1
0
Fork 0
Commit graph

547 commits

Author SHA1 Message Date
80193701a2
nginx: Improve logging 2023-03-13 23:28:01 +01:00
c84e190f19
watchtower: FW rules 2023-03-13 10:41:35 +01:00
20687306fb
watchtower: Run every 6h and update self 2023-03-13 09:53:59 +01:00
5107567c5d
watchtower: Run every 6h and update self 2023-03-13 09:50:54 +01:00
c645eed5b9
watchtower: set hostname 2023-03-13 01:13:25 +01:00
fba636d19a
watchtower: send notifcations via ntfy 2023-03-12 22:39:27 +01:00
5232858822
sail: Expose certain services only via SSL 2023-03-12 21:03:36 +01:00
5114ab5d10
atuin-sync: Remove unused FW rule 2023-03-12 20:54:01 +01:00
3f16f7de55
"Expose" atuin via HTTPS 2023-03-12 20:53:03 +01:00
2aa59d4534
acme: Reload nginx after cert change 2023-03-08 22:02:24 +01:00
6924f5cda0
synapse: fix 2023-03-07 12:07:07 +01:00
4a41edb9f1
sail: Enable KTLS on docs website(s) 2023-03-07 10:02:50 +01:00
cbc86a4b60
mastodon: Hide upstream Strict-Transport-Security header 2023-03-07 09:56:19 +01:00
465392e82f
sail: Enable KTLS for mastodon-cdn 2023-03-07 08:51:09 +01:00
17c445c8e4
sail: Fix HSTS preload entries 2023-03-06 23:39:49 +01:00
6adbb3bbda
sail: Try setting STS headers for SSL only 2023-03-06 23:33:55 +01:00
e7c000eb0c
sail: Try setting STS headers for SSL only 2023-03-06 23:32:06 +01:00
646c96fb6b
sail: Try setting STS headers for SSL only 2023-03-06 23:30:04 +01:00
e6cebb3932
sail: Try setting STS headers for SSL only 2023-03-06 23:28:11 +01:00
7f01ca9bd0
sail: Try setting STS headers for SSL only 2023-03-06 23:27:39 +01:00
49ad022515
sail: Try setting STS headers for SSL only 2023-03-06 23:22:47 +01:00
0e10df1518
sail: Try setting STS headers for SSL only 2023-03-06 23:21:51 +01:00
c0e051092f
sail: Remove cloudflared 2023-03-06 22:25:45 +01:00
ee065a6fe9
Mastodon: Support all "old" paths 2023-03-06 22:00:48 +01:00
dcd193e4e6
Mastodon: Remove assets from CF 2023-03-06 21:55:07 +01:00
7b49b86ac0
Mastodon: Remove assets from CF 2023-03-06 21:47:25 +01:00
7bdf08abd1
Mastodon: Remove assets from CF 2023-03-06 21:24:46 +01:00
32c7a32567
synapse: Fixup 2023-03-06 19:09:07 +01:00
0145e37a75
synapse: Expose 8443 2023-03-06 19:05:44 +01:00
0bc2169913
sail: Remove Matrix from CF 2023-03-06 18:23:32 +01:00
c088193e28
sail: Partially move Mastodon off of CF 2023-03-06 17:11:13 +01:00
a50276f120
freshrss: Add missing fastcgi params 2023-03-06 16:06:32 +01:00
8580d4ec26
freshrss: do not use auto-generated nginx entry 2023-03-06 15:58:28 +01:00
714dc0eee0
sail: Move more from CF 2023-03-06 15:25:59 +01:00
69948f06ce
sail: Move docs from CF 2023-03-06 12:06:59 +01:00
dfcc5d6f8f
sail: Open HTTP3 FW port 2023-03-06 10:45:35 +01:00
2ac52f1b02
sail: Enable HTTP3 2023-03-06 10:21:34 +01:00
779371ac42
sail: Move more hosts away from CF 2023-03-06 09:55:28 +01:00
2ba78483db
acme: fix group 2023-03-05 23:54:42 +01:00
c01d25d3fe
sail: Update libreddit nginx config 2023-03-05 23:51:30 +01:00
d86187e2ee
sail: make firewall rules more specific 2023-03-05 23:28:42 +01:00
c3cb43184c
acme: fixup 2023-03-05 23:12:10 +01:00
fa9530f333
sail: wip acme 2023-03-05 23:02:49 +01:00
ea0338519d
Add rimgo 2023-03-05 19:22:15 +01:00
d0eb8bfc11
Update deps and switch from agenix to ragenix 2023-03-01 14:34:08 +01:00
6f4c6c8072
