|
|
af54c3570a
|
programs/distrobox: improve quoting for generated settings
|
2023-10-18 09:13:18 +08:00 |
|
|
|
7a61b28902
|
users/foo-dogsquared: add servers profile
|
2023-10-17 20:19:51 +08:00 |
|
|
|
5bd11ed430
|
programs/distrobox: init
|
2023-10-17 18:52:44 +08:00 |
|
|
|
5121e9e18e
|
users/foo-dogsquared: add Distrobox config
|
2023-10-17 19:43:38 +08:00 |
|
|
|
773af19f4c
|
users/foo-dogsquared: add kanidm client config
|
2023-10-17 19:49:41 +08:00 |
|
|
|
8fb9770882
|
services/vouch-proxy: escape service names for systemd
|
2023-10-17 18:33:02 +08:00 |
|
|
|
e6c4a20b83
|
hosts/plover: update miscellaneous parts of the services
|
2023-10-17 18:32:23 +08:00 |
|
|
|
e3bb442154
|
profiles/dev: add servers submodule
Mainly for managing them VPSs while in your home.
|
2023-10-17 13:26:06 +08:00 |
|
|
|
cfcd19313c
|
overlays/firefox-foodogsquared: init
|
2023-10-17 13:25:07 +08:00 |
|
|
|
5c7cea6df8
|
users/foo-dogsquared: update Firefox config
|
2023-10-17 12:59:31 +08:00 |
|
|
|
1a9960a0f3
|
flake.nix: move the imported modules into the shared config
This makes it easier to think about the default shared configurations.
|
2023-10-16 23:01:38 +08:00 |
|
dependabot[bot]
|
ec216c82d7
|
ci: bump stefanzweifel/git-auto-commit-action from 4 to 5 (#5)
Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 4 to 5.
- [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases)
- [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stefanzweifel/git-auto-commit-action/compare/v4...v5)
---
updated-dependencies:
- dependency-name: stefanzweifel/git-auto-commit-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2023-10-14 07:32:17 +00:00 |
|
dependabot[bot]
|
e13daf9ebf
|
ci: bump DeterminateSystems/nix-installer-action from 4 to 5 (#6)
Bumps [DeterminateSystems/nix-installer-action](https://github.com/determinatesystems/nix-installer-action) from 4 to 5.
- [Release notes](https://github.com/determinatesystems/nix-installer-action/releases)
- [Commits](https://github.com/determinatesystems/nix-installer-action/compare/v4...v5)
---
updated-dependencies:
- dependency-name: DeterminateSystems/nix-installer-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2023-10-14 07:32:00 +00:00 |
|
|
|
23e32b45ac
|
hosts/plover: add Bind to be managed by nginx
|
2023-10-14 14:06:43 +08:00 |
|
|
|
1775a0febc
|
hosts/plover: update Bind systemd service config
|
2023-10-14 14:05:14 +08:00 |
|
|
|
680ec43428
|
hosts/plover: fix Vouch proxy settings
|
2023-10-14 14:04:38 +08:00 |
|
|
|
3e8987d26e
|
hosts/plover: update Wezterm mux server config with nginx
|
2023-10-14 14:04:27 +08:00 |
|
|
|
ec0fe7dec8
|
services/vouch-proxy: fix permissions for generated secrets
|
2023-10-14 14:03:40 +08:00 |
|
|
|
0b253e0553
|
hosts/plover: update Vouch proxy settings and secrets permissions
|
2023-10-14 11:26:33 +08:00 |
|
|
|
ac134281f8
|
hosts/plover: add back the custom Gitea logos
|
2023-10-14 11:25:26 +08:00 |
|
|
|
1ad6e7e8c5
|
hosts/plover: fix Grafana provider strings in settings
|
2023-10-14 11:14:44 +08:00 |
|
|
|
107241f553
|
hosts/plover: fix duplicate nginx shared memory zone
|
2023-10-14 11:14:09 +08:00 |
|
|
|
5657a5e023
|
services/vouch-proxy: use system user for service
This enables integration with secrets such as sops-nix instead of the
previous service config of being a dynamic user.
|
2023-10-14 11:06:23 +08:00 |
|
|
|
d43708983a
|
services/wezterm-mux-server: update service hardening options
It should be less strict overall with the ProtectHome= settings.
|
2023-10-14 11:05:46 +08:00 |
|
|
|
6012556a3d
|
services/wezterm-mux-server: revert to system user for service
I don't know how to completely make it isolated AND working.
|
2023-10-14 11:05:17 +08:00 |
|
|
|
9527896251
|
hosts/plover: update Grafana and PostgreSQL integration
|
2023-10-14 11:01:57 +08:00 |
|
|
|
7430d992f2
|
hosts/plover: fix nginx code for Grafana server
|
2023-10-13 16:55:39 +08:00 |
|
|
|
2632b75bf2
|
hosts/plover: properly add nginx upstreams
Even though this is unlikely to be scaled further, we're just being good
sysadmins (or at least roleplaying as one).
