ff1927deb5
hosts/ni: update DNS routing for VPN internal network
2023-02-14 11:02:50 +08:00
93863ff00c
hosts/ni: update host and user configuration
2023-02-11 15:21:50 +08:00
7edaec8b60
profiles/dev: add Wireshark
2023-02-11 09:01:31 +08:00
ae787f8fcc
config: update comments on config
2023-02-09 14:50:11 +08:00
efdbc4c103
hosts: fix Wireguard DNS settings
2023-02-06 19:32:55 +08:00
c672357a34
hosts/ni: add cntr for debugging Nix builds
2023-02-06 16:08:19 +08:00
c8b55c278a
hosts: update Wireguard setup
2023-02-06 16:08:08 +08:00
d12f1ea15f
hosts/ni: change Wireguard setup to wg-quick
2023-02-05 16:27:49 +08:00
b1925b99a6
hosts/ni: move bootloader code into hardware configuration
2023-02-06 21:19:56 +08:00
8a23bd7932
hosts/ni: modularize networking configuration
...
Re-added the setup with the traditional networking configuration since
I'm currently using GNOME which only integrates with NetworkManager
which is working alongside it.
systemd-networkd not being used at this point but I'm keeping it.
2023-01-31 16:48:10 +08:00
300aaa786b
hosts/ni: remove swh toolkit
2023-01-29 12:49:27 +08:00
0ffc1a4078
hosts/ni: add decorative parts of the configuration
2023-01-26 13:11:32 +08:00
d0720ee7b7
hosts: revise networking-related variables set
2023-01-26 13:10:15 +08:00
00bbbd8135
hosts/ni: disable ldap service
...
Not yet familiar. Also causing me trouble with long login times since it
is also trying for all users in the system, it seems.
2023-01-24 11:08:02 +08:00
a386f99554
hosts: simplify networking set and update Wireguard setup
...
Currently, the networking set is very messy. It is better to contain
them into another attribute set and categorizing them by the interfaces
that is supposed to contain them. I should've done this some time ago.
2023-01-23 17:46:32 +08:00
fb5f2e277d
hosts/plover: simply Wireguard configuration code
2023-01-23 13:29:42 +08:00
1a6b5b6579
hosts/ni: update hardware configuration
2023-01-21 23:58:17 +08:00
382a5e6939
hosts/ni: fix IPv4 Wireguard address
2023-01-20 15:45:07 +08:00
665e72d105
hosts/ni: update networking setup
2023-01-20 14:51:11 +08:00
5a0a18fa7e
hosts/ni: add wireguard-tools to system packages
2023-01-20 13:15:53 +08:00
33206698c0
hosts: update Wireguard network setup
2023-01-19 20:16:01 +08:00
875c910e61
hosts/ni: add netboot.xyz bootloader entry
2023-01-19 00:37:43 +08:00
6ae080c68d
hosts/ni: enable nftables-based firewall
2023-01-18 11:10:31 +08:00
55547bddc7
hosts/ni: update LDAP-related settings
...
- Add OpenLDAP to the system packages.
- Fix the file permission for the LDAP password secret.
2023-01-18 11:10:11 +08:00
6bf2642ffc
hosts: add Wireguard services to related peers
...
Among other things, Plover now ignores certain IP for fail2ban. This is
for the VPN users that are placed in that range.
2023-01-17 21:34:54 +08:00
c3a5778d3f
hosts/ni: convert to systemd-networkd for network config
...
I thought it is pretty neat. Also, I've created a bond interface for the
network devices.
2023-01-17 21:33:20 +08:00
4c34a87366
chore: reformat codebase
2023-01-07 16:06:34 +08:00
a8f86a544f
hosts/ni: add LDAP service
2022-12-31 11:14:08 +08:00
b0d9ec560b
hosts/ni: update secrets code
2022-12-31 11:13:27 +08:00
Gabriel Arazas
b5b52426dc
config: restructure user and host files
2022-12-03 15:24:22 +08:00
Gabriel Arazas
7e5eab2d47
profiles/editors: add Guile for Emacs submodule
2022-11-30 08:36:37 +08:00
Gabriel Arazas
131fa25023
profiles/system: rename to profiles/desktop
...
The need for configuring desktop and server in separate profiles is
becoming more obvious. Not to mention, most of the system config from
profiles/system is obviously more desktop-oriented.
2022-11-29 21:10:51 +08:00
Gabriel Arazas
07b198c5ab
docs: update
2022-11-29 15:58:33 +08:00
Gabriel Arazas
549d067278
hosts/ni: update
2022-11-25 14:51:27 +08:00
Gabriel Arazas
c9ccb53bac
flake.nix: use Nix-built Guix service module
2022-08-27 13:41:12 +08:00
Gabriel Arazas
6cb1515d91
themes: rename into workflows
...
More self-descriptive == better. Plus it does imply that themes only
change aesthetics which is not often the case with the usual modules
that are defined here.
2022-08-27 13:41:12 +08:00
Gabriel Arazas
12251141e7
users/foo-dogsquared: add public key and update config
2022-08-19 17:36:33 +08:00
Gabriel Arazas
62f18a083f
hosts/ni: add more programs
2022-08-11 09:45:19 +08:00
Gabriel Arazas
5e605b4053
hosts/ni: update config
2022-08-10 12:14:11 +08:00
Gabriel Arazas
adff4fd67f
flake.nix: update hosts default config
2022-07-28 17:29:58 +08:00
Gabriel Arazas
688bfb59c4
hosts/ni: update config and store secrets
2022-07-19 07:11:01 +08:00
Gabriel Arazas
617a02f382
hosts/ni: install wezterm
2022-07-16 17:25:47 +08:00
Gabriel Arazas
863daae3f5
hosts/ni: update host config
2022-07-14 08:21:09 +08:00
Gabriel Arazas
30c7ee0203
profiles/agenix: move into default config
2022-07-09 14:01:37 +08:00
Gabriel Arazas
7ad9a62f2c
profiles/users: move as a library function
2022-07-09 14:00:51 +08:00
Gabriel Arazas
342e1b11f1
hosts/ni: update config with setup
2022-07-06 07:38:21 +08:00
Gabriel Arazas
9dc7dff602
hosts/ni: update config
...
For now, we're removing the backup media task just to make it easier to
install for non-local setups. It is pretty much the only thing that
requires the most secrets and I want to easily showcase my NixOS setup
or something like that. Enabling the task is still in the local changes,
just not to be committed.
2022-06-12 13:49:56 +08:00
Gabriel Arazas
d586fba900
update profiles and user configs
2022-05-20 14:47:09 +08:00
Gabriel Arazas
7ec58315c1
update various files
2022-04-30 20:31:11 +08:00
Gabriel Arazas
9f6cef56f8
profiles/system: add auto-upgrade option
2022-04-17 22:33:04 +08:00