proxitok: init 2023-02-28 14:55:57 +01:00
7a2a9cc8a5
atuin: sync 2023-02-27 18:00:44 +01:00
245401d863
atuin: fix 2023-02-27 17:53:15 +01:00
72d6c61680
atuin: init 2023-02-27 17:51:39 +01:00
f64bbca4a9
sail/adsb-antenna: Install less docs 2023-02-23 21:41:41 +01:00
b2b56817ba
nginx: Update configuration 2023-02-20 20:24:34 +01:00
3db8d61739
ntfy-sh: specify upstream 2023-02-18 21:29:47 +01:00
4e19bb4ab0
ntfy-sh: listen on http 2023-02-18 21:02:42 +01:00
f280c8f1c4
ntfy-sh: update nginx config 2023-02-18 20:58:46 +01:00
934a2b7475
ntfy-sh: update cache path 2023-02-18 20:57:42 +01:00
3648b19d9d
ntfy-sh: init 2023-02-18 20:54:15 +01:00
1177605b6c
anonymous-overflow: Serve /static via nginx 2023-02-16 00:59:20 +01:00
c9cb1639b4
anonymous-overflow: Enable some hardening flags 2023-02-16 00:43:22 +01:00
af44f6050c
anonymous-overflow: Force auth 2023-02-15 22:11:46 +01:00
bb911d8842
anonymous-overflow: Include static files 2023-02-15 22:04:11 +01:00
0d1181815a
anonymous-overflow: Remove from sail for now 2023-02-15 20:53:28 +01:00
8604b828fc
anonymous-overflow: Simplify systemd config 2023-02-15 20:50:43 +01:00
7f0fc887b8
anonymous-overflow: init 2023-02-15 20:35:46 +01:00
dd5eeafd65
nitter: Start after network-online.target 2023-02-14 20:05:02 +01:00
d28d28d6ee
nitter: Use package 2023-02-14 11:04:10 +01:00
1f3d539f75
nitter: Refactor 2023-02-13 22:06:22 +01:00
c43ef3fe59
nitter: Allow favicons 2023-02-13 21:57:17 +01:00
2c37e54b8d
nitter: Allow apple-touch-icon.png 2023-02-13 21:52:49 +01:00
4cb73927aa
nitter: Allow favicon.ico 2023-02-13 21:47:25 +01:00
2b19cbf0ce
nitter: Disable auth for pics and videos 2023-02-13 21:39:00 +01:00
3454e7c862
libreddit: Proxy through nginx 2023-02-13 20:15:10 +01:00
2d2e0f9022
nitter: Proxy through nginx 2023-02-13 20:04:45 +01:00
4223a36be6
nitter: Extract from webserver config 2023-02-13 19:44:04 +01:00
974c93298d
sail: Install libreddit 2023-02-12 22:13:30 +01:00
79de75f874
cloudflared: access token using agenix 2023-02-06 11:48:05 +01:00
f1a5a4bb26
fixup 2023-02-05 23:35:54 +01:00
cfd3012572
fixup 2023-02-05 23:29:37 +01:00
8cc4522153
synapse: move secrets to agenix 2023-02-05 23:25:57 +01:00
e7c94b293c
mastodon: move extra config to age-encrypted file 2023-02-05 21:08:03 +01:00
93939f4664
mastodon: use agenix 2023-02-05 20:32:19 +01:00
c3edc30ee7
freshrss: Store secrets using agenix 2023-02-05 18:06:51 +01:00
b2958aea7c
WIP: Play with agenix 2023-02-05 17:52:42 +01:00
652462fb5d
WIP: Play with agenix 2023-02-05 17:51:04 +01:00
65f638cd70
sail: Change route order 2023-02-03 23:58:17 +01:00
06f36bd60d
sail: Re-introduce static internal network interface 2023-02-03 23:52:44 +01:00
a622fbb728
revert 2023-02-03 23:47:08 +01:00
dc96c59e1c
sail: Static internal network config 2023-02-03 23:36:20 +01:00
15ad9892a0
Matrix: Remove Telegram 2023-02-03 22:11:57 +01:00
9b5e7ddf65
Add freshrss 2023-01-24 14:33:54 +01:00
43ac92e3db
Update deps 2023-01-24 10:24:43 +01:00
3161b2182a
ssh: Adjust settings 2023-01-22 13:50:29 +01:00
40c813879e
Update deps 2023-01-02 00:30:54 +01:00
24624980e1
Update deps 2022-12-31 16:26:44 +01:00
611f9a44c6
darwin: Enable sudo with TouchID 2022-12-28 23:25:11 +01:00
2bbe3b61d0
mastodon: Fix CDN redirect path 2022-12-27 22:57:05 +01:00
