felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2026-06-16 17:49:13 +02:00
Code Issues Projects Releases Wiki Activity
1,100 Commits 43 Branches 0 Tags
b738f08c09898db5c7f038850e68a3463858dc30
Commit Graph

1100 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
h7x4 b738f08c09 temmie/userweb: render path denylist into Directory/Files directives 2026-06-16 19:07:57 +09:00
h7x4 8252bba3ad temmie/userweb: enable httpd trace on debugMode 2026-06-16 19:07:57 +09:00
h7x4 a776a5a5fe temmie/userweb: explicitly override mod_perl and mod_userdir 2026-06-16 19:07:57 +09:00
h7x4 ed57744ec3 temmie/userweb: add more patterns to denylist 2026-06-16 16:07:32 +09:00
h7x4 226db1f46e temmie/userweb: add more DirectoryIndex variants 2026-06-16 16:07:32 +09:00
h7x4 51e1656177 temmie/userweb: disable ~pvv 2026-06-16 15:53:52 +09:00
h7x4 47d2dcf9ff temmie/userweb: add bro server to userweb slice 2026-06-16 03:37:28 +09:00
h7x4 254b1d9b14 temmie/userweb: split into more modules 2026-06-16 03:33:28 +09:00
h7x4 2301672a21 temmie/userweb: run log processors as separate systemd units 
This lets us divide up some of the logic making httpd itself less
brittle, and also reduces the amount of privileges for httpd.
 2026-06-16 02:56:28 +09:00
felixalb 7145abadf3 flake: update input pvv-nettsiden 2026-06-13 16:59:50 +02:00
h7x4 b533b09c8f base/various: add to slice system-monitoring 2026-06-13 04:45:39 +09:00
h7x4 526b55c49a {ildkule/prometheus,base}: send stats over HTTPS through nginx 2026-06-13 02:54:28 +09:00
h7x4 e80189c6eb temmie/userweb: stop cating passwd on startup 2026-06-13 01:41:05 +09:00
h7x4 56a51e4c6f temmie/userweb: mount homedirs under /amd 2026-06-13 01:39:20 +09:00
h7x4 f54109f6f3 temmie/userweb: set handlers for php and perl scripts 2026-06-13 01:26:27 +09:00
Vegard Bieker Matthey 5763a76136 user/vegardbm: change shell to zsh and add ssh key 2026-06-08 11:35:44 +02:00
h7x4 b57a935b4c base/rsyslogd: init 2026-06-08 12:58:37 +09:00
h7x4 b4582a160f skrot/dibbler: rotate database password 2026-06-07 17:58:33 +09:00
h7x4 ac094d350d base/timesyncd: specify ntp servers 2026-06-07 17:52:54 +09:00
h7x4 b848e0f1cc temmie/userweb: add log processor for apache 2026-06-07 06:03:18 +09:00
h7x4 c671329b93 temmie/userweb: inject users from passwd into httpd sandbox 2026-06-07 05:28:24 +09:00
Vegard Bieker Matthey e6a3d43493 modules/drumknotty: use correct screen window name for dibbler 2026-06-05 22:14:02 +02:00
h7x4 cafc95db8f bicep/mjolnir: use nodejs v22 2026-06-06 04:43:58 +09:00
h7x4 2d6b09cb32 bikkje: label ports in firewall port list 2026-06-06 04:08:16 +09:00
h7x4 ce0af2f6e4 flake.nix: add app for building gitea workflows locally 2026-06-06 04:05:26 +09:00
h7x4 88892115b5 base: enable autoScrub for all btrfs machine by default 2026-06-06 04:05:26 +09:00
h7x4 8a290d30e7 modules/drumknotty: split into several parts 
This also fixes a few issues, such as enabling `createLocalDatabase` for
multiple programs, and wraps all the screen logic within a screenrc
file. Some assertions were also added to avoid some easy-to-make
mistakes.
 2026-06-05 14:21:35 +02:00
Vegard Bieker Matthey 3197c6a5e3 attach with dibbler window selected 2026-06-05 14:21:35 +02:00
Vegard Bieker Matthey f8dcaddefb use main branch for worblehat after merge 2026-06-05 14:21:28 +02:00
Vegard Bieker Matthey 009d89f959 set default settings for worblehat and dibbler 2026-06-05 14:09:06 +02:00
Vegard Bieker Matthey 21bba3ec7e add worblehat daemons 2026-06-05 14:09:06 +02:00
Vegard Bieker Matthey 9552351776 add database password for worblehat 2026-06-05 14:09:06 +02:00
Vegard Bieker Matthey 7e754ade71 drumknotty: init 2026-06-05 14:08:58 +02:00
h7x4 fcd81aed00 packages/ooye: 3.5.1 -> 3.6.0 2026-06-04 19:17:29 +09:00
h7x4 966081ebfc bicep/mysql: enable userstat 2026-06-03 15:31:27 +09:00
h7x4 39d313579c bicep/mysql: rotate slow query logs 2026-06-03 15:21:18 +09:00
h7x4 3386153b8b ildkule/prometheus/exim: make scheme explicit 2026-06-03 13:35:13 +09:00
h7x4 56906241f6 bekkalokk/roundcube: temporary fix for webmail redirects 2026-06-01 03:52:09 +09:00
h7x4 3fe71d21f6 bekkalokk/roundcube: webdir moved to public_html within package 2026-06-01 02:57:43 +09:00
h7x4 074d240595 base: tag generation as auto if built by auto upgrade service 2026-06-01 01:00:50 +09:00
h7x4 1ce3372683 lupine/binfmt: enable 2026-06-01 01:00:50 +09:00
Adrian G L 5f14c15679 feat: add radicale to bekkalokk 2026-06-01 00:59:54 +09:00
h7x4 e05eab4ddf {georg,brzeczyszczykiewicz}: use sane IPv6 addresses 2026-05-29 16:04:52 +09:00
h7x4 64843087be kommode/gitea: only allow webhooks to external hosts 
We don't have any servers with intranet IPs, and we want webhooks that
hook back to kommode to pass through its firewall.
 2026-05-29 12:58:26 +09:00
h7x4 0c45345050 bicep/matrix-ooye harden 2026-05-28 16:07:36 +09:00
h7x4 788f23bf04 bicep/matrix-hookshot: harden 2026-05-28 15:58:04 +09:00
h7x4 8416014aeb bicep/mjolnir: harden 2026-05-28 15:58:04 +09:00
h7x4 654eeb83d8 base: tag generation as dirty if built from uncommitted source code 2026-05-28 04:39:49 +09:00
h7x4 5bf0de1d0d bekkalokk/website/fetch-gallery: use proper shellscript builder 2026-05-28 03:58:08 +09:00
h7x4 a550bbf1e0 bekkalokk/roundcube: use specialized builder for nginx root dir 2026-05-28 03:46:59 +09:00