about summary refs log tree commit diff stats
path: root/system/services (follow)
Commit message (Collapse)AuthorAge
* feat(system/services/nix): add wheel group to trusted-userssils2023-10-11
|
* fix(system/services/murmur): Allow murmur's user to read certsSoispha2023-10-03
|
* feat(system/services/murmur): InitializeSoispha2023-10-03
|
* fix(system/services/miniflux): Correctly specify secret pathSoispha2023-10-03
|
* feat(system/services/miniflux): InitSoispha2023-10-03
|
* fix(system/services/taskserver): Use strict certificate validationSoispha2023-10-02
|
* fix(system/services/taskserver): Specify domain to listen onSoispha2023-10-01
|
* feat(system/services/taskserver): InitSoispha2023-10-01
| | | | | This is the server part used in combination with Taskwarrior to regain control over the unwieldy amount of task, that accumulate over the day.
* Fix(system/services/nginx): Update hostsSoispha2023-08-18
|
* Fix(system/services/libreddit): Don't open firewallSoispha2023-08-18
|
* Fix(system/services/libreddit): Actually proxy services via nginxSoispha2023-08-18
|
* Feat(system/services/libreddit): InitSoispha2023-08-18
|
* chore(version): v0.8.0Soispha2023-08-11
|
* Chore(Merge): Branch 'invidious'Soispha2023-08-11
|\
| * Fix(system/services/invidious): Add interpreter to start scriptSoispha2023-08-11
| |
| * Fix(system/services/invidious): Force the new script option to be appliedSoispha2023-08-11
| |
| * Fix(system/service/invidious): Copy their script, to remove shell escapeSoispha2023-08-11
| | | | | | | | | | | | | | The default ExecStart implementation in the module, escapes all stings. This does not work for us because we need to use the `$CREDENTIALS_DIR` environment variable, for the credentials deployed in den `LoadCredential` option
| * Fix(system/services/invidious): Set correct access permissions on hmacSoispha2023-08-11
| |
| * Fix(system/services/invidious): Check tables on startupSoispha2023-08-11
| |
| * Refactor(system/secrets/invidious): Remove unneeded files and improve namesSoispha2023-08-11
| |
| * Fix(system): Binary substitution for debuggingsils2023-08-11
| |
| * Fix(system/services/invidious): Specifiy database hostsils2023-08-11
| |
| * Feat(system): Add invidioussils2023-08-11
| |
* | chore(version): v0.8.0 v0.8.0Soispha2023-08-11
|/
* Feat(system/services/snapper): AddSoispha2023-08-02
|
* Fix(system/services/nix-sync): Remove timeout on buildSoispha2023-08-02
| | | | | | | The unit had the potential to fail, if the build took longer than the default timeout. This is obviously not ideal, so the timeout was removed, as all nix builds should be safe enough not to devour resources.
* Fix(system/services/nix-sync): Rebase on pulls, to allow for force pushesSoispha2023-08-02
| | | | | | | | As the nix-sync service should _never_ commit new stuff, this rebase should always be a fast-forward, i.e. it works without manual intervention. Without the rebase as argument, this services would break, when the history gets rewritten, for example on a amended commit.
* Fix(system/services/nix-sync): Make the timer relative to the unit startSoispha2023-08-02
| | | | | | | The timer before hand started `repo.interval` after it self was started, i.e., it was a oneshot timer. This change now fixes this by make the point the timer activates relative to the time elapsed, since the associated unit was last started.
* Feat(system/services/nginx/hosts): Add another domainSoispha2023-07-31
|
* Fix(treewide): Use correct function argument specificationSoispha2023-07-28
|
* Feat(system/services/mail/users): Add mailusersSoispha2023-07-28
|
* Refactor(system/services/nginx): Reduce encrypted stuff to a minimumSoispha2023-07-28
|
* Fix(system/services/mail): Update mail userssils2023-07-28
|
* Fix(system/services/matrix/bridges/m-wa): Use own databaseSoispha2023-07-27
|
* Fix(system/services/matrix/bridges/m-wa): Correct postgresql uriSoispha2023-07-27
|
* Feat(system/services/matrix/bridges): Add mautrix-whatsapp bridgeSoispha2023-07-27
|
* Fix(system/mail): Add Usersils2023-07-26
|
* Fix(system/services/mail): Add new usersils2023-07-25
|
* Fix(system/services/matrix): Change registration_shared_secret_path tosils2023-07-22
| | | | age secret
* Fix(system/services/matrix): Add registration_shared_secret to registersils2023-07-22
| | | | users
* Fix(system/services/matrix): Move persisting files ctrl to impermanenceSoispha2023-07-22
|
* Fix(system/services/matrix): Fix extra " =" in locations pathSoispha2023-07-22
|
* Feat(system): Add matrix-synapsesils2023-07-20
|\
| * Feat(system/services): Add matrix synapsesils2023-06-19
| |
* | Style(treewide): Format after removing vim linesSoispha2023-07-19
| |
* | Feat(.editorconfig): Add the configuration for all filesSoispha2023-07-19
| | | | | | | | | | This sets some formatting option based on the file. In comparison to the vim lines, this should be supported by more editors.
* | Fix(system/secrets): Ensure that ssh host key is available in stage 2Soispha2023-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `/var/lib/sshd` directory is only mounted _after_ the stage 2 init, thus also after the system activation. Agenix, which runs in the system activation needs the hostkey however to decrypt the secrets needed for some units (as of right now only keycloak). Alas the only way I see to achieve that is to store the ssh hostkey directly on /srv, which is mounted before (it's marked as 'neededForBoot' after all) the stage 2 init. It should be possible to achieve this with impermanence however, as `/var/log` is mounted in the stage 1 init; The problem is that I have no idea _why_ only this is the only directory mounted and nothing else.
* | Fix(system/services/keycloak): Use agenix to store passwdSoispha2023-07-08
| |
* | Fix(system/services/nix-sync): Nix build needs access to /proc/statSoispha2023-07-08
| |
* | Fix(treewide): Move all persistent dirs to impermanence to set permissionsSoispha2023-07-08
| |