Commit Graph

102 Commits

Author SHA1 Message Date
1ceaf24133
all: add breakglass ssh key 2023-06-14 10:45:39 -06:00
a26ebc7d1b
flake: switch "beta" input to "stable" 2023-06-14 10:45:39 -06:00
9aa076a3a9
fmt 2023-06-14 10:45:37 -06:00
5671b40424
all: limit generations to 15 2023-06-14 10:45:37 -06:00
6317c4e28b
all: use boot.tmp.cleanOnBoot on unstable 2023-06-14 10:45:36 -06:00
8d099e7f26
all: add some space around the motd 2023-06-14 10:45:36 -06:00
2bab371532
all: new MOTD 2023-06-14 10:45:36 -06:00
6ef407f441
all: enable monitoring with monit 2023-06-14 10:45:35 -06:00
7d6022024f
all: cleanup dead code 2023-06-14 10:45:35 -06:00
39a839718c
all: fix addkeystoagent, apparently order matters here.. not sure why yet 2023-06-14 10:45:34 -06:00
8e2d470815
all: add hw ssh key for surf 2023-06-14 10:45:34 -06:00
733768ffe5
all: remove unused ca 2023-06-14 10:45:34 -06:00
6668733394
all: add local ssh_known_hosts file 2023-06-14 10:45:34 -06:00
a90012f330
all: fix agentTimeout in ssh_config 2023-06-14 10:45:34 -06:00
f132365414
all: consolidate ssh_config settings 2023-06-14 10:45:34 -06:00
f839d802ab
all: add BD SSH CA 2023-06-14 10:45:33 -06:00
bc0bbf8436
all: remove rbw, install git-bug 2023-06-14 10:45:33 -06:00
809ff02c01
all: remove unused CA 2023-06-14 10:45:33 -06:00
7883b30ff6
all: add a top level configs/default.nix 2023-06-14 10:45:33 -06:00
82f895bc18
all: add extra ca for ssh 2023-06-14 10:45:33 -06:00
1daecad28e
all: disable trusteduserca for now 2023-06-14 10:45:33 -06:00
5335332531
all/openssh: fix ce entry in sshd, specify domains for ca 2023-06-14 10:45:33 -06:00
3b454657b6
all: add ssh CA pubkey 2023-06-14 10:45:33 -06:00
5f23950400
configs: initial bits for standing up a ca 2023-06-14 10:45:32 -06:00
681d438de3
all: split out more ssh options as they have been migrated 2023-06-14 10:45:32 -06:00
7b52221bef
pkgs/promnesia: add a few more deps and the user services 2023-06-14 10:45:32 -06:00
cba85185c0
all: remove unavailable sshd options for now 2023-06-14 10:45:31 -06:00
48933194e0
overlays: split frequent ovlays into files that can be included
- add overlay for newer openssh
2023-06-14 10:45:31 -06:00
c39629e62d
all: add ci config / setup 2023-06-14 10:45:31 -06:00
46cd6acc67
all: split ssh options into unstable / stable 2023-06-14 10:45:30 -06:00
a44087fa63
all: set more strict mac and kex for sshd 2023-06-14 10:45:29 -06:00
dc68343a8c
all: install ripgrep 2023-06-14 10:45:09 -06:00
fbaadaa177
all: install gosignify 2023-06-14 10:45:08 -06:00
723c4b7aae
all: remove trustcor certs 2023-06-14 10:45:08 -06:00
088c65a287
all: set ipv6 tcp keepalive to 60 2023-06-14 10:45:06 -06:00
3572f13a0b
all: add ssh key with access to run xin-status 2023-06-14 10:45:06 -06:00
7067e9b9a5
configs/neovim: only install nil on unstable, better color for search 2023-06-14 10:45:05 -06:00
9400f6b24c
configs/neovim: use vacme theme with some tweaks 2023-06-14 10:45:05 -06:00
d0b0b6feec
all: switch tcp_keepalive_time to 60 seconds 2023-06-14 10:45:05 -06:00
e8ea0e7f7b
modules: move ssh-fido-agent file 2023-06-14 10:45:03 -06:00
b5cbc4e9fa
all: use overlays everywhere, add newer ssh for everything 2023-06-14 10:45:03 -06:00
f23aae085a
default: set hardened kernel as default 2023-06-14 10:45:02 -06:00
26cbaee41f
pkgs: switch to nixpkgs got as it is up-to-date now. 2023-06-14 10:45:01 -06:00
098e49daea
all: set i18n to en_US.utf8 2023-06-14 10:45:00 -06:00
1df8a52640
all: fix perms on deploy key 2023-06-14 10:44:58 -06:00
b35a2966b2
all: add peerix capabilities 2023-06-14 10:44:58 -06:00
ab34df7aea
all: wheel can see deploy key 2023-06-14 10:44:58 -06:00
fe228dfa27
all: install taskwarrior, cleanup package entries 2023-06-14 10:44:57 -06:00
6c0df153a3
pkgs: use main package entry point 2023-06-14 10:44:57 -06:00
1fc1c7f85c
all: run update checks every 3 hours.
Allow some hosts to reboot if needed and install the known hosts entry
for xin-secrets-ro
2023-06-14 10:44:57 -06:00
e13bcb9dae
all: enable autoUpgrade for everything 2023-06-14 10:44:57 -06:00
ed9e687dbe
hello world! 2023-06-14 10:44:57 -06:00