simon
/
nixos-config
1
1
Fork 0
Code Issues 8 Pull Requests Projects Releases Activity
800 Commits
16 Branches
0 Tags
6.8 MiB
Commit Graph

229 Commits (43067ad796bdc0afebfdf3bc881231c2892b9b6d)

Author SHA1 Message Date
Simon Bruder f4bf1ced57
yuzuru: Init 2021-11-01 10:10:40 +01:00
Simon Bruder b1f4b8b4b5
Add option to mark host as untrusted 
This can be used to deploy a host that does not have access to the main
sops secrets file, e.g. because it does not have an encrypted root
partition.
 2021-11-01 10:08:23 +01:00
Simon Bruder 718e44402f
fuuko: Add factorio 2021-10-15 15:54:48 +02:00
Simon Bruder ee390f869d
Revert "nix: Fix nix not working with local LFS repositories" 
This reverts commit 050359f8ee.
 2021-10-12 20:45:21 +02:00
Simon Bruder 0ff89a0f6f
gui: Add upower 2021-10-10 16:32:03 +02:00
Simon Bruder ec0a8dfa49
ssh: Add mayushii’ public host key 2021-10-10 11:43:04 +02:00
Simon Bruder d52084a79b
nunotaba: Remove 2021-10-10 11:40:20 +02:00
Simon Bruder d44db0d505
network-manager: Add networkmanagerapplet 
This includes nm-connection-editor, which is needed to set up WPA2
enterprise connections.
 2021-10-07 12:35:30 +02:00
Simon Bruder 31cec022e8
Revert "wireguard/home: Use peer-to-peer connections if possible" 
This reverts commit bab6c5e5dc.
 2021-10-05 21:37:38 +02:00
Simon Bruder 7a08083af1
Revert "wireguard/home: Fix peer-to-peer connection" 
This reverts commit d621e84a00.
 2021-10-05 21:31:37 +02:00
Simon Bruder 8bf63db6e5
mayushii: Init 2021-10-05 21:26:39 +02:00
Simon Bruder ae8effee39
games: Add steam-sandbox 2021-10-04 16:57:10 +02:00
Simon Bruder 050359f8ee
nix: Fix nix not working with local LFS repositories 2021-09-25 17:17:49 +02:00
Simon Bruder 9190c83c97
Fix ntfs support 2021-09-10 18:01:52 +02:00
Simon Bruder 7db9922dc2
nginx: Disable access log by default 2021-09-08 01:12:56 +02:00
Simon Bruder d621e84a00
wireguard/home: Fix peer-to-peer connection 
Public clients also need to have all peers configured, so they can
connect to them.
 2021-09-03 15:31:45 +02:00
Simon Bruder bab6c5e5dc
wireguard/home: Use peer-to-peer connections if possible 2021-08-31 11:20:06 +02:00
Simon Bruder 0d9ec3383e
nginx-interactive-index: Make .. work again 
This fixes a regression introduced in
77eab2497a, which moved the heading into a
thead and the file listing into a tbody. Therefore, the .. entry is now
the first entry and has been excluded by the rule that previously
excluded the header.
 2021-08-30 22:11:00 +02:00
Simon Bruder ccc0d60d71
nginx-interactive-index: Implement stripes in javascript 
This shows stripes correctly even after a filter has been entered.
Previously the absolute position (before filtering) has been used to
determine the row colour, which looked weird.
 2021-08-29 14:14:07 +02:00
Simon Bruder 77eab2497a
nginx-interactive-index: Only apply stripes to body 2021-08-29 14:13:35 +02:00
Simon Bruder f6d9bf82db
mullvad: Update relays 2021-08-29 12:32:50 +02:00
Simon Bruder 29f0a5017f
programs: Move virt-manager to user profile 2021-08-28 11:24:51 +02:00
Simon Bruder 15fdc8756a
pipewire: Disable hardware volume for HD 4.50BTNC 2021-08-21 15:47:17 +02:00
Simon Bruder 49aa48366a
games: Move to separate module 2021-08-06 18:55:10 +02:00
Simon Bruder 821a352c49
Annotate multiline strings with their language 2021-08-05 13:23:07 +02:00
Simon Bruder 6ac026a535
Enable fwupd on full systems 2021-08-04 16:52:11 +02:00
Simon Bruder 8b9eb54806
games: Conditionally add emulators 
This uses a crude arbitrary number to only install them onto machines
that can actually run them.
 2021-07-26 20:44:46 +02:00
Simon Bruder 11f7ac50ca
Set geographical location system-wide 2021-07-25 08:36:19 +02:00
Simon Bruder 6006e2cb46
nix: Add cached-nix-shell 2021-07-11 10:43:43 +02:00
Simon Bruder f546f737fe
sway: Enable screencasts via xdg-desktop-portal-wlr 
This also adds a blinking indicator to the status bar so it is obvious
when the screen is shared.
 2021-07-10 16:27:26 +02:00
Simon Bruder 7959abe5f0
pipewire: Init and replace pulseaudio 2021-07-10 12:44:09 +02:00
Simon Bruder 12e24d0761
cups: Add elma 2021-07-07 18:25:14 +02:00
Simon Bruder 298ef93ed5
cups: Remove broken printers 2021-07-04 20:54:09 +02:00
Simon Bruder 8259b1455f
mulvad: Do not unlock pass when disabling tunnel 2021-06-01 11:37:59 +02:00
Simon Bruder c0efaa02ba
mullvad: Move script into system module 
It doesn’t make sense to install the configuration files system-wide but
the script only for the user.
 2021-06-01 10:29:58 +02:00
Simon Bruder 56b9c6c37f
Add module for on-demand usage of mullvad 
Since wg-quick does not require the configuration file to include a
private key and local addresses, they can be added after the execution
of wg-quick.

