Christoph Heiss
be9bb3843c
services: forgejo: simplify sshd setup
...
flake / build (push) Successful in 2m59s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-24 17:47:58 +02:00
Christoph Heiss
dfeffdf041
services: openssh: disable sftp subsystem for real
...
flake / build (push) Successful in 3m9s
Apparently, the default value is `true`, not `false` as I erroneously
assumed. :/
Fixes: 389f345
("services: openssh: disable sftp subsystem")
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-24 17:39:21 +02:00
Christoph Heiss
4bd87669df
services: forgejo: enable twoqueue
cache
...
flake / build (push) Successful in 3m6s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-24 17:12:15 +02:00
Christoph Heiss
3f29ed7dfb
services: forgejo: enable old actions and repo archive cleanup tasks
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-24 17:09:56 +02:00
Christoph Heiss
54b41e8933
services: forgejo: disable user account deletion
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-24 17:07:13 +02:00
Christoph Heiss
35dcf3d3ba
services: forgejo: pin secret key
...
flake / build (push) Successful in 3m18s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-24 14:12:16 +02:00
Christoph Heiss
30d55d5792
services: forgejo: move to other host with dedicated data directory
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-24 14:12:16 +02:00
Christoph Heiss
7abca790ca
services: forgejo: simplify nginx setup
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-24 14:02:26 +02:00
Christoph Heiss
981fe69bf5
services: forgejo: simplify ssh setup by renaming user
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-24 14:02:23 +02:00
Christoph Heiss
738a05aec0
services: forgejo: switch database to sqlite3
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-24 13:03:32 +02:00
Christoph Heiss
3c80b32440
machines: maui: add some useful git send-email
aliases
...
flake / build (push) Successful in 3m1s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-23 11:16:27 +02:00
Christoph Heiss
c513cc2bce
home-manager: desktop: git: set sendemail identity explicitly
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-23 11:13:36 +02:00
Christoph Heiss
065a6e1eb0
machines: maui: set git suppress-cc to 'all'
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-23 11:07:05 +02:00
Christoph Heiss
c4920d7616
home-manager: desktop: remove old git alias in favor of tig
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-23 10:52:17 +02:00
Christoph Heiss
a182c40fab
home-manager: desktop: move stray comment to correct place
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-23 10:48:30 +02:00
Christoph Heiss
ede4400e9e
services: nginx: add fail2ban filter for (more) crawlers
...
flake / build (push) Successful in 2m57s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-22 23:11:20 +02:00
Christoph Heiss
17a05c88db
pkgs: neomutt-export-patches: convert to new buildPerlApplication
helper
...
flake / build (push) Successful in 3m1s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-22 21:02:35 +02:00
Christoph Heiss
d51b5ab8f9
pkgs: deploy-sink: convert to new buildPerlApplication
helper
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-22 21:00:06 +02:00
Christoph Heiss
fa12895af3
pkgs: automation-shell: convert to new buildPerlApplication
helper
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-22 20:55:42 +02:00
Christoph Heiss
ae13670a64
flake: add custom lib with initial perl application builder
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-22 20:49:43 +02:00
Christoph Heiss
8b45301ab9
secrets: tank: update something
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-22 20:10:31 +02:00
Christoph Heiss
efef37f22f
home-manager: desktop: move fontconfig file into common attrset
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-22 20:10:03 +02:00
Christoph Heiss
befdf9fa84
home-manager: firefox: add initial declarative configuration
...
flake / build (push) Successful in 3m22s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-22 17:33:22 +02:00
Christoph Heiss
92ff9a23cf
common: nix-options: directly set flake-registry
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-22 16:01:31 +02:00
Christoph Heiss
1f851ab8b9
secrets: desktop: update something
...
flake / build (push) Successful in 3m12s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-21 14:35:38 +02:00
Christoph Heiss
d980c44163
extra: zshrc: common: autoload zmv
tool
...
