Compare commits
17 Commits
faf159bb66
...
513e0cf383
Author | SHA1 | Date |
---|---|---|
Simon Bruder | 513e0cf383 | |
Simon Bruder | d86ad02cee | |
Simon Bruder | 73e99ec61b | |
Simon Bruder | da349a7113 | |
Simon Bruder | 9995ff511e | |
Simon Bruder | 34231fb13b | |
Simon Bruder | 492af23f17 | |
Simon Bruder | e48f367afd | |
Simon Bruder | 9e545950f5 | |
Simon Bruder | 8d764fc7e4 | |
Simon Bruder | 8757ef7eb8 | |
Simon Bruder | afea7afdbf | |
Simon Bruder | 26d85e97aa | |
Simon Bruder | 0393661579 | |
Simon Bruder | 1d84379383 | |
Simon Bruder | a00503d244 | |
Simon Bruder | 2a5da89f53 |
12
.sops.yaml
12
.sops.yaml
|
@ -5,12 +5,12 @@ keys:
|
|||
- &vueko 4EA330328CD0D3076E90960194DFA4953D8729DE
|
||||
- &fuuko 2372651C56E22972C2D9F3F569C8187C9C43754E
|
||||
- &mayushii 23EEDF49AAF1B41DCD1CD10F44A37FA8C15053B3
|
||||
- &yuzuru F4B5F6971A1FAEA1216FCE1C6745A652A31186DB
|
||||
- &renge 06a917fc4a2a1b6b0f69a830285075cac85b7035
|
||||
- &nunotaba 3176be14f468c6d43ab2206b4f273abccd49806b
|
||||
- &okarin 868497ac4266a4d137e0718ae5fc3caa3b8107aa
|
||||
- &shinobu 28677f2e3584b39f528a779caf445ebb39c882b7
|
||||
- &nazuna 0b8be5d87a10a0e68dda97212c4befad1f9e915c
|
||||
- &yuzuru a1ee5bc0249163a047440ef2649e770ec6ea16e4
|
||||
creation_rules:
|
||||
- path_regex: machines/nunotaba/secrets\.yaml$
|
||||
key_groups:
|
||||
|
@ -37,11 +37,6 @@ creation_rules:
|
|||
- pgp:
|
||||
- *simon
|
||||
- *mayushii
|
||||
- path_regex: machines/yuzuru/secrets\.yaml$
|
||||
key_groups:
|
||||
- pgp:
|
||||
- *simon
|
||||
- *yuzuru
|
||||
- path_regex: machines/okarin/secrets\.yaml$
|
||||
key_groups:
|
||||
- pgp:
|
||||
|
@ -67,6 +62,11 @@ creation_rules:
|
|||
- pgp:
|
||||
- *simon
|
||||
- *nazuna
|
||||
- path_regex: machines/yuzuru/secrets\.yaml$
|
||||
key_groups:
|
||||
- pgp:
|
||||
- *simon
|
||||
- *yuzuru
|
||||
- path_regex: secrets\.yaml$
|
||||
key_groups:
|
||||
- pgp:
|
||||
|
|
|
@ -57,8 +57,8 @@ On MBR:
|
|||
parted /dev/sdX
|
||||
mktable GPT
|
||||
mkpart primary 1MiB 2MiB
|
||||
mkpart primary 2MiB 500MiB
|
||||
mkpart primary 500MiB 100%
|
||||
mkpart primary 2MiB 512MiB
|
||||
mkpart primary 512MiB 100%
|
||||
set 1 bios_grub on
|
||||
disk_toggle pmbr_boot
|
||||
quit
|
||||
|
|
56
flake.lock
56
flake.lock
|
@ -85,11 +85,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1702195709,
|
||||
"narHash": "sha256-+zRjWkm5rKqQ57PuLZ3JF3xi3vPMiOJzItb1m/43Cq4=",
|
||||
"lastModified": 1704099619,
|
||||
"narHash": "sha256-QRVMkdxLmv+aKGjcgeEg31xtJEIsYq4i1Kbyw5EPS6g=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "6761b8188b860f374b457eddfdb05c82eef9752f",
|
||||
"rev": "7e398b3d76bc1503171b1364c9d4a07ac06f3851",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -106,11 +106,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1702423270,
|
||||
"narHash": "sha256-3ZA5E+b2XBP+c9qGhWpRApzPq/PZtIPgkeEDpTBV4g8=",
|
||||
"lastModified": 1704100519,
|
||||
"narHash": "sha256-SgZC3cxquvwTN07vrYYT9ZkfvuhS5Y1k1F4+AMsuflc=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "d9297efd3a1c3ebb9027dc68f9da0ac002ae94db",
|
||||
"rev": "6e91c5df192395753d8e6d55a0352109cb559790",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -215,11 +215,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1702456155,
|
||||
"narHash": "sha256-I2XhXGAecdGlqi6hPWYT83AQtMgL+aa3ulA85RAEgOk=",
|
||||
"lastModified": 1703939133,
|
||||
"narHash": "sha256-Gxe+mfOT6bL7wLC/tuT2F+V+Sb44jNr8YsJ3cyIl4Mo=",
|
||||
"owner": "cachix",
|
||||
"repo": "pre-commit-hooks.nix",
|
||||
"rev": "007a45d064c1c32d04e1b8a0de5ef00984c419bc",
|
||||
"rev": "9d3d7e18c6bc4473d7520200d4ddab12f8402d38",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -231,11 +231,11 @@
|
|||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1702453208,
|
||||
"narHash": "sha256-0wRi9SposfE2wHqjuKt8WO2izKB/ASDOV91URunIqgo=",
|
||||
"lastModified": 1704124233,
|
||||
"narHash": "sha256-lBHs/yUtkcGgapHRS31oOb5NqvnVrikvktGOW8rK+sE=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "7763c6fd1f299cb9361ff2abf755ed9619ef01d6",
|
||||
"rev": "f752581d6723a10da7dfe843e917a3b5e4d8115a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -247,11 +247,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1702233072,
|
||||
"narHash": "sha256-H5G2wgbim2Ku6G6w+NSaQaauv6B6DlPhY9fMvArKqRo=",
|
||||
"lastModified": 1703992652,
|
||||
"narHash": "sha256-C0o8AUyu8xYgJ36kOxJfXIroy9if/G6aJbNOpA5W0+M=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "781e2a9797ecf0f146e81425c822dca69fe4a348",
|
||||
"rev": "32f63574c85fbc80e4ba1fbb932cde9619bad25e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -275,11 +275,11 @@
|
|||
"poetry2nix": "poetry2nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1701527732,
|
||||
"narHash": "sha256-pylAGzBf4a9ShBFR9fAs9KSD2cpPYUeINDCheSru9Yw=",
|
||||
"lastModified": 1704120598,
|
||||
"narHash": "sha256-9g7bZbVHAjMPNUWD2okeOdTmTrC9pkCeVe1zFyvtvqo=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "37f80d1593ab856372cc0da199f49565f3b05c71",
|
||||
"revCount": 64,
|
||||
"rev": "32ef4fd545a29cdcb2613934525b97470818b42e",
|
||||
"revCount": 65,
|
||||
"type": "git",
|
||||
"url": "https://git.sbruder.de/simon/nixpkgs-overlay"
|
||||
},
|
||||
|
@ -306,11 +306,11 @@
|
|||
},
|
||||
"nixpkgs-stable_2": {
|
||||
"locked": {
|
||||
"lastModified": 1702148972,
|
||||
"narHash": "sha256-h2jODFP6n+ABrUWcGRSVPRFfLOkM9TJ2pO+h+9JcaL0=",
|
||||
"lastModified": 1703950681,
|
||||
"narHash": "sha256-veU5bE4eLOmi7aOzhE7LfZXcSOONRMay0BKv01WHojo=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "b8f33c044e51de6dde3ad80a9676945e0e4e3227",
|
||||
"rev": "0aad9113182747452dbfc68b93c86e168811fa6c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -322,11 +322,11 @@
|
|||
},
|
||||
"nixpkgs-unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1702312524,
|
||||
"narHash": "sha256-gkZJRDBUCpTPBvQk25G0B7vfbpEYM5s5OZqghkjZsnE=",
|
||||
"lastModified": 1703961334,
|
||||
"narHash": "sha256-M1mV/Cq+pgjk0rt6VxoyyD+O8cOUiai8t9Q6Yyq4noY=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "a9bf124c46ef298113270b1f84a164865987a91c",
|
||||
"rev": "b0d36bd0a420ecee3bc916c91886caca87c894e9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -453,11 +453,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1702177193,
|
||||
"narHash": "sha256-J2409SyXROoUHYXVy9h4Pj0VU8ReLuy/mzBc9iK4DBg=",
|
||||
"lastModified": 1703991717,
|
||||
"narHash": "sha256-XfBg2dmDJXPQEB8EdNBnzybvnhswaiAkUeeDj7fa/hQ=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "d806e546f96c88cd9f7d91c1c19ebc99ba6277d9",
|
||||
"rev": "cfdbaf68d00bc2f9e071f17ae77be4b27ff72fa6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -1,28 +1,28 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
xsFNBAAAAAABEADlgmSvdnFWue1i5dS1qA9df+cRQDA1NDBHYm5dGpsTe7xghvde
|
||||
9B1aAzWxbxeppwr2IHvLo1boWyH0ODC5HFxvleaYd6R9oLljQvxZEPq8ANWMyxDx
|
||||
T4MyRlLClegMrUaCoQTFxoO7LFujrhKPC1+r/JVBBehJrpw31WAUQV2SLDTPFRMJ
