felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2026-05-28 17:21:12 +02:00
Code Issues Projects Releases Wiki Activity
1,056 Commits 38 Branches 0 Tags
0c453450509875f831729a523a32f8ab2882da1c
Commit Graph

85 Commits

Author SHA1 Message Date
h7x4
654eeb83d8 base: tag generation as dirty if built from uncommitted source code 2026-05-28 04:39:49 +09:00
h7x4
e062a849f3 base/scrutiny-collector: disable if machine is qemu guest 2026-05-27 23:45:30 +09:00
h7x4
c2d6989350 base/scrutiny-collector: init 2026-05-27 23:35:32 +09:00
h7x4
0e2a8ed3ed base/polkit: let wheel users use AUTH_KEEP_SELF for systemd actions 2026-05-27 14:13:36 +09:00
h7x4
3f5eadcb87 base/resolved: use RFC42 format 2026-05-25 10:40:04 +09:00
h7x4
70c0ad8724 base: use RFC42 format for systemd.sleep 2026-05-25 10:40:04 +09:00
h7x4
d92a5f13ad base/journald-upload: fix target url 2026-05-24 16:41:54 +09:00
h7x4
6fcc19f0a2 base/fluentbit: init 2026-05-22 15:32:13 +09:00
h7x4
9224f04bd1 base/promtail: remove 2026-05-22 15:32:13 +09:00
h7x4
08a23bd380 base/hardening: ban a few more modules 2026-05-20 23:15:25 +09:00
h7x4
28b67c3578 base/mitigations: blacklist modules for copyfail and pintheft 2026-05-20 23:15:25 +09:00
h7x4
baeb1e5e60 base/hardening: move hardening options from base/default 2026-05-08 16:23:17 +09:00
h7x4
86ca8dcdc3 base/hardening: ban a bunch more unimportant kernel modules 2026-05-08 16:23:17 +09:00
Daniel Olsen
14994485c5 base: mitigate dirtyfrag 2026-05-08 01:03:45 +02:00
Felix Albrigtsen
2efe4a1d1e Revert "base/acme: use different email alias for account" 
This reverts commit 0d40c7d7a7.
 2026-03-22 12:52:33 +01:00
h7x4
0d40c7d7a7 base/acme: use different email alias for account 2026-02-13 19:45:45 +09:00
h7x4
304304185c base: add lsof to list of default installed packages 2026-02-02 23:59:35 +09:00
h7x4
ea6296f47a base/vm: disable graphics for vms by default 2026-01-26 17:08:35 +09:00
h7x4
7d451f1db5 base/auto-upgrade: don't install flake-inputs.json when disabled 2026-01-26 15:42:56 +09:00
h7x4
1d57cec04d base/acme: remove deprecated argument 2026-01-26 15:07:40 +09:00
h7x4
1b6ff9876d Remove global packages from users, skrott: remove neovim properly 2026-01-26 13:16:06 +09:00
h7x4
c061c5be0c base: re-enable mutableUsers (absolute state) 2026-01-26 00:25:20 +09:00
h7x4
1d47409d96 base: configure sops 2026-01-22 16:48:59 +09:00
h7x4
f7757d697d base: don't install dynamic loader stub 2026-01-22 16:13:36 +09:00
h7x4
9f43ea887e base: OOM early on nixos rebuilds 2026-01-22 16:13:20 +09:00
h7x4
5f94345a91 hosts/various: enable qemu guest agent, disable smartd for vms by default 2026-01-22 16:05:36 +09:00
h7x4
89ea5b321a hosts/various: use systemd-boot as default bootloader 2026-01-22 15:49:50 +09:00
h7x4
e2f3c81ecd base: move package list to separate file 2026-01-22 15:35:18 +09:00
h7x4
a4c3aaa402 base: provide reasoning for packages, add a few new ones 2026-01-22 15:31:48 +09:00
h7x4
5714efc668 modules/grzegorz: override base certificate config 2026-01-22 15:10:50 +09:00
h7x4
d5199779a6 base: disable fontconfig by default 2026-01-22 14:57:00 +09:00
h7x4
ae3c7019ef base: disable hibernation and sleep 2026-01-22 14:54:35 +09:00
h7x4
73dc9306f1 base: no mutable users by default 2026-01-22 14:51:24 +09:00
h7x4
09d72305e2 base/nginx: return 444 on fqdn virtualHost by default 2026-01-21 23:17:47 +09:00
h7x4
3a0ea9c338 base/polkit: default to username if in group wheel 2026-01-17 03:59:55 +09:00
h7x4
1c021cd789 base/packages: add net-tools 2026-01-15 17:49:42 +09:00
h7x4
d93bdd8493 journald-upload: use ipv4 temporarily, restrict firewall to ildkule 2026-01-15 17:38:27 +09:00
h7x4
024dae4226 journald-{remote,upload}: init 2026-01-15 15:50:49 +09:00
h7x4
cd6f35a42d base/auto-upgrade: display build logs in journalctl 2026-01-13 19:59:43 +09:00
h7x4
4abe86dc07 base/roowho2: traffic filter to PVV IP-space 2026-01-06 12:23:39 +09:00
h7x4
25c8171e3d base/roowho2: init 2026-01-06 12:23:39 +09:00
h7x4
16891ff521 misc/metrics-exporters: move to base 2025-12-30 00:32:25 +09:00
h7x4
aa6f7e3038 base/nginx: enable extra listen paramenters by default 2025-12-24 13:44:58 +09:00
h7x4
0a8702e3ba flake-input-exporter: replace hardcoded ip space with ones from values 2025-12-22 10:30:55 +09:00
h7x4
3ae26bc53f base/nix: use auto allocated users 2025-12-05 02:25:28 +09:00
h7x4
d666aa6c33 base/postfix: migrate config to new format 2025-12-05 02:23:46 +09:00
Daniel Olsen
3faad36418 base/nixos-exporter: allow localhost to fetch 2025-10-13 06:41:28 +02:00
Daniel Olsen
9e51bdb373 base/nixos-exporter: listen on own server block 2025-10-12 16:42:42 +02:00
fredrikr79
c7930b793a base: create flake input exporter 2025-10-12 05:23:54 +02:00
h7x4
8dcd471a6f base: don't lock kernel modules lmao 2025-08-03 04:36:10 +02:00