|
2023-10-13 16:48:02 +08:00 |
|
|
|
7daea6c427
|
services/vouch-proxy: update service config
|
2023-10-13 14:24:44 +08:00 |
|
|
|
025a3b5db4
|
hosts/plover: update secrets
|
2023-10-13 14:24:23 +08:00 |
|
|
|
4587a4165f
|
config: migrate from Terraform CLI to OpenTofu CLI
|
2023-10-13 14:24:10 +08:00 |
|
|
|
79a144aad6
|
users/foo-dogsquared: add quick script for mpv YouTube playlists
|
2023-10-13 14:15:46 +08:00 |
|
|
|
90210fde9c
|
hosts/plover: add Grafana secrets
|
2023-10-11 23:17:45 +08:00 |
|
|
|
8fbdc73478
|
hosts/plover: update Grafana settings
|
2023-10-11 13:06:41 +08:00 |
|
|
|
39bfd2dc65
|
docs: add FlakeHub reference to project README
|
2023-10-10 12:37:00 +08:00 |
|
|
|
3ee04bb812
|
chore: reformat codebase
|
2023-10-09 20:48:01 +08:00 |
|
|
|
7d55e45f70
|
services/vouch-proxy: add some more hardening options
|
2023-10-09 20:46:06 +08:00 |
|
|
|
2dbb3ed68c
|
services/vouch-proxy: restructure for multiple instances
This resolves some cases where the admin does not have all of their
users within the protected domain and some in others.
|
2023-10-09 20:43:13 +08:00 |
|
|
|
4c6a19b3a7
|
hosts/plover: add secrets for Vouch proxy
|
2023-10-09 20:26:33 +08:00 |
|
|
|
46e38d0c96
|
hosts/plover: update Vouch proxy config
|
2023-10-09 20:26:11 +08:00 |
|
github-actions[bot]
|
ef639c9d0c
|
flake.lock: update inputs
Flake lock file updates:
• Updated input 'devshell':
'github:numtide/devshell/05d40d17bf3459606316e3e9ec683b784ff28f16' (2023-09-20)
→ 'github:numtide/devshell/cd4e2fda3150dd2f689caeac07b7f47df5197c31' (2023-09-29)
• Updated input 'disko':
'github:nix-community/disko/19b62324663b6b9859caf7f335d232cf4f1f6a32' (2023-09-28)
→ 'github:nix-community/disko/3c41ae36ff12afbada9396c7d8282c2c74f74e06' (2023-10-12)
• Updated input 'emacs-overlay':
'github:nix-community/emacs-overlay/ef992bca01ef97e8bbd1136693d24665390f39ce' (2023-09-28)
→ 'github:nix-community/emacs-overlay/bd5c5e9a9b460a275df97c7226f573cd88cb27ef' (2023-10-12)
• Updated input 'emacs-overlay/nixpkgs-stable':
'github:NixOS/nixpkgs/5cfafa12d57374f48bcc36fda3274ada276cf69e' (2023-09-27)
→ 'github:NixOS/nixpkgs/bd1cde45c77891214131cbbea5b1203e485a9d51' (2023-10-11)
• Updated input 'firefox-addons':
'gitlab:rycee/nur-expressions/0a64c59216be179aeaf9ed49d6135b7359a7326b?dir=pkgs/firefox-addons' (2023-09-28)
→ 'gitlab:rycee/nur-expressions/0a2aad558c096ea1bbe7db294c3c40fd61db2fa3?dir=pkgs/firefox-addons' (2023-10-12)
• Updated input 'helix-editor':
'github:helix-editor/helix/77fe8f214b15b8297a9f2f8ed929994559604d6c' (2023-09-28)
→ 'github:helix-editor/helix/574f82130892d4a388bfdcce63fe2c4a190e479e' (2023-10-12)
• Updated input 'home-manager':
'github:nix-community/home-manager/9d4cdf8cc4da54beb5d2e927af7a259bb4a00645' (2023-09-28)
→ 'github:nix-community/home-manager/6bba64781e4b7c1f91a733583defbd3e46b49408' (2023-10-10)
• Updated input 'home-manager/nixpkgs':
'github:NixOS/nixpkgs/e35dcc04a3853da485a396bdd332217d0ac9054f' (2023-09-22)
→ 'github:NixOS/nixpkgs/87828a0e03d1418e848d3dd3f3014a632e4a4f64' (2023-10-06)
• Updated input 'neovim-nightly-overlay':
'github:nix-community/neovim-nightly-overlay/6fb6984f0bf3fcd4fd1c375bf879c15f2770f8aa' (2023-09-29)
→ 'github:nix-community/neovim-nightly-overlay/185a47b09d95c430187a16d89b1ec32391698e07' (2023-10-13)
• Updated input 'neovim-nightly-overlay/flake-compat':
'github:edolstra/flake-compat/35bb57c0c8d8b62bbfd284272c928ceb64ddbde9' (2023-01-17)
