Commit Graph

  • f4b1f090e4 flake.lock: bump various main h7x4 2026-06-30 04:15:37 +09:00
  • 7c684e42f0 treewide: fix rsync <-> rrsync communication h7x4 2026-06-30 02:41:36 +09:00
  • 90bfda9066 kommode/gitea: bump AVATAR_MAX_ORIGIN_SIZE from 2MB to 4MB h7x4 2026-06-24 14:33:16 +09:00
  • 522d8f18cb flake.{nix,lock}: bump roowho2 h7x4 2026-06-24 13:31:58 +09:00
  • 5e613a03fc treewide: set relatime for most root mounts h7x4 2026-06-23 01:11:21 +09:00
  • 170fb2a980 bicep/synapse: fix dbname option h7x4 2026-06-22 18:35:55 +09:00
  • 3e627472e9 flake.{nix,lock}: bump matrix-next h7x4 2026-06-22 18:29:09 +09:00
  • e05c4ed8ca feat: add initialdeploy hashed password to root Adrian G L 2026-05-20 15:31:30 +02:00
  • 3fee83ec05 ildkule/loki: restrict incoming connections to pvv + ntnu h7x4 2026-06-13 03:23:12 +09:00
  • a1f02fc39d {ildkule/loki,base/fluentbit}: send data over https h7x4 2026-06-13 03:22:18 +09:00
  • 6e37635aac ildkule/loki: firewall all endpoints except push API Adrian G L 2026-06-12 13:25:23 +02:00
  • cdc3ad488b bicep/postgres: add script for updating all collations h7x4 2026-06-22 01:12:59 +09:00
  • a2078c590a WIP: temmie/userweb: fcgiwrap temmie-userweb-per-user-fcgiwrap h7x4 2026-06-17 13:58:11 +09:00
  • aa2712005a temmie/nfs-mounts: create by-uid bindmounts h7x4 2026-06-17 13:43:19 +09:00
  • 89921b533b temmie/userweb: further harden log-processor h7x4 2026-06-17 12:31:02 +09:00
  • 75f87ffab8 temmie/userweb: run passwd sync in different unit h7x4 2026-06-17 11:23:36 +09:00
  • b910cf9563 temmie/userweb: suppress erroneous access log for documentRoot h7x4 2026-06-17 08:57:55 +09:00
  • d23adbd4c2 temmie/userweb: deny access to documentRoot h7x4 2026-06-17 08:47:54 +09:00
  • 48c0a4e504 temmie/userweb: fix directory denylist enforcement h7x4 2026-06-17 08:23:08 +09:00
  • 374d9b1bc7 flake.nix: passthru machine config, pkgs and config.system.build h7x4 2026-06-17 08:10:13 +09:00
  • d84cc73819 temmie/userweb: handle more .php\d suffixes h7x4 2026-06-16 19:05:25 +09:00
  • b738f08c09 temmie/userweb: render path denylist into Directory/Files directives h7x4 2026-06-16 18:52:25 +09:00
  • 8252bba3ad temmie/userweb: enable httpd trace on debugMode h7x4 2026-06-16 18:51:02 +09:00
  • a776a5a5fe temmie/userweb: explicitly override mod_perl and mod_userdir h7x4 2026-06-16 18:49:03 +09:00
  • ed57744ec3 temmie/userweb: add more patterns to denylist h7x4 2026-06-16 15:57:07 +09:00
  • 226db1f46e temmie/userweb: add more DirectoryIndex variants h7x4 2026-06-16 15:54:22 +09:00
  • 51e1656177 temmie/userweb: disable ~pvv h7x4 2026-06-16 15:53:52 +09:00
  • 47d2dcf9ff temmie/userweb: add bro server to userweb slice h7x4 2026-06-16 03:37:28 +09:00
  • 254b1d9b14 temmie/userweb: split into more modules h7x4 2026-06-16 03:33:28 +09:00
  • 2301672a21 temmie/userweb: run log processors as separate systemd units h7x4 2026-06-16 00:46:01 +09:00
  • 7145abadf3 flake: update input pvv-nettsiden felixalb 2026-06-13 16:59:50 +02:00
  • b533b09c8f base/various: add to slice system-monitoring h7x4 2026-06-13 04:30:40 +09:00
  • 526b55c49a {ildkule/prometheus,base}: send stats over HTTPS through nginx h7x4 2026-06-13 02:33:41 +09:00
