simon/nixos-config
simon/nixos-config
1
1
Fork 0
Code Issues 8 Pull requests Actions Projects Activity
1551 commits 18 branches 0 tags 8 MiB
Commit graph

585 commits

Author SHA1 Message Date
Simon Bruder 80fcaab244
nginx: Make recommended settings global 2023-12-16 10:19:20 +01:00
Simon Bruder 6b9e98fdd3
vueko/mail: Add alias 2023-12-12 12:46:09 +01:00
Simon Bruder 8e1b76e663
renge/forgejo: Migrate from gitea 2023-12-10 15:36:11 +01:00
Simon Bruder 496f0debf6
vueko/mail: Add alias 2023-12-10 14:28:22 +01:00
Simon Bruder 32f4c05be2
vueko/mail: Add alias 2023-12-03 12:27:16 +01:00
Simon Bruder 300c9c5531
vueko/mail: Add alias 2023-12-03 11:51:05 +01:00
Simon Bruder ba843ac8c0
Upgrade to 23.11 
Flake lock file updates:

• Updated input 'bang-evaluator':
    'git+https://git.sbruder.de/simon/bangs?ref=refs/heads/master&rev=7fc3d5019c907566abbad8f84ba9555a5786bd01' (2021-08-01)
  → 'git+https://git.sbruder.de/simon/bangs?ref=refs/heads/master&rev=a06c68c44862f74757a203e2df41ea83c33722d9' (2023-12-02)
• Updated input 'home-manager':
    'github:nix-community/home-manager/04bac349d585c9df38d78e0285b780a140dc74a4' (2023-11-12)
  → 'github:nix-community/home-manager/aeb2232d7a32530d3448318790534d196bf9427a' (2023-11-24)
• Updated input 'home-manager-unstable':
    'github:nix-community/home-manager/9a4725afa67db35cdf7be89f30527d745194cafa' (2023-11-19)
  → 'github:nix-community/home-manager/4a8545f5e737a6338814a4676dc8e18c7f43fc57' (2023-12-01)
• Updated input 'nix-pre-commit-hooks':
    'github:cachix/pre-commit-hooks.nix/e558068cba67b23b4fbc5537173dbb43748a17e8' (2023-11-15)
  → 'github:cachix/pre-commit-hooks.nix/e5ee5c5f3844550c01d2131096c7271cec5e9b78' (2023-11-25)
• Updated input 'nixos-hardware':
    'github:nixos/nixos-hardware/1721da31f9b30cbf4460c4ec5068b3b6174a4694' (2023-11-18)
  → 'github:nixos/nixos-hardware/8772491ed75f150f02552c60694e1beff9f46013' (2023-11-29)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/9fb122519e9cd465d532f736a98c1e1eb541ef6f' (2023-11-16)
  → 'github:nixos/nixpkgs/5de0b32be6e85dc1a9404c75131316e4ffbc634c' (2023-12-01)
• Updated input 'nixpkgs-overlay':
    'git+https://git.sbruder.de/simon/nixpkgs-overlay?ref=refs/heads/master&rev=c8a17806a75733dec2ecdd8f0021c70d1f9dfc43' (2023-10-04)
  → 'git+https://git.sbruder.de/simon/nixpkgs-overlay?ref=refs/heads/master&rev=37f80d1593ab856372cc0da199f49565f3b05c71' (2023-12-02)
• Updated input 'nixpkgs-overlay/poetry2nix':
    'github:nix-community/poetry2nix/093383b3d7fdd36846a7d84e128ca11865800538' (2023-09-22)
  → 'github:nix-community/poetry2nix/7acb78166a659d6afe9b043bb6fe5cb5e86bb75e' (2023-12-01)
• Updated input 'nixpkgs-overlay/poetry2nix/nix-github-actions':
    'github:nix-community/nix-github-actions/165b1650b753316aa7f1787f3005a8d2da0f5301' (2023-07-09)
  → 'github:nix-community/nix-github-actions/4bb5e752616262457bc7ca5882192a564c0472d2' (2023-11-03)
• Added input 'nixpkgs-overlay/poetry2nix/systems':
    'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09)
• Added input 'nixpkgs-overlay/poetry2nix/treefmt-nix':
    'github:numtide/treefmt-nix/e82f32aa7f06bbbd56d7b12186d555223dc399d1' (2023-11-12)
• Added input 'nixpkgs-overlay/poetry2nix/treefmt-nix/nixpkgs':
    follows 'nixpkgs-overlay/poetry2nix/nixpkgs'
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/c757e9bd77b16ca2e03c89bf8bc9ecb28e0c06ad' (2023-11-17)
  → 'github:nixos/nixpkgs/e92039b55bcd58469325ded85d4f58dd5a4eaf58' (2023-11-29)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/49a87c6c827ccd21c225531e30745a9a6464775c' (2023-11-19)
  → 'github:Mic92/sops-nix/e19071f9958c8da4f4347d3d78790d97e98ba22f' (2023-12-02)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/decdf666c833a325cb4417041a90681499e06a41' (2023-11-18)
  → 'github:NixOS/nixpkgs/dfb95385d21475da10b63da74ae96d89ab352431' (2023-11-25)
 2023-12-02 18:54:42 +01:00
Simon Bruder e5d32e1607
vueko/mail: Add alias 2023-11-27 22:42:40 +01:00
Simon Bruder f581f20cb3
okarin/static-sites: Add arbeitskampf.work 2023-11-27 21:25:08 +01:00
Simon Bruder f39ce20c60
static-webserver: Init 
This module makes it easier to configure static websites.
 2023-11-25 12:36:23 +01:00
Simon Bruder 27a209c1d5
vueko/mail: Add domain 2023-11-15 23:42:58 +01:00
Simon Bruder 74ae72d161
vueko/mail: Remove alias 2023-11-04 13:59:24 +01:00
Simon Bruder 0055de1c26
shinobu/snmp-exporter: Init 2023-11-04 13:57:59 +01:00
Simon Bruder 4f536a00d2
Switch home domain to shinonome-lab.de 
When having DNSSEC activated (as it is the case on sbruder.de), dnsmasq
interfering in queries for hosts on the LAN often causes problems.