|
||||
GVAJXR1vplafbftlkI9K3t12T1RrD1D5QxPtFPPEdwdfPQ8CDE7cCado9iv+P3e+
|
||||
9gA3fE0HJzS1ZRySF0sZ5lP3RX3ZBoY7z/8s3ZHGCYfD9ssGwZS5ByjMk2eJiPY2
|
||||
tX0ZwffBdzAwyq64e1/ddubGTIhKNPd5Iy2GCnOEgPMC8TCke5Zz5IeInUE3ANyS
|
||||
zkuwpCbqT8Vu541yqhs8+dOnH3srgks9OH2Ar2ctMWx3gmICDoCLHrWfbvlkqUwB
|
||||
cxnGxAeNzOXiem1Fu5IJwVC5JR1+5b4dqa3k+f/nuWRizvrU26OP/1S+NTz3T7/W
|
||||
TEF6KyE7+dy3K4IO95SDYwVp6mF/0fh4FTahNi6B1BDEAZKZjaVXyd2TOk77Y7si
|
||||
Tc98E4SUTUlRRCLh8SmUmxalI168LLgGMwUWhDvRw6EP7uh9FBEi1kLXnN6am0kP
|
||||
q1jgQL798DzFwcgEYTx7rTDHZLkbwrxWA32Lpu3T6twtaZiQE+o7wuXMTQARAQAB
|
||||
xsFNBAAAAAABEACrSqXAEWHXWjyl/FX+r6d0WQmn7/40slxrnBQzl5ERnEOKtzR5
|
||||
hMPioWhfFFKeNbTxYp6tV6mbiIm7NKSCOC0o1lkt16Sb8SU3Tzi8uF4gCl6gxmwW
|
||||
iHG4k5CYij/jMw3YMX9NEpCVPjita/FXVxrN2aq96cMEgf7kQU9Bs+VmN2nlGCl0
|
||||
ATI4tZyJrxjO2okWEfsK3OT0qhqsQrQdsv8QhsG455pv1tmhvgwDY22swORQbBYC
|
||||
4Jgp2mtPX/LPXzr3cxnG3hz+d/A9tDtZK9t/uEc1sMMSEws6FiKofVNL00KTvx5/
|
||||
1N5PPEACovBmGx17KLYZVo0pNDvIzPvp7UdZ3gbdoK7KvRPzzJ8EdSB/IPP2883w
|
||||
bAplPpP6aGkYog3bPsp9o9t5il5hm5ASlKchKZjUp5Mes6sRrnSAnq5zJGpE3bMz
|
||||
0NnbcOcuRBNF/cie0eX2XpL4ooI+OTUC0cUa/nnmvRbvH9INVydAhiJmzxhduLvz
|
||||
586SzGRoHG1FNumT/I+jQDXgb2hIpZy4keDzsBlfuOCixjKyJPKf39hCbKbiNyed
|
||||
R+e8EqqqSwKBdN6neha5o0NPldQRp9BV+uSaVtr6NwmG6nRKMg5QSuxuab0qckwG
|
||||
3C33xjBFvodVoYLKTgvYR2qw8QFgI33MKrctQsUW4od1w5rfPVsWTsboowARAQAB
|
||||
zSlyb290IChJbXBvcnRlZCBmcm9tIFNTSCkgPHJvb3RAbG9jYWxob3N0PsLBYgQT
|
||||
AQgAFgUCAAAAAAkQZ0WmUqMRhtsCGw8CGQEAAIyAEAA89dyQvXx4sS7I1nRlMw9q
|
||||
Agbi4h1lrCifEH6srlInbg3kZNgnlsDY+cVCIiy8m/Oyupn0U4uduMI8P7R5kgWQ
|
||||
g9+FKFXoLK8P1kO5gani+tWNmBW49leSN8un9YAviKele5wDM/Dg+rNbWDaYHKu5
|
||||
SspZV/SiP0JkxXOgxkMgOOl97kNmvv6O3qYHPG5rz5P/YV0pdDSi1cfhdREvTPAl
|
||||
eNqzMrdEuE/GUrYJYeF8kN+TswBubTgy4WBqQdMlS+Go1B/7HQd56pl5BHiHM8HZ
|
||||
l01ljbgqdYdggmXt7CI90Txe3RRduzKS4ncEQ1VVQiXEmOzU7emu+DFwknGnSgTW
|
||||
gW6Nps3u2XhcsJNczf2PdEzDAv0oNAp4So7JdTGetkJ1Yw4quS0l1XWWBm+cf376
|
||||
nanAGkENvuBbS36kgHNjNT1EnUnyJoMDMnc1AmSSlTf/ORc+JrzM4PtMonhWJTAU
|
||||
eM66tozyJ3qYWApiI2doYwMDuh/u3jvqpTddxklaNFUOxIA2VITP0EgCFkVjW2u3
|
||||
0gPY2tV6AtcxcUn1NnhS92xf0//O4fcGOwlTvNaPqDuF0mk9OazAPQ5L37mfNZzb
|
||||
XUc3AyZXRZNhlE+aNfeJSKtzFCpGUJfstPmkdOwPxK29G4GDbjzWevpYF9Rv6Xpq
|
||||
Ky38rXnis6Hpih/z6/7HOg==
|
||||
=5Ki8
|
||||
AQgAFgUCAAAAAAkQZJ53DsbqFuQCGw8CGQEAAKv8EABzl8YKtwB0NEfR54L4fC65
|
||||
/068DC+BqeT5rMI0T/f9yax9CNWH/j359GGal5TjWaOxZzY5g6KgIzsn/GBo0kNt
|
||||
/XhEuNv2zfjeGsF+bugTO+qipZV7hGq3tV8JHqsmRnafoAH+tOIkIKYtL4B5jT6w
|
||||
KjOO70WDak0tnO8s5jMAqONf6Ny3OT8Xqy5yZhUvvSqfOY488rkMjbY5hGkuU1+z
|
||||
7vOppJRZIIXHQeZZWM4OXXcVayHiVjAKXpVoQ8XGGPL82Io1kDf39lWyIUUk5jCc
|
||||
1S0fSyMCZfC8nAprKmXMUZdeQUs4k7BCMmreKTa4G58LMnm6T/rtdoqwnTjk/fIB
|
||||
SVea86wcjN7zhXZbrDMVSbHtToX95287kpsXCRmIglX9KNhbT3IPpEz5sq9/9/YA
|
||||
fhyXu1lnu2JbGt01lRuBUPlVx1qEQ9Gor1PmOORfMR19KXpVXci+JIhWA8KxMnSv
|
||||
Hbj6Iqh/EdhctlrvAnjC4ERA3Om3m6SfrJm+e3kmSpV8Hq2f7gDeDbrruy78AAMv
|
||||
RLabJ0+RPBOFCU5XFs+li2t1xgeR8XVgSrMafHbjNREvytLKG0y21kkY+O1Pg0/c
|
||||
PuxFfEqzXeH+pqa9Dv/TCXpbkGuos8c3WpFjNmt+XTULfrUvMc0/ClfVqVAfic4H
|
||||
GjYdNSdHdZaTkT/4WjVD4A==
|
||||
=5kkr
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
|
|
@ -67,4 +67,9 @@ in
|
|||
|
||||
targetHost = "nazuna.sbruder.de";
|
||||
};
|
||||
yuzuru = {
|
||||
system = "x86_64-linux";
|
||||
|
||||
targetHost = "yuzuru.sbruder.de";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -29,7 +29,6 @@
|
|||
"/data/media/video"
|
||||
"/data/torrent"
|
||||
];
|
||||
prune = true;
|
||||
};
|
||||
unfree.allowSoftware = true;
|
||||
};
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
restic-ssh-key: ENC[AES256_GCM,data:wA7JCg6Y900s6+1JoevMzbr6fKRN6jbfUuX166VS+TUFhFbn0npz5gKkAQpC8h1io1WaSCPJkJMzr+viOLlnVwqe8zFGm3ZJlKSEqKKK+CatZ95+zKACOZuBAC/2E6rep6JnL/C3/gKMKibVmAL+9TkTX6nA83xwhM65JPLN/+bP29bq0Cr2FopgZgNPQjb6ANB4POy+MUktet63DZ4dJwKvndiCRg4EMLIOqFopbQei6Pxc1F/lC3yBu71YgB4TSGQp/6tXjfFOuXQpI0nFrZCmLYcW03ZqOBQbKg3w4rwlqtnl25/23jpT0kqWp99wHUGMCib5+iywPUMSNDwAsz0fq04JGpTEM9cuxkLWZVfCpguNlgaiwCObyJkA2CHXlIn6KYsDOa6U/Uy9mNRPae52j/E+JdLQycOwT5+n78j0vqtvS69blUC/E7j2IWe17SI8JVCiYFbZXPqVm43jdEiQ9jU4gXMsu6NKppnBhFSrMVUHScS3gR/xnTfrabrr2FWJwIOjdGdJb4pr+nfZ,iv:ow+hzt5YGGD0FDvN+XkZtW74k4mwW+6HqWZMtOwAWDg=,tag:HXogIkcSTq6Ep4M2MXEMew==,type:str]
|
||||
wg-home-private-key: ENC[AES256_GCM,data:6l3CgB4qCsPuyYOWuwU2vNiEeC0D1wl6yZvXGGYVsZfYvdPjRz8j5yV7ekQ=,iv:slB/qr+cxi8r7cnTuZAd8CuzWVnvp24Li6A/AnZaFzo=,tag:ynh1Z2+IELAJcgBbHwFC0A==,type:str]
|
||||
wg-mullvad-private-key: ENC[AES256_GCM,data:4smAYjzrMz6bapthHwTdeDJSvnEqnGmDFRZjJwnXWXLSYnEhzhvRttVrmFw=,iv:94o7E8IlZ6V+wez5+Zr9xv92rr06MlUfBCvtMW8VnEA=,tag:SJjrbBseVyWwhf9IHRi7rQ==,type:str]
|
||||
wg-qbittorrent-private-key: ENC[AES256_GCM,data:xahW0lKU7yhinWJylyetdHWcdPdeKg3SMAm5WQhJEIIAFe+i2zeiSb2erq4=,iv:wTIsR7SXp4janh6QLA7RhzGdR7mDAMtAqROxFxKfneo=,tag:K/nDVrBv0ctoynxAEStr6w==,type:str]
|
||||
|
@ -9,8 +8,8 @@ sops:
|
|||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2023-07-03T09:14:17Z"
|
||||
mac: ENC[AES256_GCM,data:++UfJymDA0rdFYa2lfG3eYQBuqLp/3llSazf8XGNV3H/LqDxC3H9BhWrVhA2itkextBX+Lj7DxeHQLR8oMb538YI00z4Yt1U62sMfjajJEZI/BSnugDum2LqXCigOcC4+1TldH4490GQ2aij/aBqMxrFnqmkVGsqnqKLDxb5kTQ=,iv:QL7CuO14839+0vX1060HEKqdY/4HRFapInOyovn8lNE=,tag:+wMAltwkCAASa48QSzI2Zg==,type:str]
|
||||
lastmodified: "2024-01-10T18:29:18Z"
|
||||
mac: ENC[AES256_GCM,data:askmYGMX50W3U/86DBj9CXhLOZdBrTjbMqRtvegDjfFkOtHLInGuh5urfXGnEBDLtLTjGwdWHCU5DZz9AvBNcl0X6wOM3BGxkMF7+CrZ2FL7ZYw+hJ7JOywNryO/vJLdUZ1MUc0uH1YZdYYHjD7nkyVeDj6aDDkO0UOiLsDNEDw=,iv:gpY4O08YheKFAanPkccp6I7z80ygqMj2IdQnYK9clwI=,tag:OAre51qIvnhfj/vwqSy3wQ==,type:str]
|
||||
pgp:
|
||||
- created_at: "2021-04-06T11:27:21Z"
|
||||
enc: |
|
||||
|
@ -53,4 +52,4 @@ sops:
|
|||
-----END PGP MESSAGE-----
|
||||
fp: 2372651C56E22972C2D9F3F569C8187C9C43754E
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
||||
version: 3.8.1
|
||||
|
|
|
@ -40,6 +40,9 @@
|
|||
disable spoolss = yes
|
||||
usershare max shares = 0
|
||||
acl allow execute always = True
|
||||
|
||||
server min protocol = NT1
|
||||
ntlm auth = ntlmv1-permitted
|
||||
'';
|
||||
shares = {
|
||||
qemu = {
|
||||
|
|
|
@ -9,6 +9,7 @@
|
|||
sbruder = {
|
||||
nginx.hardening.enable = true;
|
||||
wireguard.home.enable = true;
|
||||
infovhost.enable = true;
|
||||
};
|
||||
|
||||
networking.hostName = "nazuna";
|
||||
|
|
|
@ -5,6 +5,8 @@
|
|||
(modulesPath + "/profiles/qemu-guest.nix")
|
||||
];
|
||||
|
||||
sbruder.machine.isVm = true;
|
||||
|
||||
boot = {
|
||||
kernelParams = [ "ip=86.106.183.111/26::86.106.183.65::nazuna" ];
|
||||
initrd = {
|
||||
|
@ -50,7 +52,4 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
# no smart on qemu disk
|
||||
services.smartd.enable = false;
|
||||
}
|
||||
|
|
|
@ -13,23 +13,13 @@
|
|||
nginx.hardening.enable = true;
|
||||
full = false;
|
||||
wireguard.home.enable = true;
|
||||
infovhost.enable = true;
|
||||
};
|
||||
|
||||
