| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | modules/constants: Correctly assign each uid so that none is greater 400 | Benedikt Peetz | 7 days |
| | | | | | | | | | The uid ranges from 400 upwards are reserved for things that allocate them dynamic during runtime (like systemd). Our users would than get clobbered, thus we avoid that range. BREAKING CHANGE: Well, we'll need to change all uid of the files owned by the respective users. | ||
| * | modules/constants: Dry gid definitions by inheriting the uids | Benedikt Peetz | 7 days |
| | | |||
| * | hosts/server2: Setup stalwalt-mail on mail.vhack.eu for soispha@vhack.eu | Benedikt Peetz | 7 days |
| | | | | | | | | | We need to actually test stalwart out in the real world, because the test can never actually capture all the weird things people do with their mail setup. Refs: #6ea08aa | ||
| * | modules/system-info: Include port 53 (dns) in port -> name mappings | Benedikt Peetz | 2025-03-10 |
| | | |||
| * | {modules/system-info,scripts/system_info}: Init | Benedikt Peetz | 2025-03-09 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This collects relevant information for each host in an informative markdown file. An example (generated via `./scripts/system_info.sh`): # server2 ## Virtual Hosts etebase.vhack.eu: dav.vhack.eu gallery.s-schoeffel.de git.foss-syndicate.org invidious-router.vhack.eu: video.fosswelt.org invidious-router.sils.li issues.foss-syndicate.org libreddit.vhack.eu redlib.vhack.eu source.foss-syndicate.org source.vhack.eu ## Open ports TCP 22: ssh TCP 25: mail-smtp TCP 80: http TCP 443: https TCP 465: mail-smtp-tls TCP 993: mail-imap-tls TCP 995: mail-pop3-tls # server3 ## Virtual Hosts b-peetz.de mastodon.vhack.eu matrix.vhack.eu miniflux.foss-syndicate.org: rss.foss-syndicate.org rss.vhack.eu miniflux.vhack.eu openpgpkey.b-peetz.de openpgpkey.s-schoeffel.de openpgpkey.sils.li openpgpkey.vhack.eu peertube.vhack.eu trinitrix.vhack.eu vhack.eu ## Open ports TCP 22: ssh TCP 80: http TCP 443: https TCP 64738: ??? UDP 64738: ??? | ||
| * | {modules,tests}/back: Update to deal with newest back | Benedikt Peetz | 2025-03-09 |
| | | |||
| * | modules/stalwart-mail: Remove now unneeded `allowInsecureSmtp` option | Benedikt Peetz | 2025-03-09 |
| | | |||
| * | modules/stalwart-mail-free: Remove all `security` dependent checks if it's null | Benedikt Peetz | 2025-03-09 |
| | | |||
| * | modules/stalwart-mail: Capitalize default mailboxes | Benedikt Peetz | 2025-03-09 |
| | | | | | This seems to be somewhat of a standart. | ||
| * | modules/stalwart-mail: Also listen on :25 without SSL but with STARTTLS | Benedikt Peetz | 2025-03-09 |
| | | | | | This is important, so that other MTA can send us mail. | ||
| * | modules/stalwart-mail: Set a default value for `principals` | Benedikt Peetz | 2025-03-09 |
| | | |||
| * | modules/stalwart-mail: Include full systemd service and set correct dependencies | Benedikt Peetz | 2025-03-09 |
| | | | | | | This also starts `nginx` so that we can complete http-01 acme challenges. | ||
| * | modules/stalwart-mail: Select DKIM keys per-domain | Benedikt Peetz | 2025-03-09 |
| | | |||
| * | modules/stalwart-mail: Avoid hardcoding `vhack.eu` email address | Benedikt Peetz | 2025-03-09 |
| | | |||
| * | modules/dns: Add service dependencies | Benedikt Peetz | 2025-03-09 |
| | | |||
| * | modules/dns: Set a reasonable verbosity level | Benedikt Peetz | 2025-03-09 |
| | | | | | The default is way too quiet. | ||
| * | modules/dns: Provide the option to open the required firewall ports | Benedikt Peetz | 2025-03-09 |
| | | |||
| * | modules/dns: Remove `lib.debug` calls | Benedikt Peetz | 2025-03-09 |