flake / build (push) Successful in 3m7s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-19 23:25:16 +02:00
Christoph Heiss
1fa17a074f
extra: nvim: add keymapping to load last directory session
...
flake / build (push) Successful in 3m23s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-19 11:05:48 +02:00
Christoph Heiss
b4c458e11a
services: vaultwarden: add fail2ban jail
...
flake / build (push) Successful in 3m7s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-19 10:39:58 +02:00
Christoph Heiss
e373b1aa98
services: nginx: enable fail2ban 'apache-badbots' filter
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-19 10:36:10 +02:00
Christoph Heiss
9250581753
services: fail2ban: increase default bantime to 1 week
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-19 10:31:37 +02:00
Christoph Heiss
bc67437947
system: deploy-target: update public ssh key
...
flake / build (push) Successful in 3m13s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-19 08:42:25 +02:00
Christoph Heiss
31076d3f8f
services: add new yarr service for RSS reading
...
flake / build (push) Successful in 3m57s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-18 22:03:19 +02:00
Christoph Heiss
760261f58e
modules: services: add new service definition for yarr
...
https://github.com/nkanaev/yarr
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-18 22:01:29 +02:00
Christoph Heiss
4f7694fec5
services: vaultwarden: move to fort
...
flake / build (push) Successful in 3m30s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 18:22:02 +02:00
Christoph Heiss
bd16916a99
services: vaultwarden: migrate from postgresql to sqlite
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 17:53:52 +02:00
Christoph Heiss
ccbfff0b13
services: vaultwarden: factor out fqdn construction
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 17:50:56 +02:00
Christoph Heiss
2875ee182b
services: vikunja: move to fort
...
flake / build (push) Successful in 3m31s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 16:52:44 +02:00
Christoph Heiss
14632d40a7
services: vikunja: centralize fqdn construction
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 14:58:33 +02:00
Christoph Heiss
ee24f14950
home-manager: desktop: nvim: sort treesitter plugin list
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 14:21:13 +02:00
Christoph Heiss
5099e0fbb7
services: forgejo: increase reverse proxy max body size
...
flake / build (push) Successful in 3m21s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 11:04:55 +02:00
Christoph Heiss
ab6be969a6
home-manager,extra: nvim: add basic kotlin language support
...
flake / build (push) Successful in 3m20s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 01:33:30 +02:00
Christoph Heiss
f9f7017442
machines: zero: add some secrets
...
flake / build (push) Successful in 3m19s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 01:24:36 +02:00
Christoph Heiss
e1c83122ca
services: forgejo: drop attribute which gets overwritten anyway
...
flake / build (push) Successful in 4m0s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 01:05:35 +02:00
Christoph Heiss
5f133d017e
machines: fort: mount additional data volume
...
flake / build (push) Has been cancelled
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 00:58:01 +02:00
Christoph Heiss
c44b3b0e77
machines: fort: add discard=async
mount option to all filesystems
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 00:55:17 +02:00
Christoph Heiss
6333d7d38d
services: drop tt-rss completely
...
flake / build (push) Successful in 3m21s
Instead I'll be switching to yarr [0], which is a lot simpler and
supports using a sqlite database.
[0] https://github.com/nkanaev/yarr
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-16 23:21:47 +02:00
Christoph Heiss
2cb5597d77
services: postgresql: upgrade to 16
...
flake / build (push) Successful in 3m26s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-16 23:06:30 +02:00
Christoph Heiss
6991c2ee5b
machines: zero: drop now-obsolete amdgpu.sg_display
kernel parameter
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-16 22:20:51 +02:00
Christoph Heiss
14f90b5741
machines: trek: drop now-obsolete i915.force_probe
kernel parameter
...
flake / build (push) Successful in 3m33s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-15 21:52:14 +02:00
Christoph Heiss
4b2edbe511
flake: bump lix to 2.91.0
...
flake / build (push) Successful in 3m23s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-13 13:20:25 +02:00