Commit graph

127 commits

Author SHA1 Message Date
b5a6498620
Fix mailserver service + sops config. 2023-09-10 15:22:33 +02:00
483c5d3f39
Modularize desktop service and remove desktop.wms from machine opts. 2023-09-09 22:50:25 +02:00
e6efbd736d
Remove mailserver submodule (will be replaced by flake). 2023-09-09 21:32:25 +02:00
b2da82bff1
Move fn functions to system specialArgs. 2023-08-28 21:52:46 +02:00
4c79467426
Nixify i3 config. 2023-08-26 08:52:11 +02:00
a619bea0fc
Allow users in the video group to change the screen brightness. 2023-08-26 08:04:11 +02:00
41b0efb12d
Add cntr package if container service is enabled. 2023-08-18 11:49:46 +02:00
89f85e9ff2
sub-uid/gid are only needed for podman; improve readability 2023-06-14 21:55:43 +02:00
e821fed3ff
Add podman service. 2023-06-07 02:19:22 +02:00
315f401d5f
Remove nspawn service. 2023-02-05 21:53:19 +01:00
4db219c279
Update gitea service confit to match new names. 2023-01-29 16:23:53 +01:00
dccbaf1d7c
Update Nextcloud service configuration. 2023-01-29 16:23:26 +01:00
446abd5231
Update openssh config to follow renames. 2023-01-29 16:22:24 +01:00
94589735dc
Add bind service. 2023-01-29 14:39:14 +01:00
f344ca1772
Update docker service configuration. 2023-01-29 14:38:08 +01:00
460da50ab8
Add mullvad service wrapper. 2023-01-29 14:37:05 +01:00
87805fc244
Switch python version to python310. 2023-01-29 14:31:48 +01:00
dbab1abbac
Gvfs is now set in upstream. 2023-01-29 14:16:25 +01:00
47500b78e3
Add new machine Marid. 2021-11-25 22:03:04 +01:00
4305b3f653
Nspawn containers use host network for now. 2021-10-28 15:18:03 +02:00
7a3b464306
Update i3 config. 2021-10-28 15:03:55 +02:00
d6641e36c0
Libinput options have been renamed. 2021-10-28 09:50:49 +02:00
5f4edfeb2a
Move gitpkgs into pkg overrides. 2021-10-28 09:46:12 +02:00
528fec2f0d
NixOS 20.09 Changes. 2020-11-23 23:07:42 +01:00
c543303ab9
Auto import files instead of maintaining file list. 2020-03-29 09:10:14 +02:00
8dd3071c89
fail2ban: Fix some broken jails (socket based sshd is still broken). 2020-03-27 13:41:34 +01:00
ff5de0a30e
python3: Update to python38. 2020-03-27 13:41:34 +01:00
6379225731
LetsEncrypt acme now requires an email and accepting their TOS. 2020-03-11 02:35:56 +01:00
8511968173
Adapt to unstable option name changes. 2020-02-13 19:53:47 +01:00
5326d689fc
Updated mailserver submodule. (v2.3.0) 2020-01-30 15:12:28 +01:00
3791e05369
nix-serve: run process with hydra user. 2019-12-27 12:28:27 +01:00
249cb634aa
Fix indentation. 2019-12-26 00:53:42 +01:00
92cd95d6ce
mysql: Use ensure* options, split definition up into service files.
note/reason for split: nixos submodule option names aren't standardized...
2019-12-20 08:48:37 +01:00
627a45c070
Fix breakage after switching back from git to unstable channel. 2019-12-18 09:49:39 +01:00
345c054448 nix-serve should no longer use the default store. Move binaryCaches into the machine submodule. 2019-12-14 07:50:59 +01:00
c57540c959 Use official nixos-mailserver repo and update to latest commit. 2019-11-20 10:09:34 +01:00
c33b4517a7 Reworked pkgsets implementation again, still not really what I want yet. 2019-10-24 12:06:04 +02:00
535a8079e6 Remove hardcoded nextcloud admin username. 2019-10-09 15:13:13 +02:00
bc22db3e1b Add suppport for multiple Domains. 2019-10-08 14:44:14 +02:00
a4fde6972f Get domain url from machine.vHost config (except for cache).
Add turn server option to nextcloud (untested).