This domain is specifically for the case of not having DNSSEC on it.
 2023-10-27 23:54:56 +02:00
Simon Bruder c705221f71
okarin/maggus.bayern: Init 2023-10-26 14:05:53 +02:00
Simon Bruder af1d41ffda
dns: Add prometheus exporter 2023-10-26 01:18:17 +02:00
Simon Bruder 7a7d38c2f0
shinobu/router: Fix nft set for ntp 
Appartently, the family is not optional.
 2023-10-24 21:36:40 +02:00
Simon Bruder db5929adec
hitagi: Emulate aarch64-linux binaries 2023-10-22 14:11:02 +02:00
Simon Bruder c49bf4514b
vueko/mail: Add alias 2023-10-22 14:00:47 +02:00
Simon Bruder f3c69fcc45
vueko/mail: Add alias 2023-10-22 14:00:47 +02:00
Simon Bruder 75cfab8d8e
vueko/mail: Add alias 2023-10-22 14:00:47 +02:00
Simon Bruder a6e9959d12
vueko/mail: Add alias 2023-10-22 14:00:47 +02:00
Simon Bruder 27a96649f8
vueko/mail: Add alias 2023-10-22 14:00:47 +02:00
Simon Bruder 315cc1b50c
shinobu/router: Dynamically allow ntp for iot 2023-10-22 14:00:47 +02:00
Simon Bruder 3f9e9e15e9
shinobu/router: Disable hostapd 
The wireless card only supports one AP, so I switched to an OpenWRT
stanadlone AP.
 2023-10-22 14:00:47 +02:00
Simon Bruder ef62aac941
shinobu/router: Add qdisc for guest network 2023-10-22 14:00:47 +02:00
Simon Bruder 4611e12772
shinobu/router: Add network segmentation 2023-10-22 14:00:42 +02:00
Simon Bruder 1740570d00
shinobu/router: Use callPackage for common 2023-10-18 20:04:04 +02:00
Simon Bruder 19da5e13b9
shinobu/router/tc: Properly use hex for identifiers 2023-10-18 20:01:57 +02:00
Simon Bruder 8311a2c906
vueko/mail: Add alias 2023-10-13 21:25:06 +02:00
Simon Bruder a884f11f69
renge/gitea: Switch to manual user confirmation 
There was too much spam registration going on.
 2023-10-13 20:23:54 +02:00
Simon Bruder ace6f449c3
renge/gitea: Don’t allow creating org by default 2023-10-08 21:36:33 +02:00
Simon Bruder 816004e80b
restic: Use QoS instead of uploadLimit 
This implements a crude mechanism for signalling my router to add the
packets to its own qdisc.

The way in which this is implemented with nftables is hacky because of
NixOS’ limitations on build-time checking (which obviously can’t know
about the existence of cgroups on the target).
 2023-10-07 22:49:47 +02:00
Simon Bruder afc9013506
shinobu/router: Implement QoS using HTB 
This is an initial implementation and probably still needs tuning.
 2023-10-07 22:49:26 +02:00
Simon Bruder 4eeae2c1b5
vueko/mail: Add alias 2023-10-07 01:18:48 +02:00
Simon Bruder 7b836dd65b
Drastically lower restic upload limit 
Welcome in the year 2023, where it apparently is acceptable to offer
internet connectivity with not even 5 Mbit/s upload speed.
 2023-10-04 23:42:00 +02:00
Simon Bruder 16c0472bb0
nazuna: Enable torrent 2023-10-04 23:19:44 +02:00
Simon Bruder 7fc8a4694c
nazuna: Init 2023-10-04 23:19:44 +02:00
Simon Bruder 70ee0e1d59
vueko/mail: Add alias 2023-10-04 23:19:44 +02:00
Simon Bruder b79a088479
vueko/mail: Add alias 2023-10-04 23:19:44 +02:00
Simon Bruder 3d880316de
shinobu/router: Disable wg-upstream 
This only complicates many things and creates too much overhead on such
a slow connection.
 2023-10-04 23:19:44 +02:00
Simon Bruder 642fea6b8e
shinobu/router: Route select protocols directly 2023-10-04 23:19:44 +02:00
Simon Bruder 7a7b385b44
shinobu/router: Change nft variable source 2023-10-04 23:19:44 +02:00
Simon Bruder 8ecf4ecbfd
shinobu/router: Split configuration 2023-10-04 23:19:43 +02:00
Simon Bruder c0ab0c6977
vueko/mail: Add alias 2023-09-22 22:37:49 +02:00
Simon Bruder 257b000e24
shinobu/router: Add ethtool 2023-09-21 21:11:22 +02:00
Simon Bruder 8a1724fe43
shinobu/router: Clean up nftables rules 2023-09-21 12:59:12 +02:00
Simon Bruder 9c42cb0903
shinobu/router: Fix VPN bypass 
This now actually works and I have a better understanding of nftables.
Some of my learnings are documented as comments in the rules.
 2023-09-21 12:56:36 +02:00
Simon Bruder caac620ea6
shinobu/router: Add tracing infrastructure 2023-09-21 12:44:27 +02:00
Simon Bruder 1c24743911
shinobu/router: Fix naming of subnets in rules 
This has no practical effect, but did cause confusion.
 2023-09-21 11:31:00 +02:00