  • e80189c6eb temmie/userweb: stop cating passwd on startup h7x4 2026-06-13 01:41:05 +09:00
  • 56a51e4c6f temmie/userweb: mount homedirs under /amd h7x4 2026-06-13 01:39:20 +09:00
  • f54109f6f3 temmie/userweb: set handlers for php and perl scripts h7x4 2026-06-13 01:09:49 +09:00
  • 5763a76136 user/vegardbm: change shell to zsh and add ssh key Vegard Bieker Matthey 2026-06-08 11:35:44 +02:00
  • be87d98060 prometheus for dibbler dibbler-prometheus Vegard Bieker Matthey 2026-06-07 17:54:41 +02:00
  • b57a935b4c base/rsyslogd: init h7x4 2026-06-08 12:58:37 +09:00
  • b4582a160f skrot/dibbler: rotate database password h7x4 2026-06-07 17:58:33 +09:00
  • ac094d350d base/timesyncd: specify ntp servers h7x4 2026-06-07 17:52:54 +09:00
  • b848e0f1cc temmie/userweb: add log processor for apache h7x4 2026-05-25 23:32:45 +09:00
  • c671329b93 temmie/userweb: inject users from passwd into httpd sandbox h7x4 2026-05-29 23:00:10 +09:00
  • e6a3d43493 modules/drumknotty: use correct screen window name for dibbler Vegard Bieker Matthey 2026-06-05 22:12:20 +02:00
  • cafc95db8f bicep/mjolnir: use nodejs v22 h7x4 2026-06-06 04:43:58 +09:00
  • 2d6b09cb32 bikkje: label ports in firewall port list h7x4 2026-06-06 04:08:16 +09:00
  • ce0af2f6e4 flake.nix: add app for building gitea workflows locally h7x4 2026-06-06 04:02:52 +09:00
  • 88892115b5 base: enable autoScrub for all btrfs machine by default h7x4 2026-06-05 13:21:22 +09:00
  • 8a290d30e7 modules/drumknotty: split into several parts h7x4 2026-03-26 16:46:02 +09:00
  • 3197c6a5e3 attach with dibbler window selected Vegard Bieker Matthey 2026-03-21 14:34:29 +01:00
  • f8dcaddefb use main branch for worblehat after merge Vegard Bieker Matthey 2026-03-19 16:09:24 +01:00
  • 009d89f959 set default settings for worblehat and dibbler Vegard Bieker Matthey 2026-03-18 13:39:47 +01:00
  • 21bba3ec7e add worblehat daemons Vegard Bieker Matthey 2026-03-17 16:51:59 +01:00
  • 9552351776 add database password for worblehat Vegard Bieker Matthey 2026-03-17 16:30:38 +01:00
  • 7e754ade71 drumknotty: init Vegard Bieker Matthey 2026-03-07 20:35:06 +01:00
  • fcd81aed00 packages/ooye: 3.5.1 -> 3.6.0 h7x4 2026-06-04 19:17:29 +09:00
  • 966081ebfc bicep/mysql: enable userstat h7x4 2026-06-03 15:31:27 +09:00
  • 39d313579c bicep/mysql: rotate slow query logs h7x4 2026-06-03 15:21:18 +09:00
  • 3386153b8b ildkule/prometheus/exim: make scheme explicit h7x4 2026-06-03 13:35:13 +09:00
  • 56906241f6 bekkalokk/roundcube: temporary fix for webmail redirects h7x4 2026-06-01 03:01:19 +09:00
  • 3fe71d21f6 bekkalokk/roundcube: webdir moved to public_html within package h7x4 2026-06-01 02:31:54 +09:00
  • 074d240595 base: tag generation as auto if built by auto upgrade service h7x4 2026-06-01 00:45:54 +09:00
  • 1ce3372683 lupine/binfmt: enable h7x4 2026-05-31 19:33:33 +09:00
  • 5f14c15679 feat: add radicale to bekkalokk Adrian G L 2026-05-31 02:04:30 +02:00
  • 14623252a1 WIP: bekkalokk/mediawiki: install MediawikiMatrixNotifs bekkalokk-mediawiki-matrix-notifs h7x4 2026-05-31 03:44:23 +09:00
