| Commit message (Collapse) | Author | ||
|---|---|---|---|
| 32 hours | modules/matrix: Provide postgresql with a correct sql statement postgrsql-rescue | Benedikt Peetz | |
| 36 hours | pkgs/sharkey: 2025.2.2 -> 2025.2.3 | Benedikt Peetz | |
| There is no change log, as this is a security update. | |||
| 4 days | modules/sharkey: Add required `@chown` syscall group to allow list | Benedikt Peetz | |
| The `~@priviledged` needed to go, as `@chown` is part of this group. | |||
| 4 days | tests/sharkey-image: Rename to `sharkey-cpu` | Benedikt Peetz | |
| Image upload still fails, even with this test passing. | |||
| 5 days | modules/sharkey: Ensure, that it can access the host's CPUs | Benedikt Peetz | |
| This is, for some reason, needed for image uploads to sharkey. | |||
| 5 days | modules/system-info: Provide a nice warning message, if a port is not yet ↵ | Benedikt Peetz | |
| registered | |||
| 5 days | modules/matrix: Use the typed NixOS for user and db creation | Benedikt Peetz | |
| Note, that I have no way to test if this is actually going to work (no tests for matrix). But, I assume that it is not going to pose problems, as we are not migrating the db and these options won't remove state. | |||
| 5 days | modules/matrix: Group `vhack` attr keys together | Benedikt Peetz | |
| 5 days | modules/mastodon: Group `vhack` keys together | Benedikt Peetz | |
| 5 days | flake.nix: Remove gnutls | Benedikt Peetz | |
| We are not generating taskserver certificates anymore. | |||
| 6 days | modules/taskchampion: Make its data directory owned by taskchampion user | Benedikt Peetz | |
| 6 days | zones/vhack.eu: Actually set the `sharkey.vhack.eu` subdomain | Benedikt Peetz | |
| 7 days | modules/stalwart-mail: Add recommended proxy settings for stalwarts-proxy | Benedikt Peetz | |
| This includes setting things, like setting the `X-Forwarded-For` header. | |||
| 7 days | modules/constants: Also add a user to each group, so that duplicated gids ↵ | Benedikt Peetz | |
| are avoided | |||
| 7 days | tests/email-http: Use the factored out DNS server | Benedikt Peetz | |
| 7 days | hosts/server2: Use the internal stalwart directory | Benedikt Peetz | |
| 7 days | tests/email-http: Test the http self-service availability | Benedikt Peetz | |
| 7 days | modules/stalwart-mail: Don't restart the systemd service | Benedikt Peetz | |
| Restarting might be useful, if stalwart is actually _running_ in prod, but currently the constant restart makes it very difficult to debug (or even stop) the service. | |||
| 7 days | modules/stalwart-mail: Enable the http self-service interface | Benedikt Peetz | |
| 7 days | modules/nginx: Set the "acme" group as group of the "acme" user | Benedikt Peetz | |
| For some reason, this is not done already. Setting this prevents an assertion being thrown, that the "acme" user does not have a group. | |||
| 7 days | modules/stalwart-mail: Allow both nginx and stalwart-mail access to the cert | Benedikt Peetz | |
| This is needed for the http challenge (and for the potential to use nginx as a proxy in the future.) | |||
| 7 days | modules/stalwart-mail: Explicitly list out valid password hashes | Benedikt Peetz | |
| If a password hash does not match stalwart's know ones, it will just treat it as plaintext. This is obviously very bad, and should be avoided. | |||
| 7 days | modules/stalwart-mail: Make `cfg.principals` nullable | Benedikt Peetz | |
| This makes it possible to use the internal storage | |||
| 7 days | modules/stalwart-mail: Use correct group name for `redis-stalwart-mail` | Benedikt Peetz | |
| 7 days | pkgs/stalwart-mail-free: Update package hash, as it changed | Benedikt Peetz | |
| This has to do with the underlying stalwart-mail update. | |||
| 7 days | hosts/server2: Setup sharkey | Benedikt Peetz | |
| Server2 is currently not so much under load, as such it seems better to split t | |||
 |
index : nixos-server | |
| nixos-config for vhack.eu servers https://vhack.eu | vhack.eu |
| about summary refs log tree commit diff stats |