-02 08:21:33 +00:00
154711432f
pleroma: link to docs
2023-07-02 04:33:34 +00:00
ac97accd32
moby: ship gThumb
2023-06-29 20:23:53 +00:00
dbd312e9bd
guest: enable access to shelvacu
2023-06-29 09:11:22 +00:00
c19a0af6d7
desko: enable distccd
2023-06-28 04:16:20 +00:00
cffb54c293
sxmo: give a little more time before transitioning from screen lock -> screen off
2023-06-27 08:10:01 +00:00
36c181c147
matrix-irc: fix oftc connection
2023-06-27 08:08:27 +00:00
d41ad9db01
lappy: fix build (syntax error)
2023-06-24 09:39:58 +00:00
d6720f3601
sxmo: lift device-specific config out of the sxmo-utils & into the hosts
2023-06-23 10:24:47 +00:00
ed2480f48c
matrix-appservice-irc: fix permissions errors
2023-06-21 06:12:08 +00:00
bb1a2c9dcb
moby: remove ~/.config/sxmo/profile in favor of the nixos-level config options
...
note that this reverts from a SXMO_SWAY_SCALE of 2.0 -> 1.5
there may be other idiomatic ways to tune that
2023-06-20 00:33:10 +00:00
95f6fd7082
jackett: use recommendedProxySettings so that returned URLs are correct
2023-06-20 00:28:46 +00:00
8e17e2beb2
lemmy: remove unsupported settings.federation.enabled
option
2023-06-19 21:17:59 +00:00
3b958ba356
sftp: allow read-only anonymous FTP
2023-06-19 03:49:51 +00:00
d95042ab65
servo: partially enable a FTP server
...
disabled as i tidy it
strugging to enable an anonymous FTP user -- might not be possible without using the web admin interface
2023-06-17 10:15:30 +00:00
b81642ccc9
servo/nfs: fix netmask typo
2023-06-15 02:13:29 +00:00
57ca3e67b3
servo/nfs: export rw if the source is wireguard
2023-06-15 01:52:15 +00:00
bcca6b6096
servo: export some read-only NFS mounts
2023-06-15 01:38:09 +00:00
f52f56a34c
moby: no longer ship Jellyfin
2023-06-13 07:05:21 +00:00
79a7daca12
lemmy: more debugging
2023-06-11 11:24:15 +00:00
37cafcf610
moby: re-enable nautilus file browser
2023-06-10 22:54:27 +00:00
27d2f756d2
moby: tweak default apps (sxmo, jellyfin qt6)
2023-06-09 09:44:27 +00:00
0b71712208
moby: disable soundconverter to speed up the builds
2023-06-09 01:05:54 +00:00
e5ce7c02ef
programs: factor ffmpeg/yt-dlp & friends out of consoleUtils
2023-06-09 00:57:53 +00:00
4fd4efa22f
DNS: split the zone generation out of trust-dns
...
this is in preparation for upstreaming parts of this into nixpkgs
2023-06-08 00:32:28 +00:00
3dcd5629a7
moby: set ALSA_CONFIG_UCM2 in all the places it's needed
2023-06-06 07:54:08 +00:00
108c1d9d60
moby: don't set ALSA_CONFIG_UCM2 var within pulseaudio service
2023-06-01 09:38:51 +00:00
c6e16ebc13
alsa-ucm-conf: patch custom PinePhone conf into the upstream package rather than shipping *only* the PinePhone configs
...
this is more to faciliate a goal of eventually not shipping any custom audio profiles
i.e. stay close to how upstream does things until we reach that goal
-mnote that this doesn't actually override the alsa-ucm-conf nix package (yet).
doing so is costly
2023-06-01 09:19:45 +00:00
287817056f
refactor: sane.services.wan-ports -> sane.ports
2023-05-31 04:25:39 +00:00
5cc7ced859
dns: rework so that we branch to the LAN v.s. WAN results based on source IP of the query -- not interface.
...
this simplifies the UPnP forwards and the OVPN routing
2023-05-31 00:56:52 +00:00
4dc5378b3e
dns: give different results based on which port the request arrives from
...
WAN and VPN requests are served by local port 1053 and `wan.uninsane.org`.
