felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2026-06-04 04:02:06 +02:00
Code Issues Projects Releases Wiki Activity
1,059 Commits 41 Branches 0 Tags
27bfce36576dccbd116255dbbbe8f17c32d12b1a
Commit Graph

558 Commits

Author SHA1 Message Date
Adrian G L 27bfce3657 feat: add radicle to bekkalokk 2026-05-31 02:19:06 +02:00
h7x4 64843087be kommode/gitea: only allow webhooks to external hosts 
We don't have any servers with intranet IPs, and we want webhooks that
hook back to kommode to pass through its firewall.
 2026-05-29 12:58:26 +09:00
h7x4 0c45345050 bicep/matrix-ooye harden 2026-05-28 16:07:36 +09:00
h7x4 788f23bf04 bicep/matrix-hookshot: harden 2026-05-28 15:58:04 +09:00
h7x4 8416014aeb bicep/mjolnir: harden 2026-05-28 15:58:04 +09:00
h7x4 5bf0de1d0d bekkalokk/website/fetch-gallery: use proper shellscript builder 2026-05-28 03:58:08 +09:00
h7x4 a550bbf1e0 bekkalokk/roundcube: use specialized builder for nginx root dir 2026-05-28 03:46:59 +09:00
h7x4 6d9bd8256f kommode/gitea/install-customization: disable networking 2026-05-28 03:15:47 +09:00
h7x4 5c859d9809 kommode/gitea/install-customization: remove ExecStart bash wrapper 2026-05-28 03:15:06 +09:00
h7x4 dfbed75cd9 kommode/gitea/gpg: remove ExecStart bash wrapper 2026-05-28 03:06:07 +09:00
h7x4 6237a0a0e7 bicep/minecraft-heatmap: remove ExecStartPre bash wrapper 2026-05-28 03:03:38 +09:00
h7x4 bd2263a0a9 kommode/gitea/import-users: remove ExecStartPre bash wrapper 2026-05-28 03:02:59 +09:00
h7x4 532e8b0eee bekkalokk/mediawiki: install PdfHandler extension 2026-05-28 01:22:13 +09:00
h7x4 eef3f8fe8b bekkalokk/mediawiki: cleanup executable path config 2026-05-28 01:22:13 +09:00
h7x4 b0f81c9379 lupine/smartd: reenable 2026-05-27 23:41:54 +09:00
h7x4 2c819776f8 treewide/nginx: enable kTLS for a bunch more virtualHosts 2026-05-27 23:36:18 +09:00
h7x4 2b4817b75a ildkule/scrutiny: init 2026-05-27 23:33:45 +09:00
h7x4 47a744f68f ildkule/uptime-kuma: set up rsync pull target for principal 2026-05-26 13:37:29 +09:00
Vegard Bieker Matthey da505d4fe2 kommode: sign merge commits and sign crud actions 2026-05-25 20:21:23 +02:00
h7x4 18ab1ef982 temmie/userweb: set -i and -t in sendmail wrapper 2026-05-25 18:49:57 +09:00
h7x4 5023edeb13 temmie/userweb: install mod_perl with custom env 2026-05-25 18:24:23 +09:00
h7x4 0d8c26c548 temmie/userweb: send propagatedBuildInputs through perl env wrapper 2026-05-25 17:05:02 +09:00
h7x4 bd244e7797 temmie/userweb: add www2 server alias 2026-05-25 16:24:35 +09:00
h7x4 e9220bb31e temmie/userweb: use www-datas UID + GID for backwards compat 2026-05-25 15:25:26 +09:00
h7x4 6beb9c62c3 temmie/userweb: use bro to proxy sendmail requests out of sandbox 2026-05-25 15:02:40 +09:00
Vegard Bieker Matthey 0319858cad Merge branch 'gluttony-bluemap' 2026-05-25 03:32:15 +02:00
Vegard Bieker Matthey efd50868e0 bekkalokk: add back config added through bluemap module 2026-05-25 03:28:49 +02:00
Vegard Bieker Matthey 7a23cf7f25 bekkalokk: remove bluemap 2026-05-25 03:28:30 +02:00
Vegard Bieker Matthey 57963fadd7 gluttony: add private key and set public key for bekkalokk 2026-05-25 03:22:13 +02:00
Vegard Bieker Matthey 792f111a5d bekkalokk: pull rendered map from gluttony 2026-05-25 03:22:13 +02:00
Vegard Bieker Matthey b27859c0fa gluttony: export rendered bluemap to bekkalokk 2026-05-25 03:22:09 +02:00
Vegard Bieker Matthey c59c00f3fc gluttony: setup bluemap 2026-05-25 03:20:21 +02:00
Daniel Olsen 09163b77da Revert "bicep/matrix/livekit: open the rtc ports" 
This reverts commit 4a67eddf52.
 2026-05-23 23:23:41 +02:00
Vegard Bieker Matthey 6cca1db3b3 bekkalokk: fix permissions for mediawiki secrets 2026-05-22 20:21:24 +02:00
Vegard Bieker Matthey bfd83c4c64 uptime-kuma: wants to use /var/lib/private for state 2026-05-22 17:58:00 +02:00
h7x4 9a6fdecb03 kommode/gitea/dump: only keep a single dump at a time 2026-05-22 18:27:57 +09:00
h7x4 82ab97fb45 bekkalokk/roundcube: restart service on changed sops secrets 2026-05-22 18:10:44 +09:00
h7x4 543fd19f8d bekkalokk/vaultwarden: restart service on changed sops secrets 2026-05-22 18:10:40 +09:00
h7x4 6f99fa575d bekkalokk/vaultwarden: render environment_file as sops template 2026-05-22 18:02:13 +09:00
h7x4 3141b1f76b bekkalokk/vaultwarden: remove redundant hardening 
This has already been upstreamed
 2026-05-22 17:51:03 +09:00
h7x4 475f6a8c9b bekkalokk/vaultwarden: add rsa key to sops 2026-05-22 17:49:31 +09:00
h7x4 9c1687f8f2 bekkalokk/vaultwarden: use envvar keys 
It seems like the nixpkgs module is compensating for previous config
that might've ended up in a file, which are now being turned into
screaming snake case environment variables. Let's just name them as they
are supposed to be named instead of having the upstream module translate
them.
 2026-05-22 17:08:31 +09:00
h7x4 0f53bcd731 bekkalokk/roundcube: add des_key to sops 2026-05-22 17:08:31 +09:00
h7x4 5745648f87 bicep/postgres/repack: use local unix socket 2026-05-22 15:59:59 +09:00
h7x4 2c34a93abf bicep/postgres/repack: don't kill connections on timeout 2026-05-22 15:57:57 +09:00
h7x4 9ebc947eab ustetind: bai bai 👋 2026-05-22 15:41:28 +09:00
h7x4 5d6c153007 kommode/gitea: fix dump command 2026-05-21 17:54:54 +09:00
h7x4 8b483a92f8 ildkule: set fsType for bindmounts 2026-05-21 17:52:47 +09:00
h7x4 0d7f05e56d bicep/postgres: add cleanup timers 2026-05-21 04:14:34 +09:00
Daniel Olsen 4a67eddf52 bicep/matrix/livekit: open the rtc ports 2026-05-20 20:04:33 +02:00