networking.hostName = "okarin";
|
||||
|
||||
system.stateVersion = "22.11";
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
|
||||
virtualHosts."okarin.sbruder.de" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
|
||||
root = pkgs.sbruder.imprint;
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
80
|
||||
443
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
{ lib, modulesPath, ... }:
|
||||
|
||||
{
|
||||
sbruder.machine.isVm = true;
|
||||
|
||||
boot = {
|
||||
kernelModules = [ ];
|
||||
extraModulePackages = [ ];
|
||||
|
@ -65,7 +67,4 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
# no smart on virtual disk
|
||||
services.smartd.enable = false;
|
||||
}
|
||||
|
|
|
@ -11,7 +11,6 @@
|
|||
};
|
||||
"arbeitskampf.work".user = {
|
||||
name = "arbeitskampf";
|
||||
keys = config.sbruder.pubkeys.trustedKeys;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -17,15 +17,18 @@
|
|||
./services/murmur.nix
|
||||
./services/password-hash-self-service.nix
|
||||
./services/prometheus.nix
|
||||
./services/psycho-power-papagei.de
|
||||
./services/sbruder.xyz
|
||||
./services/schabernack.nix
|
||||
];
|
||||
|
||||
sbruder = {
|
||||
nginx.hardening.enable = true;
|
||||
restic.system.enable = true;
|
||||
restic.system = {
|
||||
enable = true;
|
||||
prune = true;
|
||||
};
|
||||
wireguard.home.enable = true;
|
||||
infovhost.enable = true;
|
||||
};
|
||||
|
||||
networking.hostName = "renge";
|
||||
|
|
|
@ -5,6 +5,8 @@
|
|||
(modulesPath + "/profiles/qemu-guest.nix")
|
||||
];
|
||||
|
||||
sbruder.machine.isVm = true;
|
||||
|
||||
boot = {
|
||||
kernelModules = [ ];
|
||||
extraModulePackages = [ ];
|
||||
|
@ -66,7 +68,4 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
# no smart on qemu disk
|
||||
services.smartd.enable = false;
|
||||
}
|
||||
|
|
|
@ -5,6 +5,7 @@ invidious-extra-settings: ENC[AES256_GCM,data:bThgfyu5ESIyTLD7Q09Qici9ZZw/QYfCyB
|
|||
murmur-superuser: ENC[AES256_GCM,data:hPuMK8wbqD/3qKXQbOActq/VJZ+6jFlddQ==,iv:68ZhkpkfxakCOYxFXkCSP/sBamETeSs4CGTRaoBS6co=,tag:5UuYCxDiJ6e2CXjDV5/5yA==,type:str]
|
||||
netbox-secret-key: ENC[AES256_GCM,data:lOE95j6CGkbfJQTLeG41g3BPKNhm0arqxIGAzwvXQyeZLBauAdqufQGKD7D4kPNzdZs=,iv:6HWXEr6Ju4IywP+2jpuTfER/bYI2oUgMSZEJCkq4XX8=,tag:TPD5TTr4Sew8lxPS5WIu5Q==,type:str]
|
||||
prometheus-htpasswd: ENC[AES256_GCM,data:tiewfUfpvrmbrgk6AsBdiP4ng4TqG5UYf1mFcWOzuk8oO55rfZu+Naummz5RRYhJZil43nHFvn5LfIWkJv+CyPMZjpj7xRp4vb4/OCCAFjEzHhrzYVBYNkHM+ZLUTewEXuPVtZ6CZ5uviTExLN2V1moG3ExJdIoyUD16qh4=,iv:SkH609VxIVKJLmHUUNzICEjxHSyjLdwXfw0b7iU6png=,tag:BfNGcUZmk9ZXUvhoQZn6iQ==,type:str]
|
||||
restic-ssh-key: ENC[AES256_GCM,data:9quBzUwv4qylVzESG94wSgzvuodSDM/smPh0j+LYJjXwEN1xksBIW2/Jv0XmF3Q+AWUF/C/lA2jteI3Mf6Pmn7zlqa3H7GwH8Os6/arQI3ywH2dHQLAFxgST2J0AlLGeZcJbntxW0buYw+Rz3q5Jbo+Wo9tQo+2EVvqX320qWBsEwinnahbUhZym3fipyE9g6JxGa3OFGiIn6JAQhst63WgpOfehQsAYu2bdW1gLrgFtURzDQQRQ28RxeD+nMUWRpQcq5GrX2rfSA7sengfQbmP3Ln1atp1YXctTalHsj+n4photBqLz6OfLaFKBqbdKRbinUgVAEarAocEOKk/qf1C6LS8yKjV9Mh/tKeCJQrCI/AccEP5DfMNqdRaWjoQxvjBRKaupPE7Rcuja++K/jm24nP9J8WDcrRSm0tlrVq2JnPHxJv+eUsZoGkvpyOs9AkTG1H2BCckYS5ZG4atjKoBfUvc3CitPNmPZcjSkPrkdRMZbu1BWR+cixFH9rFAUvVIn+e7sWGnqMA8xGXZS,iv:rLOTtmIFP7rwF9JY9ardO9pNqNh1uaobHKtQaGwSuGk=,tag:pCd4ZV0FjfD18qj9oQ236Q==,type:str]
|
||||
synapse-registration-shared-secret: ENC[AES256_GCM,data:qwUjGPINIuBC3KYqMPmnU3l9uJ85DJsJFixvTFQTSuR+fcq6DEjx03Xk41ff7NJftAi+Gt0QLdqKp+viJfW7eU6iHKyfcgPE/nj46UECCWLM8HISxPFQ9IrP+DIo02k=,iv:C9jhBPexth+gnAs6+DBtEmP2qsWZoKmgw6ILbtXUScA=,tag:M3U+03I0Bj8Nhuu4GB98xw==,type:str]
|
||||
synapse-turn-shared-secret: ENC[AES256_GCM,data:9MAsVAEnoF703p1enN70BXqlKZWacYmPCL25CNGdapZulGbMF5rAbpLxkJ3JiBNBYQt+DXSSb6zcmsT6yIqQZ4lW04lwtFV0RPJLfbfW9vUJQ3Bi5NUF,iv:keDUMEeintOwbBQzHHqVl8EFyQC1zqKG2LDvnBFSBxE=,tag:ymSwjZ+qC5kLIxMxlxwcAQ==,type:str]
|
||||
turn-static-auth-secret: ENC[AES256_GCM,data:HyFKdLn9yClXwVGv4/UcC5QfnqjTK2ui43/SRJiJYC7soP+BZnbtCTFkVe04H2smRQQi9ftrXLWQQx5DdGZxpg==,iv:tIwZcq4pVzWa1bl7zX/YsEuaVCyDenJnPGL0RhF9lmg=,tag:ddXaLQ3U990eupAHLyXx6w==,type:str]
|
||||
|
@ -15,8 +16,8 @@ sops:
|
|||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2023-12-31T13:31:26Z"
|
||||
mac: ENC[AES256_GCM,data:oCTMqcPQ2uADn0tpFpPLBT/4xF/PCYsquxXLPfYh4cPbmiHaQxbouxnLHYmnaIsnq/OeTGffx7/hVgeX64U5NLfLlHUoejqkINwdAbXVJ5EatbE5tRGvtYiaEPK4nhBPfEwHP7WCxiK9LCNFvsmQlO/LJt+ofy/SszI/if6/SZ4=,iv:6/MKaG4AKLMgKQ+eC2sRZqG8HyI12JUie3EBeWiaVuA=,tag:aeEMicIGQ4ScWJMOfzZZnQ==,type:str]
|
||||
lastmodified: "2024-01-10T18:29:17Z"
|
||||
mac: ENC[AES256_GCM,data:jsYCPL7/AFxg9mRM/mKhwiy4eH6ZGMyCCSBu+jSfIk/T8RSd9zh0AZ/p5rAwfbW20AzetivzRB4bSgcymLIcCr900EQLdPIuaZgxeGcbZ80N/7I0zF4u8K8oa1pKhyr1UUj48XjL55IdvVOsyvfq/I/KSbIbO7+fBHeQ51crCeo=,iv:CNmKwvZ61PdeyOvGP7elm/yvokll//fiKxdWFe2cfPo=,tag:PVQRV0G3VtBsD0tk34DHig==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-12-31T13:31:08Z"
|
||||
enc: |-
|
||||
|
|
|
@ -70,6 +70,7 @@ in
|
|||
"okarin.vpn.sbruder.de:9100"
|
||||
"shinobu.vpn.sbruder.de:9100"
|
||||
"nazuna.vpn.sbruder.de:9100"
|
||||
"yuzuru.vpn.sbruder.de:9100"
|
||||
];
|
||||
relabel_configs = lib.singleton {
|
||||
target_label = "instance";
|
||||
|
|
|
@ -1,21 +0,0 @@
|
|||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
services.nginx.virtualHosts = {
|
||||
"psycho-power-papagei.de" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
|
||||
root = ./.;
|
||||
|
||||
locations = {
|
||||
"/imprint/".alias = "${pkgs.sbruder.imprint}/";
|
||||
};
|
||||
};
|
||||
"www.psycho-power-papagei.de" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
globalRedirect = "psycho-power-papagei.de";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,28 +0,0 @@
|
|||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>Psycho-Power-Papagei</title>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<link href="style.css" rel="stylesheet">
|
||||
</head>
|
||||
<body>
|
||||
<main>
|
||||
<img id="parrot-landscape" src="parrot-landscape.jpg">
|
||||
<img id="parrot-portrait" src="parrot-portrait.jpg">
|
||||
<div id="quote">
|
||||
<p id="quote-body"><noscript><code>[] + {} === '[object Object]'</code></noscript></p>
|
||||
<span id="quote-attribution"><noscript>Satz des Pythagoras</noscript></span>
|
||||
</div>
|
||||
</main>
|
||||
<footer>
|
||||
<ul>
|
||||
<li><a href="/imprint/">Impressum</a></li>
|
||||
<li>Zitate: © Ullstein Buchverlage</li>
|
||||
<li id="attribution-landscape">Photo by <a href="https://unsplash.com/photos/uH7YCla3oVE">Yorman Tamayo on Unsplash</a></li>
|
||||
<li id="attribution-portrait">Photo by <a href="https://unsplash.com/photos/vzVWYIr6F8U">Dmitry Chernyshov on Unsplash</a></li>
|
||||
</ul>
|
||||
</footer>
|
||||
<script src="script.js"></script>
|
||||
</body>
|
||||
</html>
|
BIN
machines/renge/services/psycho-power-papagei.de/parrot-landscape.jpg (Stored with Git LFS)
BIN
machines/renge/services/psycho-power-papagei.de/parrot-landscape.jpg (Stored with Git LFS)
Binary file not shown.
