Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | machines/haku: set NIX_PATH to filtered pkgs.path | Profpatsch | 2020-08-30 | 1 | -2/+13 |
| | | | | | | | | | | | | This is a step towards a saner deployment for these machines. The NIX_PATH is fixed, so that everything on the running system always uses exactly the nixpkgs version the system was deployed with. The deployment is done by copying the system closure and switching to it via the `bin/switch-to-configuration` script. Uses the reference to pkgs.path, and applies filterSourceGitignore on the directory, since I often deploy from a local checkout which is half a GB without the gitignore filter. | ||||
* | machines/haku: add data-seeding group | Profpatsch | 2020-08-30 | 1 | -0/+3 |
| | | | | used for access to /data/seeding | ||||
* | machines/haku: remove rtorrent | Profpatsch | 2020-08-30 | 1 | -1/+0 |
| | |||||
* | machines/haku: make drawpile session persistent | Profpatsch | 2020-05-02 | 1 | -3/+5 |
| | |||||
* | machines/haku: add drawpile | Profpatsch | 2020-05-02 | 1 | -0/+13 |
| | |||||
* | machines/haku: accept terms & add necessary email address | Profpatsch | 2020-02-16 | 1 | -0/+3 |
| | |||||
* | pkgs/profpatsch/warpspeed: 1.0 -> 1.1 | Profpatsch | 2020-01-26 | 1 | -1/+2 |
| | | | | | | - Add argument for which host to bind against. - Add argument to specify where the root address should be redirected to (if at all) | ||||
* | pkgs/profpatsch/youtube2audiopodcast: fix a few things | Profpatsch | 2019-12-27 | 1 | -1/+1 |
| | |||||
* | machines/profpatsch/haku: add rss2audiopodcast to nginx | Profpatsch | 2019-12-27 | 1 | -1/+26 |
| | |||||
* | treewide: use `runCommandLocal` where applicable | Profpatsch | 2019-12-08 | 1 | -1/+1 |
| | | | | | | | `runCommandLocal` was added to nixpkgs in https://github.com/NixOS/nixpkgs/pull/74642 to speed up trivial `runCommand` derivations by always building them locally. We have a few places where that’s good to use. | ||||
* | machines/haku: add lisanne again | Profpatsch | 2019-08-28 | 1 | -1/+1 |
| | |||||
* | machines/haku: custom ports | Profpatsch | 2019-08-28 | 1 | -0/+3 |
| | |||||
* | machines/haku: add lisanne | Profpatsch | 2019-08-27 | 1 | -0/+1 |
| | |||||
* | machines/haku: set up as VPN server with wireguard | Profpatsch | 2019-05-31 | 1 | -5/+54 |
| | | | | | | | | | | | | Generates a wireguard configuration based on https://nixos.wiki/wiki/Wireguard and sets up the iptables firewall in a way that only enables forwarding between `eth0` and the `wg` interfaces. The standard NixOS firewall configuration allows `FORWARD` between all interfaces, and `networking.nat.enable` enables the `ip_forward` rule in the kernel, meaning packages can suddenly hop interfaces without a firewall that `DROP`s forwards by default. | ||||
* | machines/haku: open less ports in firewall | Profpatsch | 2019-05-16 | 1 | -3/+2 |
| | |||||
* | machines/haku: add wireguard kernel module | Profpatsch | 2018-12-30 | 1 | -0/+3 |
| | |||||
* | machines/haku: add Thomas’s ssh pubkey to vorstand | Profpatsch | 2018-12-30 | 1 | -0/+1 |
| | |||||
* | machines/profpatsch: clean up configs | Profpatsch | 2018-12-22 | 1 | -11/+0 |
| | | | | Remove unused packages and commented out stuff. | ||||
* | machines/haku: serve lojbanistan.de favicon | Profpatsch | 2018-10-20 | 1 | -1/+15 |
| | |||||
* | machines/haku: set NIX_PATH similar to katara | Profpatsch | 2018-06-05 | 1 | -0/+12 |
| | |||||
* | machines/haku: pass to v4 localhost warpspeed explicitely | Profpatsch | 2018-02-17 | 1 | -1/+1 |
| | | | | | Apparently nginx resolves localhost to [::1] in a newer version by defaul, yet my static file server only binds to 127.0.0.1. | ||||
* | machines/haku: coi do | Profpatsch | 2018-02-10 | 1 | -1/+1 |
| | |||||
* | machines/haku: enable auto upgrade | Profpatsch | 2018-02-09 | 1 | -0/+6 |
| | |||||
* | machines/haku: remove unused services/attack vectors | Profpatsch | 2018-02-09 | 1 | -29/+11 |
| | |||||
* | machines/haku: Revert setting addSSL to true | aszlig | 2017-09-01 | 1 | -1/+0 |
| | | | | | | | | | | | | | This reverts commit 0cfbc3bcd4be9ba3798f1752f82f6ea2d3aba650. Since NixOS/nixpkgs@ae9d311565d8c790900ebbc0976e447034930112 the addSSL option is now mutually exclusive to forceSSL. Turns out that this actually was a bug that got introduced in NixOS/nixpkgs@a912a6a291eaa5f6a2ad9143c9e276779c357a41. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Cc: @Profpatsch | ||||
* | haku: add static vpn interface | Profpatsch | 2017-09-01 | 1 | -0/+8 |
| | |||||
* | machines/haku: add test mailinglist | Profpatsch | 2017-09-01 | 1 | -1/+1 |
| | |||||
* | machines/haku: Fix evaluation error for nginx | aszlig | 2017-08-19 | 1 | -0/+1 |
| | | | | | | | | In order to use forceSSL you now also need to use addSSL and there is an assertion now to check that since NixOS/nixpkgs@a912a6a291eaa5f6a2ad914. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Cc: @Profpatsch | ||||
* | machines/haku: forgot the firewall exception for searx | Profpatsch | 2017-07-10 | 1 | -1/+3 |
| | |||||
* | machines/haku: move searx from katara to haku | Profpatsch | 2017-07-10 | 1 | -0/+5 |
| | |||||
* | machines/haku: remove pub subdomain again | Profpatsch | 2017-07-08 | 1 | -8/+3 |
| | | | | | Apparently `enableACME` doesn’t generate certificates for the right subdomains if they are on the same machine in different virtual hosts. | ||||
* | machines/haku: add a pub subdomain | Profpatsch | 2017-07-08 | 1 | -3/+8 |
| | |||||
* | machines/haku: fix warpspeed service | Profpatsch | 2017-07-08 | 1 | -2/+2 |
| | |||||
* | machines/haku: add correct port number | Profpatsch | 2017-07-08 | 1 | -0/+2 |
| | |||||
* | machines/haku: refactor a bit to include into base server config | Profpatsch | 2017-07-08 | 1 | -2/+23 |
| | | | | | Until now, the config on the actual server was deviating because I changed it locally. | ||||
* | machines/profpatsch: factor out basic server config | Profpatsch | 2017-01-27 | 1 | -75/+60 |
| | |||||
* | machines.profpatsch: add haku | Profpatsch | 2017-01-25 | 1 | -0/+99 |