108c1d9d60
moby: don't set ALSA_CONFIG_UCM2 var within pulseaudio service
2023-06-01 09:38:51 +00:00
c6e16ebc13
alsa-ucm-conf: patch custom PinePhone conf into the upstream package rather than shipping *only* the PinePhone configs
...
this is more to faciliate a goal of eventually not shipping any custom audio profiles
i.e. stay close to how upstream does things until we reach that goal
-mnote that this doesn't actually override the alsa-ucm-conf nix package (yet).
doing so is costly
2023-06-01 09:19:45 +00:00
287817056f
refactor: sane.services.wan-ports -> sane.ports
2023-05-31 04:25:39 +00:00
5cc7ced859
dns: rework so that we branch to the LAN v.s. WAN results based on source IP of the query -- not interface.
...
this simplifies the UPnP forwards and the OVPN routing
2023-05-31 00:56:52 +00:00
4dc5378b3e
dns: give different results based on which port the request arrives from
...
WAN and VPN requests are served by local port 1053 and `wan.uninsane.org`.
LAN requests are served by port 53 and `servo.lan.uninsane.org`.
i'm not *super* fond of this. a recursive resolver of uninsane.org via the VPN will only ever get WAN addresses (broken).
we may prefer to do IP-based responses, maybe via the same Linux firewall rules that forward from VPN namespace to root namespace
2023-05-30 12:00:30 +00:00
35c9f2bf60
servo: enable UPnP port forwarding timer
2023-05-28 20:38:24 +00:00
c1ddddddc0
ports: hide behind services.sane.wan-ports
...
later i will use this to enable UPnP on relevant ports
2023-05-26 23:28:30 +00:00
5b80308074
servo: disable broken mx-discord-puppet
2023-05-26 21:04:54 +00:00
a541e866a1
servo: remove the extraneous firewall enable statement. FW is enabled by default
2023-05-26 04:52:52 +00:00
4550299bdb
moby: sxmo: configure defaults
2023-05-24 09:37:26 +00:00
8cde4135b1
matrix: irc: libera: configure with sasl=false
2023-05-24 07:40:35 +00:00
2ac9c98bc0
moby: get lisgd gestures working for sxmo
2023-05-23 05:22:17 +00:00
3aa1a9f674
Merge branch 'staging/nixpkgs-2023-05-18'
2023-05-19 20:07:21 +00:00
d6fb2ab5b4
flake/nixpkgs 2023-05-14 -> 2023-05-18; nix-serve -> 2023-05-17
...
```
• Updated input 'nix-serve':
'github:edolstra/nix-serve/3b6d30016d910a43e0e16f94170440a3e0b8fa8d' (2023-03-07)
→ 'github:edolstra/nix-serve/e6e3d09438e803daa5374ad8edf1271289348456' (2023-05-17)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/0470f36b02ef01d4f43c641bbf07020bcab71bf1' (2023-05-14)
→ 'github:nixos/nixpkgs/48a0fb7aab511df92a17cf239c37f2bd2ec9ae3a' (2023-05-18)
```
2023-05-19 19:31:37 +00:00
8a28e347f5
matrix: bridge to irc.libera.chat
2023-05-19 10:47:41 +00:00
c8aa6a057f
sxmo: make configurable if it launches on sway v.s. lightdm-mobile-greeter
2023-05-19 10:18:26 +00:00
dd17843c76
sxmo: split the laptop-specific config into hosts/by-name/lappy
2023-05-19 09:36:17 +00:00
2e9eb51893
i2p/yggdrasil: factor out and only enable for desko/servo
...
especially this means i no longer run them on moby, improving battery life & such
2023-05-17 01:53:17 +00:00
e0c2e8c149
lemmy: split the nginx config out into something that can be upstreamed later
...
(waiting for the nixosTests to pass before upstreaming)
2023-05-16 06:04:29 +00:00
95635be1d5
matrix: bridge to irc.oftc.net
2023-05-16 05:55:16 +00:00
fb427e55e8
secrets: define these by crawling the repo to decrease duplication
2023-05-14 09:50:01 +00:00
b39a250e22
secrets: fix servo secrets to all be "binary" format
2023-05-14 08:47:21 +00:00
0822ed34d7
secrets: split matrix_synapse_secrets out of servo.yaml
2023-05-14 08:46:40 +00:00
147b1c50b2
secrets: split pleroma_secrets out of servo.yaml
2023-05-14 08:44:37 +00:00
55875816d0
secrets: split nix_serve_privkey out of servo.yaml
2023-05-14 08:43:07 +00:00
e25a4bbee6
secrets: split freshrss_passwd out of servo.yaml
2023-05-14 08:41:27 +00:00
dbb9e00bed
secrets: split dovecot_passwd out of servo.yaml
2023-05-14 08:40:35 +00:00
6b1c3d02c1
secrets: split wg_ovpns_privkey out of servo.yaml
2023-05-14 08:38:46 +00:00
4a448a1bf1
secrets: split ddns_afraid out of servo.yaml
2023-05-14 08:37:13 +00:00
452a55c5e1
secrets: split ddns_he out of servo.yaml
2023-05-14 08:36:04 +00:00
d10f70aff7
secrets: split duplicity_passphrase out of servo.yaml
2023-05-14 08:34:36 +00:00
38423183ee
secrets: split mediawiki_pw out of servo.yaml
2023-05-14 08:33:22 +00:00
ed020b56c0
secrets: split moby.yaml into file-per-secret
2023-05-14 02:42:07 +00:00
af42cbd575
servo: fix typo in nixserve secret config
2023-05-14 02:33:56 +00:00
974656a80a
secrets: split lappy.yaml into per-secret files
2023-05-14 02:33:21 +00:00
318efe09e2
secrets: split desko.yaml into one-secret-per-file
2023-05-14 02:29:30 +00:00
74e3aa02b9
servo: disable DNSSEC to fix connectivity problems
2023-05-13 21:28:47 +00:00
9e21101207
Merge branch 'staging/nixpkgs-2023-05-06'
2023-05-12 06:55:13 +00:00
5997283cef
lemmy: break pict-rs config into own unit & persist its data
2023-05-12 06:54:26 +00:00
3c2715648c
moby: ship compressed kernel images
...
i've verified that .gz images boot. don't know about zImage, etc.
2023-05-12 06:49:59 +00:00
d7bed3bec2
lemmy: remove debugging statements
2023-05-12 04:49:15 +00:00
079ab08642
lemmy: remove federation.debug
2023-05-12 04:47:10 +00:00
e34c9cc190
lemmy: enable proxyWebsockets instead of manually specifying upgrade logic
2023-05-12 04:46:38 +00:00
6ff2c8acae
lemmy: restrict the http_accept types i forward to the backend
...
it seems that forwarding `POST`s is the important part i was missing earlier
2023-05-12 03:05:26 +00:00
04e8e72ae3
lemmy: switch back to using nix-style proxyPass
2023-05-12 02:47:47 +00:00
5b33c85e75
gitea: link to config options
2023-05-12 02:35:46 +00:00
083d905f4c
lemmy: fix federation
...
now when i subscribe to a community, the request actually seems to go through.
this change probably does more than necessary, but it serves as a known-good config
2023-05-12 02:35:37 +00:00
ada8b75670
transmission: double upload BW to 600 kBps
2023-05-11 06:27:31 +00:00
d5ffa6d796
zeal/docsets: ship on desko too
2023-05-10 21:23:42 +00:00
b9afd1e340
lemmy: fixup websocket forwarding
...
able to create admin account and subscribe to remote communities.
haven't tested posting comments.
2023-05-10 08:24:52 +00:00