felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2026-05-28 17:21:12 +02:00
Code Issues Projects Releases Wiki Activity
1,056 Commits 38 Branches 0 Tags
0c453450509875f831729a523a32f8ab2882da1c
Commit Graph

556 Commits

Author SHA1 Message Date
h7x4
0c45345050 bicep/matrix-ooye harden 2026-05-28 16:07:36 +09:00
h7x4
788f23bf04 bicep/matrix-hookshot: harden 2026-05-28 15:58:04 +09:00
h7x4
8416014aeb bicep/mjolnir: harden 2026-05-28 15:58:04 +09:00
h7x4
5bf0de1d0d bekkalokk/website/fetch-gallery: use proper shellscript builder 2026-05-28 03:58:08 +09:00
h7x4
a550bbf1e0 bekkalokk/roundcube: use specialized builder for nginx root dir 2026-05-28 03:46:59 +09:00
h7x4
6d9bd8256f kommode/gitea/install-customization: disable networking 2026-05-28 03:15:47 +09:00
h7x4
5c859d9809 kommode/gitea/install-customization: remove ExecStart bash wrapper 2026-05-28 03:15:06 +09:00
h7x4
dfbed75cd9 kommode/gitea/gpg: remove ExecStart bash wrapper 2026-05-28 03:06:07 +09:00
h7x4
6237a0a0e7 bicep/minecraft-heatmap: remove ExecStartPre bash wrapper 2026-05-28 03:03:38 +09:00
h7x4
bd2263a0a9 kommode/gitea/import-users: remove ExecStartPre bash wrapper 2026-05-28 03:02:59 +09:00
h7x4
532e8b0eee bekkalokk/mediawiki: install PdfHandler extension 2026-05-28 01:22:13 +09:00
h7x4
eef3f8fe8b bekkalokk/mediawiki: cleanup executable path config 2026-05-28 01:22:13 +09:00
h7x4
b0f81c9379 lupine/smartd: reenable 2026-05-27 23:41:54 +09:00
h7x4
2c819776f8 treewide/nginx: enable kTLS for a bunch more virtualHosts 2026-05-27 23:36:18 +09:00
h7x4
2b4817b75a ildkule/scrutiny: init 2026-05-27 23:33:45 +09:00
h7x4
47a744f68f ildkule/uptime-kuma: set up rsync pull target for principal 2026-05-26 13:37:29 +09:00
Vegard Bieker Matthey
da505d4fe2 kommode: sign merge commits and sign crud actions 2026-05-25 20:21:23 +02:00
h7x4
18ab1ef982 temmie/userweb: set -i and -t in sendmail wrapper 2026-05-25 18:49:57 +09:00
h7x4
5023edeb13 temmie/userweb: install mod_perl with custom env 2026-05-25 18:24:23 +09:00
h7x4
0d8c26c548 temmie/userweb: send propagatedBuildInputs through perl env wrapper 2026-05-25 17:05:02 +09:00
h7x4
bd244e7797 temmie/userweb: add www2 server alias 2026-05-25 16:24:35 +09:00
h7x4
e9220bb31e temmie/userweb: use www-datas UID + GID for backwards compat 2026-05-25 15:25:26 +09:00
h7x4
6beb9c62c3 temmie/userweb: use bro to proxy sendmail requests out of sandbox 2026-05-25 15:02:40 +09:00
Vegard Bieker Matthey
0319858cad Merge branch 'gluttony-bluemap' 2026-05-25 03:32:15 +02:00
Vegard Bieker Matthey
efd50868e0 bekkalokk: add back config added through bluemap module 2026-05-25 03:28:49 +02:00
Vegard Bieker Matthey
7a23cf7f25 bekkalokk: remove bluemap 2026-05-25 03:28:30 +02:00
Vegard Bieker Matthey
57963fadd7 gluttony: add private key and set public key for bekkalokk 2026-05-25 03:22:13 +02:00
Vegard Bieker Matthey
792f111a5d bekkalokk: pull rendered map from gluttony 2026-05-25 03:22:13 +02:00
Vegard Bieker Matthey
b27859c0fa gluttony: export rendered bluemap to bekkalokk 2026-05-25 03:22:09 +02:00
Vegard Bieker Matthey
c59c00f3fc gluttony: setup bluemap 2026-05-25 03:20:21 +02:00
Daniel Olsen
09163b77da Revert "bicep/matrix/livekit: open the rtc ports" 
This reverts commit 4a67eddf52.
 2026-05-23 23:23:41 +02:00
Vegard Bieker Matthey
6cca1db3b3 bekkalokk: fix permissions for mediawiki secrets 2026-05-22 20:21:24 +02:00
Vegard Bieker Matthey
bfd83c4c64 uptime-kuma: wants to use /var/lib/private for state 2026-05-22 17:58:00 +02:00
h7x4
9a6fdecb03 kommode/gitea/dump: only keep a single dump at a time 2026-05-22 18:27:57 +09:00
h7x4
82ab97fb45 bekkalokk/roundcube: restart service on changed sops secrets 2026-05-22 18:10:44 +09:00
h7x4
543fd19f8d bekkalokk/vaultwarden: restart service on changed sops secrets 2026-05-22 18:10:40 +09:00
h7x4
6f99fa575d bekkalokk/vaultwarden: render environment_file as sops template 2026-05-22 18:02:13 +09:00
h7x4
3141b1f76b bekkalokk/vaultwarden: remove redundant hardening 
This has already been upstreamed
 2026-05-22 17:51:03 +09:00
h7x4
475f6a8c9b bekkalokk/vaultwarden: add rsa key to sops 2026-05-22 17:49:31 +09:00
h7x4
9c1687f8f2 bekkalokk/vaultwarden: use envvar keys 
It seems like the nixpkgs module is compensating for previous config
that might've ended up in a file, which are now being turned into
screaming snake case environment variables. Let's just name them as they
are supposed to be named instead of having the upstream module translate
them.
 2026-05-22 17:08:31 +09:00
h7x4
0f53bcd731 bekkalokk/roundcube: add des_key to sops 2026-05-22 17:08:31 +09:00
h7x4
5745648f87 bicep/postgres/repack: use local unix socket 2026-05-22 15:59:59 +09:00
h7x4
2c34a93abf bicep/postgres/repack: don't kill connections on timeout 2026-05-22 15:57:57 +09:00
h7x4
9ebc947eab ustetind: bai bai 👋 2026-05-22 15:41:28 +09:00
h7x4
5d6c153007 kommode/gitea: fix dump command 2026-05-21 17:54:54 +09:00
h7x4
8b483a92f8 ildkule: set fsType for bindmounts 2026-05-21 17:52:47 +09:00
h7x4
0d7f05e56d bicep/postgres: add cleanup timers 2026-05-21 04:14:34 +09:00
Daniel Olsen
4a67eddf52 bicep/matrix/livekit: open the rtc ports 2026-05-20 20:04:33 +02:00
Vegard Bieker Matthey
9c227f3022 update gluttony IPs and boot device 2026-05-20 06:07:41 +02:00
Felix Albrigtsen
69fdf709d7 grr: fix the heccin quotes 2026-05-19 16:38:34 +02:00