Commit graph

1634 commits

Author SHA1 Message Date
Simon Bruder 3816e6fc5d
authoritative-dns: Add renge, yuzuru to secondaries 2024-02-24 13:22:17 +01:00
Simon Bruder bb8152d772
vueko/mail: Add alias 2024-02-23 19:21:13 +01:00
Simon Bruder 06958ad544
vueko/mail: Remove alias 2024-02-23 19:21:12 +01:00
Simon Bruder 5375a858bd
Replace steam with flatpak
I am no longer willing to accept hours upon hours of debugging just to
get the client to work. I don’t get why they would ship a 32-bit GTK2
executable that uses CEF with its sandbox disabled in 2024. Obviously,
this makes debugging quite hard as things don’t work well, even when
they work. This leaves red herrings everywhere (“Is this segfault a
symptom of the issue I’m facing or is that also happening to other users
where it works fine?”).

Flatpak also seems to have quite good sandboxing features when Flatseal
is used for every application to take away any unnecessary permissions.
2024-02-23 19:21:11 +01:00
Simon Bruder ef2c667bfe
shinobu: Add NTP server
This also changes the firewall rules for the IoT network to no longer
accept connections to ntp.org pool hosts over 123/UDP. All clients
should use the local NTP server.
2024-02-15 13:39:42 +01:00
Simon Bruder 7f8859f85b
mailserver/postfix: Update copyright year
This was forgotten in c944812a68 and
242a2315be.
2024-02-15 13:10:42 +01:00
Simon Bruder c4a9d39a15
flake.lock: Update
Flake lock file updates:

• Updated input 'home-manager':
    'github:nix-community/home-manager/10cd9c53115061aa6a0a90aad0b0dde6a999cdb9' (2024-01-19)
  → 'github:nix-community/home-manager/652fda4ca6dafeb090943422c34ae9145787af37' (2024-02-03)
• Updated input 'home-manager-unstable':
    'github:nix-community/home-manager/6b28ab2d798c1c84e24053d95f4ee1dd9d81e2fb' (2024-01-24)
  → 'github:nix-community/home-manager/043ba285c6dc20f36441d48525402bcb9743c498' (2024-02-14)
• Updated input 'nix-pre-commit-hooks':
    'github:cachix/pre-commit-hooks.nix/f56597d53fd174f796b5a7d3ee0b494f9e2285cc' (2024-01-20)
  → 'github:cachix/pre-commit-hooks.nix/0db2e67ee49910adfa13010e7f012149660af7f0' (2024-02-07)
• Updated input 'nixos-hardware':
    'github:nixos/nixos-hardware/e756ff62c2e9db4f7c197bc1849a02024a7bfb2e' (2024-01-24)
  → 'github:nixos/nixos-hardware/f1b2f71c86a5b1941d20608db0b1e88a07d31303' (2024-02-13)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/d7f206b723e42edb09d9d753020a84b3061a79d8' (2024-01-22)
  → 'github:nixos/nixpkgs/01885a071465e223f8f68971f864b15829988504' (2024-02-13)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/612f97239e2cc474c13c9dafa0df378058c5ad8d' (2024-01-21)
  → 'github:nixos/nixpkgs/35ff7e87ee05199a8003f438ec11a174bcbd98ea' (2024-02-13)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/ae171b54e76ced88d506245249609f8c87305752' (2024-01-21)
  → 'github:Mic92/sops-nix/48afd3264ec52bee85231a7122612e2c5202fa74' (2024-02-13)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/a1982c92d8980a0114372973cbdfe0a307f1bdea' (2024-01-12)
  → 'github:NixOS/nixpkgs/d8cd80616c8800feec0cab64331d7c3d5a1a6d98' (2024-02-10)
2024-02-15 11:32:16 +01:00
Simon Bruder a5ae1bf7cd
contact-page: Update git hosters 2024-02-14 15:00:25 +01:00
Simon Bruder 74e5dd2639
Add license exceptions to readme 2024-02-14 14:54:46 +01:00
Simon Bruder badd33a312
vueko/mail: Add alias 2024-02-12 11:28:35 +01:00
Simon Bruder db24be0a69
vueko/mail: Add alias 2024-02-12 11:18:49 +01:00
Simon Bruder 0696d74877
vueko/mail: Add alias 2024-02-11 10:58:54 +01:00
Simon Bruder d645aca536
vueko/mail: Add alias 2024-02-09 11:55:45 +01:00
Simon Bruder 4752437cf5
vueko/mail: Add alias 2024-02-04 14:10:12 +01:00
Simon Bruder 242a2315be
mailserver: Disallow requesting DSN over SMTP
This still allows requesting a DSN over submission, so trusted clients
are not affected. It only affects sending DSN to other systems, which
now no longer takes place. This is done to avoid leaking rspamd
internals.
2024-02-03 01:15:17 +01:00
Simon Bruder c944812a68
mailserver: Extend Received header with TLS info 2024-02-03 00:12:05 +01:00
Simon Bruder 0e870e7188
vueko/mail: Add alias 2024-02-02 12:30:29 +01:00
Simon Bruder ef3939403a
yuzuru/static-sites: Add salespointframework
This had previously been hosted on a separate machine that was now
decommissioned.
2024-02-01 00:40:56 +01:00
Simon Bruder a2cf57ec47
vueko/mail: Drop aliases 2024-01-31 12:07:57 +01:00
Simon Bruder f454aafa20
vueko/mail: Drop aliases 2024-01-27 22:56:33 +01:00
Simon Bruder c5f3b172f3
vueko/mail: Add alias 2024-01-27 22:08:11 +01:00
Simon Bruder 7c4b4a5a9b
vueko/mail: Drop aliases 2024-01-27 22:06:25 +01:00
Simon Bruder 7c26753c04
vueko/mail: Add alias 2024-01-27 20:17:40 +01:00
Simon Bruder eecb609dab
vueko/mail: Drop aliases 2024-01-27 19:00:50 +01:00
Simon Bruder 9caef40c21
wkd: Init 2024-01-27 17:22:53 +01:00
Simon Bruder 0d9e100d01
Replace key for SOPS with minimal key
It was exported with
gpg --armor --export-options export-minimal --export KEYID
2024-01-27 11:10:49 +01:00
Simon Bruder a09967c1c4
pass: Enable browserpass for librewolf 2024-01-27 10:33:27 +01:00
Simon Bruder 4ff453a133
flake.lock: Update
Flake lock file updates:

