|
1af6269c5a
|
marvin/secrets: Rekey
|
2022-08-31 09:57:20 -04:00 |
|
|
9e80113197
|
common/ssh: Update host key algos
|
2022-08-31 09:34:06 -04:00 |
|
|
5c9514c029
|
hosts/prefect: Enable cinny
|
2022-08-30 15:03:17 -04:00 |
|
|
d15d91c993
|
hosts/common/programs: Add ssh config
|
2022-08-30 13:59:28 -04:00 |
|
|
fcc27711cd
|
hosts/common/ssh: Add cipher/mac/kex configurations
|
2022-08-30 13:54:25 -04:00 |
|
|
cfcd525622
|
hosts/common: Update ssh settings
|
2022-08-30 13:23:43 -04:00 |
|
|
13306a5f33
|
marvin: Disable per-host NTP config
|
2022-08-30 13:19:17 -04:00 |
|
|
4ab9daf6b8
|
hosts/common: Add NTP
|
2022-08-30 13:18:49 -04:00 |
|
|
458604ecd1
|
hosts/prefect: Enable fail2ban
|
2022-08-30 13:17:01 -04:00 |
|
|
5e5159ab9f
|
hosts/common: Add timeservers
|
2022-08-30 12:38:18 -04:00 |
|
|
73a45fea36
|
marvin/services: Enable NTPd
|
2022-08-30 12:04:56 -04:00 |
|
|
9656238c5f
|
zaphod: Update config options
|
2022-08-30 10:43:33 -04:00 |
|
|
6268d9cb45
|
zaphod/unbound: update settings
|
2022-08-30 10:43:22 -04:00 |
|
|
04e4a62644
|
zaphod/services: Add ssh
|
2022-08-30 10:43:13 -04:00 |
|
|
f4ec886ffb
|
zaphod/services: Add docker
|
2022-08-30 10:43:02 -04:00 |
|
|
458b9cf937
|
zaphod: Add adb rules
|
2022-08-30 10:42:54 -04:00 |
|
|
4b0693c0a0
|
prefect/firewall: update firewall rules
|
2022-08-30 10:42:35 -04:00 |
|
|
0c667b7096
|
hosts: Add custom wireguard tunnels
|
2022-08-24 10:54:24 -04:00 |
|
|
5ae4ee35a9
|
prefect: Update nameservers
|
2022-08-22 19:32:30 -04:00 |
|
|
2c7c99076c
|
prefect/dn42: Disable jknet for now
|
2022-08-22 17:41:02 -04:00 |
|
|
4177fae275
|
hosts/prefect: Update automatic wireguard config
|
2022-08-22 17:40:07 -04:00 |
|
|
9abdffae3a
|
prefect/dn42: Enable peering with chrismoos
|
2022-08-22 17:33:02 -04:00 |
|
|
ac34af8a50
|
hosts/prefect: Update ip for lutoma
|
2022-08-22 15:48:58 -04:00 |
|
|
ca32579b3b
|
prefect: Switch from services.firewall to ferm
|
2022-08-22 15:38:53 -04:00 |
|
|
fb55063af0
|
hosts/prefect: Allow BGP traffic
|
2022-08-22 15:29:14 -04:00 |
|
|
fad825b87d
|
prefect/dn42: Updates
|
2022-08-22 15:16:39 -04:00 |
|
|
6f090d00f7
|
prefect: Switch back to non-module DN42
|
2022-08-22 10:29:48 -04:00 |
|
|
a08dfb632f
|
prefect: Enable DN42 configuration
|
2022-08-22 09:35:42 -04:00 |
|
|
e77b7e97cf
|
hosts/prefect: Update boot and firewall settings for DN42
|
2022-08-20 15:45:06 -04:00 |
|
|
3dee583c5f
|
prefect: Add DN42 subdomain
|
2022-08-20 15:41:52 -04:00 |
|
|
afd1a0620d
|
marvin/nsd: Disable
|
2022-08-20 15:17:03 -04:00 |
