Simon Bruder
621d209680
sayuri: Add specialisation that disables mitigations
...
x264 encodes over 2 times faster in one example with mitigations
disabled.
2021-06-09 15:22:17 +02:00
Simon Bruder
80f33f9095
Add contact page
2021-06-02 13:24:36 +02:00
Simon Bruder
e0efa77520
fuuko/nar-serve: Use NixOS module
...
Since it does not provide a `package` option, it has to be overriden
with an overlay.
2021-06-01 10:16:15 +02:00
Simon Bruder
56b9c6c37f
Add module for on-demand usage of mullvad
...
Since wg-quick does not require the configuration file to include a
private key and local addresses, they can be added after the execution
of wg-quick.
Fixes #32 .
2021-05-31 23:02:11 +02:00
Simon Bruder
6f31ded457
fuuko/wordclock: Use 15 character long password
...
```cpp
struct {
char domain[32];
char clientId[16];
char user[16];
char password[16];
} mqtt;
```
(f637c2f39e/PersistentStorage.h
)
This went unnoticed, because on NixOS, mosquitto does not validate
passwords by default.
2021-05-28 23:08:20 +02:00
Simon Bruder
c918486622
fuuko/mqtt: Make compatible with Mosquitto 2
...
This now requires authenticating with a valid password, which it
apparently didn’t do before?
2021-05-28 23:05:22 +02:00
Simon Bruder
de3f8f8909
restic: Make restic prune regularily on fuuko
...
Closes #41 .
2021-05-28 15:01:06 +02:00
Simon Bruder
d3d41da2bc
vueko/murmur: Explicitly set murmur as system user
2021-05-28 14:24:25 +02:00
Simon Bruder
e80a0b0c07
vueko/radicale: Use services.radicale.settings
2021-05-28 14:24:02 +02:00
Simon Bruder
7d7da189d0
nunotaba: Reinstall on btrfs filesystem
2021-05-28 14:05:14 +02:00
Simon Bruder
6cb59d0149
nunotaba: Use performance cpuFreqGovernor
...
With kernel 5.10 powersave is stuck at 798 MHz for some reason.
2021-05-28 14:05:13 +02:00
Simon Bruder
091f6b0e14
Update to 21.05
...
This still uses the relase-21.05 branch which should later be changed to
nixos-21.05.
2021-05-28 14:04:53 +02:00
Simon Bruder
36c0c67e36
sayuri: Update specs in readme
2021-05-27 18:06:34 +02:00
Simon Bruder
d64f4a8741
vueko/mail: Add alias
2021-05-25 09:48:25 +02:00
Simon Bruder
71209d0cc8
vueko/mail: Add alias
2021-05-21 12:30:36 +02:00
Simon Bruder
961b497609
vueko/mail: Add alias
2021-05-17 19:05:24 +02:00
Simon Bruder
2c8a291ae9
Make flake inputs available as module argument
...
This moves a bunch of stuff out of flake.nix into the modules they
belong to. This removes complexity from flake.nix and gives the project
a more organised structure.
Sadly, it is not possible to import modules from a flake outside of
flake.nix, since that leads to an infinite recursion (`config` has to be
evaluated before `config._modules.args.inputs` is available but `config`
depends on an import from `config._modules.args.inputs`). Therefore, the
`extraModules` argument in `machines/default.nix` has to be used for
that (it now has access to all flake inputs).
2021-05-15 10:04:44 +02:00
Simon Bruder
531060668a
fuuko/hydra: Show logs after build is completed
2021-05-15 00:01:04 +02:00
Simon Bruder
9f70024257
fuuko/hydra: Make serving build artifacts work
...
hydra-server.service does not have access to the signing key.
2021-05-13 14:23:10 +02:00
Simon Bruder
dc1698ffaa
fuuko: Add hydra
2021-05-13 13:07:17 +02:00
Simon Bruder
ca2136ef04
sayuri: Allow discards on data ssd
2021-05-07 14:37:53 +02:00
Simon Bruder
d3ec5f4ba1
sayuri: Reinstall on NVMe ssd
2021-05-04 23:15:05 +02:00
Simon Bruder
c3a3d8a12a
Adapt documentation to current configuration
2021-05-04 21:45:05 +02:00
Simon Bruder
2bf9577b61
vueko/mail: Add alias
2021-05-03 19:33:53 +02:00
Simon Bruder
10ced7f2bb
fuuko/torrent: Make socat work after forced stop
...