• Updated input 'flake-utils':
    'github:numtide/flake-utils/4022d587cbbfd70fe950c1e2083a02621806a725' (2023-12-04)
  → 'github:numtide/flake-utils/1ef2e671c3b0c19053962c07dbda38332dcebf26' (2024-01-15)
• Updated input 'home-manager':
    'github:nix-community/home-manager/7e398b3d76bc1503171b1364c9d4a07ac06f3851' (2024-01-01)
  → 'github:nix-community/home-manager/10cd9c53115061aa6a0a90aad0b0dde6a999cdb9' (2024-01-19)
• Updated input 'home-manager-unstable':
    'github:nix-community/home-manager/6e91c5df192395753d8e6d55a0352109cb559790' (2024-01-01)
  → 'github:nix-community/home-manager/6b28ab2d798c1c84e24053d95f4ee1dd9d81e2fb' (2024-01-24)
• Updated input 'nix-pre-commit-hooks':
    'github:cachix/pre-commit-hooks.nix/9d3d7e18c6bc4473d7520200d4ddab12f8402d38' (2023-12-30)
  → 'github:cachix/pre-commit-hooks.nix/f56597d53fd174f796b5a7d3ee0b494f9e2285cc' (2024-01-20)
• Updated input 'nix-pre-commit-hooks/flake-compat':
    'github:edolstra/flake-compat/35bb57c0c8d8b62bbfd284272c928ceb64ddbde9' (2023-01-17)
  → 'github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33' (2023-10-04)
• Updated input 'nix-pre-commit-hooks/gitignore':
    'github:hercules-ci/gitignore.nix/a20de23b925fd8264fd7fad6454652e142fd7f73' (2022-08-14)
  → 'github:hercules-ci/gitignore.nix/43e1aa1308018f37118e34d3a9cb4f5e75dc11d5' (2023-12-29)
• Updated input 'nix-pre-commit-hooks/nixpkgs-stable':
    'github:NixOS/nixpkgs/c37ca420157f4abc31e26f436c1145f8951ff373' (2023-06-03)
  → 'github:NixOS/nixpkgs/3dc440faeee9e889fe2d1b4d25ad0f430d449356' (2024-01-10)
• Updated input 'nixos-hardware':
    'github:nixos/nixos-hardware/f752581d6723a10da7dfe843e917a3b5e4d8115a' (2024-01-01)
  → 'github:nixos/nixos-hardware/e756ff62c2e9db4f7c197bc1849a02024a7bfb2e' (2024-01-24)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/32f63574c85fbc80e4ba1fbb932cde9619bad25e' (2023-12-31)
  → 'github:nixos/nixpkgs/d7f206b723e42edb09d9d753020a84b3061a79d8' (2024-01-22)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/b0d36bd0a420ecee3bc916c91886caca87c894e9' (2023-12-30)
  → 'github:nixos/nixpkgs/612f97239e2cc474c13c9dafa0df378058c5ad8d' (2024-01-21)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/cfdbaf68d00bc2f9e071f17ae77be4b27ff72fa6' (2023-12-31)
  → 'github:Mic92/sops-nix/ae171b54e76ced88d506245249609f8c87305752' (2024-01-21)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/0aad9113182747452dbfc68b93c86e168811fa6c' (2023-12-30)
  → 'github:NixOS/nixpkgs/a1982c92d8980a0114372973cbdfe0a307f1bdea' (2024-01-12)
2024-01-24 13:26:28 +01:00
Simon Bruder f691f35fcf
Add 1 git-crypt collaborator
New collaborators:

	5885A031 Simon Bruder <simon@sbruder.de>
2024-01-23 23:02:13 +01:00
Simon Bruder 7631a93573
Simplify git-crypt key paths in dep5 2024-01-23 23:01:53 +01:00
Simon Bruder 35949934dd
gpg: Enable notifications for touch interaction 2024-01-23 22:31:06 +01:00
Simon Bruder ec150e5a6c
waybar: Add security key interaction notification 2024-01-22 17:32:04 +01:00
Simon Bruder 013511c1c9
sops: Switch to new PGP key 2024-01-22 17:32:02 +01:00
Simon Bruder a8201dbe9b
sops: Remove old renge 2024-01-22 17:32:01 +01:00
Simon Bruder 097457c451
sops: Fix hitagi’s name 2024-01-22 17:32:00 +01:00
Simon Bruder 5409755de9
Update contact page to include new PGP key 2024-01-22 17:31:58 +01:00
Simon Bruder e600e15141
nitrokey: Only enable on bare metal 2024-01-22 17:31:57 +01:00
Simon Bruder 04c7bc089f
nitrokey: Force learn keys from card on plug
This allows the signing key to be shared among multiple nitrokeys.
2024-01-22 17:31:56 +01:00
Simon Bruder 04a0a6e5ff
nitrokey: Fix module
For some reason, using the // atribute set merge operator does not work
here.
2024-01-22 17:31:54 +01:00
Simon Bruder 54218c7278
Use Nitrokey as PGP smartcard 2024-01-22 17:31:53 +01:00
Simon Bruder 2c35fc4ec0
gpg: Improve output format 2024-01-22 17:31:52 +01:00
Simon Bruder 226ce5035e
qbittorrent/exporter: Expose source code 2024-01-22 17:31:50 +01:00
Simon Bruder ab600a2b16
qbittorrent/exporter: Replace deprecated calls 2024-01-21 21:12:57 +01:00
Simon Bruder 10b8d432d5
Relicense
This applies the REUSE specification to the repository, so the licensing
information can be tracked for every file individually.
2024-01-13 14:39:22 +01:00
Simon Bruder 62dfb36bb8
vueko/mail: Add alias 2024-01-13 14:34:23 +01:00
Simon Bruder 513e0cf383
renge/sbruder.xyz: Make transparency files state 2024-01-10 21:42:34 +01:00
Simon Bruder d86ad02cee
zsh/pass-wrappers: Drop
I can’t remember using them.
2024-01-10 21:31:54 +01:00
Simon Bruder 73e99ec61b
qutebrowser: Drop
It had been nice while it lasted, but the general usability of LibreWolf
is better.
2024-01-10 21:31:54 +01:00
Simon Bruder da349a7113
nginx-iteractive-index: Reimplement humanFileSize
The previous implementation was copy-pasted from a source that did not
allow redistribution or sublicensing. Therefore, I reimplemented the
function myself.
2024-01-10 21:31:54 +01:00
Simon Bruder 9995ff511e
restic/system: Prune on renge
Because of fuuko’s very slow link, the prune had not been successful for
a whole quarter. Now that renge has more RAM, it can finally run the
prune without having to worry about OOM.
2024-01-10 21:27:42 +01:00