831022bf22
hosts/plover: enable DH params generation
...
This is for certain applications as we'll see.
2023-06-30 10:46:43 +08:00
53f7cf6e83
chore: reformat codebase
2023-06-29 14:17:38 +08:00
52b66fa47d
docs: add section for declarative user management
2023-06-29 13:56:15 +08:00
a107bf383e
docs: update declarative user management section
2023-06-29 13:56:04 +08:00
f2d3e7fe30
ci: fix ISO attribute name to build
...
Forgot to update this.
2023-06-29 13:54:39 +08:00
160266b2db
shells/gnome: make package attributes up-to-date
2023-06-29 13:54:10 +08:00
e95927c83b
config: filter NixOS configuration
...
With images that are only exported as ISO (or even without one) are
included as part of NixOS configurations.
The idea with this attribute seems to be closer for deploying and
installing them with `nixos-install` which most of them aren't. This
might be reverted at some point. It's not clear to me yet.
2023-06-29 13:51:21 +08:00
a91a9fe110
config: improve home-manager user creation
...
Now with configurable home-manager channel! Also, I've improved some
usage of the metadata to be used from `users.toml`.
2023-06-29 13:50:26 +08:00
fc6da2a710
ci: update GitHub actions
...
I keep neglecting them. T_T
2023-06-29 12:39:59 +08:00
5754583ce0
programs/wezterm: remove conditionals for shell init
...
`programs.bash.enable` is apparently removed.
2023-06-29 12:30:03 +08:00
d60e406557
flake.lock: update inputs
...
Flake lock file updates:
• Updated input 'devshell':
'github:numtide/devshell/fd6223370774dd9c33354e87a007004b5fd36442' (2023-06-13)
→ 'github:numtide/devshell/3864857b2754ab0e16c7c7c626f0e5a1d4e42f38' (2023-06-28)
• Updated input 'emacs-overlay':
'github:nix-community/emacs-overlay/37ab2cb6a09245809e862dde7ed9adcd5b83d62d' (2023-06-19)
→ 'github:nix-community/emacs-overlay/2c48f3c8cc381ce8ec207b3ee2c435a8aa594a65' (2023-06-28)
• Updated input 'emacs-overlay/flake-utils':
'github:numtide/flake-utils/a1720a10a6cfe8234c0e93907ffe81be440f4cef' (2023-05-31)
→ 'github:numtide/flake-utils/dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7' (2023-06-25)
• Updated input 'emacs-overlay/nixpkgs-stable':
'github:NixOS/nixpkgs/c7ff1b9b95620ce8728c0d7bd501c458e6da9e04' (2023-06-16)
→ 'github:NixOS/nixpkgs/9790f3242da2152d5aa1976e3e4b8b414f4dd206' (2023-06-27)
• Updated input 'flake-utils':
'github:numtide/flake-utils/a1720a10a6cfe8234c0e93907ffe81be440f4cef' (2023-05-31)
→ 'github:numtide/flake-utils/dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7' (2023-06-25)
• Updated input 'helix-editor':
'github:helix-editor/helix/06d63d6ac1644ce57d6a90b53ea4f832e67ab2a9' (2023-06-19)
→ 'github:helix-editor/helix/d3f8e0592bd577489369e5bd00cddf159f107a24' (2023-06-28)
• Updated input 'home-manager':
'github:nix-community/home-manager/0480dabc99e1b669ebe909949180fa2786e733cd' (2023-06-18)
→ 'github:nix-community/home-manager/a7002d6bfca54742d5fc9b485a1879953b4585b9' (2023-06-28)
• Updated input 'home-manager/nixpkgs':
'github:nixos/nixpkgs/75a5ebf473cd60148ba9aec0d219f72e5cf52519' (2023-06-11)
→ 'github:nixos/nixpkgs/04af42f3b31dba0ef742d254456dc4c14eedac86' (2023-06-17)