2019-10-07 03:23:00 +02:00
ce2c259059 Nginx 19.09 Changes. 2019-10-06 18:30:47 +02:00
8606d37717 Lilim is dead. Long live Lilim! 2019-09-30 19:44:00 +02:00
dc55eea98a Option name changes. 2019-09-23 23:33:22 +02:00
5c081e2797 Inherit nextcloud vHost config from module. 2019-09-09 05:19:51 +02:00
29c876ce83 Fix fail2ban issues. 2019-09-09 05:19:19 +02:00
94e969abd9 Code cleanup. 2019-09-06 11:40:22 +02:00
9b6cea1696 UsePrivilegeSeparation is deprecated since openssh 7.5 (option is now enforced by default). 2019-09-06 11:40:22 +02:00
fd14a260c0 Make secret path configurable (mainly for container support).
'/secret/hostName' is still required.
2019-08-28 15:56:19 +02:00
7d70e000ce Add alias to mail accounts.
Automatically add fqdn as mail alias.
2019-08-28 00:33:00 +02:00
a80b06b881 Updated mailserver submodule. 2019-08-27 18:50:18 +02:00
51e986da9c Generate mail accounts from a user list. 2019-08-27 18:05:42 +02:00
61f88e73ef Fixed initial databases if not enabled. 2019-08-27 18:05:42 +02:00
d9ecea0a17 Integrate mailman3 service into my existing configuration. 2019-08-04 04:20:00 +02:00
1c62f3201e Modularized nginx config. 2019-08-04 03:54:58 +02:00
ed892d1fb8 Automatically add administrative users to openssh's AllowUsers list. 2019-06-26 00:33:04 +02:00
2c00cc5b9b Add multitouch. 2019-06-23 01:17:18 +02:00
fa3aaf31a5 Update udev rules to use NixOS's steam-hardware option. 2019-06-22 20:38:52 +02:00
5fb2b1e069 Updated mailserver submodule. 2019-05-09 19:55:59 +02:00
0ddcaf4085 Clean up in accordance with unofficial nix-linter. 2019-05-09 18:28:40 +02:00
dc0c983517 i3 config already set in desktop/i3.nix; updated package sets; fixed faulty udev line. 2019-05-08 19:32:00 +02:00
6c744f089e xserver.nix is now desktop.nix; WM's can now be added/removed through machine options. Added sway and some fonts. 2019-05-04 13:47:21 +02:00
097981466e Replaced 'builtins.readFile' with 'lib.fileContents'. 2019-04-14 18:35:37 +02:00
87e725740e Merge remote-tracking branch 'origin/master' 2019-04-11 23:45:26 +02:00
bd87853b1f Added webblog option to nginx blog vhost. 2019-04-11 23:45:09 +02:00
61e2f5b6ce Manually applied 415b927 from nixpkgs to nginx config. Changed mail vhost back to previous setting (as it otherwise fails when the mailserver service is not enabled). 2019-04-11 22:58:05 +02:00
3ea4cf2954 Changed shell color for Ophanim. Fixed nix-serve. Improved nginx security. 2019-04-03 00:06:08 +02:00
782cd1efae Binary Cache should almost work now. Switched to older Kernel on Lilim. 2019-03-27 13:48:09 +01:00
f6aed0e2a1 Removed nonexistent option fron openssh config. Whitelist localhost in fail2ban. 2019-03-25 01:41:26 +01:00
31aa2297a4 Port options in nginx configuration need to strings. 2019-03-25 00:55:34 +01:00
e745bdea3d More nginx config dehardcoding. Did some sshd hardening. 2019-03-24 22:55:17 +01:00
66ca5839e5 Added domain option. Maybe fixed binary cache signing. 2019-03-23 02:50:48 +01:00
63e40a5a29 Updated nginx config; added missing mkIf; added fail2ban to Ophanim's services list. 2019-03-20 04:37:00 +01:00
14332b2c7b Modularized configuration now kind of works. (still need to do some refactoring) 2019-03-20 02:57:59 +01:00
a0f361425a Started work on modularized machine config, does not quite work yet. Changed Ophanim's kernel to hardened. 2019-03-17 11:43:14 +01:00
2efae4f888 Hydra kind of works now. Switched to nixos nextcloud module. Renamed some stuff and added kdeconnect firewall rules. Added gvfs modules environmen variable. 2019-03-04 10:35:50 +01:00
764f126524 Added mailserver submodule; OpenSSH now logs sftp access. 2019-02-26 14:10:58 +01:00
9003080a64 Fresh repo without sensitive data. 2019-02-26 13:44:40 +01:00