Commit Graph

764 Commits

Author SHA1 Message Date
4a9dddb422
box: let h reach in over the wg tunnel to talk to public services
clean up a bit too
2023-06-14 10:45:04 -06:00
24237204d9
h: enable wg, toss back traffic to ports over wg network 2023-06-14 10:45:04 -06:00
1da540f4bf
router: cleanup a bit, let some vlan traffic out, add static ips back in 2023-06-14 10:45:04 -06:00
e446ac3d1c
h: add wireguard bits 2023-06-14 10:45:04 -06:00
ac44c31958
box: clobber some networking bits 2023-06-14 10:45:04 -06:00
a868078cb6
router: expand config a bit more, start structure for driving things 2023-06-14 10:45:04 -06:00
eaf5905856
router: fmt and update alias 2023-06-14 10:45:04 -06:00
5ae7f8389e
router: trial by live-fire \o/ 2023-06-14 10:45:04 -06:00
b7cb021d62
europa: set idleactionsec to 2h 2023-06-14 10:45:04 -06:00
474f0c4a75
fmt 2023-06-14 10:45:04 -06:00
2cd1307422
plq: install rage 2023-06-14 10:45:04 -06:00
07aee801a0
router: add some boilerplate table and adapt it a bit 2023-06-14 10:45:04 -06:00
8d5d6f27d1
box: disable some unused services 2023-06-14 10:45:04 -06:00
1be307b199
plq: update nixpkgs-review name 2023-06-14 10:45:04 -06:00
ece5d6715c
stan: install obsidian 2023-06-14 10:45:04 -06:00
128b1e204c
europa: run taskob every 30min 2023-06-14 10:45:04 -06:00
e424cc821a
flake: add taskobs, remove dup overlay entry 2023-06-14 10:45:04 -06:00
d2d75d2a6a
router: move back to inline nftable file 2023-06-14 10:45:04 -06:00
86857373d4
router: back to hardened 2023-06-14 10:45:04 -06:00
0399a3ba21
router: add nf_tables module, use regular kernel for now. 2023-06-14 10:45:04 -06:00
f314cafa5c
router: use built in rulesetFIle 2023-06-14 10:45:04 -06:00
5967f908e3
all: change netrc location, europa: use netrc 2023-06-14 10:45:04 -06:00
872e63a2a6
router: poke around withnftables.. not working.. 2023-06-14 10:45:04 -06:00
8e14e55781
router: flesh out config a bit more 2023-06-14 10:45:04 -06:00
334f3970f3
europa: install minicom 2023-06-14 10:45:04 -06:00
652696f93a
europa: install clementine 2023-06-14 10:45:04 -06:00
ee15e10ac5
router: set reboot window 2023-06-14 10:45:03 -06:00
569a90acac
router: move to a new machine after frying old one \o/ 2023-06-14 10:45:03 -06:00
5f9bde625b
fmt: fix fmt \o/
also add deadnix checks
2023-06-14 10:45:03 -06:00
a13d644e52
box: mv bw env file to sops 2023-06-14 10:45:03 -06:00
d457bf870c
h: enable yarr 2023-06-14 10:45:03 -06:00
78f46d71c5
stan: add firefox 2023-06-14 10:45:03 -06:00
26038d77fd
h: remove unused domain 2023-06-14 10:45:03 -06:00
b5cbc4e9fa
all: use overlays everywhere, add newer ssh for everything 2023-06-14 10:45:03 -06:00
b6d9b9c81a
hass: remove 2023-06-14 10:45:03 -06:00
5bcb55ed49
router: use hardened module. fmt 2023-06-14 10:45:03 -06:00
00d2eeaa89
router: init 2023-06-14 10:45:03 -06:00
14825957f0
h: add host alias for git.tapenet
while here, consolidate networking settings
2023-06-14 10:45:03 -06:00
36471a59ca