BIN
machines/renge/services/psycho-power-papagei.de/parrot-portrait.jpg (Stored with Git LFS)
BIN
machines/renge/services/psycho-power-papagei.de/parrot-portrait.jpg (Stored with Git LFS)
Binary file not shown.
|
@ -1,111 +0,0 @@
|
|||
const quotes = [
|
||||
{
|
||||
quote: "Mein großer Lehrmeister sagte letztens auf einer Wanderung im Himalaya zu mir: »Um die Ängste anderer manipulieren zu können, musst du zuerst lernen, deine eigenen zu beherrschen, Bruce!« Darum werde ich jede Nacht zum Psycho-Power-Papagei!",
|
||||
attribution: "Austrian Psycho",
|
||||
},
|
||||
{
|
||||
quote: "Das klingt irgendwie nach Hitler.",
|
||||
attribution: "Das Känguru",
|
||||
},
|
||||
{
|
||||
quote: "Aha. Ich habe das Gefühl, Sie fragen sich, was meine Spezialfähigkeit ist.",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Aha. Ich empfinde von Ihrer Seite eine negative Einstellung. Eine Art »Och nöö …«.",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Aha. Und dieses Känguru … hören Sie nur dessen Stimme oder können Sie es auch sehen?",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Aha. Und dieses Känguru … springt das vielleicht gerade hier im Zimmer herum?",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Es hat gesagt, ’ne Therapie is nur was für Systemopfer, es habe keine Psychomacken, und ich solle ruhig allein zum Kopfdoktor.",
|
||||
attribution: "Kai-Dieter Kling",
|
||||
},
|
||||
{
|
||||
quote: "Ich weiß echt nicht, was ich hier soll! Ich bin ja hier nicht das Systemopfer mit der Psychomacke.",
|
||||
attribution: "Das Känguru",
|
||||
},
|
||||
{
|
||||
quote: "Doch, doch. Ich lebe ja selbst mit einem Gnu zusammen.",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Der hat ja ’nen Kopfdoktor noch nötiger als du.",
|
||||
attribution: "Das Känguru",
|
||||
},
|
||||
{
|
||||
quote: "Etwas tritt dir gleich in den Arsch, wenn du dich weiter aufführst wie ein Irrer.",
|
||||
attribution: "Das Känguru",
|
||||
},
|
||||
{
|
||||
quote: "Ich bin ein Vogel! Ein lieblicher kleiner Vogel! Tschilp, tschilp, tschilp, tschilp.",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Ich bin kein Psychiater. Ich bin Psychoanalytiker",
|
||||
attribution: "Kai-Dieters Psychiater",
|
||||
},
|
||||
{
|
||||
quote: "Ich will nur hören, wie er Titellieder von Kinderserien singt",
|
||||
attribution: "Das Känguru",
|
||||
},
|
||||
{
|
||||
quote: "Sie beeinträchtigen leider stark die Konzentrationsfähigkeit aber unter uns, ich höre sowieso nie richtig zu, sondern sage immer nur »Aha«, denn wie alle interessiert auch mich das, was mein Gegenüber zu sagen hat, viel weniger als das, was ich zu sagen habe.",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Aha. Haben Sie es schon mal mit Alkohol versucht?",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Ich nenne Ihnen jetzt spontan drei Wörter Bitte merken Sie sich diese Wörter. Ich werde sie am Ende der Sitzung nach diesen drei Wörtern fragen. Keine Sorge. Nur ein Standardtest. Also, hier die drei Wörter: Äh … Suppe, … äh … Salat, … äh … äh … Schnitzel.",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Ich darf nicht mit Patienten ausgehen. Aber das Angebot schmeichelt.",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Aha. Der Pinguin … Vielleicht war ich etwas voreilig mit dem Wort »geheilt«. Sagen wir, es geht Ihnen besser …",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Aha. Sagen wir, es geht Ihnen etwas schlechter. Der Messias?",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Nun gut. Sagen wir, Ihr Zustand hat sich massiv verschlechtert.",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Ich muss gestehen, ich war ja kurz nach Ihren letzten Besuchen selber längere Zeit in Behandlung …",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Ich hatte keine Mutter. Ich bin ein Waisenkind.",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Verstehen Sie nicht? In meiner Erinnerung mach ich mir die Welt, widdewiddewie sie mir gefällt. Jeder Mensch macht das, die meisten leider nur unbewusst. Mit professioneller Hilfe aber kann Ihre Kindheit zu einer Astrid-Lindgren-Geschichte werden. Immer wenn bei mir sehr unangenehme Erinnerungen hochkommen, singe ich zum Beispiel ganz laut Titellieder von Kinderserien. Das lenkt mich ab.",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
{
|
||||
quote: "Ich denke, wir sollten die Sitzung an dieser Stelle unterbrechen. Nächstes Mal reden wir dann über Ihre Gefühle für mich.",
|
||||
attribution: "Psycho-Power-Papagei",
|
||||
},
|
||||
]
|
||||
|
||||
document.addEventListener("DOMContentLoaded", () => {
|
||||
const randomIndex = Math.floor(Math.random() * quotes.length)
|
||||
const randomQuote = quotes[randomIndex]
|
||||
let quoteBodyEl = document.getElementById("quote-body")
|
||||
let quoteAttributionEl = document.getElementById("quote-attribution")
|
||||
quoteBodyEl.innerHTML = randomQuote.quote
|
||||
quoteAttributionEl.innerHTML = randomQuote.attribution
|
||||
})
|
|
@ -1,94 +0,0 @@
|
|||
body {
|
||||
font-family: -apple-system, "Segoe UI", system-ui, Roboto, "Helvetica Neue", Arial, "Noto Sans", "Liberation Sans", sans-serif;
|
||||
margin: 0px;
|
||||
|
||||
min-height: 100vh;
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
}
|
||||
|
||||
main {
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
}
|
||||
|
||||
#quote {
|
||||
width: 100%;
|
||||
text-align: center;
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
justify-content: center;
|
||||
}
|
||||
|
||||
#quote-body {
|
||||
margin: 1rem;
|
||||
font-size: 2rem;
|
||||
}
|
||||
|
||||
@media (max-aspect-ratio: 4/3) {
|
||||
img#attribution-landscape {
|
||||
display: none;
|
||||
}
|
||||
|
||||
img#parrot-landscape {
|
||||
display: none;
|
||||
}
|
||||
|
||||
footer {
|
||||
margin-top: auto;
|
||||
font-size: 0.75rem;
|
||||
}
|
||||
|
||||
#attribution-landscape {
|
||||
display: none;
|
||||
}
|
||||
}
|
||||
|
||||
@media (min-aspect-ratio: 4/3) {
|
||||
main {
|
||||
flex-direction: row;
|
||||
height: 100vh;
|
||||
}
|
||||
|
||||
img#parrot-portrait {
|
||||
display: none;
|
||||
}
|
||||
|
||||
img#parrot-landscape {
|
||||
height: 100%;
|
||||
}
|
||||
|
||||
#attribution-portrait {
|
||||
display: none;
|
||||
}
|
||||
|
||||
footer {
|
||||
position: absolute;
|
||||
bottom: 0px;
|
||||
left: 0px;
|
||||
right: 0px;
|
||||
|
||||
margin-top: auto;
|
||||
background: rgba(0,0,0,0.5);
|
||||
box-shadow: 0px 0px 10px 10px rgba(0,0,0,0.5);
|
||||
|
||||
color: white;
|
||||
}
|
||||
|
||||
footer a {
|
||||
color: inherit;
|
||||
}
|
||||
}
|
||||
|
||||
footer ul {
|
||||
list-style: none;
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
footer ul li {
|
||||
display: inline;
|
||||
}
|
||||
|
||||
footer ul li:not(:first-child)::before {
|
||||
content: "· "
|
||||
}
|
|
@ -46,7 +46,7 @@ in
|
|||
locations = {
|
||||
"/imprint/".alias = "${pkgs.sbruder.imprint}/";
|
||||
"/transparency/" = {
|
||||
alias = "${./transparency}/";
|
||||
alias = "/var/www/transparency/";
|
||||
extraConfig = ''
|
||||
autoindex on;
|
||||
charset utf-8;
|
||||
|
|
|
@ -1,38 +0,0 @@
|
|||
Направляется уведомление о внесении в «Единый реестр доменных имен, указателей страниц сайтов в сети «Интернет» и сетевых адресов, позволяющих идентифицировать сайты в сети «Интернет», содержащие информацию, распространение которой в Российской Федерации запрещено» следующего(их) указателя (указателей) страницы (страниц) сайта в сети «Интернет»: https://nitter.sbruder.xyz/ks1v/status/1439866313476689924 .
|
||||
|
||||
В случае непринятия провайдером хостинга и (или) владельцем сайта мер по удалению запрещенной информации и (или) ограничению доступа к сайту в сети «Интернет», будет принято решение о включении в единый реестр сетевого адреса, позволяющего идентифицировать сайт в сети «Интернет», содержащий информацию, распространение которой в Российской Федерации запрещено, а доступ к нему будет ограничен.
|
||||
|
||||
Сведения о включении доменных имен, указателей страниц сайтов сети «Интернет» и сетевых адресов доступны круглосуточно в сети «Интернет» по адресу http://eais.rkn.gov.ru .
|
||||
|
||||
С уважением,
|
||||
ФЕДЕРАЛЬНАЯ СЛУЖБА ПО НАДЗОРУ В СФЕРЕ СВЯЗИ, ИНФОРМАЦИОННЫХ ТЕХНОЛОГИЙ И МАССОВЫХ КОММУНИКАЦИЙ.
|
||||
|
||||
-----------------------------------------------------------
|
||||
Запущено официальное мобильное приложение РОСКОМНАДЗОРА.
|
||||
Посредством мобильного приложения возможно:
|
||||
1. Подать жалобу в «Единый реестр запрещенной информации» на обнаруженный в сети «Интернет» запрещенный контент;
|
||||
2. Проверить ограничение доступа к интернет-ресурсам;
|
||||
3. Получить оповещение о внесении в «Единый реестр запрещенной информации» интернет-ресурса в случае, если Вы являетесь его владельцем или провайдером хостинга.
|
||||
Мобильное приложение можно скачать по следующим ссылкам:
|
||||
https://apps.apple.com/ru/app/ркн/id1511970611
|
||||
https://play.google.com/store/apps/details?id=org.rkn.ermp
|
||||
|
||||
|
||||
|
||||
It is notice of making an entry into the "Unified register of domain names, Internet web-site page links and network addresses enabling to identify the Internet web-sites containing the information prohibited for public distribution in the Russian Federation” the Internet web-site page (s) link (s): https://nitter.sbruder.xyz/ks1v/status/1439866313476689924 .
|
||||
|
||||
In case the hosting provider and (or) the Internet web-site owner fail to take these measures, the network address enabling to identify Internet web-sites containing the information prohibited for distribution in the Russian Federation will be decided to be entered into the Register and access will be limited.
|
||||
|
||||
The information about entering the domain names, Internet web-site page links and network addresses into the Register shall be available on a 24-hour basis at the following Internet address: http://eais.rkn.gov.ru/en/ .