| | | |||
| * | modules/dns/dns/types/records/PTR.nix: Special case for reverse IP lookups | Benedikt Peetz | 2025-03-09 |
| | | | | | This makes implementing a DNS server in tests easier. | ||
| * | modules/dns/dns/types/records/MTA-STS.nix: Init | Benedikt Peetz | 2025-03-09 |
| | | |||
| * | modules/dns/dns/types/records/DMARC.nix: Reference the correct RFC | Benedikt Peetz | 2025-03-09 |
| | | | | | | RFC 7208 is titled “Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1”, whilst RFC 7489 is titled “Domain-based Message Authentication, Reporting, and Conformance (DMARC)” | ||
| * | modules/stalwart-mail: Move the package to the `pkgs` subtree | Benedikt Peetz | 2025-03-09 |
| | | |||
| * | {modules,tests}/dns: Init | Benedikt Peetz | 2025-03-09 |
| | | | | | Most of the dns module was taken from: <https://github.com/nix-community/dns.nix> | ||
| * | module/stalwart-mail: Init initial version | Benedikt Peetz | 2025-03-09 |
| | | |||
| * | modules/redlib: Use `nginx`'s module redirect mechanism | Benedikt Peetz | 2025-02-09 |
| | | |||
| * | modules/nginx: Keep the `$request_uri` when redirecting | Benedikt Peetz | 2025-02-09 |
| | | |||
| * | modules/nix-sync: Correctly merge `extraSettings` and the needed vhost config | Benedikt Peetz | 2025-02-07 |
| | | |||
| * | modules/nix-sync: Actually enable | Benedikt Peetz | 2025-02-04 |
| | | | | | | This includes the obvious changes, ensuring that it follows our current best-practices. | ||
| * | refactor(modules/default.nix): Remove now unneeded arguments to `mkByName` | Benedikt Peetz | 2025-02-03 |
| | | |||
| * | feat(matrix): make secrets configurable | Silas Schöffel | 2025-01-25 |
| | | |||
| * | feat(mastodon): make secrets configurable | Silas Schöffel | 2025-01-25 |
| | | |||
| * | feat(miniflux): make secrets configurable | Silas Schöffel | 2025-01-25 |
| | | |||
| * | feat(peertube): make secrets configurable | Silas Schöffel | 2025-01-25 |
| | | |||
| * | feat(etesync): migrate to server2 | Silas Schöffel | 2025-01-25 |
| | | |||
| * | fix(modules/etebase): migrate to new vhack.persist option | Silas Schöffel | 2025-01-25 |
| | | |||
| * | fix(module/peertube): update emailhost | Silas Schöffel | 2025-01-25 |
| | | |||
| * | fix(modules/mastodon): update emailhost | Silas Schöffel | 2025-01-25 |
| | | |||
| * | feat(modules/mail): init on server2 | Silas Schöffel | 2025-01-25 |
| | | |||
| * | feat(modules/backup): init | Silas Schöffel | 2025-01-21 |
| | | |||
| * | fix(modules/peertube): correct email setup | Silas Schöffel | 2025-01-21 |
| | | |||
| * | feat(modules/matrix): init on server3 | Silas Schöffel | 2025-01-21 |
| | | |||
| * | feat(modules/mastodon): init on server3 | Silas Schöffel | 2025-01-21 |
| | | |||
| * | fix(peertube): migrate to server3 | Silas Schöffel | 2025-01-21 |
| | | |||
| * | feat(modules/murmur): init | Silas Schöffel | 2025-01-20 |
| | | |||
| * | feat(modules/nixconfig): init | Silas Schöffel | 2025-01-20 |
| | | |||
| * | feat(modules/invidious-router): init | Silas Schöffel | 2025-01-20 |
| | | |||
| * | feat(modules/gallery): init | Silas Schöffel | 2025-01-20 |
| | | |||
| * | feat(miniflux): init module, host on server2 | Silas Schöffel | 2025-01-20 |
| | | |||
| * | feat(treewide): rekey secrets to allow multiple host setup | Silas Schöffel | 2025-01-20 |
| | | |||
| * | fix(modules/back): add root_url to back config | Benedikt Peetz | 2024-12-28 |
| | | | | | Co-authored-by: Silas Schöffel <sils@sils.li> | ||
 |
index : nixos-server | |
| nixos-config for vhack.eu servers https://vhack.eu | vhack.eu |
| about summary refs log tree commit diff stats |