h: reboot when we need to 2023-06-14 10:45:02 -06:00
1de97fd8da
h: add fix for weepushover 2023-06-14 10:45:02 -06:00
5307606d0e
h: disable weepushover for now 2023-06-14 10:45:02 -06:00
fe4ddd29c2
stan: +remmina 2023-06-14 10:45:02 -06:00
89bf05399f
stan,europa: no hardened, breaks too many things 2023-06-14 10:45:02 -06:00
f23aae085a
default: set hardened kernel as default 2023-06-14 10:45:02 -06:00
78b56c7bf4
box,europa,faf,h,stan: use hardened kernel 2023-06-14 10:45:02 -06:00
149c88dea4
h: disable openbsd.app as it is running on openbsd now 2023-06-14 10:45:02 -06:00
ca20399fa6
fmt 2023-06-14 10:45:02 -06:00
ef80887b6f
Update various package names, remove unused stuff 2023-06-14 10:45:02 -06:00
187cbe626b
h: add handler for openbsd.app 2023-06-14 10:45:02 -06:00
cea8d371fe
h: add weepushover weechat plugin 2023-06-14 10:45:02 -06:00
e087489467
h: add icbirc script and try to start it
also ovelay weechat
2023-06-14 10:45:02 -06:00
de632b1da1
h: fix notes redirect 2023-06-14 10:45:02 -06:00
347b39c697
weather: switch to unstable 2023-06-14 10:45:02 -06:00
9a7eb474e5
weather: add fix for networkmanager not restarting 2023-06-14 10:45:01 -06:00
e1cb16d148
fmt 2023-06-14 10:45:01 -06:00
d0a43662ea
h: add resolver and remove slash for notes publishing 2023-06-14 10:45:01 -06:00
dbeca1c11e
h: fix dup location entries 2023-06-14 10:45:01 -06:00
c0210f0929
h: add proxy_ssl_server_name for notes 2023-06-14 10:45:01 -06:00
ef7ca9f23d
h: add redirect for notes.suah.dev 2023-06-14 10:45:01 -06:00
165e301523
europa: enable clam-updater 2023-06-14 10:45:01 -06:00
6ad97610bf
pkgs: add zutty, use it on stan and europa 2023-06-14 10:45:01 -06:00
0b6126e273
europa: install pharo and configure login limits 2023-06-14 10:45:01 -06:00
5f8935fbf4
stan: install rustdesk 2023-06-14 10:45:01 -06:00
f6a398fa4e
europa: switch from Notes to Brain 2023-06-14 10:45:01 -06:00
a8bb65617e
h: enable gts with the new domain now that dns has prop'd 2023-06-14 10:45:01 -06:00
b64d48c1ed
h: +zonemaster-cli 2023-06-14 10:45:01 -06:00
4c259a92ee
h: gts storage goes up a dir 2023-06-14 10:45:01 -06:00
a05af33061
h: switch to mammothcirc.us for gts, also disable for now (dns update pending) 2023-06-14 10:45:01 -06:00
fd8227d407
fmt 2023-06-14 10:45:01 -06:00
e34d524505
+luna 2023-06-14 10:45:01 -06:00
1de5e5562f
europa: install obsidian 2023-06-14 10:45:01 -06:00
36c9340c41
h: enable gts again 2023-06-14 10:45:01 -06:00
769d000bcb
h: disable gts for now 2023-06-14 10:45:01 -06:00
e706eadee1
h: enable gts db query log 2023-06-14 10:45:01 -06:00
1280b40858
h: use recommended config for gts 2023-06-14 10:45:01 -06:00
ee06e3f810
h: enable g2s debug 2023-06-14 10:45:01 -06:00
e9a0284f1d
h: set protocol to https for g2s 2023-06-14 10:45:01 -06:00
422e387764
h: try to fix g2s well-known 2023-06-14 10:45:01 -06:00
911ca17a82
h: add overlay for latest synapse 2023-06-14 10:45:01 -06:00
a279131b1e
h: do not force approval 2023-06-14 10:45:01 -06:00
