Simon Bruder
2a5da89f53
Do not enable fwupd on virtual machines
...
It only uses up resources on those hosts but serves no purpose.
2024-01-01 16:11:28 +01:00
Simon Bruder
0318ca56f9
Use gpg-agent as ssh agent
2023-12-20 23:55:42 +01:00
Simon Bruder
9107ce034c
nitrokey: Init
2023-12-20 16:53:42 +01:00
Simon Bruder
f39ce20c60
static-webserver: Init
...
This module makes it easier to configure static websites.
2023-11-25 12:36:23 +01:00
Simon Bruder
8519bada60
authoritative-dns: Init
2023-10-25 21:16:43 +02:00
Simon Bruder
bb5937c686
vnstat: Use UTC in database
2023-10-15 17:07:16 +02:00
Simon Bruder
91eb90e9c3
Enable nftables by default
2023-10-07 13:50:18 +02:00
Simon Bruder
09a9037f1c
Revert "Disable systemd-resolved"
...
This reverts commit 38f815ecf1fa188d0a5a389f73bcd01177f9687c.
2023-09-12 15:00:51 +02:00
Simon Bruder
fcbd6806b9
Disable systemd-resolved
...
It always breaks things, makes debugging harder and in general does not
seem to make anything better.
2023-09-12 15:00:50 +02:00
Simon Bruder
5b39654159
mailserver: Separate into multiple files
2023-06-02 08:26:57 +02:00
Simon Bruder
1ec8a58921
Rename boot.cleanTmpDir
2023-06-01 19:54:22 +02:00
Simon Bruder
2f3d5c8b6b
Remove usage of nixFlakes
2023-06-01 19:54:22 +02:00
Simon Bruder
02a77c5cb2
resolved: Don’t cache negative results
2023-04-16 11:16:47 +02:00
Simon Bruder
91e739c91b
Fix resolving local names with resolved
2023-04-11 11:33:17 +02:00
Simon Bruder
d0ab2e1d47
Use better fallback resolvers for resolved
2023-04-07 14:36:01 +02:00
Simon Bruder
049dfd4be8
fancontrol: Init
2023-01-22 16:34:52 +01:00
Simon Bruder
a445953d46
Adapt locale configuration to new NixOS defaults
2022-12-10 14:51:07 +01:00
Simon Bruder
0bbe240018
tmux: Configure system-wide
...
This is useful on systems that are only accessed as root (e.g.,
servers).
2022-08-25 14:49:22 +02:00
Simon Bruder
8091bae559
ausweisapp: Init
2022-07-24 18:06:54 +02:00
Simon Bruder
a68420ca69
Sort modules includes
2022-07-08 11:51:04 +02:00
Simon Bruder
22d017999f
syncthing: Init
2022-07-08 11:51:04 +02:00
Simon Bruder
d177dcc710
Allow users to set set allow_other for fuse mounts
2022-06-15 00:45:51 +02:00
Simon Bruder
0bb4f4204d
Use new option for ACME email address
2022-05-31 15:04:53 +02:00
Simon Bruder
4712cd20be
media-mount: Init
2022-05-14 17:50:11 +02:00
Simon Bruder
606b203205
zsh: Globally set histsize to 100000
...
Otherwise this occasionally deletes my user’s history if the user config
is not fully loaded yet.
2022-04-28 09:32:03 +02:00
Simon Bruder
da56357ad8
zsh: Disable globbing of # globally
...
Otherwise using nix shell et al. as root is a pain.
2022-03-26 12:37:11 +01:00
Simon Bruder
faa84c574d
qbittorrent: Init module
2022-03-18 22:14:09 +01:00
Simon Bruder
175b5e1ef1
logitech: Init
2022-02-09 07:24:23 +01:00
Simon Bruder
cc8727fa80
Use nixFlakes instead of nixUnstable
2021-12-01 18:32:51 +01:00
Simon Bruder
b1f4b8b4b5
Add option to mark host as untrusted
...
This can be used to deploy a host that does not have access to the main
sops secrets file, e.g. because it does not have an encrypted root
partition.
2021-11-01 10:08:23 +01:00
Simon Bruder
9190c83c97
Fix ntfs support
2021-09-10 18:01:52 +02:00
Simon Bruder
29f0a5017f
programs: Move virt-manager to user profile
2021-08-28 11:24:51 +02:00
Simon Bruder
49aa48366a
games: Move to separate module
2021-08-06 18:55:10 +02:00
Simon Bruder
6ac026a535
Enable fwupd on full systems
2021-08-04 16:52:11 +02:00
Simon Bruder
8b9eb54806
games: Conditionally add emulators
...
This uses a crude arbitrary number to only install them onto machines
that can actually run them.
2021-07-26 20:44:46 +02:00
Simon Bruder
7959abe5f0
pipewire: Init and replace pulseaudio
2021-07-10 12:44:09 +02:00
Simon Bruder
56b9c6c37f
Add module for on-demand usage of mullvad
...
Since wg-quick does not require the configuration file to include a
private key and local addresses, they can be added after the execution
of wg-quick.
Fixes #32 .
2021-05-31 23:02:11 +02:00
Simon Bruder
400b55a293
Convert to flake
...
Fixes #3 .
2021-05-01 17:36:58 +02:00
Simon Bruder
8a339c51a2
Show system closure diff on activation
2021-04-25 09:50:03 +02:00
Simon Bruder
feb82fca2e
nix: Make netrc readable by wheel group
...
This also splits the nix configuration from the default module into its
own file.
2021-04-09 11:34:49 +02:00
Simon Bruder
8d9e3af211
Add binary cache hosted on fuuko
...
See machines/fuuko/services/binary-cache.nix for limitations.
2021-04-08 16:19:57 +02:00
Simon Bruder
07d4260b95
nix: Use daemonNiceLevel instead of CPUSchedulingPolicy
2021-04-08 15:42:49 +02:00
Simon Bruder
4a8a7e0a4f
Use sops for secrets
...
Since I currently do not have access to sayuri, sayuri’s migration is
not done yet. The host keys and wg-home-private-key secret still have to
be added.
2021-04-06 14:05:48 +02:00
Simon Bruder
e94c72e42e
Add open ports for quick tests
2021-03-29 22:26:10 +02:00
Simon Bruder
a7ad88a5ec
Include unstable channel as overlay
...
This allows nix cli tools to access unstable from niv’s pinned rev
(instead of having to rely on uncached and unpinned
channel:nixos-unstable). Also packageOverrides might get
deprecated/removed[1] eventually.
[1]: https://github.com/NixOS/nixpkgs/issues/43266
2021-03-29 12:03:58 +02:00
Simon Bruder
270f20d05b
Add nginx hardening option
2021-03-05 15:58:53 +01:00
Simon Bruder
83f1c69713
restic/system: Constantly use system for naming
...
In the future I may create add other backup jobs, so it should be clear,
that this only backs up the system.
2021-02-28 12:22:43 +01:00
Simon Bruder
e0ef586e5e
nginx-interactive-index: Init
2021-02-18 12:10:03 +01:00
Simon Bruder
eb97e936ed
zsh: Use grml config system wide
2021-02-14 13:29:51 +01:00
Simon Bruder
15cdd42845
Remove global swapiness
...
All machines should either import <nixpkgs-hardware/common/pc/hdd> or
<nixpkgs-hardware/common/pc/ssd> if they have swap.
2021-02-08 23:20:31 +01:00