→ 'github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33' (2023-10-04)
• Updated input 'neovim-nightly-overlay/flake-parts':
'github:hercules-ci/flake-parts/7f53fdb7bdc5bb237da7fefef12d099e4fd611ca' (2023-09-01)
→ 'github:hercules-ci/flake-parts/c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4' (2023-10-03)
• Updated input 'neovim-nightly-overlay/hercules-ci-effects':
'github:hercules-ci/hercules-ci-effects/91fae5824f5f1199f61693c6590b4a89abaed9d7' (2023-09-25)
→ 'github:hercules-ci/hercules-ci-effects/178b36dc3a75c96efc25477d45eafc37ba1fafc3' (2023-10-11)
• Updated input 'neovim-nightly-overlay/neovim-flake':
'github:neovim/neovim/b917db062fc673dfbbc6a8c722b05101319ab44e?dir=contrib' (2023-09-28)
→ 'github:neovim/neovim/ebe489d8f0edbb3538a59733289d8969d1ffea22?dir=contrib' (2023-10-12)
• Updated input 'nixos-generators':
'github:nix-community/nixos-generators/8ee78470029e641cddbd8721496da1316b47d3b4' (2023-09-04)
→ 'github:nix-community/nixos-generators/150f38bd1e09e20987feacb1b0d5991357532fb5' (2023-09-30)
• Updated input 'nixos-stable':
'github:NixOS/nixpkgs/5cfafa12d57374f48bcc36fda3274ada276cf69e' (2023-09-27)
→ 'github:NixOS/nixpkgs/bd1cde45c77891214131cbbea5b1203e485a9d51' (2023-10-11)
• Updated input 'nixos-unstable':
'github:NixOS/nixpkgs/8a86b98f0ba1c405358f1b71ff8b5e1d317f5db2' (2023-09-27)
→ 'github:NixOS/nixpkgs/f99e5f03cc0aa231ab5950a15ed02afec45ed51a' (2023-10-09)
• Updated input 'nixos-unstable-small':
'github:NixOS/nixpkgs/248a83fffc10b627da67fa6b25d2c13fc7542628' (2023-09-28)
→ 'github:NixOS/nixpkgs/4183880e0e56f5a8dc55ef63df0cb64a7d5ea21f' (2023-10-12)
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/8a86b98f0ba1c405358f1b71ff8b5e1d317f5db2' (2023-09-27)
→ 'github:NixOS/nixpkgs/f99e5f03cc0aa231ab5950a15ed02afec45ed51a' (2023-10-09)
• Updated input 'nur':
'github:nix-community/NUR/50363ec39651feb3cb64821107ea9d8e8e186bc6' (2023-09-28)
→ 'github:nix-community/NUR/9652d4b7c5c05d982e69d1c9df8d05010d431ba0' (2023-10-12)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/2f375ed8702b0d8ee2430885059d5e7975e38f78' (2023-09-21)
→ 'github:Mic92/sops-nix/f995ea159252a53b25fa99824f2891e3b479d511' (2023-10-11)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/596611941a74be176b98aeba9328aa9d01b8b322' (2023-09-16)
→ 'github:NixOS/nixpkgs/2f3b6b3fcd9fa0a4e6b544180c058a70890a7cc1' (2023-10-07)
|
2023-10-13 01:02:14 +00:00 |
|
|
|
bd478aebc7
|
profiles/dev: add Dive for virtualization submodule
|
2023-10-09 22:32:13 +08:00 |
|
|
|
5152bae032
|
services/vouch-proxy: add more systemd directives
|
2023-10-09 22:31:27 +08:00 |
|
|
|
2397656b7f
|
hosts/bootstrap: downgrade Linux kernel to 6.1
This is mainly to support zfs which is a likely future for me once I got
my hands on a mini-PC server.
|
2023-10-09 22:30:25 +08:00 |
|
|
|
cd93122b07
|
hosts/plover: enable Kanidm LDAP server
|
2023-10-09 22:09:33 +08:00 |
|
|
|
2af2326b16
|
hosts/plover: update Grafana nginx and secrets config
|
2023-10-09 22:09:15 +08:00 |
|
|
|
0830ff0458
|
hosts/plover: update foodogsquared.one DNS zone
|
2023-10-08 14:40:57 +08:00 |
|
|
|
b4b64fa50b
|
services/vouch-proxy: improve conditional settings file option
|
2023-10-07 20:42:52 +08:00 |
|
|
|
8fbbc0ca6d
|
lib/private: update getUsers implementation
|
2023-10-08 03:29:38 +08:00 |
|
|
|
a6fcc6eec6
|
hosts/plover: update Wezterm mux server config
It's not fully working but we'll get there.
|
2023-10-08 03:29:06 +08:00 |
|