|
||||
|
||||
Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications (ROSKOMNADZOR).
|
||||
|
||||
-----------------------------------------------------------
|
||||
The official mobile application of ROSKOMNADZOR has been launched.
|
||||
Through the mobile application, it is possible to:
|
||||
1. Submit a complaint to the "Unified Register of Prohibited Information" about the prohibited content revealed on the Internet;
|
||||
2. Check the restriction of access to Internet resources;
|
||||
3. Get a notification on inclusion of an Internet resource into the" Unified Register of Prohibited Information " if you are its owner or hosting provider.
|
||||
The mobile app can be downloaded at the following links:
|
||||
https://apps.apple.com/ru/app/ркн/id1511970611
|
||||
https://play.google.com/store/apps/details?id=org.rkn.ermp
|
|
@ -1,38 +0,0 @@
|
|||
Направляется уведомление о внесении в «Единый реестр доменных имен, указателей страниц сайтов в сети «Интернет» и сетевых адресов, позволяющих идентифицировать сайты в сети «Интернет», содержащие информацию, распространение которой в Российской Федерации запрещено» следующего(их) указателя (указателей) страницы (страниц) сайта в сети «Интернет»: https://iv.sbruder.xyz/watch?v=NR57D2UVqm4 .
|
||||
|
||||
В случае непринятия провайдером хостинга и (или) владельцем сайта мер по удалению запрещенной информации и (или) ограничению доступа к сайту в сети «Интернет», будет принято решение о включении в единый реестр сетевого адреса, позволяющего идентифицировать сайт в сети «Интернет», содержащий информацию, распространение которой в Российской Федерации запрещено, а доступ к нему будет ограничен.
|
||||
|
||||
Сведения о включении доменных имен, указателей страниц сайтов сети «Интернет» и сетевых адресов доступны круглосуточно в сети «Интернет» по адресу http://eais.rkn.gov.ru .
|
||||
|
||||
С уважением,
|
||||
ФЕДЕРАЛЬНАЯ СЛУЖБА ПО НАДЗОРУ В СФЕРЕ СВЯЗИ, ИНФОРМАЦИОННЫХ ТЕХНОЛОГИЙ И МАССОВЫХ КОММУНИКАЦИЙ.
|
||||
|
||||
-----------------------------------------------------------
|
||||
Запущено официальное мобильное приложение РОСКОМНАДЗОРА.
|
||||
Посредством мобильного приложения возможно:
|
||||
1. Подать жалобу в «Единый реестр запрещенной информации» на обнаруженный в сети «Интернет» запрещенный контент;
|
||||
2. Проверить ограничение доступа к интернет-ресурсам;
|
||||
3. Получить оповещение о внесении в «Единый реестр запрещенной информации» интернет-ресурса в случае, если Вы являетесь его владельцем или провайдером хостинга.
|
||||
Мобильное приложение можно скачать по следующим ссылкам:
|
||||
https://apps.apple.com/ru/app/ркн/id1511970611
|
||||
https://play.google.com/store/apps/details?id=org.rkn.ermp
|
||||
|
||||
|
||||
|
||||
It is notice of making an entry into the "Unified register of domain names, Internet web-site page links and network addresses enabling to identify the Internet web-sites containing the information prohibited for public distribution in the Russian Federation” the Internet web-site page (s) link (s): https://iv.sbruder.xyz/watch?v=NR57D2UVqm4 .
|
||||
|
||||
In case the hosting provider and (or) the Internet web-site owner fail to take these measures, the network address enabling to identify Internet web-sites containing the information prohibited for distribution in the Russian Federation will be decided to be entered into the Register and access will be limited.
|
||||
|
||||
The information about entering the domain names, Internet web-site page links and network addresses into the Register shall be available on a 24-hour basis at the following Internet address: http://eais.rkn.gov.ru/en/ .
|
||||
|
||||
Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications (ROSKOMNADZOR).
|
||||
|
||||
-----------------------------------------------------------
|
||||
The official mobile application of ROSKOMNADZOR has been launched.
|
||||
Through the mobile application, it is possible to:
|
||||
1. Submit a complaint to the "Unified Register of Prohibited Information" about the prohibited content revealed on the Internet;
|
||||
2. Check the restriction of access to Internet resources;
|
||||
3. Get a notification on inclusion of an Internet resource into the" Unified Register of Prohibited Information " if you are its owner or hosting provider.
|
||||
The mobile app can be downloaded at the following links:
|
||||
https://apps.apple.com/ru/app/ркн/id1511970611
|
||||
https://play.google.com/store/apps/details?id=org.rkn.ermp
|
|
@ -30,7 +30,6 @@ in
|
|||
./dnsmasq.nix
|
||||
./nft.nix
|
||||
./tc.nix
|
||||
#./wlan.nix
|
||||
];
|
||||
|
||||
boot.kernel.sysctl = {
|
||||
|
|
|
@ -1,65 +0,0 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
sops.secrets.hostapd-config = {
|
||||
sopsFile = ../../secrets.yaml;
|
||||
};
|
||||
|
||||
# The service is mostly taken from nixpkgs pr 222536.
|
||||
systemd.services.hostapd = {
|
||||
path = with pkgs; [ hostapd ];
|
||||
after = [ "sys-subsystem-net-devices-wlp5s0.device" ];
|
||||
bindsTo = [ "sys-subsystem-net-devices-wlp5s0.device" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.hostapd}/bin/hostapd ${config.sops.secrets.hostapd-config.path}";
|
||||
Restart = "always";
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
RuntimeDirectory = "hostapd";
|
||||
|
||||
# Hardening
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
DevicePolicy = "closed";
|
||||
DeviceAllow = "/dev/rfkill rw";
|
||||
NoNewPrivileges = true;
|
||||
PrivateUsers = false; # hostapd requires true root access.
|
||||
PrivateTmp = true;
|
||||
ProtectClock = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectProc = "invisible";
|
||||
ProcSubset = "pid";
|
||||
ProtectSystem = "strict";
|
||||
RestrictAddressFamilies = [
|
||||
"AF_INET"
|
||||
"AF_INET6"
|
||||
"AF_NETLINK"
|
||||
"AF_UNIX"
|
||||
];
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [
|
||||
"@system-service"
|
||||
"~@privileged"
|
||||
"@chown"
|
||||
];
|
||||
UMask = "0077";
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
iw
|
||||
wirelesstools
|
||||
];
|
||||
|
||||
|
||||
# Wireless
|
||||
boot.kernelModules = [ "nl80211" ];
|
||||
}
|
|
@ -15,6 +15,7 @@
|
|||
restic.system.enable = true;
|
||||
wireguard.home.enable = true;
|
||||
full = false;
|
||||
infovhost.enable = true;
|
||||
|
||||
mailserver = {
|
||||
enable = true;
|
||||
|
|
|
@ -5,6 +5,8 @@
|
|||
(modulesPath + "/profiles/qemu-guest.nix")
|
||||
];
|
||||
|
||||
sbruder.machine.isVm = true;
|
||||
|
||||
boot = {
|
||||
kernelParams = [ "ip=dhcp" ];
|
||||
initrd = {
|
||||
|
@ -45,7 +47,4 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
# no smart on qemu disk
|
||||
services.smartd.enable = false;
|
||||
}
|
||||
|
|
Binary file not shown.
|
@ -0,0 +1,18 @@
|
|||
# yuzuru
|
||||
|
||||
## Hardware
|
||||
|
||||
[Strato VPS Entry Linux VC1-1](https://www.strato.de/server/linux-vserver/mini-vserver/) (1 AMD EPYC Milan vCPU, <1 GiB RAM, 30 GiB SSD).
|
||||
|
||||
## Purpose
|
||||
|
||||
It will host services I want to have separated from the rest of my infrastructure.
|
||||
|
||||
## Name
|
||||
|
||||
Yuzuru Nishimiya is a character from *A Silent Voice*
|
||||
|
||||
## Setup
|
||||
|
||||
The setup is very similar to that of `okarin`,
|
||||
please see the description there.
|
|
@ -0,0 +1,26 @@
|
|||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
../../modules
|
||||
|
||||
./services/static-sites.nix
|
||||
];
|
||||
|
||||
sbruder = {
|
||||
nginx.hardening.enable = true;
|
||||
full = false;
|
||||
wireguard.home.enable = true;
|
||||
infovhost.enable = true;
|
||||
};
|
||||
|
||||
networking.hostName = "yuzuru";
|
||||
|
||||
system.stateVersion = "23.11";
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
80
|
||||
443
|
||||
];
|
||||
}
|
|
@ -0,0 +1,69 @@
|
|||
{ lib, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
(modulesPath + "/profiles/qemu-guest.nix")
|
||||
];
|
||||
|
||||
sbruder.machine.isVm = true;
|
||||
|
||||
boot = {
|
||||
kernelModules = [ ];
|
||||
extraModulePackages = [ ];
|
||||
kernelParams = [ "ip=dhcp" ];
|
||||
initrd = {
|
||||
availableKernelModules = [ "aesni_intel" "ahci" "sd_mod" "sr_mod" "virtio_net" "virtio_pci" "xhci_pci" ];
|
||||
kernelModules = [ ];
