daniel/dotfiles
1
0
Fork 0
Code Actions Activity
1104 commits 1 branch 0 tags 15 MiB
Commit graph

360 commits

Author SHA1 Message Date
Daniel Kempkens 779c2364a4
atticd: use postgres 2023-04-05 11:53:35 +02:00
Daniel Kempkens 9e70bc0291
atticd: use postgres 2023-04-05 11:50:40 +02:00
Daniel Kempkens 00109d7c09
atticd: use postgres 2023-04-05 11:39:43 +02:00
Daniel Kempkens 3dd11a9e6f
attic: update atticd config 2023-04-05 10:42:21 +02:00
Daniel Kempkens a4e71f9825
attic: nginx+attic cli 2023-04-05 10:10:31 +02:00
Daniel Kempkens 2d56d35892
attic: nginx+attic cli 2023-04-04 22:43:16 +02:00
Daniel Kempkens 51c1ce5812
attic: nginx+attic cli 2023-04-04 22:30:12 +02:00
Daniel Kempkens 75af9cd046
attic: add acme 2023-04-04 22:05:11 +02:00
Daniel Kempkens 80ba946430
attic: add binary cache 2023-04-04 20:26:21 +02:00
Daniel Kempkens 1231fd52bb
attic: add binary cache 2023-04-04 20:20:09 +02:00
Daniel Kempkens bf4b0eb3f8
attic: add binary cache 2023-04-04 20:16:11 +02:00
Daniel Kempkens 163183059a
atticd: fixup 2023-04-04 17:22:37 +02:00
Daniel Kempkens c84bdde758
atticd: init 2023-04-04 17:20:09 +02:00
Daniel Kempkens f809dc9c84
attic: fix 2023-04-04 15:10:18 +02:00
Daniel Kempkens 56d0e7b9fa
tailscale: use agenix 2023-04-04 15:05:39 +02:00
Daniel Kempkens 43ff628e80
system: init attic 2023-04-04 14:35:49 +02:00
Daniel Kempkens 99eb5964ad
invidious: Adjust channel_refresh_interval 2023-04-04 12:27:43 +02:00
Daniel Kempkens 7dfa718460
Styx: Update nix-gc interval 2023-04-04 10:41:30 +02:00
Daniel Kempkens 760be91370
nginx: re-enable quic/http3 2023-04-03 15:03:52 +02:00
Daniel Kempkens 0a0feed535
Revert "all frontends: try removing ipv6 addr" 
This reverts commit 1408ac1b74.
 2023-04-03 14:52:41 +02:00
Daniel Kempkens 1408ac1b74
all frontends: try removing ipv6 addr 2023-04-03 14:49:20 +02:00
Daniel Kempkens 7a2339231c
nginx: Enable zstd 2023-04-03 14:05:24 +02:00
Daniel Kempkens 2b4e2bb72a
sail: Reorder network config 2023-03-28 21:50:32 +02:00
Daniel Kempkens 13b37924c5
sail: Adjust networkd config 2023-03-28 19:20:58 +02:00
Daniel Kempkens fdc1e11bae
sail: Re-Enable IPv6 2023-03-28 18:25:45 +02:00
Daniel Kempkens 9804ec0042
sail: switch to networkd 2023-03-28 18:18:54 +02:00
Daniel Kempkens a5c8017ff3
sail: switch to networkd 2023-03-28 18:14:46 +02:00
Daniel Kempkens ba60ccfe29
sail: switch to networkd 2023-03-28 17:54:16 +02:00
Daniel Kempkens 417ff3a9b4
sail: switch to networkd 2023-03-28 17:42:22 +02:00
Daniel Kempkens bdb64abf93
Update deps 2023-03-24 20:16:19 +01:00
Daniel Kempkens 26235ed3d3
alt frontends: listen on ts ipv6 address 2023-03-24 15:37:06 +01:00
Daniel Kempkens ea675ad396
sail: Alternative frontends should only listen on tailscale 2023-03-23 10:11:11 +01:00
Daniel Kempkens 9132f1ed17
invidious: use quic 2023-03-22 11:13:57 +01:00
Daniel Kempkens c5b49d4446
atuin: use DynamicUser 2023-03-20 20:14:08 +01:00
Daniel Kempkens 70d1f841f5
nitter: pass config via LoadCredential 2023-03-20 19:47:31 +01:00
Daniel Kempkens 1d6ee0ba11
invidious: set external_port 2023-03-20 15:05:57 +01:00
Daniel Kempkens 756f8a4af3
invidious: only listen via tailscale 2023-03-20 14:24:04 +01:00