LAN requests are served by port 53 and `servo.lan.uninsane.org`.
i'm not *super* fond of this. a recursive resolver of uninsane.org via the VPN will only ever get WAN addresses (broken).
we may prefer to do IP-based responses, maybe via the same Linux firewall rules that forward from VPN namespace to root namespace
2023-05-30 12:00:30 +00:00
35c9f2bf60
servo: enable UPnP port forwarding timer
2023-05-28 20:38:24 +00:00
c1ddddddc0
ports: hide behind services.sane.wan-ports
...
later i will use this to enable UPnP on relevant ports
2023-05-26 23:28:30 +00:00
5b80308074
servo: disable broken mx-discord-puppet
2023-05-26 21:04:54 +00:00
a541e866a1
servo: remove the extraneous firewall enable statement. FW is enabled by default
2023-05-26 04:52:52 +00:00
4550299bdb
moby: sxmo: configure defaults
2023-05-24 09:37:26 +00:00
8cde4135b1
matrix: irc: libera: configure with sasl=false
2023-05-24 07:40:35 +00:00
2ac9c98bc0
moby: get lisgd gestures working for sxmo
2023-05-23 05:22:17 +00:00
3aa1a9f674
Merge branch 'staging/nixpkgs-2023-05-18'
2023-05-19 20:07:21 +00:00
d6fb2ab5b4
flake/nixpkgs 2023-05-14 -> 2023-05-18; nix-serve -> 2023-05-17
...
```
• Updated input 'nix-serve':
'github:edolstra/nix-serve/3b6d30016d910a43e0e16f94170440a3e0b8fa8d' (2023-03-07)
→ 'github:edolstra/nix-serve/e6e3d09438e803daa5374ad8edf1271289348456' (2023-05-17)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/0470f36b02ef01d4f43c641bbf07020bcab71bf1' (2023-05-14)
→ 'github:nixos/nixpkgs/48a0fb7aab511df92a17cf239c37f2bd2ec9ae3a' (2023-05-18)
```
2023-05-19 19:31:37 +00:00
8a28e347f5
matrix: bridge to irc.libera.chat
2023-05-19 10:47:41 +00:00
c8aa6a057f
sxmo: make configurable if it launches on sway v.s. lightdm-mobile-greeter
2023-05-19 10:18:26 +00:00
dd17843c76
sxmo: split the laptop-specific config into hosts/by-name/lappy
2023-05-19 09:36:17 +00:00
2e9eb51893
i2p/yggdrasil: factor out and only enable for desko/servo
...
especially this means i no longer run them on moby, improving battery life & such
2023-05-17 01:53:17 +00:00
e0c2e8c149
lemmy: split the nginx config out into something that can be upstreamed later
...
(waiting for the nixosTests to pass before upstreaming)
2023-05-16 06:04:29 +00:00
95635be1d5
matrix: bridge to irc.oftc.net
2023-05-16 05:55:16 +00:00
fb427e55e8
secrets: define these by crawling the repo to decrease duplication
2023-05-14 09:50:01 +00:00
b39a250e22
secrets: fix servo secrets to all be "binary" format
2023-05-14 08:47:21 +00:00
0822ed34d7
secrets: split matrix_synapse_secrets out of servo.yaml
2023-05-14 08:46:40 +00:00
147b1c50b2
secrets: split pleroma_secrets out of servo.yaml
2023-05-14 08:44:37 +00:00
55875816d0
secrets: split nix_serve_privkey out of servo.yaml
2023-05-14 08:43:07 +00:00
e25a4bbee6
secrets: split freshrss_passwd out of servo.yaml
2023-05-14 08:41:27 +00:00
dbb9e00bed
secrets: split dovecot_passwd out of servo.yaml
2023-05-14 08:40:35 +00:00
6b1c3d02c1
secrets: split wg_ovpns_privkey out of servo.yaml
2023-05-14 08:38:46 +00:00
4a448a1bf1
secrets: split ddns_afraid out of servo.yaml
2023-05-14 08:37:13 +00:00
452a55c5e1
secrets: split ddns_he out of servo.yaml
2023-05-14 08:36:04 +00:00
d10f70aff7
secrets: split duplicity_passphrase out of servo.yaml
2023-05-14 08:34:36 +00:00
38423183ee
secrets: split mediawiki_pw out of servo.yaml
2023-05-14 08:33:22 +00:00
ed020b56c0
secrets: split moby.yaml into file-per-secret
2023-05-14 02:42:07 +00:00
af42cbd575
servo: fix typo in nixserve secret config
2023-05-14 02:33:56 +00:00
974656a80a
secrets: split lappy.yaml into per-secret files
2023-05-14 02:33:21 +00:00
318efe09e2
secrets: split desko.yaml into one-secret-per-file
2023-05-14 02:29:30 +00:00
74e3aa02b9
servo: disable DNSSEC to fix connectivity problems
2023-05-13 21:28:47 +00:00
9e21101207
Merge branch 'staging/nixpkgs-2023-05-06'
2023-05-12 06:55:13 +00:00
5997283cef
lemmy: break pict-rs config into own unit & persist its data
2023-05-12 06:54:26 +00:00
3c2715648c
moby: ship compressed kernel images
...