|
||||
network = {
|
||||
enable = true; # remote unlocking
|
||||
# For some reason, the DHCP server does not transmit the static route to the gateway in a form udhcpc understands.
|
||||
# This works around this, but is arguably quite hacky.
|
||||
postCommands = ''
|
||||
ip route add 85.215.73.1 dev eth0
|
||||
ip route add default via 85.215.73.1 dev eth0
|
||||
'';
|
||||
};
|
||||
luks.devices."root".device = "/dev/disk/by-uuid/d166ff83-dcc6-4700-95b5-bffae202d985";
|
||||
};
|
||||
loader.grub.device = "/dev/vda";
|
||||
};
|
||||
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/disk/by-uuid/3c91488f-0505-4df6-bf76-96a539dcc27a";
|
||||
fsType = "btrfs";
|
||||
options = [ "compress=zstd" "discard" "noatime" "ssd" ]; # for some reason, the kernel assumes rotational
|
||||
};
|
||||
"/boot" = {
|
||||
device = "/dev/disk/by-uuid/f271b335-9174-47a9-bcca-04ce59ce5708";
|
||||
fsType = "ext2";
|
||||
};
|
||||
};
|
||||
|
||||
swapDevices = [
|
||||
{
|
||||
device = "/dev/disk/by-partuuid/5edbf393-b83e-4d3f-82d1-f07870df40ed";
|
||||
randomEncryption.enable = true;
|
||||
}
|
||||
];
|
||||
|
||||
zramSwap = {
|
||||
enable = true;
|
||||
memoryPercent = 150;
|
||||
};
|
||||
|
||||
networking = {
|
||||
useDHCP = false;
|
||||
usePredictableInterfaceNames = false;
|
||||
};
|
||||
systemd.network = {
|
||||
enable = true;
|
||||
networks = {
|
||||
eth0 = {
|
||||
name = "eth0";
|
||||
DHCP = "yes";
|
||||
domains = [ "sbruder.de" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,52 @@
|
|||
wg-home-private-key: ENC[AES256_GCM,data:0ylkx9p62CBGqVg+T52eHbMwbLcZM/v3tg/wJukDq76heN1TtQqbbqgVZKc=,iv:/aUkqKhihnBWQFLIRjS7kHigBCBXX7L4KY5q+cO9Q00=,tag:jQSMVElMfIyrG5hs7HuxUQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2024-01-02T22:37:47Z"
|
||||
mac: ENC[AES256_GCM,data:oBfM/DF/TfWJIW1VlvZ4Z+vBQxCmHm8J83pjILtHFBwU14f1H09iIsswY1xyAwO9wO3cttf4xjrSa6mGGUyQFqLdEzj8z/JkCm1vwpLZQW+j8FpRjH1ryyE6G/3eS5tboUZgmAwBPDsulJr3NBi121RHhZvWf1dv2T/J5IcZMxI=,iv://TpDpO8tNaibh8ABqE1AT6CPK62rtUZiFmYP9ST3MA=,tag:5SErG/jDycIdxX3ABOcsow==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-01-02T22:37:37Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAwDgSONkM+d4ARAA1V2B8s1NyyJFa+nbKo2sFoubX9OKNYkzib6uvjs2eiOp
|
||||
XuUsqxYZrUXCjwvWpvb9GT4neBV68mqVZMwkt6qQuiwyxSdrx+G8qKT5do0gjwmm
|
||||
BTjOlJnUAWKn5/kzJKG9Yb+RiQZD2rV5/xj6roImCLt6lg97howP5n5PNO+TcDM0
|
||||
0Mz2vJJHbKEgeIjnRPG3MB5IS3WFHkmSe0jBIKXRFuiP9bdVgPAaoXk1v3KmeO3i
|
||||
c2BDOxLWjq4kHzAT/GIRQJxA4/8f6vMVfUlepmhL2jUmw72WrfSC2EfZeWnlm1np
|
||||
M/kAVU+Gd+d2fzv9f+Ut+K8Id5vBDANlp7m5KVJV0howrCxaV/TZ9kiReWpePP8U
|
||||
4EDx2cVi/FDlnDJEr6qDfYZ5bguYeTD0X6c8IK8r6NlWPbQD7W6cvHto71EtXKqG
|
||||
R2XZYVbsRGufNLeNUCcfz1ev+x6Ix9VqsDzkwUFfgXMS4FavQ84TzJV9Z0zhRCme
|
||||
yFGD8lW6LliUxUF5YDRqiceJdDV7Nx+TRIRXXNJq4Fid7b1M+7fdI0JlU3xTPqwm
|
||||
kZFfgAAwt1ji0AtGd4khC30XSr29V3YjqX1ow0wYJ9rYEhnrexS+/iOJvygQ1AcZ
|
||||
nzajsK7dHidC9RNpr2PHqL46KtoksdoL4DT80uT+mwevb8w2wG949WQ+KJOlez3S
|
||||
XAH0NywA6R4KaW6fOShYtL0nDPfYOCm31t4sWpQfxJSQt/6p2fDobbz4q5tTQfjf
|
||||
/Zq8fstojMtM8C5eur4ASa9H8dckRW6Lk/VzsW3u2tP3rl3js1eumcvYumLK
|
||||
=bwxH
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 47E7559E037A35652DBBF8AA8D3C82F9F309F8EC
|
||||
- created_at: "2024-01-02T22:37:37Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMA2Sedw7G6hbkAQ//Y+ZDDXUxCRqwjTWRz9uoIHcQBrCI2LhecCt8uWRMXbyV
|
||||
q/HaDIjYO5fLrpZ8HGzS4C9B5QH3Vr0yzbGR6l3i77W1FpzY0KYQ5jicttQ56rDL
|
||||
n3APgqBL8sdcq90Hs9iqG4AA9/QhCIupzG18BQ8zWCqJ/2uMx2ddRYxxa3FEgCdi
|
||||
1C0wH2kLlZT7aRH7OlKFbX8QABpGEvBQpG456XghsX92wXou/pJfcrgqh9H0Px+i
|
||||
5kvcSHERq97+2DIQYcck9DfZ6Pf2lfnoM3f2c7Ln3OeaPrnl5wLPrIP/KQBLd8AC
|
||||
6hU8zrsTM4dSSopXnAjc9PEi4kmfLwrcZiokw5kjfaolyRilX8V6+ewaWF6jK2Yo
|
||||
IwsQ09ElGzfXmmkqMrUEGnWr55WZgvDXABMwTr9VwIej47ef1HcqNxwmFe37XndA
|
||||
UDfJ+GUGOkqLBLpamhHp/A/UM8+wrUZIOXJWsJdpP5194wKXBD0zjd+HMxfq+RTk
|
||||
4ICLChn2+MzU58V8FP9WRdYOLQWcHVAfBP8zba9zFf/FCnHrXQjv9lwadYQ8YkhN
|
||||
uSzPB5yvzfa1YOl7PXDn/5EBu5WYGxdTNHouP1hbk8Nxmt37+0VCMDgkUln6qans
|
||||
5FzmAlrFHTX/887d1rP2Rc2HT58Qmgou355UmnkjxMWH6b5WSOo5p+KEHkHwW+7S
|
||||
VgF5p8vBWd9cISMG5aetMpyBwhZAcx5XTXV74pJ8Zc15B0mYvz+BcYM+1Nlqdp0g
|
||||
NVpa3jISybMeGqkbeQmjoT05J5REmYszhGg6SEMyuiLrC64lwDy9
|
||||
=A8pI
|
||||
-----END PGP MESSAGE-----
|
||||
fp: a1ee5bc0249163a047440ef2649e770ec6ea16e4
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
|
@ -0,0 +1,23 @@
|
|||
{
|
||||
services.nginx.virtualHosts = {
|
||||
"brennende.autos" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
|
||||
locations."~ .*".return = "303 'https://iv.sbruder.xyz/watch?v=ojToYs6nCnk&t=1684'";
|
||||
};
|
||||
"www.brennende.autos" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
|
||||
globalRedirect = "https://brennende.autos/";
|
||||
};
|
||||
};
|
||||
|
||||
sbruder.static-webserver.vhosts = {
|
||||
"psycho-power-papagei.de" = {
|
||||
user.name = "papagei";
|
||||
imprint.enable = true;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -13,6 +13,13 @@
|
|||
};
|
||||
trusted = (lib.mkEnableOption "the trusted status of this machine (i.e. encrypted root)") // { default = true; };
|
||||
gui.enable = lib.mkEnableOption "gui";
|
||||
machine = {
|
||||
isVm = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
description = "Whether this machine is a virtual machine.";
|
||||
default = false;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# All modules are imported but non-essential modules are activated by
|
||||
|
@ -28,6 +35,7 @@
|
|||
./games.nix
|
||||
./grub.nix
|
||||
./gui.nix
|
||||
./infovhost.nix
|
||||
./initrd-ssh.nix
|
||||
./locales.nix
|
||||
./logitech.nix
|
||||
|
@ -87,8 +95,6 @@
|
|||
# command-not-found does not work without channels
|
||||
programs.command-not-found.enable = false;
|
||||
|
||||
# Hard drive monitoring
|
||||
services.smartd.enable = lib.mkDefault true;
|
||||
# Network monitoring
|
||||
services.vnstat.enable = true;
|
||||
environment.etc."vnstat.conf".text = ''
|
||||
|
@ -146,8 +152,11 @@
|
|||
'';
|
||||
};
|
||||
}
|
||||
(lib.mkIf config.sbruder.full {
|
||||
services.fwupd.enable = true;
|
||||
(lib.mkIf (!config.sbruder.machine.isVm) {
|
||||
# Hard drive monitoring
|
||||
services.smartd.enable = lib.mkDefault true;
|
||||
# Firmware updates
|
||||
services.fwupd.enable = lib.mkDefault true;
|
||||
})
|
||||
(lib.mkIf (!config.sbruder.full) {
|
||||
documentation.enable = lib.mkDefault false;
|
||||
|
|
|
@ -0,0 +1,34 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.sbruder.infovhost;
|
||||
in
|
||||
{
|
||||
options.sbruder.infovhost = {
|
||||
enable = lib.mkEnableOption "a vhost displaying legal and/or technical information on the domain of the machine";
|
||||
domain = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default =
|
||||
if (!(isNull config.networking.domain))
|
||||
then config.networking.domain
|
||||
else "sbruder.de";
|
||||
description = "The domain part of the fqdn.";
|
||||
};
|
||||
fqdn = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "${config.networking.hostName}.${cfg.domain}";
|
||||
description = "The fqdn the vhost should listen on.";
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.nginx.enable = true;
|
||||
services.nginx.virtualHosts."${cfg.fqdn}" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
|
||||
default = true;
|
||||
|
||||
root = pkgs.sbruder.imprint;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,19 +1,17 @@
|
|||
document.addEventListener('DOMContentLoaded', () => {
|
||||
function humanFileSize(bytes) {
|
||||
const thresh = 1024
|
||||
if(Math.abs(bytes) < thresh) {
|
||||
return bytes + ' B'
|
||||
}
|
||||
const units = ['KiB','MiB','GiB','TiB','PiB','EiB','ZiB','YiB']
|
||||
var u = -1
|
||||
do {
|
||||
bytes /= thresh
|
||||
++u
|
||||
} while(Math.abs(bytes) >= thresh && u < units.length - 1)
|
||||
return bytes.toFixed(1)+' '+units[u]
|
||||
function humanFileSize(size) {
|
||||
if (size === 0) {
|
||||
return "0 B";
|
||||
}
|
||||
if (size < 0) {
|
||||
return null;
|
||||
}
|
||||
const base = Math.floor(Math.log2(size) / 10)
|
||||
const unit = ["B", "KiB", "MiB", "GiB", "TiB"][base]
|
||||
const relative = size / 2**(10*base)
|
||||
return relative.toFixed(3) + " " + unit
|
||||
}
|
||||
|
||||
|
||||
function textToA(line) {
|
||||
let outerElement = document.createElement('div')
|
||||
outerElement.innerHTML = line
|
||||
|
|
|
@ -75,5 +75,13 @@
|
|||
hostNames = [ "[nazuna.sbruder.de]:2222" ];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN/VDiagTEI5BIjTrPRkGWAH3YurcMEV8i6Q8PSnxlg3";
|
||||
};
|
||||
yuzuru = {
|
||||
hostNames = [ "yuzuru" "yuzuru.sbruder.de" "yuzuru.vpn.sbruder.de" ];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFXCG8Dck3bELx7NaKgDnFAUjO/o1iEnq0VT5dZ2P/+m";
|
||||
};
|
||||
yuzuru-initrd = {
|
||||
hostNames = [ "[yuzuru.sbruder.de]:2222" ];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAcvbbHSK7x9t0Jpr4L55RTC4WRNJIgKZ1B+99PhpSX8";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -25,6 +25,14 @@ in