• Updated input 'neovim-nightly-overlay':
'github:nix-community/neovim-nightly-overlay/0e9b38f09c214547d4a20e053cdb9c8a07e5ed61' (2023-06-19)
→ 'github:nix-community/neovim-nightly-overlay/2c8b7cf4693e9a8a94c213f2bdf5be8d6c36900b' (2023-06-29)
• Updated input 'neovim-nightly-overlay/flake-parts':
'github:hercules-ci/flake-parts/71fb97f0d875fd4de4994dfb849f2c75e17eb6c3' (2023-06-01)
→ 'github:hercules-ci/flake-parts/37dd7bb15791c86d55c5121740a1887ab55ee836' (2023-06-26)
• Updated input 'neovim-nightly-overlay/neovim-flake':
'github:neovim/neovim/8c9dab3e0d788d44c8a2fee83a6193f5955c814e?dir=contrib' (2023-06-18)
→ 'github:neovim/neovim/421c66f741bf4ed4de6bf15df19160df0f90db4b?dir=contrib' (2023-06-28)
• Updated input 'nixos-generators':
'github:nix-community/nixos-generators/a54683aa7eff00ee5b33dec225525d0eb6ab02de' (2023-06-16)
→ 'github:nix-community/nixos-generators/bde0bc291c95b710dd63d5e5c422e47f760a1406' (2023-06-29)
• Updated input 'nixos-generators/nixlib':
'github:nix-community/nixpkgs.lib/961e99baaaa57f5f7042fe7ce089a88786c839f4' (2023-06-04)
→ 'github:nix-community/nixpkgs.lib/b3ec8fb525fc0c8f08eff5ef93c684b4c6d0e777' (2023-06-25)
• Updated input 'nixos-stable':
'github:NixOS/nixpkgs/b6c73c5fe53bb3afbf65e870541e0645e9145171' (2023-06-20)
→ 'github:NixOS/nixpkgs/9790f3242da2152d5aa1976e3e4b8b414f4dd206' (2023-06-27)
• Updated input 'nixos-unstable':
'github:NixOS/nixpkgs/04af42f3b31dba0ef742d254456dc4c14eedac86' (2023-06-17)
→ 'github:NixOS/nixpkgs/e18dc963075ed115afb3e312b64643bf8fd4b474' (2023-06-27)
• Updated input 'nixos-unstable-small':
'github:NixOS/nixpkgs/8b0f22dc5155e8a6d329520c27751dfb0f821d63' (2023-06-21)
→ 'github:NixOS/nixpkgs/4b14ab2a916508442e685089672681dff46805be' (2023-06-27)
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/04af42f3b31dba0ef742d254456dc4c14eedac86' (2023-06-17)
→ 'github:NixOS/nixpkgs/e18dc963075ed115afb3e312b64643bf8fd4b474' (2023-06-27)
• Updated input 'nur':
'github:nix-community/NUR/3700be70d38f57b41e5426879db59241806a6708' (2023-06-19)
→ 'github:nix-community/NUR/c674da8b2a994d7d9f366e71a4790de4c0caf2ac' (2023-06-29)
• Updated input 'rust-overlay':
'github:oxalica/rust-overlay/86302751ef371597d48951983e1a2f04fe78d4ff' (2023-06-19)
→ 'github:oxalica/rust-overlay/fc57a011f1c20d2b24f75a79ab669430a221b220' (2023-06-28)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/1634d2da53f079e7f5924efa7a96511cd9596f81' (2023-06-18)
→ 'github:Mic92/sops-nix/2ff6973350682f8d16371f8c071a304b8067f192' (2023-06-22)
2023-06-29 09:52:55 +08:00
3ad1c9022b
config: update naming for NixOS host images
2023-06-29 09:49:18 +08:00
9c3d3901ab
hosts/plover: update Bind secrets permission
2023-06-29 09:46:35 +08:00
a8aef35c5c
hosts/plover: update Bind server config
2023-06-29 09:44:55 +08:00
c9440205cf
hosts/plover: update Vaultwarden admin token
2023-06-28 19:37:10 +08:00
e4b5dec7c1
profiles/server: update preference for several values
2023-06-28 14:02:35 +08:00
d42b74b1e9
profiles/server: update journald log retention
...
Instead of using a service to force it out, we're using the appropriate
journald settings instead.