i've verified that .gz images boot. don't know about zImage, etc.
2023-05-12 06:49:59 +00:00
d7bed3bec2
lemmy: remove debugging statements
2023-05-12 04:49:15 +00:00
079ab08642
lemmy: remove federation.debug
2023-05-12 04:47:10 +00:00
e34c9cc190
lemmy: enable proxyWebsockets instead of manually specifying upgrade logic
2023-05-12 04:46:38 +00:00
6ff2c8acae
lemmy: restrict the http_accept types i forward to the backend
...
it seems that forwarding `POST`s is the important part i was missing earlier
2023-05-12 03:05:26 +00:00
04e8e72ae3
lemmy: switch back to using nix-style proxyPass
2023-05-12 02:47:47 +00:00
5b33c85e75
gitea: link to config options
2023-05-12 02:35:46 +00:00
083d905f4c
lemmy: fix federation
...
now when i subscribe to a community, the request actually seems to go through.
this change probably does more than necessary, but it serves as a known-good config
2023-05-12 02:35:37 +00:00
ada8b75670
transmission: double upload BW to 600 kBps
2023-05-11 06:27:31 +00:00
d5ffa6d796
zeal/docsets: ship on desko too
2023-05-10 21:23:42 +00:00
b9afd1e340
lemmy: fixup websocket forwarding
...
able to create admin account and subscribe to remote communities.
haven't tested posting comments.
2023-05-10 08:24:52 +00:00
bfcbea5ca1
lemmy: fix the database connection
2023-05-09 10:05:14 +00:00
0376b15a2f
matrix: appservice-irc: connect to esper.net IRC
2023-05-09 08:01:26 +00:00
fbae81eca7
zeal: ship docsets via programs config
2023-05-08 19:18:02 +00:00
f89f136041
sane.programs: allow per-program config (and port web-browser to use that)
2023-05-08 09:49:58 +00:00
94a8c00a40
gitea: migrate config away from deprecated options
2023-05-05 22:33:59 +00:00
6b9bbe278f
moby: shift the kernel config into the linux-megous
package
2023-05-03 22:48:07 +00:00
96eb427ea7
matrix: support larger uploads (100M)
2023-05-03 22:22:09 +00:00
96d113ffac
lemmy: bump to git version in attempt to debug failed launch
2023-04-30 00:54:08 +00:00
6f7b7ddb84
Merge branch 'master' of git.uninsane.org:colin/nix-files
2023-04-28 09:20:05 +00:00
d06516a71b
servo: try to ship lemmy (it's failing with some DB migration stuff)
2023-04-28 02:02:39 +00:00
fd82256bbc
install zeal docs for packages like mx-sanebot
2023-04-27 10:07:16 +00:00
09a1d286d0
servo: enable komga
, a comic/manga webapp
2023-04-21 07:15:05 +00:00
0662b06df6
servo: try to ship calibre (but i get runtime errors, so disable it)
2023-04-21 06:57:26 +00:00
b0a99da884
dovecot: if mail fails DKIM, deliver it to Junk
2023-04-20 14:25:59 +00:00
12fd7ebc41
email: split dovecot config out of postfix config
2023-04-20 09:43:39 +00:00
f4a04ff6ba
reorg: move postfix stuff into an email subdir
2023-04-20 09:24:20 +00:00
89e2a83067
postfix: toy with some spam protection (but don't actually enable it)
2023-04-20 09:17:25 +00:00
6af0d54e7b
matrix: re-enable signal bridge
2023-04-18 06:10:17 +00:00
099cd12bdd
matrix/irc.nix: sanitize quit messages
2023-04-18 00:58:15 +00:00
bf67def14a
matrix/irc.nix: MyAnonamouse: disable SASL auth
...