|
|||
};
|
||||
keys = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = config.sbruder.pubkeys.trustedKeys;
|
||||
};
|
||||
};
|
||||
imprint = {
|
||||
enable = lib.mkEnableOption "a location making the imprint available";
|
||||
location = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "/imprint/";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -55,11 +63,16 @@ in
|
|||
(lib.mapAttrsToList
|
||||
(primaryDomain: vhostCfg:
|
||||
({
|
||||
${primaryDomain} = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
root = vhostCfg.root;
|
||||
};
|
||||
${primaryDomain} = lib.mkMerge [
|
||||
{
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
root = vhostCfg.root;
|
||||
}
|
||||
(lib.mkIf vhostCfg.imprint.enable {
|
||||
locations.${vhostCfg.imprint.location}.alias = "${pkgs.sbruder.imprint}/";
|
||||
})
|
||||
];
|
||||
} // (lib.listToAttrs (map
|
||||
(domain: lib.nameValuePair domain {
|
||||
enableACME = true;
|
||||
|
|
|
@ -40,6 +40,10 @@ let
|
|||
address = "10.80.0.13";
|
||||
publicKey = "TALmk853OVeRYoLWFcOE+caRGYmbnkHpLAHIIL2nuyQ=";
|
||||
};
|
||||
yuzuru = {
|
||||
address = "10.80.0.16";
|
||||
publicKey = "sRTAhbGVfxLqYaWr6uwnPJPphu6Cikpj2aXwNrhV5DU=";
|
||||
};
|
||||
};
|
||||
|
||||
cfg = config.sbruder.wireguard.home;
|
||||
|
|
|
@ -20,7 +20,6 @@
|
|||
./neovim
|
||||
./pass.nix
|
||||
./programs.nix
|
||||
./qutebrowser
|
||||
./scripts
|
||||
./sway
|
||||
./tmate.nix
|
||||
|
|
|
@ -1,308 +0,0 @@
|
|||
{ config, lib, nixosConfig, pkgs, ... }:
|
||||
let
|
||||
inherit ((import ../common.nix).colorschemes) solarized;
|
||||
|
||||
setOptionForeachPattern = option: value: patterns:
|
||||
let
|
||||
formatValue = value:
|
||||
if lib.isBool value
|
||||
then (if value then "True" else "False")
|
||||
else
|
||||
(if lib.isString value
|
||||
then "r\"${value}\""
|
||||
else (toString value));
|
||||
in
|
||||
lib.concatMapStringsSep
|
||||
"\n"
|
||||
(pattern: "config.set(\"${option}\", ${formatValue value}, \"${pattern}\")")
|
||||
patterns;
|
||||
|
||||
permissionVideo = [
|
||||
"https://chat.sbruder.de"
|
||||
"https://meet.jalr.de"
|
||||
];
|
||||
permissionAudio = [
|
||||
] ++ permissionVideo; # capturing video almost always also requires capturing audio
|
||||
permissionNotifications = [
|
||||
"https://chat.sbruder.de"
|
||||
];
|
||||
|
||||
permissionAutoplay = [
|
||||
"https://iv.sbruder.xyz"
|
||||
];
|
||||
|
||||
cookieExceptions = [
|
||||
];
|
||||
in
|
||||
lib.mkIf nixosConfig.sbruder.gui.enable
|
||||
{
|
||||
programs.qutebrowser = {
|
||||
enable = true;
|
||||
aliases = {
|
||||
q = "tab-close"; # one tab
|
||||
qa = "close"; # one window
|
||||
"qa!" = "quit"; # everything
|
||||
};
|
||||
keyBindings = {
|
||||
normal = {
|
||||
",rm" = "spawn -u readability";
|
||||
|
||||
# reasonable tab cycling
|
||||
J = "tab-prev";
|
||||
K = "tab-next";
|
||||
gJ = "tab-move -";
|
||||
gK = "tab-move +";
|
||||
|
||||
# mpv
|
||||
",mv" = "spawn mpv --profile=clear-speed {url}";
|
||||
",ma" = "spawn mpv --player-operation-mode=pseudo-gui --ytdl-format=251/bestaudio/best {url}";
|
||||
",mq" = "spawn umpv {url}";
|
||||
",Mv" = "hint links spawn mpv --profile=clear-speed {hint-url}";
|
||||
",Ma" = "hint links spawn mpv --player-operation-mode=pseudo-gui --ytdl-format=251/bestaudio/best {hint-url}";
|
||||
",Mq" = "hint links spawn umpv {hint-url}";
|
||||
};
|
||||
};
|
||||
searchEngines = {
|
||||
DEFAULT = "https://bangs.sbruder.de/eval?engine=https://duckduckgo.com/?q=%25s&query={}";
|
||||
};
|
||||
settings = {
|
||||
colors =
|
||||
let
|
||||
fgbg = fg: bg: { inherit fg bg; };
|
||||
topbottom = colour: { top = colour; bottom = colour; };
|
||||
in
|
||||
with solarized; {
|
||||
completion = rec {
|
||||
fg = base1;
|
||||
odd.bg = base02;
|
||||
even.bg = base03;
|
||||
match.fg = green;
|
||||
scrollbar = fgbg base1 base03;
|
||||
category = {
|
||||
inherit (fgbg yellow base03) fg bg;
|
||||
border = topbottom base03;
|
||||
};
|
||||
item.selected = {
|
||||
inherit (fgbg base1 base01) fg bg;
|
||||
border = topbottom base01;
|
||||
inherit match;
|
||||
};
|
||||
};
|
||||
contextmenu = {
|
||||
disabled = fgbg base0 base02;
|
||||
menu = fgbg base1 base03;
|
||||
selected = fgbg base1 base01;
|
||||
};
|
||||
downloads = {
|
||||
bar.bg = base03;
|
||||
start = fgbg base03 blue;
|
||||
stop = fgbg base03 cyan;
|
||||
error.fg = red;
|
||||
};
|
||||
hints = {
|
||||
inherit (fgbg base03 yellow) fg bg;
|
||||
match.fg = base1;
|
||||
};
|
||||
keyhint = {
|
||||
inherit (fgbg base1 base03) fg bg;
|
||||
suffix.fg = base1;
|
||||
};
|
||||
messages = {
|
||||
error = {
|
||||
inherit (fgbg base03 red) fg bg;
|
||||
border = red;
|
||||
};
|
||||
warning = {
|
||||
inherit (fgbg base03 violet) fg bg;
|
||||
border = violet;
|
||||
};
|
||||
info = {
|
||||
inherit (fgbg base1 base03) fg bg;
|
||||
border = base03;
|
||||
};
|
||||
};
|
||||
prompts = {
|
||||
inherit (fgbg base1 base03) fg bg;
|
||||
border = base03;
|
||||
selected = fgbg base1 base01;
|
||||
};
|
||||
statusbar = {
|
||||
normal = fgbg green base03;
|
||||
insert = fgbg base03 blue;
|
||||
passthrough = fgbg base03 cyan;
|
||||
private = fgbg base03 base02;
|
||||
command = {
|
||||
inherit (fgbg base1 base03) fg bg;
|
||||
private = fgbg base1 base03;
|
||||
};
|
||||
caret = {
|
||||
inherit (fgbg base03 violet) fg bg;
|
||||
selection = fgbg base03 blue;
|
||||
};
|
||||
progress.bg = blue;
|
||||
url.fg = base1;
|
||||
url.error.fg = red;
|
||||
url.hover.fg = base1;
|
||||
url.success.http.fg = cyan;
|
||||
url.success.https.fg = green;
|
||||
url.warn.fg = violet;
|
||||
};
|
||||
|
||||
tabs = rec {
|
||||
bar.bg = base03;
|
||||
even = fgbg base1 base03;
|
||||
odd = even;
|
||||
indicator = {
|
||||
start = blue;
|
||||
stop = cyan;
|
||||
error = red;
|
||||
};
|
||||
selected = rec {
|
||||
even = fgbg base02 green;
|
||||
odd = even;
|
||||
};
|
||||
pinned = {
|
||||
inherit even odd selected;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# UI
|
||||
scrolling.smooth = true;
|
||||
completion.web_history.max_items = 0; # no history
|
||||
|
||||
# Fonts
|
||||
fonts = {
|
||||
web = {
|
||||
family = rec {
|
||||
serif = "Georgia";
|
||||
sans_serif = "PT Sans";
|
||||
standard = sans_serif;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# Behaviour
|
||||
auto_save.session = true;
|
||||
session.lazy_restore = true;
|
||||
content.autoplay = false;
|
||||
downloads = {
|
||||
location.directory = "/tmp";
|
||||
open_dispatcher = "${pkgs.xdg-utils}/bin/xdg-open"; # QDesktopServices.openUrl always opens Firefox
|
||||
};
|
||||
editor.command = [ "foot" "-e" "nvim" "-f" "{file}" "-c" "normal {line}G{column0}l" ];
|
||||
spellcheck.languages = [ "de-DE" "en-GB" ];
|
||||
url.default_page = "about:blank";
|
||||
url.start_pages = [ "about:blank" ];
|
||||
|
||||
# Privacy
|
||||
content.cookies.accept = "no-3rdparty";
|
||||
content.headers.accept_language = "en-US,en;q=0.5";
|
||||
|
||||
# Filtering (many don’t get used yet due to lack of cosmetic filtering)
|
||||
# https://github.com/gorhill/uBlock/blob/master/assets/assets.json
|
||||
# EasyList is using a mirror because upstream’s servers are slow
|
||||
content.blocking.adblock.lists = [
|
||||
"https://secure.fanboy.co.nz/easylist.txt"
|
||||
"https://secure.fanboy.co.nz/easyprivacy.txt"
|
||||
"https://secure.fanboy.co.nz/fanboy-social.txt"
|
||||
"https://easylist-downloads.adblockplus.org/easylistgermany.txt"
|
||||
"https://filters.adtidy.org/extension/ublock/filters/17.txt"
|
||||
"https://filters.adtidy.org/extension/ublock/filters/3.txt"
|
||||
"https://filters.adtidy.org/extension/ublock/filters/4.txt"
|
||||
"https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/annoyances.txt"
|
||||
"https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/badlists.txt"
|
||||
"https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/badware.txt"
|
||||
"https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/filters.txt"
|
||||
"https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/privacy.txt"
|
||||
"https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/resource-abuse.txt"
|
||||
"https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/unbreak.txt"
|
||||
"https://secure.fanboy.co.nz/fanboy-annoyance.txt"
|
||||
"https://secure.fanboy.co.nz/fanboy-antifacebook.txt"
|
||||
"https://secure.fanboy.co.nz/fanboy-cookiemonster.txt"
|
||||
];
|
||||
};
|
||||
extraConfig = /* python */ ''
|
||||
import glob
|
||||
|
||||
c.content.user_stylesheets = glob.glob("${config.xdg.configHome}/qutebrowser/userstyles/*.css")
|
||||
|
||||
c.qt.environ = {
|
||||
# otherwise results in severe banding (https://github.com/qutebrowser/qutebrowser/issues/5528)
|
||||
"QT_WAYLAND_DISABLE_WINDOWDECORATION": "0",
|
||||
}
|
||||
|
||||
c.content.headers.custom = {
|
||||
"accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
|
||||
}
|
||||
|
||||