2023-06-28 14:01:48 +08:00
94c94be9a4
hosts/plover: harden Vaultwarden service
2023-06-28 14:01:18 +08:00
8043b8d16c
hosts/plover: update Bind hardening settings
2023-06-28 14:01:02 +08:00
a362607c9c
shell.nix: add Bind utils
2023-06-28 09:13:40 +08:00
38321152f0
hosts/plover: remove CoreDNS module
...
Bind works well enough for now so no need for this service.
2023-06-28 09:12:56 +08:00
88c0c9aa75
hosts/plover: update service files to backup
2023-06-27 22:49:49 +08:00
8a84eb2445
hosts/plover: move Wireguard secrets to appropriate location
2023-06-27 20:52:57 +08:00
0645422e16
users/nixos: update Nix caches
2023-06-27 15:58:02 +08:00
c1e40bf01b
config: add dotenv for production
2023-06-27 15:24:43 +08:00
dda6b4bb7b
config: fix foo-dogsquared name
2023-06-27 13:17:11 +08:00
f746fe36c7
users/foo-dogsquared: refactor Zellij layout
2023-06-27 12:57:29 +08:00
e76a881aee
hosts/plover: update Wireguard routing
2023-06-27 12:54:29 +08:00
4dcb82c72b
hosts/plover: update PostgreSQL cert config
2023-06-27 12:53:50 +08:00
1e2d251e1d
hosts/plover: harden Bind systemd service
2023-06-28 00:19:06 +08:00
d98527c89b
hosts/plover: update Bind config for dynamic updates
2023-06-27 22:56:18 +08:00
df589b1915
users/foo-dogsquared: update Bash config
...
Also, the Wezterm shell integration is now fixed. Hoorah!
2023-06-24 10:27:13 +08:00
d1b6376948
programs/wezterm: update shell init config
2023-06-24 10:26:56 +08:00
7ea15ea9fa
profiles/dev: remove extra Bash functions
...
It turns out fzf has some niceties with history and file selection which
is closer to how I imagine it. PRETTY NICE!
But it does override my Atuin configuration which doesn't have its shell
integration enabled. It does have some conflict with the Wezterm
shell integration. This is a problem for future me to deal with.
2023-06-23 18:15:05 +08:00
4cbb300dae
users/foo-dogsquared: update Zellij configuration
2023-06-23 18:14:41 +08:00
1e75e43c5a
profiles/dev: remove Nix profile upgrade user service
...
It's not useful for much so we're removing it.
2023-06-23 17:13:52 +08:00
795723c17f
profiles/dev: add Zellij configuration
2023-06-23 17:12:43 +08:00
f73108e4e6
profiles/dev: add lazygit configuration
2023-06-23 17:12:31 +08:00
3dfb75a9d4
profiles/dev: add fzf configuration
2023-06-23 17:12:10 +08:00
dc01a2d2f1
hosts/graphical-installer: re-disable wireless module
...
I forgot why it's there. Now I remember. :)
2023-06-23 15:44:19 +08:00
87e01e119c
config: create declarative home-manager user management
2023-06-23 15:43:26 +08:00
4e428bf8e4
config: update the image output extra modules
2023-06-23 11:47:06 +08:00
c81038e609
hosts/graphical-installer: update config
2023-06-23 11:46:37 +08:00
218e5cd724
hosts/bootstrap: update config
2023-06-23 11:46:21 +08:00
c6d2ca1465
docs: add section for declarative hosts management
2023-06-23 10:24:35 +08:00
9ee20751e7
config: remove NixOS module from nixos-generators
...
It is only meant for generation and not for deployment. Learnt that the
hard way.
2023-06-23 00:28:48 +08:00
9f2452ec6e
config: add deploy subtable for declarative images
...
It accepts keys used as arguments for deployment settings with
deploy-rs. This should make deployment a little bit easier for me
instead of manually creating a deploy entry every time.
2023-06-23 00:26:04 +08:00
36e2a817ae
hosts/plover: fix Wireguard firewall settings
2023-06-22 23:17:28 +08:00
482e90efaa
hosts/plover: update zone file to include self-hosted DNS server
2023-06-22 22:52:17 +08:00
06207e16f0
git: remove linguist attributes
2023-06-22 18:07:44 +08:00