it's unclear if SASL auth *might* actually work -- just with some weird delays -- but non-SASL auth *definitely* works
2023-04-17 01:57:27 +00:00
4ff82f002b
matrix/irc.nix: bridge to MyAnonamouse
2023-04-16 13:13:36 +00:00
781a149542
matrix: re-enable IRC bridge
2023-04-16 00:32:04 +00:00
94ac4ec0e9
matrix-appservice-irc: correct the user id/gid
2023-04-15 06:58:13 +00:00
5c17de6e83
Merge branch 'staging/nixpkgs-next-2023-03-28'
2023-03-31 13:05:04 +00:00
8db4498ae8
jellyfin: enable port forwarding and DLNA debugging
2023-03-31 12:42:31 +00:00
b1e9d8db80
nix flake update: nixpkgs f027fe965cc2 -> fc47fa33a3ac; sops-nix
2023-03-31 05:53:20 +00:00
2e120f613f
lappy: enable yggdrasil
2023-03-20 08:35:40 +00:00
f89837f3aa
servo: re-enable jellyfin
2023-03-16 09:11:26 +00:00
4b41aa3718
postfix: group forwarded ports by host
2023-03-14 11:35:56 +00:00
71d6fe44a1
postfix: compact the TXT MX records
2023-03-14 11:35:34 +00:00
8fc57c4249
make it so servo doesn't do binfmt emulation, nor fetch cache from desko
2023-03-11 13:45:45 +00:00
3e1a2243c7
hosts/rescue: make this evaluate again
2023-03-11 10:00:53 +00:00
dc1cd7a9a5
sane.persist: make it default-true for my hosts
2023-03-11 08:36:14 +00:00
f3151320a3
servo: shutup sane-deadlines warning
2023-03-11 07:58:56 +00:00
403b177a80
matrix: disable mautrix-signal (temporarily)
2023-03-11 00:02:30 +00:00
d725dfb7f1
refactor: group build-machine-related config into one "role" file
2023-03-05 01:05:17 +00:00
43f39674d6
nixcache: enable on all machines
2023-03-04 08:19:46 +00:00
386c712a23
lappy: ship stepmania
2023-03-04 08:08:37 +00:00
9beb6b52e5
desko: re-enable steam
2023-03-04 07:48:22 +00:00
4a7513ba23
moby: re-enable nixos documentation
...
now that we properly cross compile (no emulation), it's pretty trivial.
2023-03-02 08:30:58 +00:00
b722a4bcc8
Merge branch 'staging/mesa-downgrade-10' into dev/moby
...