Daniel Kempkens 7c57c278a2
invidious: disable registrations 2023-03-20 14:10:00 +01:00
Daniel Kempkens 30355502e1
invidious: init 2023-03-20 14:07:23 +01:00
Daniel Kempkens 03860af6eb
invidious: init 2023-03-20 14:00:36 +01:00
Daniel Kempkens 06ebe75eb1
invidious: init 2023-03-20 13:49:46 +01:00
Daniel Kempkens baf0cb0b58
Styx: Do not cache to CF anymore 2023-03-20 13:48:37 +01:00
Daniel Kempkens c4cc5cf244
Styx: Use nix-darwin to init fish 2023-03-19 21:47:23 +01:00
Daniel Kempkens c78a5376c9
Remove all references to arion 2023-03-19 15:51:22 +01:00
Daniel Kempkens 4f68c3c328
adsb: Move to podman and remove arion 2023-03-19 13:04:48 +01:00
Daniel Kempkens 84b6a38492
wip: remove arion 2023-03-19 01:10:50 +01:00
Daniel Kempkens 2f9158254f
mosquitto: enable service 2023-03-17 22:05:18 +01:00
Daniel Kempkens 6be487f012
webserver: rename to weewx 2023-03-17 21:58:31 +01:00
Daniel Kempkens 5497d30b02
podman: Remove watchtower 2023-03-17 11:22:50 +01:00
Daniel Kempkens e77a675ff5
arion: Remove CNI Plugins 2023-03-17 00:18:49 +01:00
Daniel Kempkens ac158673d3
arion: Improvements to podman setup 2023-03-17 00:13:38 +01:00
Daniel Kempkens b949f5e9c7
arion: Improvements to podman setup 2023-03-17 00:08:43 +01:00
Daniel Kempkens 32ac241aca
arion: Switch to podman 2023-03-16 21:06:46 +01:00
Daniel Kempkens ab28770d44
arion: Switch to podman 2023-03-16 20:54:44 +01:00
Daniel Kempkens f9c16471ba
arion: Switch to podman 2023-03-16 20:49:12 +01:00
Daniel Kempkens d1e8296bc3
arion: Switch to podman 2023-03-16 20:46:27 +01:00
Daniel Kempkens db1c7e94b3
arion: Switch to podman 2023-03-16 20:34:49 +01:00
Daniel Kempkens 6529b5ac8a
arion: Switch to podman 2023-03-16 20:18:19 +01:00
Daniel Kempkens d7779eebfb
arion: Switch to podman 2023-03-16 20:17:52 +01:00
Daniel Kempkens a0a6f45a3a
arion: Switch to podman 2023-03-16 20:16:06 +01:00
Daniel Kempkens 07ca88bbc2
nginx: increase log buffering 2023-03-13 23:42:24 +01:00
Daniel Kempkens a58e6ba10d
nginx: log buffering 2023-03-13 23:38:11 +01:00
Daniel Kempkens 983638a4cd
fixup 2023-03-13 23:31:21 +01:00
Daniel Kempkens 80193701a2
nginx: Improve logging 2023-03-13 23:28:01 +01:00
Daniel Kempkens c84e190f19
watchtower: FW rules 2023-03-13 10:41:35 +01:00
Daniel Kempkens 20687306fb
watchtower: Run every 6h and update self 2023-03-13 09:53:59 +01:00
Daniel Kempkens 5107567c5d
watchtower: Run every 6h and update self 2023-03-13 09:50:54 +01:00
Daniel Kempkens c645eed5b9
watchtower: set hostname 2023-03-13 01:13:25 +01:00
Daniel Kempkens fba636d19a
watchtower: send notifcations via ntfy 2023-03-12 22:39:27 +01:00
Daniel Kempkens 5232858822
sail: Expose certain services only via SSL 2023-03-12 21:03:36 +01:00
Daniel Kempkens 5114ab5d10
atuin-sync: Remove unused FW rule 2023-03-12 20:54:01 +01:00
Daniel Kempkens 3f16f7de55
"Expose" atuin via HTTPS 2023-03-12 20:53:03 +01:00
Daniel Kempkens 2aa59d4534
acme: Reload nginx after cert change 2023-03-08 22:02:24 +01:00
Daniel Kempkens 6924f5cda0
synapse: fix 2023-03-07 12:07:07 +01:00
Daniel Kempkens 4a41edb9f1
sail: Enable KTLS on docs website(s) 2023-03-07 10:02:50 +01:00
Daniel Kempkens cbc86a4b60
