c8h4/nixos-config
1
0
Fork 0
Code Issues Actions Activity
641 commits 2 branches 0 tags 6.3 MiB
Commit graph

641 commits

This branch
This branch
All branches
Author SHA1 Message Date
Christoph Heiss 46aaba83f1
flake: add formatter for toml files
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-07-03 17:05:24 +02:00
Christoph Heiss c9780f9f01
flake: bump nixpkgs, home-manager, et al. to ~30-06-2024
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-07-03 16:58:02 +02:00
Christoph Heiss c160e506be
common: nix-options: disable unfree and broken packages and aliases explicitly 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-07-03 15:30:25 +02:00
Christoph Heiss d99b71d578
home-manager: desktop: move DOCKER_HOST setting to system-wide config 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-07-03 15:28:13 +02:00
Christoph Heiss 44a7d23daa
flake: pull in openssh 9.8p1 through nixpkgs directly
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details 
.. benefiting from the cache.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-07-02 12:25:26 +02:00
Christoph Heiss 118ee71e09
flake: pin nixfmt package to nixfmt-classic 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-07-02 12:23:10 +02:00
Christoph Heiss ef0d4cea6d
secrets: fort: update some things
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-07-01 16:52:33 +02:00
Christoph Heiss 69b91d3e25
pkgs: override openssh to version 9.8p1
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details 
Due to RCE:

https://www.openssh.com/releasenotes.html
https://forum.aux.computer/t/security-advisory-openssh-remote-code-execution-cve-2024-6387-regresshion-update-your-servers-asap

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-07-01 16:07:27 +02:00
Christoph Heiss c8ab9d9f8b
ci: convert sourcehut build manifest to woodpecker
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-30 23:45:08 +02:00
Christoph Heiss 06fd80f486
services: grafana: switch over to dedicated subdomain instead of subpath 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-29 12:50:54 +02:00
Christoph Heiss 30e6c7ab70
services: forgejo: explicitly set dump file name 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-29 12:48:47 +02:00
Christoph Heiss 941696526b
system: desktop: move fonts configuration to home-manager 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-28 10:37:47 +02:00
Christoph Heiss 43925a3a98
system: desktop: drop iw package, move lldb to home-manager 
Never even used `iw` to this point.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-28 10:09:45 +02:00
Christoph Heiss a81e33f7bb
services: forgejo: disable actions 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-26 16:12:03 +02:00
Christoph Heiss 537325a85a
services: forgejo: increase repo health check timeout to 10min 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-26 16:10:30 +02:00
Christoph Heiss 1f52d0f979
machines: maui: fix PATH for lix configuration 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-25 10:04:40 +02:00
Christoph Heiss 0aef3b11f5
flake: update lockfile 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-25 10:02:31 +02:00
Christoph Heiss b13318b89f
services: sourcehut: drop completely 
Switched to Forgejo .. it's just so _much_ simpler than sourcehut with
all its small microservices, essentially.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-24 23:37:09 +02:00
Christoph Heiss 8ee22e9e5c
services: home-assistant: use batch mode for ssh invocations 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-24 23:37:09 +02:00
Christoph Heiss 417ff5defa
services: forgejo: enable backups using restic 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-24 23:37:09 +02:00
Christoph Heiss d94687c812
services: git-ingress: add dmz'd git-over-ssh ingress for forgejo 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-24 23:37:08 +02:00
Christoph Heiss 599a4db693
services: forgejo: add initial deployment 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-18 22:10:52 +02:00
Christoph Heiss 411190f62b
flake: remove refs, refresh lockfile 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-18 11:39:40 +02:00
Christoph Heiss 6e88af9c8a
flake: switch home-manager-based maui to lix too 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-18 11:19:36 +02:00
Christoph Heiss dab449bea4
flake: switch to lix 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-17 15:55:17 +02:00
Christoph Heiss 8669aa1474
common: nix: set flake registry path 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-17 15:32:10 +02:00
Christoph Heiss deea4524de
common: nix: disable accept-flake-config option 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-17 13:34:00 +02:00
Christoph Heiss 03350125f3
common: nix: show more log lines by default 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-17 13:33:45 +02:00
Christoph Heiss 275f1a0a70
common: nix: enable auto-allocate-uids and cgroups features 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-17 13:33:11 +02:00
Christoph Heiss 8592a76cc2
extra: nvim: replace spellchecking completely with typos-lsp 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-17 11:38:53 +02:00
Christoph Heiss e345fa84c7
home-manager: common: add tmux patch for fixing crash over ssh with neovim 0.10 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-17 09:51:00 +02:00
Christoph Heiss 4cae106ce3
extra: nvim: only enable spellcheck for rst, typst and text by default 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-17 08:59:45 +02:00
Christoph Heiss c7a75452e7
pkgs: sway-background-image: fetch image directly from source 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-16 02:20:53 +02:00
Christoph Heiss 59c4b89fd1
extra: nvim: add typos-lsp, enable spell checking by default 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-10 09:47:44 +02:00
Christoph Heiss 249cf3f640
services: vikunja: add initial deployment 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-06 17:56:34 +02:00
Christoph Heiss 89a1aa37fd
modules: nextcloud: disable systemd-oomd inside container 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-05 22:56:04 +02:00
Christoph Heiss 6aac3e5cfc
services: nginx: make clientMaxBodySize default overridable 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-05 22:51:55 +02:00
Christoph Heiss 5d0b66df29
services: tt-rss: scale down default settings a bit 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-04 17:24:37 +02:00
Christoph Heiss e7b0f7a938
services: nginx: optimize overall configuration 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-04 17:23:57 +02:00
Christoph Heiss baf8a4e2e6
modules: nextcloud: upgrade default package to Nextcloud 29 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-03 19:45:10 +02:00
Christoph Heiss 5bc7793319
system: zfs: lower scrub interval to monthly 
Best would be bi-weekly, but systemd does not support such an interval
(yet).

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-03 18:16:28 +02:00
Christoph Heiss 6fb9beb383
flake: bump nixpkgs, home-manager, nixos-hardware, nixgl and sops-nix 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-03 11:15:44 +02:00
Christoph Heiss c69bb88f8b
services: vaultwarden: lower number of workers 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-01 23:08:34 +02:00
Christoph Heiss a95c8c343b
secrets: fort: IPv6 stuff 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-01 20:29:08 +02:00
Christoph Heiss 058efe7f4d
services: prometheus: clean up a bit 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-01 00:59:06 +02:00
Christoph Heiss db0d68bfd0
machines: tank: set IPv6 DUID for dhcpcd 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-01 00:59:03 +02:00
Christoph Heiss 90c2425a4f
system: desktop: enable ipv6 support by default for podman 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-05-31 17:51:13 +02:00
Christoph Heiss 4d4e498f84
home-manager: common: enable zsh history timestamps 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-05-31 12:40:19 +02:00
Christoph Heiss c685bbdc82
home-manager: waybar: add separate network module for ipv6 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-05-30 15:26:07 +02:00
Christoph Heiss 47fd05de5f
flake: use null for self everywhere on overlay imports 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-05-28 13:39:06 +02:00