moby can cross compile, desko can still build without recompiling
*everything* (only mesa & derivatives)
2023-03-02 00:46:52 +00:00
2fcb0ebfd0
moby: disable sequioa instead of emulating it
2023-03-01 10:14:48 +00:00
478002766e
trust-dns: fetch lan IP to listen on from config instead of repeating myself
2023-02-21 11:38:27 +00:00
e923636181
Merge branch 'dev/servo'
2023-02-21 11:35:00 +00:00
58b219546b
ejabberd: reduce TURN port pool
2023-02-21 11:25:34 +00:00
499078e0f8
trust-dns: update the address we listen on
2023-02-21 11:25:16 +00:00
15755a8a71
WIP: reduce emulated cross pkgset; aborted x86-x86 cross compilation
2023-02-21 01:25:42 +00:00
02067db774
moby: ship the full recommended guiApps again
2023-02-21 01:25:42 +00:00
d776c4618a
programs: split the guiApps category into slightly smaller bits
2023-02-21 01:25:39 +00:00
50812e5678
moby: ship some of the base apps
2023-02-21 01:21:01 +00:00
6cbeccf51f
WIP: moby: partially working cross compilation for phosh w/o apps (webkitgtk build OOMs)
2023-02-21 01:19:02 +00:00
5715795d1f
WIP: moby-cross: is cross-by-default instead of opt-in
2023-02-21 01:19:00 +00:00
251297b62e
desko: enable iphone utils
2023-02-21 01:11:42 +00:00
b6685c9e6c
refactor: move konsole
from moby/default.nix -> gui/phosh.nix
2023-02-04 10:00:10 +00:00
e08281c380
fix: typo in config option name
2023-02-03 09:09:37 +00:00
afb006f6ec
programs: port last users & remove the old packages.nix
2023-02-03 05:26:57 +00:00
a76cf03232
remove unused "enableDevPkgs" option
2023-02-03 05:18:38 +00:00
c0377ff1a0
dovecot: define Drafts and Trash folders
2023-01-31 08:22:20 +00:00
062ef20d05
dovecot: auto-create the "Sent" message box
2023-01-31 06:57:35 +00:00
77cc560052
use sane.user.persist instead of sane.persist.home
2023-01-30 10:35:03 +00:00
870afec07e
add which is shorthand to define a fs entry inside that user's home
2023-01-30 08:32:55 +00:00
d419e10f10
moby: bump CMA 384M -> 512M
2023-01-26 23:41:22 +00:00
6006b84f9e
moby: disable metamask
2023-01-26 23:35:57 +00:00
33d7819619
trust-dns: add a "quiet" option and enable it
2023-01-25 08:18:29 +00:00
0846abb6bf
signald: update, and persist the /var/lib/signald accounts directory
2023-01-25 06:38:27 +00:00
f3568462c2
fix matrix-synapse after nixpkgs update
2023-01-25 03:46:05 +00:00
358b673344
moby: bump CMA 256MB -> 384MB
2023-01-23 07:42:51 +00:00
f2d22231a3
freshrss: force sync feeds on every launch. requires to login as user "colin"
2023-01-21 03:50:27 +00:00
5d78bc6704
moby: enable wireguard/home VPN
2023-01-20 22:40:58 +00:00
4da19a6d34
servo: remove users.nix; move autologinUser -> default.nix
2023-01-20 22:16:47 +00:00
2f75925678
servo: lift pleroma user def out of toplevel -> pleroma.nix
2023-01-20 22:15:26 +00:00
55a1856e87
servo: lift git user def out of toplevel -> gitea.nix
2023-01-20 22:14:14 +00:00
2ee0f4efe2
servo: navidrome: give non-private dir and fix perms
2023-01-20 22:11:15 +00:00
9af157b294
moby: enable the client role
2023-01-20 11:37:43 +00:00
c316e51344
desko: enable wg-home
2023-01-20 07:59:11 +00:00
f4f0c1bdd6
servo: fix broken config/typo
2023-01-20 07:45:54 +00:00
6a2374e046
wg-home: unify server and client config
2023-01-20 07:42:31 +00:00
094b7223c7
servo: wireguard secret is auto-generated
2023-01-20 07:11:37 +00:00
df848b3262
wg-home: use separate host key than client key
2023-01-20 05:10:51 +00:00
038a9034d7
hosts: remove the is-target attribute and opt into roles via the config system instead
2023-01-20 00:13:13 +00:00
5a232eb832
servo: fix secrets path
2023-01-19 23:57:40 +00:00
9301b95dbb
wg-home: move to shared module so that host and client config can be adjacent
2023-01-19 23:55:56 +00:00
d13bcc49ab
refactor hosts directory, and move ssh keys out of modules/data
...
longer-term, i want hosts/by-name to define host-specific data
that's accessible via the other hosts (things like pubkeys).
also the secrets management needs some rethinking. there's really not
much point in me specifiying where *exactly* a secret comes from at its
use site. i should really be specifying secret store manifests; i.e.
"servo.yaml contains secrets X Y and Z", and leaving the rest up to
auto-computing.
2023-01-19 23:23:43 +00:00