mastodon: Hide upstream Strict-Transport-Security header 2023-03-07 09:56:19 +01:00
Daniel Kempkens 465392e82f
sail: Enable KTLS for mastodon-cdn 2023-03-07 08:51:09 +01:00
Daniel Kempkens 17c445c8e4
sail: Fix HSTS preload entries 2023-03-06 23:39:49 +01:00
Daniel Kempkens 6adbb3bbda
sail: Try setting STS headers for SSL only 2023-03-06 23:33:55 +01:00
Daniel Kempkens e7c000eb0c
sail: Try setting STS headers for SSL only 2023-03-06 23:32:06 +01:00
Daniel Kempkens 646c96fb6b
sail: Try setting STS headers for SSL only 2023-03-06 23:30:04 +01:00
Daniel Kempkens e6cebb3932
sail: Try setting STS headers for SSL only 2023-03-06 23:28:11 +01:00
Daniel Kempkens 7f01ca9bd0
sail: Try setting STS headers for SSL only 2023-03-06 23:27:39 +01:00
Daniel Kempkens 49ad022515
sail: Try setting STS headers for SSL only 2023-03-06 23:22:47 +01:00
Daniel Kempkens 0e10df1518
sail: Try setting STS headers for SSL only 2023-03-06 23:21:51 +01:00
Daniel Kempkens c0e051092f
sail: Remove cloudflared 2023-03-06 22:25:45 +01:00
Daniel Kempkens ee065a6fe9
Mastodon: Support all "old" paths 2023-03-06 22:00:48 +01:00
Daniel Kempkens dcd193e4e6
Mastodon: Remove assets from CF 2023-03-06 21:55:07 +01:00
Daniel Kempkens 7b49b86ac0
Mastodon: Remove assets from CF 2023-03-06 21:47:25 +01:00
Daniel Kempkens 7bdf08abd1
Mastodon: Remove assets from CF 2023-03-06 21:24:46 +01:00
Daniel Kempkens 32c7a32567
synapse: Fixup 2023-03-06 19:09:07 +01:00
Daniel Kempkens 0145e37a75
synapse: Expose 8443 2023-03-06 19:05:44 +01:00
Daniel Kempkens 0bc2169913
sail: Remove Matrix from CF 2023-03-06 18:23:32 +01:00
Daniel Kempkens c088193e28
sail: Partially move Mastodon off of CF 2023-03-06 17:11:13 +01:00
Daniel Kempkens a50276f120
freshrss: Add missing fastcgi params 2023-03-06 16:06:32 +01:00
Daniel Kempkens 8580d4ec26
freshrss: do not use auto-generated nginx entry 2023-03-06 15:58:28 +01:00
Daniel Kempkens 714dc0eee0
sail: Move more from CF 2023-03-06 15:25:59 +01:00
Daniel Kempkens 69948f06ce
sail: Move docs from CF 2023-03-06 12:06:59 +01:00
Daniel Kempkens dfcc5d6f8f
sail: Open HTTP3 FW port 2023-03-06 10:45:35 +01:00
Daniel Kempkens 2ac52f1b02
sail: Enable HTTP3 2023-03-06 10:21:34 +01:00
Daniel Kempkens 779371ac42
sail: Move more hosts away from CF 2023-03-06 09:55:28 +01:00
Daniel Kempkens 2ba78483db
acme: fix group 2023-03-05 23:54:42 +01:00
Daniel Kempkens c01d25d3fe
sail: Update libreddit nginx config 2023-03-05 23:51:30 +01:00
Daniel Kempkens d86187e2ee
sail: make firewall rules more specific 2023-03-05 23:28:42 +01:00
Daniel Kempkens c3cb43184c
acme: fixup 2023-03-05 23:12:10 +01:00
Daniel Kempkens fa9530f333
sail: wip acme 2023-03-05 23:02:49 +01:00
Daniel Kempkens ea0338519d
Add rimgo 2023-03-05 19:22:15 +01:00
Daniel Kempkens d0eb8bfc11
Update deps and switch from agenix to ragenix 2023-03-01 14:34:08 +01:00
Daniel Kempkens 6f4c6c8072
proxitok: init 2023-02-28 14:55:57 +01:00
Daniel Kempkens 7a2a9cc8a5
atuin: sync 2023-02-27 18:00:44 +01:00
Daniel Kempkens 245401d863
atuin: fix 2023-02-27 17:53:15 +01:00
Daniel Kempkens 72d6c61680
atuin: init 2023-02-27 17:51:39 +01:00
Daniel Kempkens f64bbca4a9
sail/adsb-antenna: Install less docs 2023-02-23 21:41:41 +01:00