This should improve behavour after e.g. a power outage.
2021-05-03 10:17:00 +02:00
Simon Bruder
440fc97f7f
AriaNg: Include as flake
2021-05-03 10:16:59 +02:00
Simon Bruder
51f814c70d
fuuko/go-neb: Use sops for secrets
2021-05-03 10:16:59 +02:00
Simon Bruder
84c72583fe
fuuko/drone-runner-exec: Use unstable nix
...
This also adds /etc/static as read-only path to the sandbox, since
otherwise /etc/nix/nix.conf can’t be read.
2021-05-01 18:31:05 +02:00
Simon Bruder
400b55a293
Convert to flake
...
Fixes #3 .
2021-05-01 17:36:58 +02:00
Simon Bruder
7d19c9b039
sayuri: Use radeontop from unstable
2021-04-25 09:54:49 +02:00
Simon Bruder
78f4579556
vueko/mail: Add alias
2021-04-23 10:21:11 +02:00
Simon Bruder
08b8fce2d4
fuuko/gitea: Store session on disk
2021-04-19 14:35:42 +02:00
Simon Bruder
4af55ba3e9
vueko/mail: Add alias
2021-04-17 12:15:43 +02:00
Simon Bruder
e070cb9107
vueko/mail: Add alias
2021-04-17 10:56:15 +02:00
Simon Bruder
438fad34fb
vueko/mail: Reorganise vim folds
2021-04-17 10:47:07 +02:00
Simon Bruder
cd30750fdc
fuuko/media-backup: Init
...
Fixes #49 .
2021-04-16 17:13:46 +02:00
Simon Bruder
b9abd825cb
vueko/mail: Add alias
2021-04-14 15:43:16 +02:00
Simon Bruder
ec09bbf6c6
fuuko/gitea: Remove version override
...
Version 1.14.0 has been released and is in nixpkgs.
2021-04-13 09:08:04 +02:00
Simon Bruder
602573cd34
fuuko/dnsmasq: Reliably work after reboot
2021-04-10 23:23:46 +02:00
Simon Bruder
bb8c54065a
fuuko/drone/runner-exec: Remove port collision with grafana
...
Drone docs [1] say “Overriding this value is not recommended”, however I
do not see why I should not be able to change it.
[1] https://docs.drone.io/runner/exec/configuration/reference/drone-http-bind/
2021-04-10 23:21:46 +02:00
Simon Bruder
746581ceba
fuuko/dnsmasq: Replace stubby/DoT with https-dns-proxy/DoH
2021-04-10 20:16:08 +02:00
Simon Bruder
bed82e297c
sayuri: Migrate to sops
...
Fixes #38 .
2021-04-10 11:58:50 +02:00
Simon Bruder
5dff1a426f
fuuko/binary-cache: Add nar-serve
2021-04-08 21:40:14 +02:00
Simon Bruder
8d9e3af211
Add binary cache hosted on fuuko
...
See machines/fuuko/services/binary-cache.nix for limitations.
2021-04-08 16:19:57 +02:00
Simon Bruder
68fbc9e185
fuuko/go-neb: Notify room if alert is firing
2021-04-08 10:04:30 +02:00
Simon Bruder
9dbd7f9c85
vueko/coturn: Manage shared secret with sops
...
This requires not using the NixOS module, since it does not support
loading it from a file.
2021-04-07 12:23:48 +02:00
Simon Bruder
4a8a7e0a4f
Use sops for secrets
...
Since I currently do not have access to sayuri, sayuri’s migration is
not done yet. The host keys and wg-home-private-key secret still have to
be added.
2021-04-06 14:05:48 +02:00
Simon Bruder
d253f74a06
sayuri: Fill in purpose section of readme
...
Also, next time try to spell FIXME the right way so I don’t notice this
months after setting the machine up.
2021-04-05 13:38:33 +02:00
Simon Bruder
5c4284d68c
fuuko: Add dnsmasq prometheus exporter
2021-04-05 13:18:43 +02:00
Simon Bruder
c26539e607
fuuko/prometheus: Actually show node name in alerts
2021-04-04 14:34:44 +02:00