9bcc7db174
mastodon: Redirect pre-CDN file paths 2022-12-27 22:46:05 +01:00
745618bd76
docs: listen on localhost only 2022-12-26 18:17:59 +01:00
5547896f51
mastodon: Only listen on localhost 2022-12-26 18:08:25 +01:00
984b087834
cloudflared: Rename tunnel 2022-12-26 17:58:03 +01:00
953471a13b
cloudflared: Import 2022-12-26 17:55:17 +01:00
4033de5a8b
cloudflared: Install without Docker 2022-12-26 17:53:28 +01:00
45e88f38e5
mastodon: S3 2022-12-26 01:28:45 +01:00
0e026343e8
mastodon: S3 2022-12-26 01:26:33 +01:00
5886dd8c64
Set stateVersion 2022-12-25 22:13:07 +01:00
6a3c0ff0c0
mastodon: enable elasticsearch 2022-12-23 17:08:24 +01:00
03c6d3165f
mastodon: Set proxy_force_ranges 2022-12-20 17:47:13 +01:00
4983fb551e
Switch from kitty to wezterm 2022-12-19 22:02:48 +01:00
56e3d8f9e4
Keep less data on disk 2022-12-01 22:48:43 +01:00
910816f0b9
website: Remove docs Docker container 2022-12-01 16:21:38 +01:00
1edc83f108
fixup 2022-12-01 15:56:38 +01:00
f12a00b045
wip: expose websites via nginx 2022-12-01 15:51:08 +01:00
b6635d58af
fixuo 2022-11-30 00:16:26 +01:00
178ae6f82e
mastodon: adjustments for smaller install 2022-11-30 00:13:09 +01:00
9e6f1de52a
mastodon: add nginx to mastodon group 2022-11-29 21:28:18 +01:00
59b2c3b243
mastodon: update X-Forwarded-For 2022-11-29 17:45:06 +01:00
a3b75eee37
mastodon: change smtp port 2022-11-29 17:03:25 +01:00
2deebeaac4
mastodon: adjust proxy config 2022-11-29 16:52:49 +01:00
60a78cf8c6
mastodon: adjust proxy config 2022-11-29 16:51:16 +01:00
4a028c652b
mastodon: Set LOCAL_HTTPS 2022-11-29 16:19:08 +01:00
6a9dc5ed02
mastodon: Set LOCAL_HTTPS 2022-11-29 16:18:03 +01:00
02a58aeac0
mastodon: adjust proxyPass 2022-11-29 16:03:39 +01:00
0fd89cd69c
mastodon: adjust firewall 2022-11-29 15:58:30 +01:00
50551c14e2
mastodon: fix trustedProxy 2022-11-29 15:54:13 +01:00
a8af700e66
mastodon: configure nginx 2022-11-29 15:51:54 +01:00
b6538568b1
mastodon: setup 2022-11-29 15:17:35 +01:00
7b2210549d
cleanup 2022-11-27 23:13:52 +01:00
e8d15a1267
synapse: update blocklist 2022-11-27 23:11:46 +01:00
09595d84f2
synapse: bridge registrations 2022-11-27 22:32:12 +01:00
989e4e1ba6
synapse: open firewall 2022-11-27 22:26:19 +01:00
8be5f51ce5
synapse: fix db config 2022-11-27 22:20:52 +01:00
c53b7aa5db
dendrite -> synapse 2022-11-27 22:14:38 +01:00
7d0fd438fc
matrix: update config 2022-11-27 20:55:50 +01:00
20194c1071
dendrite: configure mautrix-telegram 2022-11-27 20:00:50 +01:00
aa37b7c572
sail: Add matrix containers 2022-11-27 19:53:13 +01:00
9d9f43c7c3
dendrite: Allow TCP port 2022-11-27 18:16:38 +01:00
0fbb7ea273
Fix dendrite secrets 2022-11-27 17:31:25 +01:00
6de79b3c5c
wip 2022-11-27 17:12:49 +01:00
f6856454e8
Move Synapse to webserver 2022-11-11 16:11:54 +01:00
e60552bf09
sail: Start Synapse 2022-11-11 15:14:54 +01:00
300ae4a691
Update deps 2022-10-26 16:10:57 +02:00
b616d0a362
nix-darwin: Fix Ventura fontrestore 2022-10-26 09:55:10 +02:00
5bcc409a37
Update deps 2022-10-24 13:19:23 +02:00
383ecccd04
Update deps 2022-09-26 15:23:14 +02:00
f82950869f
adsb-antenna: Remove cores and max-jobs limit 2022-08-24 00:38:47 +02:00
5e0a5d9470
Add RaspberryPi specific programs 2022-08-24 00:05:38 +02:00
ca818ed4ce Styx: Adjust to nix-darwin updates 2022-08-22 21:15:44 +02:00
