e5cca42717
servo: fix sane.nixcache path
2023-07-15 00:40:31 +00:00
2f5c33b2b4
nixcache: tidy up substituter config
2023-07-14 22:33:33 +00:00
c1ddddddc0
ports: hide behind services.sane.wan-ports
...
later i will use this to enable UPnP on relevant ports
2023-05-26 23:28:30 +00:00
2e9eb51893
i2p/yggdrasil: factor out and only enable for desko/servo
...
especially this means i no longer run them on moby, improving battery life & such
2023-05-17 01:53:17 +00:00
fb427e55e8
secrets: define these by crawling the repo to decrease duplication
2023-05-14 09:50:01 +00:00
8fc57c4249
make it so servo doesn't do binfmt emulation, nor fetch cache from desko
2023-03-11 13:45:45 +00:00
dc1cd7a9a5
sane.persist: make it default-true for my hosts
2023-03-11 08:36:14 +00:00
f3151320a3
servo: shutup sane-deadlines warning
2023-03-11 07:58:56 +00:00
d725dfb7f1
refactor: group build-machine-related config into one "role" file
2023-03-05 01:05:17 +00:00
afb006f6ec
programs: port last users & remove the old packages.nix
2023-02-03 05:26:57 +00:00
4da19a6d34
servo: remove users.nix; move autologinUser -> default.nix
2023-01-20 22:16:47 +00:00
f4f0c1bdd6
servo: fix broken config/typo
2023-01-20 07:45:54 +00:00
6a2374e046
wg-home: unify server and client config
2023-01-20 07:42:31 +00:00
038a9034d7
hosts: remove the is-target attribute and opt into roles via the config system instead
2023-01-20 00:13:13 +00:00
d13bcc49ab
refactor hosts directory, and move ssh keys out of modules/data
...
longer-term, i want hosts/by-name to define host-specific data
that's accessible via the other hosts (things like pubkeys).
also the secrets management needs some rethinking. there's really not
much point in me specifiying where *exactly* a secret comes from at its
use site. i should really be specifying secret store manifests; i.e.
"servo.yaml contains secrets X Y and Z", and leaving the rest up to
auto-computing.
2023-01-19 23:23:43 +00:00