|
|
1877082cc1
|
marvin/gitea: Update for new NixOS settings
|
2022-08-20 15:05:11 -04:00 |
|
|
7627fd5160
|
zaphod: Update fonts
|
2022-08-20 14:55:37 -04:00 |
|
|
6e837c3f7e
|
prefect: Update blog-update service
|
2022-08-12 10:14:00 -04:00 |
|
|
945b5b8588
|
hosts/marvin/go-jamming: Update ExecStartPre script
|
2022-08-12 09:47:03 -04:00 |
|
|
6c5fca4705
|
prefect/services/blog-update: Add ExecStartPre script
|
2022-08-12 09:41:39 -04:00 |
|
|
25f0272f28
|
prefect: Actually enable blog-update service
|
2022-08-12 09:38:52 -04:00 |
|
|
ec0831b3cb
|
prefect: Fix IPv6
|
2022-08-12 09:37:12 -04:00 |
|
|
4231a517d6
|
prefect: Disable SSO on headscale
|
2022-08-12 09:35:39 -04:00 |
|
|
31388902c2
|
prefect: Add new records and enable go-jamming on marvin
|
2022-08-12 09:34:09 -04:00 |
|
|
4401806893
|
services: Enable go-jamming service
|
2022-08-11 18:10:22 -04:00 |
|
|
3d0e87aafa
|
prefect/nsd: Update DNS servers to add FreeDNS
|
2022-08-10 11:03:42 -04:00 |
|
|
e838411d69
|
prefect/services/nsd: Update SOA serials
|
2022-08-10 11:01:25 -04:00 |
|
|
32e4b49acd
|
prefect/services/nsd: Fix records
|
2022-08-10 10:59:03 -04:00 |
|
|
2f5ca575b1
|
prefect/services/nsd: Update SOA serials
|
2022-08-10 10:48:30 -04:00 |
|
|
7592fefe9f
|
prefect/services/nsd: Add ns2.thehedgehog.me
|
2022-08-10 10:47:45 -04:00 |
|
|
2ef10a4c7d
|
prefect/services: Update dns
|
2022-08-10 10:41:08 -04:00 |
|
|
64f14380c8
|
prefect/services/nsd: update dns servers
|
2022-08-10 09:01:40 -04:00 |
|
|
9e83d34871
|
prefect/nsd: update SOA and NS records
|
2022-08-09 13:01:04 -04:00 |
|
|
dbb050b10d
|
services/nsd: Update SOA Serial
|
2022-08-09 12:54:20 -04:00 |
|
|
1e5403226e
|
prefect/nsd: Add resume site CNAME record
|
2022-08-09 12:52:24 -04:00 |
|
|
073201a953
|
prefect/nsd: Add statuspage CNAME
|
2022-08-09 12:52:00 -04:00 |
|
|
b0df34ed11
|
prefect/nsd: Fix thehedgehog.me NS(hopefully)
|
2022-08-09 12:44:00 -04:00 |
|
|
aa7beb8c36
|
prefect/nsd: Lock down email for yourmother.website
|
2022-08-09 12:30:44 -04:00 |
|
|
dddb77f7c2
|
prefect/nsd: Allow listening everywhere
|
2022-08-09 12:10:55 -04:00 |
|
|
e7d80eb471
|
prefect/services/nsd: Disable dnssec
|
2022-08-09 11:57:30 -04:00 |
|
|
2e17c7b99b
|
prefect/firewall: Allow port 53
|
2022-08-09 11:52:24 -04:00 |
|
|
e68e6fcb83
|
prefect/services/caddy: Switch to IP instead of hostname
|
2022-08-09 11:41:28 -04:00 |
|
|
730719d14b
|
prefect/services: Enable NSD name server
|
2022-08-09 11:31:39 -04:00 |
|
|
1b2e2863ba
|
hosts/marvin/nsd: Add SOA serial for hog root zone
