Simon Bruder
1a7ef37376
home: Use nixosConfig instead of inheriting options
2021-02-12 21:12:03 +01:00
Simon Bruder
474cc7d0f7
sayuri: Disable docker
2021-02-11 14:11:30 +01:00
Simon Bruder
8689ace70d
Update sources
2021-02-11 13:13:16 +01:00
Simon Bruder
3fc9846bf7
vueko: resolved: Disable dnssec
2021-02-10 14:22:00 +01:00
Simon Bruder
3ba514c502
vueko: Add readme
2021-02-09 13:38:32 +01:00
Simon Bruder
15cdd42845
Remove global swapiness
...
All machines should either import <nixpkgs-hardware/common/pc/hdd> or
<nixpkgs-hardware/common/pc/ssd> if they have swap.
2021-02-08 23:20:31 +01:00
Simon Bruder
29c6d37142
Remove journald extra configuration
...
Since `Storage=persistent` is the default in NixOS, it is not needed.
2021-02-08 23:19:02 +01:00
Simon Bruder
8c92c1b792
youtube-dl: Add
2021-02-08 20:40:54 +01:00
Simon Bruder
d6d2857322
git: Add textconv hook for age diff
2021-02-08 19:19:18 +01:00
Simon Bruder
78c9a2cab9
tools: Add (r)age
2021-02-08 19:17:13 +01:00
Simon Bruder
bd8b809486
vueko: Add bang-evaluator
2021-02-07 21:02:11 +01:00
Simon Bruder
dde17cf4ec
pkgs: Add bang-evaluator
...
I don’t know if (and doubt that) this is a good solution. I can’t simply
callPackage it, since it does not use a callPackage compatible nix
expression but rather a ready-to-build default.nix. Also, I need the
source in two different files, one of which can’t use nixpkgs fetchers.
2021-02-07 21:00:09 +01:00
Simon Bruder
b8601e6fd3
vueko/mailserver: Change user’s password
2021-02-07 19:59:50 +01:00
Simon Bruder
f7287365ff
vueko: Add murmur
2021-02-07 12:29:22 +01:00
Simon Bruder
8037f5eb5e
deploy: Only send the wanted machine configuration
...
This avoids having secrets that are managed with git-crypt on every
system.
2021-02-07 11:30:42 +01:00
Simon Bruder
1bf141ce03
Update sources
2021-02-06 19:14:08 +01:00
Simon Bruder
75a91e9116
vdirsyncer: Use new credentials
2021-02-06 18:07:53 +01:00
Simon Bruder
9b5a991074
vueko: Add wg-home
2021-02-06 17:10:49 +01:00
Simon Bruder
34ec244fcc
vueko: Add mail and dav server
2021-02-06 16:51:10 +01:00
Simon Bruder
62f1dbe30f
mailserver: Disable recipient_restrictions for submission
...
Otherwise, sending mails to slow destinations might fail (with the
client throwing an error).
2021-02-06 16:51:10 +01:00
Simon Bruder
9c62905442
mailserver: Add module
2021-02-06 12:48:05 +01:00
Simon Bruder
e45b18abd0
Add 1 git-crypt collaborator
...
New collaborators:
F309F8EC Simon Bruder <simon@sbruder.de>
2021-02-05 18:01:49 +01:00
Simon Bruder
335f2908e7
tools: Add ccze
2021-02-05 17:51:29 +01:00
Simon Bruder
5ed071c0ed
Move admin tools to system tools
...
Fixes #37 .
This also removes some tools from the user profile since I do not need
them anymore.
2021-02-05 17:34:34 +01:00
Simon Bruder
998d47fd1a
nix: Only keep outputs and drvs on full systems
2021-02-05 17:19:19 +01:00
Simon Bruder
bfd192b2a8
vueko: Make small system
2021-02-05 15:39:17 +01:00
Simon Bruder
1437601d5a
Reduce locales and disable docs on small systems
2021-02-05 15:36:51 +01:00
Simon Bruder
6a114a6b7f
Update sources
2021-02-05 14:11:53 +01:00
Simon Bruder
520d750404
firewall: Entirely disable reverse path checking
...