88a0f007fe Update nvim plugins 2022-08-18 23:12:16 +02:00
b9cb371d04 adsb-antenna: Only use 2 cores 2022-08-18 13:26:12 +02:00
9799cea989 nvim: Improve search count statusline condition 2022-08-17 23:18:53 +02:00
3a16434ce1 Remove arion flake 2022-08-13 15:07:31 +02:00
e6e9d0e3b0 Remove zig overlay - builds on macOS now 2022-08-11 10:53:40 +02:00
245da596d0 adsb-antenna: Build less 2022-08-09 21:10:52 +02:00
fe7742c8e0 adsb-antenna: Custom nix cache 2022-08-09 20:54:07 +02:00
db8b8796c2 sail: Enable custom cache 2022-08-09 19:14:56 +02:00
82af968372 sail: Enable custom cache 2022-08-09 19:14:22 +02:00
0468835053 Updates 2022-08-09 18:30:54 +02:00
7d868dc341 adsb-antenna: Disable distributed builds 2022-08-08 21:35:49 +02:00
5cc38b3b38 Update deps 2022-08-08 21:15:11 +02:00
c0336ccadb Use sail for aarch64-linux 2022-08-07 19:45:07 +02:00
9db43682ee sail: Cross-compile aarch64 2022-08-07 17:54:05 +02:00
be23a25c8c adsb-antenna: Adjust max-jobs and cores 2022-08-06 12:41:48 +02:00
eeb8c93adf Add cachix cache 2022-08-06 11:17:13 +02:00
104abdf163 Update NixOS cache config 2022-08-05 11:37:45 +02:00
3c6cd95a91 Docker: Setup watchtower 2022-08-05 00:40:11 +02:00
0d74805973 Styx: Enable distributed builds 2022-08-04 20:14:10 +02:00
b322d26cda adsb: Rename some variables 2022-08-04 20:11:40 +02:00
5809bc1431 Update adsb configuration 2022-08-02 18:44:26 +02:00
03c64e4f94 WIP: adsb-antenna system 2022-08-01 22:39:14 +02:00
1abb54693d sail: fish shell 2022-08-01 12:24:30 +02:00
0f65cfde49 ssh: Manage some public keys via nix 2022-08-01 00:23:56 +02:00
cb1f090b97 nixos: Harden ssh a bit 2022-07-31 21:23:28 +02:00
c35c48911b sail: Fix nixpkgs home-manager path 2022-07-31 21:01:10 +02:00
cfd3a757be sail: Fix module name 2022-07-31 20:55:17 +02:00
5ead6d2283 Fix inputs reference 2022-07-31 20:49:51 +02:00
7e52b0d586 sail: home-manager setup 2022-07-31 20:48:49 +02:00
ef3cea71ee sail: Add user 2022-07-31 20:33:19 +02:00
e939b997db sail: Disable DHCP on veth 2022-07-31 15:21:51 +02:00
5799cc1ce4 WIP: weewx 2022-07-31 15:10:28 +02:00
b100e88fdd sail: Add tailscale 2022-07-31 14:03:27 +02:00
70381b00e0 webserver: Add traefik container 2022-07-31 12:23:30 +02:00
bf0732c6ae WIP: mosquitto config 2022-07-31 00:36:06 +02:00
088ab6419b Add IPv6 config 2022-07-30 22:55:19 +02:00
c5a5a52af7 NixOS: Install git-crypt 2022-07-30 22:47:38 +02:00
09af4c843b arion: Use docker instead of podman 2022-07-30 21:51:18 +02:00
01d4692639 fixup 2022-07-30 21:41:46 +02:00
33e742804a Use arion overlay 2022-07-30 21:38:01 +02:00
78eacc70a2 WIP: Containers using arion 2022-07-30 21:19:14 +02:00
1913db2b68 Enable local arion deployments 2022-07-30 20:27:33 +02:00
798417376f Remove arion flake input 2022-07-30 20:19:21 +02:00
75149c7344 Arion: Add flake 2022-07-30 20:17:39 +02:00
d2775c6e85 Refactor sail configuration 2022-07-30 19:49:04 +02:00
dfe6e02576 sail: Install git 2022-07-30 19:37:06 +02:00
92b61b18bd WIP: Add webserver 2022-07-30 18:19:49 +02:00
a3b4ab95f3 Prepare multi-system support 2022-07-29 20:13:31 +02:00
060ec29bd3 Update nix-darwin 2022-04-19 23:43:35 +02:00
6ac73ae2a2 Add some fonts 2022-02-15 10:37:12 +01:00
4f65146fb8 nix-darwin: Dock configuration 2022-02-06 15:03:02 +01:00