c.tabs.padding["top"] = 3
|
||||
c.tabs.padding["bottom"] = 3
|
||||
|
||||
# Permissions
|
||||
${setOptionForeachPattern "content.media.audio_capture" true permissionAudio}
|
||||
${setOptionForeachPattern "content.media.audio_video_capture" true permissionVideo}
|
||||
${setOptionForeachPattern "content.media.video_capture" true permissionVideo}
|
||||
${setOptionForeachPattern "content.notifications.enabled" true permissionNotifications}
|
||||
|
||||
${setOptionForeachPattern "content.autoplay" true permissionAutoplay}
|
||||
|
||||
# Cookie exceptions
|
||||
${setOptionForeachPattern "content.cookies.accept" "all" cookieExceptions}
|
||||
'';
|
||||
};
|
||||
|
||||
xdg.configFile =
|
||||
let
|
||||
replaceExtension = newExtension: filename: "${lib.concatStringsSep "." (lib.init (lib.splitString "." filename))}.${newExtension}";
|
||||
|
||||
regularFilesIn = dir: lib.filterAttrs
|
||||
(_: v: v == "regular")
|
||||
(builtins.readDir (./. + "/${dir}"));
|
||||
|
||||
compileScss = name: file: pkgs.runCommand (replaceExtension "css" name) { } ''
|
||||
${pkgs.sassc}/bin/sassc ${file} $out
|
||||
'';
|
||||
in
|
||||
{
|
||||
"qutebrowser/bookmarks/urls".source = config.lib.file.mkOutOfStoreSymlink "${config.xdg.dataHome}/qutebrowser/synced-bookmarks/bookmarks";
|
||||
"qutebrowser/quickmarks".source = config.lib.file.mkOutOfStoreSymlink "${config.xdg.dataHome}/qutebrowser/synced-bookmarks/quickmarks";
|
||||
} // (lib.mapAttrs'
|
||||
(k: _: lib.nameValuePair "qutebrowser/greasemonkey/${k}" { source = ./userscripts + "/${k}"; })
|
||||
(regularFilesIn "userscripts")) // (lib.mapAttrs'
|
||||
(k: _: lib.nameValuePair "qutebrowser/userstyles/${replaceExtension "css" k}" { source = compileScss k (./userstyles + "/${k}"); })
|
||||
(regularFilesIn "userstyles"));
|
||||
|
||||
xdg.dataFile = lib.mapAttrs'
|
||||
(dict: sha256: lib.nameValuePair
|
||||
"qutebrowser/qtwebengine_dictionaries/${dict}.bdic"
|
||||
{
|
||||
source = (pkgs.fetchurl {
|
||||
url = "https://chromium.googlesource.com/chromium/deps/hunspell_dictionaries/+/18e09b9197a3b1d771c077c530d1a4ebad04c167/${dict}.bdic?format=TEXT";
|
||||
inherit sha256;
|
||||
postFetch = ''
|
||||
base64 -d "$out" > "$TMPDIR/decoded"
|
||||
mv "$TMPDIR/decoded" "$out"
|
||||
'';
|
||||
});
|
||||
})
|
||||
{
|
||||
"de-DE-3-0" = "sha256-B2pHBwDb0Kpiu4s9JMNOE0C9/oPLvPwDXOly8jwUBAA=";
|
||||
"en-GB-9-0" = "sha256-c8eaQQ+AkgwpsFX3upB9k0A7BajBfQDo5wVO22L3Maw=";
|
||||
};
|
||||
|
||||
home.packages = [
|
||||
(pkgs.writeShellScriptBin "qbmarks" /* bash */ ''
|
||||
set -euo pipefail
|
||||
|
||||
git() {
|
||||
echo "[$] git $@"
|
||||
command git -C "${config.xdg.dataHome}/qutebrowser/synced-bookmarks" "$@"
|
||||
}
|
||||
|
||||
git commit --no-gpg-sign -a -m "Sync on $(hostname)" || true
|
||||
git pull --rebase --no-gpg-sign
|
||||
git push
|
||||
'')
|
||||
];
|
||||
}
|
|
@ -1,30 +0,0 @@
|
|||
// ==UserScript==
|
||||
// @name Bandcamp: Add volume slider
|
||||
// @include https://*.bandcamp.com/*
|
||||
// @include https://sewerslvt.com/*
|
||||
// @include https://store.sigurros.com/*
|
||||
// ==/UserScript==
|
||||
function setVolume(volume) {
|
||||
document.querySelectorAll("audio").forEach(el => el.volume = volume / 100)
|
||||
localStorage.setItem("volume", volume)
|
||||
}
|
||||
|
||||
function loadStoredVolume() {
|
||||
return localStorage.getItem("volume") ? Number(localStorage.getItem("volume")) : 25
|
||||
}
|
||||
|
||||
const volumeControlContainer = document.createElement("div")
|
||||
volumeControlContainer.style.position = "fixed"
|
||||
volumeControlContainer.style.top = 0
|
||||
volumeControlContainer.style.left = 0
|
||||
volumeControlContainer.style["z-index"] = 10000
|
||||
const volumeControlSlider = document.createElement("input")
|
||||
volumeControlSlider.type = "range"
|
||||
volumeControlSlider.min = 0
|
||||
volumeControlSlider.max = 100
|
||||
volumeControlSlider.value = loadStoredVolume()
|
||||
volumeControlSlider.addEventListener("input", e => {setVolume(e.target.value)})
|
||||
volumeControlContainer.appendChild(volumeControlSlider)
|
||||
document.body.appendChild(volumeControlContainer)
|
||||
|
||||
setInterval(() => {setVolume(loadStoredVolume())}, 1000)
|
|
@ -1,53 +0,0 @@
|
|||
// ==UserScript==
|
||||
// @name nginx: Better directory index
|
||||
// @include http://localhost:8888/torrent*/download/*
|
||||
// @include https://ci.sbruder.de/nix-store/*
|
||||
// ==/UserScript==
|
||||
|
||||
// https://stackoverflow.com/a/14919494
|
||||
function humanFileSize(bytes) {
|
||||
const thresh = 1024
|
||||
if(Math.abs(bytes) < thresh) {
|
||||
return bytes + ' B'
|
||||
}
|
||||
const units = ['KiB','MiB','GiB','TiB','PiB','EiB','ZiB','YiB']
|
||||
var u = -1;
|
||||
do {
|
||||
bytes /= thresh;
|
||||
++u;
|
||||
} while(Math.abs(bytes) >= thresh && u < units.length - 1);
|
||||
return bytes.toFixed(1)+' '+units[u]
|
||||
}
|
||||
|
||||
|
||||
function textToA(line) {
|
||||
let outerElement = document.createElement('div')
|
||||
outerElement.innerHTML = line
|
||||
return outerElement.getElementsByTagName('a')[0]
|
||||
}
|
||||
|
||||
function parseLine(line) {
|
||||
const href = textToA(line).href
|
||||
const filename = href.substr(-1) === '/' ? decodeURIComponent(href.split('/').slice(-2, -1)[0]) : decodeURIComponent(href.split('/').pop())
|
||||
const size = line.split(' ').pop()
|
||||
return {
|
||||
href: href,
|
||||
filename: filename,
|
||||
size: size
|
||||
}
|
||||
}
|
||||
|
||||
function processLine(line) {
|
||||
meta = parseLine(line)
|
||||
return `<tr><td><a href="${meta.href}">${meta.filename}</a></td><td>${meta.size === '-' ? '-' : humanFileSize(meta.size)}</td></tr>`
|
||||
}
|
||||
|
||||
const collator = new Intl.Collator('kn', {numeric: true})
|
||||
|
||||
document.querySelector('pre').outerHTML = '<table style="font-family: monospace;"><tr><td><a href="../">../</a></td><td>-</td></tr>' + document.querySelector('pre').innerHTML
|
||||
.split('\n')
|
||||
.filter(line => line !== '')
|
||||
.filter(line => line !== '<a href="../">../</a>')
|
||||
.map(processLine)
|
||||
.sort(collator.compare)
|
||||
.join('\n') + '</table>'
|
|
@ -1,10 +0,0 @@
|
|||
// ==UserScript==
|
||||
// @name Invidious Redirect
|
||||
// @include http://www.youtube.com/*
|
||||
// @include https://www.youtube.com/*
|
||||
// @include https://www.youtube-nocookie.com/*
|
||||
// @run-at document-start
|
||||
// ==/UserScript==
|
||||
|
||||
document.close();
|
||||
window.location.replace(window.location.href.replace(/www\.youtube(-nocookie)?\.com/, "iv.sbruder.xyz").replace("/shorts/", "/watch?v="))
|
|
@ -1,9 +0,0 @@
|
|||
// ==UserScript==
|
||||
// @name Libreddit Redirect
|
||||
// @include https://www.reddit.com/*
|
||||
// @include https://old.reddit.com/*
|
||||
// @run-at document-start
|
||||
// ==/UserScript==
|
||||
|
||||
document.close();
|
||||
window.location.replace(window.location.href.replace(/(old|www)?\.reddit\.com/, "libreddit.sbruder.xyz"))
|
|
@ -1,8 +0,0 @@
|
|||
// ==UserScript==
|
||||
// @name Nitter Redirect
|
||||
// @include https://twitter.com/*
|
||||
// @run-at document-start
|
||||
// ==/UserScript==
|
||||
|
||||
document.close();
|
||||
window.location.replace(window.location.href.replace(/twitter\.com/, "nitter.sbruder.xyz"))
|
|
@ -1,16 +0,0 @@
|
|||
// ==UserScript==
|
||||
// @name Per-Domain Userstyles
|
||||
// @include *
|
||||
// @run-at document-start
|
||||
// @author Original by Olmo Kramer
|
||||
// ==/UserScript==
|
||||
|
||||
(() => {
|
||||
document.addEventListener("readystatechange", () => {
|
||||
if (document.readyState == "interactive") {
|
||||
const doc = document.documentElement
|
||||
doc.setAttribute("data-qb-url", window.location.href)
|
||||
doc.setAttribute("data-qb-domain", window.location.host)
|
||||
}
|
||||
})
|
||||
})()
|
|
@ -1,22 +0,0 @@
|
|||
[data-qb-domain="pad.sbruder.de"] .CodeMirror {
|
||||
font-family: monospace;
|
||||
}
|
||||
|
||||
[data-qb-domain="github.com"] {
|
||||
code,
|
||||
pre,
|
||||
tt,
|
||||
.blob-code-inner,
|
||||
.text-mono {
|
||||
font-family: monospace !important;
|
||||
}
|
||||
}
|
||||
|
||||
[data-qb-domain="git.sbruder.de"] {
|
||||
pre,
|
||||
code,
|
||||
kbd,
|
||||
samp {
|
||||
font-family: monospace !important;
|
||||
}
|
||||
}
|
|
@ -120,8 +120,6 @@ in
|
|||
|
||||
# history
|
||||
setopt HIST_IGNORE_ALL_DUPS
|
||||
|
||||
source ${./pass-wrappers.zsh}
|
||||
'')
|
||||
];
|
||||
};
|
||||
|
|
|
@ -1,13 +0,0 @@
|
|||
function pass-field() {
|
||||
pass show "$1" | grep "$2" | cut -d: -f2- | tr -d ' '
|
||||
}
|
||||
|
||||
function drone() (
|
||||
export DRONE_SERVER="$(pass-field sbruder.de/drone Server)"
|
||||
export DRONE_TOKEN="$(pass sbruder.de/drone | head -n 1)"
|
||||
command drone $@
|
||||
)
|
||||
|
||||
function drone-add-netlify() {
|
||||
drone secret add --name netlify_auth_token --data "$(pass-field web/netlify.com Drone-Key)" "$1"
|
||||
}
|
Loading…
Reference in New Issue