This hopefully fixes #26 (or more specific a regression caused by it,
see the comment in the issue). I didn’t test it for long, but it seems
to work.
2021-02-02 21:40:30 +01:00
Simon Bruder
d8514ab12c
Re-enable waifu2x-converter-cpp
...
Upstream released a new version which fixes building with gcc10 and
nixpkgs already updated to it.
2021-02-01 20:51:34 +01:00
Simon Bruder
43fbc20020
Update sources
2021-02-01 20:45:22 +01:00
Simon Bruder
daf867dcb9
machines: Add vueko
...
This only adds a minimal configuration.
2021-02-01 17:33:29 +01:00
Simon Bruder
34c801c7e9
Make it possible to disable smartd per-machine
...
On virtual machines it does not make much sense to have it activated
(also the service fails to start).
2021-02-01 17:03:26 +01:00
Simon Bruder
cce86ac2c9
pkgs: Add wordclock-dimmer (including module)
2021-01-31 19:48:18 +01:00
Simon Bruder
a02d3cb883
Use separate state version for every machine
...
This also uses the system state version as the home-manager state
version.
Fixes #35 .
2021-01-31 12:21:05 +01:00
Simon Bruder
f211bae4e2
Globally set Let’s Encrypt requirements
2021-01-31 12:21:05 +01:00
Simon Bruder
3304c8e62e
programs: Add poppler_utils
2021-01-30 23:27:53 +01:00
Simon Bruder
ebddfd35ba
Update sources
2021-01-30 17:09:25 +01:00
Simon Bruder
1a63539df8
Update readme to better reflect current state
...
Fixes #7 .
2021-01-30 16:43:04 +01:00
Simon Bruder
4664265bb0
Add installation machine
...
Its configuration does not fit a real machine, but rather serves as a
minimal configuration for new machines during installation.
2021-01-30 16:41:06 +01:00
Simon Bruder
d61fc70f23
mpd: Only enable when gui is enabled
2021-01-30 13:27:29 +01:00
Simon Bruder
82d5a24dfa
deploy: Do not fail with broken local config
2021-01-29 16:04:38 +01:00
Simon Bruder
241bc188cb
sayuri: Use performance scaling governor
...
That machine is not very energy efficient anyway.
2021-01-29 15:54:59 +01:00
Simon Bruder
05a72217aa
Use nixos-hardware for hardware configuration
...
This removes the manual modules that use options to activate hardware
configuration. It seems to general (e.g. newer Intel GPUs require
different opencl icd) or not flexible enough (in case of the ssd
module).
Closes #21 .
2021-01-29 15:50:16 +01:00
Simon Bruder
55fb2cfdda
shell.nix: Add luks remote unlock script
...
Closes #9 .
2021-01-28 19:02:19 +01:00
Simon Bruder
e7c6406820
Decouple machine configuration and deployment
...
This allows custom scripts to access machine-specific variables.
2021-01-28 17:08:08 +01:00
Simon Bruder
204962d0f3
user: Fix gui programs being installed by mistake
2021-01-28 16:35:54 +01:00
Simon Bruder
67fe507a2d
Update sources
2021-01-27 21:55:55 +01:00
Simon Bruder
d6df163d2e
Update sources
2021-01-26 18:44:43 +01:00
Simon Bruder
603a006df8
Make routing all traffic over wireguard tunnel work
...
Fixes #26 (regression introduced in
126a0dad4b
)
This is not an ideal solution, since it disables some features of the
firewall. Ideally, the mullvad configuration would be declaratively
managed and include a PostUp and PreDown command that adds routes to the
tunnel endpoint to the physical interface.
2021-01-24 14:44:00 +01:00