|
2022-08-08 16:39:37 -04:00 |
|
|
40a829a676
|
hosts/marvin/nsd: Fix build failure
|
2022-08-08 16:37:29 -04:00 |
|
|
8a944304ef
|
hosts/common: Update common networking config
|
2022-08-08 16:34:24 -04:00 |
|
|
0fd0d9341b
|
marvin/nsd: Enable NSD
|
2022-08-08 16:32:55 -04:00 |
|
|
e1a77f1d54
|
hosts/common: Update common files and nameservers
|
2022-08-08 16:32:41 -04:00 |
|
|
a2b31d92b3
|
hedgevpn: Re-enable IPv4
|
2022-08-08 15:57:21 -04:00 |
|
|
fb101026bd
|
certhog: Enable TLS for internal domains
|
2022-08-08 15:49:32 -04:00 |
|
|
49b582588a
|
hedgevpn: Re-enable oidc
|
2022-08-08 15:49:06 -04:00 |
|
|
4e3fba9ad6
|
hedgevpn: Disable IPv4 address allocation
|
2022-08-08 14:35:38 -04:00 |
|
|
df0175b38e
|
marvin: Switch nameservers
|
2022-08-08 14:06:19 -04:00 |
|
|
5e9bbd4630
|
prefect: Update
|
2022-08-08 13:46:13 -04:00 |
|
|
7cf1097771
|
headscale: Add capabilities to systemd service
|
2022-08-05 18:10:59 -04:00 |
|
|
53bf6f331e
|
prefect/headscale: Switch cert challenge type
|
2022-08-05 18:06:21 -04:00 |
|
|
9ff9c7935d
|
prefect/firewall: Enable tailscale traffic
|
2022-08-05 18:03:31 -04:00 |
|
|
20bce4e6d7
|
prefect/headscale: Move letsencrypt challenge type to settings
|
2022-08-05 17:37:28 -04:00 |
|
|
50ee3a3d22
|
prefect/headscale: Fix lets encrypt cert challenge type
|
2022-08-05 17:36:11 -04:00 |
|
|
e47cd48425
|
prefect/caddy: Remove port so caddy config validates
|
2022-08-05 17:34:37 -04:00 |
|
|
a180e17fb0
|
prefect: Actually load agenix
|
2022-08-05 17:32:40 -04:00 |
|
|
3301ab131b
|
prefect: Use the right ssh key
|
2022-08-05 17:31:36 -04:00 |
|
|
7681e5b502
|
prefect/headscale: Init
|
2022-08-05 17:29:52 -04:00 |
|
|
3236952c36
|
marvin/prom: Enable vikunja scrape job
|
2022-08-05 12:02:49 -04:00 |
|
|
1f2336d1a7
|
marvin/prom: Add jellyfin scrape job
|
2022-08-05 11:35:06 -04:00 |
|
|
d5366ff45a
|
marvin: Add caddy prometheus scrape job
|
2022-08-05 11:26:18 -04:00 |
|
|
04a65a4903
|
prefect: Set caddy metrics endpoint
|
2022-08-05 11:21:31 -04:00 |
|
|
9f6b7c9fc5
|
prefect: Update firewall config
|
2022-08-05 11:14:20 -04:00 |
|
|
2ae121d666
|
prometheus: Enable gitea metrics
|
2022-08-05 11:07:00 -04:00 |
|
|
2a354b2425
|
marvin: Enable gitea metrics
|
2022-08-05 10:52:56 -04:00 |
|
|
214194595f
|
marvin: update grafana creds
|
2022-08-05 10:22:46 -04:00 |
|
|
fc7d2e880f
|
marvin/prom: Export stats for marvin node
|
2022-08-04 14:17:48 -04:00 |
|
|
7e41980f96
|
caddy: add stats subdomain for grafana
|
2022-08-04 14:08:04 -04:00 |
