Commit graph

329 commits

Author SHA1 Message Date
Simon Bruder be7e67cf1f
wireguard/home: Make vueko central server
This also restructures the wireguard/home configuration, since now
better peer management is possible.
2021-02-20 19:57:04 +01:00
Simon Bruder c921c2802a
tools: Add compsize 2021-02-20 12:47:27 +01:00
Simon Bruder 5dfe492baf
pkgs: Add aria2_exporter 2021-02-20 12:37:10 +01:00
Simon Bruder 65603effa9
Update sources 2021-02-19 18:49:27 +01:00
Simon Bruder 94f3aae5b9
tmate: Init 2021-02-18 16:37:45 +01:00
Simon Bruder e0ef586e5e
nginx-interactive-index: Init 2021-02-18 12:10:03 +01:00
Simon Bruder ceff40f84d
Update sources 2021-02-18 09:19:18 +01:00
Simon Bruder 0ec1fb5257
Make aesni_intel module available on boot
This should increase LUKS performance significantly. In reality,
however, it doesn’t work that well. The difference of raw vs encrypted
block device speed still ist ~ 100 MiB/s. Even more confusing is that
nunotaba’s Intel DC SSD only manages ~ 350 MiB/s **without** encryption.
2021-02-17 15:33:10 +01:00
Simon Bruder dd93b4c748
Update sources 2021-02-17 14:04:03 +01:00
Simon Bruder e21c769524
machines/installation: Set key map 2021-02-16 17:34:21 +01:00
Simon Bruder 16c710d4a5
shell/unlock: Make unlock work if agent is locked 2021-02-16 15:55:17 +01:00
Simon Bruder 27285a098f
vueko: Serve imprint over http 2021-02-14 19:49:05 +01:00
Simon Bruder f827456d0c
pkgs: Add imprint 2021-02-14 19:48:50 +01:00
Simon Bruder b00498f23d
tools: Add hdparm 2021-02-14 15:30:44 +01:00
Simon Bruder eb97e936ed
zsh: Use grml config system wide 2021-02-14 13:29:51 +01:00
Simon Bruder e8a6110521
Update sources 2021-02-13 10:35:41 +01:00
Simon Bruder 1a7ef37376
home: Use nixosConfig instead of inheriting options 2021-02-12 21:12:03 +01:00
Simon Bruder 474cc7d0f7
sayuri: Disable docker 2021-02-11 14:11:30 +01:00
Simon Bruder 8689ace70d
Update sources 2021-02-11 13:13:16 +01:00
Simon Bruder 3fc9846bf7
vueko: resolved: Disable dnssec 2021-02-10 14:22:00 +01:00
Simon Bruder 3ba514c502
vueko: Add readme 2021-02-09 13:38:32 +01:00
Simon Bruder 15cdd42845
Remove global swapiness
All machines should either import <nixpkgs-hardware/common/pc/hdd> or
<nixpkgs-hardware/common/pc/ssd> if they have swap.
2021-02-08 23:20:31 +01:00
Simon Bruder 29c6d37142
Remove journald extra configuration
Since `Storage=persistent` is the default in NixOS, it is not needed.
2021-02-08 23:19:02 +01:00
Simon Bruder 8c92c1b792
youtube-dl: Add 2021-02-08 20:40:54 +01:00
Simon Bruder d6d2857322
git: Add textconv hook for age diff 2021-02-08 19:19:18 +01:00
Simon Bruder 78c9a2cab9
tools: Add (r)age 2021-02-08 19:17:13 +01:00
Simon Bruder bd8b809486
vueko: Add bang-evaluator 2021-02-07 21:02:11 +01:00
Simon Bruder dde17cf4ec
pkgs: Add bang-evaluator
I don’t know if (and doubt that) this is a good solution. I can’t simply
callPackage it, since it does not use a callPackage compatible nix
expression but rather a ready-to-build default.nix. Also, I need the
source in two different files, one of which can’t use nixpkgs fetchers.
2021-02-07 21:00:09 +01:00
Simon Bruder b8601e6fd3
vueko/mailserver: Change user’s password 2021-02-07 19:59:50 +01:00
Simon Bruder f7287365ff
vueko: Add murmur 2021-02-07 12:29:22 +01:00
Simon Bruder 8037f5eb5e
deploy: Only send the wanted machine configuration
This avoids having secrets that are managed with git-crypt on every
system.
2021-02-07 11:30:42 +01:00
Simon Bruder 1bf141ce03
Update sources 2021-02-06 19:14:08 +01:00
Simon Bruder 75a91e9116
vdirsyncer: Use new credentials 2021-02-06 18:07:53 +01:00
Simon Bruder 9b5a991074
vueko: Add wg-home 2021-02-06 17:10:49 +01:00
Simon Bruder 34ec244fcc
vueko: Add mail and dav server 2021-02-06 16:51:10 +01:00
Simon Bruder 62f1dbe30f
mailserver: Disable recipient_restrictions for submission
Otherwise, sending mails to slow destinations might fail (with the
client throwing an error).
2021-02-06 16:51:10 +01:00
Simon Bruder 9c62905442
mailserver: Add module 2021-02-06 12:48:05 +01:00
Simon Bruder e45b18abd0
Add 1 git-crypt collaborator
New collaborators:

	F309F8EC Simon Bruder <simon@sbruder.de>
2021-02-05 18:01:49 +01:00
Simon Bruder 335f2908e7
tools: Add ccze 2021-02-05 17:51:29 +01:00
Simon Bruder 5ed071c0ed
Move admin tools to system tools
Fixes #37.

This also removes some tools from the user profile since I do not need
them anymore.
2021-02-05 17:34:34 +01:00
Simon Bruder 998d47fd1a
nix: Only keep outputs and drvs on full systems 2021-02-05 17:19:19 +01:00
Simon Bruder bfd192b2a8
vueko: Make small system 2021-02-05 15:39:17 +01:00
Simon Bruder 1437601d5a
Reduce locales and disable docs on small systems 2021-02-05 15:36:51 +01:00
Simon Bruder 6a114a6b7f
Update sources 2021-02-05 14:11:53 +01:00
Simon Bruder 520d750404
firewall: Entirely disable reverse path checking
This hopefully fixes #26 (or more specific a regression caused by it,
see the comment in the issue). I didn’t test it for long, but it seems
to work.
2021-02-02 21:40:30 +01:00
Simon Bruder d8514ab12c
Re-enable waifu2x-converter-cpp
Upstream released a new version which fixes building with gcc10 and
nixpkgs already updated to it.
2021-02-01 20:51:34 +01:00
Simon Bruder 43fbc20020
Update sources 2021-02-01 20:45:22 +01:00
Simon Bruder daf867dcb9
machines: Add vueko
This only adds a minimal configuration.
2021-02-01 17:33:29 +01:00
Simon Bruder 34c801c7e9
Make it possible to disable smartd per-machine
On virtual machines it does not make much sense to have it activated
(also the service fails to start).
2021-02-01 17:03:26 +01:00
Simon Bruder cce86ac2c9
pkgs: Add wordclock-dimmer (including module) 2021-01-31 19:48:18 +01:00