Daniel Kempkens b2b56817ba
nginx: Update configuration 2023-02-20 20:24:34 +01:00
Daniel Kempkens 3db8d61739
ntfy-sh: specify upstream 2023-02-18 21:29:47 +01:00
Daniel Kempkens 4e19bb4ab0
ntfy-sh: listen on http 2023-02-18 21:02:42 +01:00
Daniel Kempkens f280c8f1c4
ntfy-sh: update nginx config 2023-02-18 20:58:46 +01:00
Daniel Kempkens 934a2b7475
ntfy-sh: update cache path 2023-02-18 20:57:42 +01:00
Daniel Kempkens 3648b19d9d
ntfy-sh: init 2023-02-18 20:54:15 +01:00
Daniel Kempkens 1177605b6c
anonymous-overflow: Serve /static via nginx 2023-02-16 00:59:20 +01:00
Daniel Kempkens c9cb1639b4
anonymous-overflow: Enable some hardening flags 2023-02-16 00:43:22 +01:00
Daniel Kempkens af44f6050c
anonymous-overflow: Force auth 2023-02-15 22:11:46 +01:00
Daniel Kempkens bb911d8842
anonymous-overflow: Include static files 2023-02-15 22:04:11 +01:00
Daniel Kempkens 0d1181815a
anonymous-overflow: Remove from sail for now 2023-02-15 20:53:28 +01:00
Daniel Kempkens 8604b828fc
anonymous-overflow: Simplify systemd config 2023-02-15 20:50:43 +01:00
Daniel Kempkens 7f0fc887b8
anonymous-overflow: init 2023-02-15 20:35:46 +01:00
Daniel Kempkens dd5eeafd65
nitter: Start after network-online.target 2023-02-14 20:05:02 +01:00
Daniel Kempkens d28d28d6ee
nitter: Use package 2023-02-14 11:04:10 +01:00
Daniel Kempkens 1f3d539f75
nitter: Refactor 2023-02-13 22:06:22 +01:00
Daniel Kempkens c43ef3fe59
nitter: Allow favicons 2023-02-13 21:57:17 +01:00
Daniel Kempkens 2c37e54b8d
nitter: Allow apple-touch-icon.png 2023-02-13 21:52:49 +01:00
Daniel Kempkens 4cb73927aa
nitter: Allow favicon.ico 2023-02-13 21:47:25 +01:00
Daniel Kempkens 2b19cbf0ce
nitter: Disable auth for pics and videos 2023-02-13 21:39:00 +01:00
Daniel Kempkens 3454e7c862
libreddit: Proxy through nginx 2023-02-13 20:15:10 +01:00
Daniel Kempkens 2d2e0f9022
nitter: Proxy through nginx 2023-02-13 20:04:45 +01:00
Daniel Kempkens 4223a36be6
nitter: Extract from webserver config 2023-02-13 19:44:04 +01:00
Daniel Kempkens 974c93298d
sail: Install libreddit 2023-02-12 22:13:30 +01:00
Daniel Kempkens 79de75f874
cloudflared: access token using agenix 2023-02-06 11:48:05 +01:00
Daniel Kempkens f1a5a4bb26
fixup 2023-02-05 23:35:54 +01:00
Daniel Kempkens cfd3012572
fixup 2023-02-05 23:29:37 +01:00
Daniel Kempkens 8cc4522153
synapse: move secrets to agenix 2023-02-05 23:25:57 +01:00
Daniel Kempkens e7c94b293c
mastodon: move extra config to age-encrypted file 2023-02-05 21:08:03 +01:00
Daniel Kempkens 93939f4664
mastodon: use agenix 2023-02-05 20:32:19 +01:00
Daniel Kempkens c3edc30ee7
freshrss: Store secrets using agenix 2023-02-05 18:06:51 +01:00
Daniel Kempkens b2958aea7c
WIP: Play with agenix 2023-02-05 17:52:42 +01:00
Daniel Kempkens 652462fb5d
WIP: Play with agenix 2023-02-05 17:51:04 +01:00
Daniel Kempkens 65f638cd70
sail: Change route order 2023-02-03 23:58:17 +01:00
Daniel Kempkens 06f36bd60d
sail: Re-introduce static internal network interface 2023-02-03 23:52:44 +01:00
Daniel Kempkens a622fbb728
revert 2023-02-03 23:47:08 +01:00
Daniel Kempkens dc96c59e1c
sail: Static internal network config 2023-02-03 23:36:20 +01:00