|
|
eef7f2d103
|
marvin: enable prometheus and grafana
|
2022-08-04 14:07:41 -04:00 |
|
|
54a2640c82
|
vaultwarden: set rocket listening address
|
2022-08-04 12:47:57 -04:00 |
|
|
84a4ecab6a
|
marvin: Allow all traffic from tailscale interface
|
2022-08-04 12:40:03 -04:00 |
|
|
0e1929a7bf
|
marvin: Disable firewall on vaultwarden port
|
2022-08-04 12:35:33 -04:00 |
|
|
f935080a79
|
vaultwarden: enable debug loggin
|
2022-08-04 12:31:16 -04:00 |
|
|
98dd2f3335
|
vaultwarden: vaultwarden test fixes
|
2022-08-04 12:22:24 -04:00 |
|
|
fc316494b9
|
vaultwarden: Fix maybe
|
2022-08-04 12:12:27 -04:00 |
|
|
ce78e54b59
|
prefect/caddy: Update vaultwarden settings
|
2022-08-04 12:03:40 -04:00 |
|
|
0d0bfff32c
|
vaultwarden: update smtp settings
|
2022-08-04 11:59:11 -04:00 |
|
|
cebda8f61a
|
marvin: Update vaultwarden name
|
2022-08-04 11:56:43 -04:00 |
|
|
a5c86390db
|
marvin: Disable tubearchivist
|
2022-08-04 11:55:04 -04:00 |
|
|
a0350ab291
|
marvin: actually enable tubearchivist
|
2022-08-03 16:27:02 -04:00 |
|
|
a6baff65b5
|
prefect/caddy: Add tube subdomain
|
2022-08-03 16:08:20 -04:00 |
|
|
42d12c8ae0
|
vaultwarden: Don't crash
|
2022-08-03 16:07:22 -04:00 |
|
|
f05b40fff6
|
marvin: Stick to kernel 5.18 until zfs is stable for latest
|
2022-08-03 15:57:30 -04:00 |
|
|
86bc00e072
|
tubearchivist: Update redis
|
2022-08-03 15:46:11 -04:00 |
|
|
9a724c6653
|
marvin: Enable tubearchivist
|
2022-08-03 15:43:43 -04:00 |
|
|
1ee5e55d03
|
marvin && prefect: Enable vikunja and update port numbers
|
2022-08-01 11:29:01 -04:00 |
|
|
7ceddfde91
|
miniflux: Actually, enable admin user
|
2022-07-31 10:10:36 -04:00 |
|
|
ffab797ebe
|
miniflux: Don't create an admin user
|
2022-07-31 10:09:35 -04:00 |
|
|
ef79a553bf
|
miniflux: Enable OIDC
|
2022-07-29 17:51:31 -04:00 |
|
|
39d2b2d3b4
|
prefect: Serve yourmother.website
|
2022-07-29 12:26:08 -04:00 |
|
|
40f964f071
|
authentik: disable ldap outpost
|
2022-07-29 12:18:47 -04:00 |
|
|
49a20e1d6f
|
authentik: Add LDAP outpost
|
2022-07-29 12:04:12 -04:00 |
|
|
e55f0660c1
|
prefect/caddy: Actually set caddy up properly
|
2022-07-29 09:47:18 -04:00 |
|
|
a3e957b478
|
prefect/caddy: Fix filter issues
|
2022-07-29 09:38:53 -04:00 |
|
|
0131e07bd7
|
update caddy build
|
2022-07-29 09:36:02 -04:00 |
|
|
c0e1b9288d
|
hosts/prefect: Add caddy
|
2022-07-27 16:19:39 -04:00 |
|
|
610789f8ff
|
hosts/marvin: Add Authentik service
|
2022-07-27 16:16:07 -04:00 |
|
|
b620829795
|
hosts: misc fixes
|
2022-07-27 13:00:59 -04:00 |
|
|
24141c94bb
|
marvin: actually enable metube