1925b46980
h: try to make gotosocial login work 2023-06-14 10:45:01 -06:00
8b72ad6e3f
fmt 2023-06-14 10:45:00 -06:00
03a5caa59b
h: enable gotosocial
- Add a _rough_ module for gotosocial
- Add a package for gotosocial
2023-06-14 10:45:00 -06:00
ded434c205
stan: use default kernel, add main secrets file 2023-06-14 10:45:00 -06:00
1153949fe2
box: add router to prom 2023-06-14 10:45:00 -06:00
ba79d8f535
overlay: nheko to the latest 2023-06-14 10:45:00 -06:00
efaf1fbf4a
europa: enable virt-mgr 2023-06-14 10:45:00 -06:00
97d823fba7
europa/stan: re-enable emacs 2023-06-14 10:45:00 -06:00
49fba03ca6
europa: disable virtmgr and nheko for now 2023-06-14 10:45:00 -06:00
30bf2d9f41
box: disable loki analytics 2023-06-14 10:45:00 -06:00
a311e0ef04
fmt 2023-06-14 10:45:00 -06:00
a21956d951
box: open loki up on tailnet 2023-06-14 10:45:00 -06:00
42fe13ea64
h: enable promtail 2023-06-14 10:45:00 -06:00
6709188d8d
h: poke hole in fw for prom/node 2023-06-14 10:45:00 -06:00
aeca05c5e1
h/box: setup prom/node_exporter 2023-06-14 10:45:00 -06:00
0a862d59a2
net-overlay: add ability to have ssh-only hosts 2023-06-14 10:45:00 -06:00
15a6416235
stan: disable emacs until unstable is updated 2023-06-14 10:45:00 -06:00
3d84c6cb6e
hass: remove alias 2023-06-14 10:45:00 -06:00
ca340774dd
all/europa: disable stuff that needs building 2023-06-14 10:45:00 -06:00
39a0ee829a
europa: install fido2luks 2023-06-14 10:45:00 -06:00
06cfa0c42e
hass: add zfs stuff 2023-06-14 10:45:00 -06:00
eee9eea3ea
hass: enable zfs 2023-06-14 10:45:00 -06:00
08b4d12e21
hass: re-enable 2023-06-14 10:45:00 -06:00
0568817196
fmt 2023-06-14 10:45:00 -06:00
d0b4684200
euroap: reomve non-functional fido2luks 2023-06-14 10:45:00 -06:00
01af9e577f
europa: move systemd def out of service 2023-06-14 10:45:00 -06:00
ce1244045d
europa: enable emacs 2023-06-14 10:45:00 -06:00
8d87c53bff
europa: setup hibernate after 2h 2023-06-14 10:45:00 -06:00
f7e7a37e27
europa: install fido2luks 2023-06-14 10:45:00 -06:00
8f4849f963
fmt 2023-06-14 10:45:00 -06:00
7d8ebe4e6e
europa: swap by label 2023-06-14 10:45:00 -06:00
0b4c5178e4
europa: new hadware config 2023-06-14 10:45:00 -06:00
d8d2d06476
europa: reinstall without zfs, enable logind lid switch 2023-06-14 10:45:00 -06:00
841c08e825
europa: add calibre 2023-06-14 10:44:59 -06:00
0fdddb6494
box: add new certs for books 2023-06-14 10:44:59 -06:00
bc9e2d2c57
fmt 2023-06-14 10:44:59 -06:00
c749947a18
box: set port and ip for calibre-web 2023-06-14 10:44:59 -06:00
24e5cb8efb
box: use default calibre location 2023-06-14 10:44:59 -06:00
13af0170cd
faf: add dns entry for books 2023-06-14 10:44:59 -06:00
1092f99521
box: listen.port 2023-06-14 10:44:59 -06:00
aa19b26c91
box: enable calibre web 2023-06-14 10:44:59 -06:00
85a861c5ff
box: disable grafana plugins that are not working 2023-06-14 10:44:59 -06:00
1809be5b6a
box: add grafana plugins 2023-06-14 10:44:59 -06:00
588eb48251
