about summary refs log tree commit diff stats
path: root/modules (follow)
Commit message (Collapse)AuthorAge
* modules/stalwart-mail: Include full systemd service and set correct dependenciesBenedikt Peetz3 days
| | | | | This also starts `nginx` so that we can complete http-01 acme challenges.
* modules/stalwart-mail: Select DKIM keys per-domainBenedikt Peetz3 days
|
* modules/stalwart-mail: Avoid hardcoding `vhack.eu` email addressBenedikt Peetz3 days
|
* modules/dns: Add service dependenciesBenedikt Peetz3 days
|
* modules/dns: Set a reasonable verbosity levelBenedikt Peetz3 days
| | | | The default is way too quiet.
* modules/dns: Provide the option to open the required firewall portsBenedikt Peetz3 days
|
* modules/dns: Remove `lib.debug` callsBenedikt Peetz3 days
|
* modules/dns/dns/types/records/PTR.nix: Special case for reverse IP lookupsBenedikt Peetz3 days
| | | | This makes implementing a DNS server in tests easier.
* modules/dns/dns/types/records/MTA-STS.nix: InitBenedikt Peetz3 days
|
* modules/dns/dns/types/records/DMARC.nix: Reference the correct RFCBenedikt Peetz3 days
| | | | | RFC 7208 is titled “Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1”, whilst RFC 7489 is titled “Domain-based Message Authentication, Reporting, and Conformance (DMARC)”
* modules/stalwart-mail: Move the package to the `pkgs` subtreeBenedikt Peetz3 days
|
* {modules,tests}/dns: InitBenedikt Peetz3 days
| | | | Most of the dns module was taken from: <https://github.com/nix-community/dns.nix>
* module/stalwart-mail: Init initial versionBenedikt Peetz3 days
|
* modules/redlib: Use `nginx`'s module redirect mechanismBenedikt Peetz2025-02-09
|
* modules/nginx: Keep the `$request_uri` when redirectingBenedikt Peetz2025-02-09
|
* modules/nix-sync: Correctly merge `extraSettings` and the needed vhost configBenedikt Peetz2025-02-07
|
* modules/nix-sync: Actually enableBenedikt Peetz2025-02-04
| | | | | This includes the obvious changes, ensuring that it follows our current best-practices.
* refactor(modules/default.nix): Remove now unneeded arguments to `mkByName`Benedikt Peetz2025-02-03
|
* feat(matrix): make secrets configurableSilas Schöffel2025-01-25
|
* feat(mastodon): make secrets configurableSilas Schöffel2025-01-25
|
* feat(miniflux): make secrets configurableSilas Schöffel2025-01-25
|
* feat(peertube): make secrets configurableSilas Schöffel2025-01-25
|
* feat(etesync): migrate to server2Silas Schöffel2025-01-25
|
* fix(modules/etebase): migrate to new vhack.persist optionSilas Schöffel2025-01-25
|
* fix(module/peertube): update emailhostSilas Schöffel2025-01-25
|
* fix(modules/mastodon): update emailhostSilas Schöffel2025-01-25
|
* feat(modules/mail): init on server2Silas Schöffel2025-01-25
|
* feat(modules/backup): initSilas Schöffel2025-01-21
|
* fix(modules/peertube): correct email setupSilas Schöffel2025-01-21
|
* feat(modules/matrix): init on server3Silas Schöffel2025-01-21
|
* feat(modules/mastodon): init on server3Silas Schöffel2025-01-21
|
* fix(peertube): migrate to server3Silas Schöffel2025-01-21
|
* feat(modules/murmur): initSilas Schöffel2025-01-20
|
* feat(modules/nixconfig): initSilas Schöffel2025-01-20
|
* feat(modules/invidious-router): initSilas Schöffel2025-01-20
|
* feat(modules/gallery): initSilas Schöffel2025-01-20
|
* feat(miniflux): init module, host on server2Silas Schöffel2025-01-20
|
* feat(treewide): rekey secrets to allow multiple host setupSilas Schöffel2025-01-20
|
* fix(modules/back): add root_url to back configBenedikt Peetz2024-12-28
| | | | Co-authored-by: Silas Schöffel <sils@sils.li>
* fix(modules/back): Update to the new config file inputBenedikt Peetz2024-12-26
|
* fix(modules/back): Remove the `gitPath` from the service nameBenedikt Peetz2024-12-25
| | | | With it, the service names become nearly illegible.
* feat(modules/nginx): Modularise the redirects and migrate them to server2Benedikt Peetz2024-12-25
| | | | | | The redirects always have an implicit dependency on the DNS config of the running host. As such, simply stating them for all host is never a possibility and setting them per host the only viable option.
* fix(modules/nix-sync/internal): Fix syntax errors in shell-scriptBenedikt Peetz2024-12-25
|
* fix(modules/dhcpcd): Also set uid/gid for the `dhcpcd` userBenedikt Peetz2024-12-25
| | | | | Otherwise, this user's/group's owned files/directories could change when a new user is added or removed, as we do not persist `/var/lib/nixos`.
* fix(treewide): Add constant uids and gids to each user and groupBenedikt Peetz2024-12-25
| | | | This allows us to avoid persisting `/var/lib/nixos`.
* refactor(system/services/fail2ban): Migrate to `by-name`Benedikt Peetz2024-12-25
| | | | | | Additionally, I've changed to owner of the `/var/lib/fail2ban` directory to `root:root` as the main `fail2ban` service also runs under `root` and a `fail2ban` user is never created.
* refactor(system/services/rust-motd): Migrate to `by-name`Benedikt Peetz2024-12-25
|
* fix(modules/impermanence): Don't always persist `/var/log` and `/var/lib/nixos`Benedikt Peetz2024-12-25
| | | | | | | | | | Persisting them, without marking the `/srv` containing fs as `neededForBoot` will result in a kernel panic in the init (because `impermanence` tries to mount these directories and fails as `/srv` is still missing.) Thus, each host, that sets `/srv` to `neededForBoot` should add these directories to `vhack.persist.directories`.
* refactor(system/users): Migrate to `by-name`Benedikt Peetz2024-12-25
|
* fix(modules/git-server): Use `vhack.persist` for data-directoriesBenedikt Peetz2024-12-25
| | | | | This avoids having to create them manually on the server and is, overall just generally a better way to solve this problem.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-03-12 22:23:29 +0000