|
2022-07-27 12:44:40 -04:00 |
|
|
867812d49e
|
hosts/{marvin,caddy}: Enable new services
|
2022-07-27 12:43:19 -04:00 |
|
|
146ad74aba
|
hosts/marvin: actually run podman stuff
|
2022-07-27 09:53:07 -04:00 |
|
|
e655c39c4b
|
hosts/marvin: disable podman
|
2022-07-27 09:51:36 -04:00 |
|
|
a43dd69e20
|
hosts/marvin: Enable docker
|
2022-07-27 09:49:51 -04:00 |
|
|
cd01aaf43c
|
hosts/marvin: Switch from podman to docker
|
2022-07-27 09:43:04 -04:00 |
|
|
b15cfadb2e
|
hosts/common: Make neovim default editor
|
2022-07-24 12:00:28 -04:00 |
|
|
c07e3345c2
|
hosts: Add cache and update keys
|
2022-07-24 11:58:26 -04:00 |
|
|
5348f39b58
|
marvin: actually enable nix-serve
|
2022-07-24 11:54:58 -04:00 |
|
|
7526b95157
|
prefect: Enable nix-serve
|
2022-07-24 11:49:07 -04:00 |
|
|
b894fcba70
|
marvin: enable nix-serve cache
|
2022-07-24 11:48:55 -04:00 |
|
|
e0e8234c9f
|
prefect: Enable tokyo night theme for bitwarden
|
2022-07-24 10:58:30 -04:00 |
|
|
d10959e951
|
prefect: Add tokyo-night theme to adguard
|
2022-07-24 10:43:38 -04:00 |
|
|
d920969237
|
gitea: Add tokyo night theme
|
2022-07-24 10:37:10 -04:00 |
|
|
3e0f4925ea
|
marvin/services: Add theme.park themes
|
2022-07-24 10:21:32 -04:00 |
|
|
6c450ebf8e
|
hosts/common: Update nix config
|
2022-07-24 09:38:58 -04:00 |
|
|
268a1d5027
|
prefect: try systemd hack for caddy
|
2022-07-24 08:28:47 -04:00 |
|
|
2ebae64aa3
|
zaphod/pam: Disable p11 and enable u2f
|
2022-07-23 10:53:07 -04:00 |
|
|
1aa224af1e
|
marvin: Rekey all secrets
|
2022-07-23 10:46:11 -04:00 |
|
|
1bdc042f91
|
zaphod: Disable yubikey-agent
|
2022-07-23 10:42:54 -04:00 |
|
|
67270926e3
|
marvin: disable gitea ssh support
|
2022-07-23 09:37:08 -04:00 |
|
|
7a12a39259
|
marvin/secrets: Update secrets
|
2022-07-22 15:33:23 -04:00 |
|
|
bbe33347de
|
marvin/services: Mount dashy config
|
2022-07-22 15:11:17 -04:00 |
|
|
334cb36960
|
zaphod: Update programs and services
|
2022-07-22 15:10:40 -04:00 |
|
|
ce4c9055ec
|
hosts/zaphod: Misc edits
|
2022-07-21 11:53:08 +00:00 |
|
|
28a6be6bb0
|
hosts/marvin: Fix deemix string errors
|
2022-07-21 11:08:38 +00:00 |
|
|
531d29a432
|
hosts/zaphod: Enable pulseaudio tools
|
2022-07-21 11:06:59 +00:00 |
|
|
5afdc7df76
|
hosts/marvin: Fix deemix
|
2022-07-21 11:00:51 +00:00 |
|
|
51b12d5cf0
|
hosts/zaphod: Enable steam-run(-native)
|
2022-07-21 10:59:33 +00:00 |
|
|
9069c4c2a0
|
hosts/marvin: Enable deemix service
|
2022-07-21 10:58:27 +00:00 |
|
|
b3076c5732
|
updates from nixos install
|
2022-07-20 15:52:50 +00:00 |
|