box: setup promtail and add it to grafana 2023-06-14 10:44:59 -06:00
2d91dfc2a3
loki: move to box 2023-06-14 10:44:59 -06:00
4311625c39
faf: add initial loki config 2023-06-14 10:44:59 -06:00
b8e102ac8a
box/faf: point to 9002 2023-06-14 10:44:59 -06:00
796b001889
box: point to prom port on faf 2023-06-14 10:44:59 -06:00
2f7df1d3c5
faf: enable prometheus 2023-06-14 10:44:59 -06:00
d91af26fda
box: disable kativa 2023-06-14 10:44:59 -06:00
735c08f30e
plq: install nix-review, prep for sops ability 2023-06-14 10:44:59 -06:00
0d5ed8dafe
box: update photoprism container 2023-06-14 10:44:59 -06:00
681ac5d886
h: be explicit in what ports are open 2023-06-14 10:44:59 -06:00
466bc21fa7
h: cleanup ports that are open 2023-06-14 10:44:59 -06:00
9217f91383
europa/stan: make peerix private key owner dynamic 2023-06-14 10:44:59 -06:00
61913c8182
stan/europa: disable peerix 2023-06-14 10:44:59 -06:00
c774e4f779
stan/europa: allow peerix over wifi 2023-06-14 10:44:59 -06:00
83dbadd175
peerix: install zerotierone package, configure stan 2023-06-14 10:44:59 -06:00
6a8de66bce
stan; listen for peerix on the dongle 2023-06-14 10:44:58 -06:00
0c6e5ca2a3
stan: +tcpdump 2023-06-14 10:44:58 -06:00
f591a9cfce
stan: use overlays 2023-06-14 10:44:58 -06:00
281059c392
stan: use correct ip for arst.arst 2023-06-14 10:44:58 -06:00
c91eb5f50d
stan: toggle isUnstable 2023-06-14 10:44:58 -06:00
751ce29024
stan: install zig 2023-06-14 10:44:58 -06:00
0303929031
europa,stan: listen on dock interface 2023-06-14 10:44:58 -06:00
e14b39d5e9
litr: bye bye 2023-06-14 10:44:58 -06:00
f2ec36c485
stan: enable jetbrains and sshfidoagent 2023-06-14 10:44:58 -06:00
7171de6652
overlays: add zig 2023-06-14 10:44:58 -06:00
e66712f8d1
europa: install frequently used tools 2023-06-14 10:44:58 -06:00
b35a2966b2
all: add peerix capabilities 2023-06-14 10:44:58 -06:00
d506314085
stan: install emacs 2023-06-14 10:44:58 -06:00
5ef73472e7
stan: enable bt 2023-06-14 10:44:58 -06:00
14654384b1
stan: add hosts entries, extend user to userBase 2023-06-14 10:44:58 -06:00
2d496c12aa
stan: fix secret path, remove old key, dedup users 2023-06-14 10:44:58 -06:00
ab34df7aea
all: wheel can see deploy key 2023-06-14 10:44:58 -06:00
d96dd309b7
europa: disable most of the nixos-hardware changes prevously added 2023-06-14 10:44:58 -06:00
1e5371f7e9
h: switch to unstable 2023-06-14 10:44:58 -06:00
d8fc0db566
h: add restic wrapper for easier management
while here backup /home
2023-06-14 10:44:58 -06:00
23926b52ad
h: update auto-redact-list 2023-06-14 10:44:58 -06:00
b9e4050ac5
h: enable taskserver 2023-06-14 10:44:58 -06:00
fe228dfa27
all: install taskwarrior, cleanup package entries 2023-06-14 10:44:57 -06:00
1fc1c7f85c
all: run update checks every 3 hours.
Allow some hosts to reboot if needed and install the known hosts entry
for xin-secrets-ro
2023-06-14 10:44:57 -06:00
df95a3d90c
europa: fmt 2023-06-14 10:44:57 -06:00
ed9e687dbe
hello world! 2023-06-14 10:44:57 -06:00