Fixes #32.
 2021-05-31 23:02:11 +02:00
Simon Bruder de3f8f8909
restic: Make restic prune regularily on fuuko 
Closes #41.
 2021-05-28 15:01:06 +02:00
Simon Bruder e9dc4601ad
restic: Do not initialise the repository 
It already is initialised, and NixOS’ initialisation always prints all
existing snapshots to the journal which makes it almost impossible to
find the logs from the regular backup.
 2021-05-28 15:01:06 +02:00
Simon Bruder 9025dfffb5
wireguard/dns: Make zone master zone 
Since 21.05 it does not work when this is not set.
 2021-05-28 14:24:50 +02:00
Simon Bruder 7450828b63
fonts: Do not enable X11 fonts dir 2021-05-27 18:07:00 +02:00
Simon Bruder ea45b45c60
restic: Fix restic-auth script 
Since I migrated to sops, the password store structure changed.
 2021-05-27 14:38:33 +02:00
Simon Bruder 2c8a291ae9
Make flake inputs available as module argument 
This moves a bunch of stuff out of flake.nix into the modules they
belong to. This removes complexity from flake.nix and gives the project
a more organised structure.

Sadly, it is not possible to import modules from a flake outside of
flake.nix, since that leads to an infinite recursion (`config` has to be
evaluated before `config._modules.args.inputs` is available but `config`
depends on an import from `config._modules.args.inputs`). Therefore, the
`extraModules` argument in `machines/default.nix` has to be used for
that (it now has access to all flake inputs).
 2021-05-15 10:04:44 +02:00
Simon Bruder 400b55a293
Convert to flake 
Fixes #3.
 2021-05-01 17:36:58 +02:00
Simon Bruder af036e88db
nix: Enable flake support 2021-05-01 17:08:21 +02:00
Simon Bruder 5b5bf546b3
wireguard: Simplify sopsFile path 2021-05-01 16:53:06 +02:00
Simon Bruder 8a339c51a2
Show system closure diff on activation 2021-04-25 09:50:03 +02:00
Simon Bruder feb82fca2e
nix: Make netrc readable by wheel group 
This also splits the nix configuration from the default module into its
own file.
 2021-04-09 11:34:49 +02:00
Simon Bruder 8d9e3af211
Add binary cache hosted on fuuko 
See machines/fuuko/services/binary-cache.nix for limitations.
 2021-04-08 16:19:57 +02:00
Simon Bruder 07d4260b95
nix: Use daemonNiceLevel instead of CPUSchedulingPolicy 2021-04-08 15:42:49 +02:00
Simon Bruder 4a8a7e0a4f
Use sops for secrets 
Since I currently do not have access to sayuri, sayuri’s migration is
not done yet. The host keys and wg-home-private-key secret still have to
be added.
 2021-04-06 14:05:48 +02:00