  • ffb2d261ae packages/mediawiki-extensions: add MediawikiMatrixNotifs h7x4 2026-05-31 03:43:58 +09:00
  • e05eab4ddf {georg,brzeczyszczykiewicz}: use sane IPv6 addresses h7x4 2026-05-29 16:04:52 +09:00
  • 64843087be kommode/gitea: only allow webhooks to external hosts h7x4 2026-05-29 12:58:12 +09:00
  • 0c45345050 bicep/matrix-ooye harden h7x4 2026-05-28 16:07:36 +09:00
  • 788f23bf04 bicep/matrix-hookshot: harden h7x4 2026-05-28 15:39:47 +09:00
  • 8416014aeb bicep/mjolnir: harden h7x4 2026-05-28 15:18:34 +09:00
  • 654eeb83d8 base: tag generation as dirty if built from uncommitted source code h7x4 2026-05-28 04:39:49 +09:00
  • 5bf0de1d0d bekkalokk/website/fetch-gallery: use proper shellscript builder h7x4 2026-05-28 03:58:08 +09:00
  • a550bbf1e0 bekkalokk/roundcube: use specialized builder for nginx root dir h7x4 2026-05-28 03:46:59 +09:00
  • 6d9bd8256f kommode/gitea/install-customization: disable networking h7x4 2026-05-28 03:15:47 +09:00
  • 5c859d9809 kommode/gitea/install-customization: remove ExecStart bash wrapper h7x4 2026-05-28 03:15:06 +09:00
  • 68481b999b modules/grzegorz: remove ExecStart bash wrapper h7x4 2026-05-28 03:09:38 +09:00
  • dfbed75cd9 kommode/gitea/gpg: remove ExecStart bash wrapper h7x4 2026-05-28 03:06:07 +09:00
  • 6237a0a0e7 bicep/minecraft-heatmap: remove ExecStartPre bash wrapper h7x4 2026-05-28 03:03:38 +09:00
  • bd2263a0a9 kommode/gitea/import-users: remove ExecStartPre bash wrapper h7x4 2026-05-28 02:57:51 +09:00
  • 2faff6340c flake.lock: bump pvv-nettsiden h7x4 2026-05-28 02:39:32 +09:00
  • 532e8b0eee bekkalokk/mediawiki: install PdfHandler extension h7x4 2026-05-28 01:17:48 +09:00
  • eef3f8fe8b bekkalokk/mediawiki: cleanup executable path config h7x4 2026-05-28 01:22:08 +09:00
  • e17025aca6 packages/mediawiki-extensions: add PdfHandler, bump all h7x4 2026-05-28 00:55:20 +09:00
  • e062a849f3 base/scrutiny-collector: disable if machine is qemu guest h7x4 2026-05-27 23:45:30 +09:00
  • b0f81c9379 lupine/smartd: reenable h7x4 2026-05-27 23:41:54 +09:00
  • 2c819776f8 treewide/nginx: enable kTLS for a bunch more virtualHosts h7x4 2026-05-27 23:36:18 +09:00
  • c2d6989350 base/scrutiny-collector: init h7x4 2026-05-27 23:35:32 +09:00
  • 2b4817b75a ildkule/scrutiny: init h7x4 2026-05-27 23:33:45 +09:00
  • 0e2a8ed3ed base/polkit: let wheel users use AUTH_KEEP_SELF for systemd actions h7x4 2026-05-27 14:13:36 +09:00
  • e9bc07d6e9 grr: fix the heccin quotes the-heccin-quotes h7x4 2026-05-26 22:26:36 +09:00
  • 3372712e26 modules/ooye: move StartLimit* options to correct section h7x4 2026-05-26 15:03:27 +09:00
  • 7e586e082e flake.lock: bump pvv-calendar-bot h7x4 2026-05-26 14:55:58 +09:00
  • 47a744f68f ildkule/uptime-kuma: set up rsync pull target for principal h7x4 2026-05-26 13:37:29 +09:00
  • da505d4fe2 kommode: sign merge commits and sign crud actions Vegard Bieker Matthey 2026-05-25 20:14:51 +02:00
  • 18ab1ef982 temmie/userweb: set -i and -t in sendmail wrapper h7x4 2026-05-25 18:49:57 +09:00
  • 5023edeb13 temmie/userweb: install mod_perl with custom env h7x4 2026-05-25 18:24:23 +09:00
  • 0d8c26c548 temmie/userweb: send propagatedBuildInputs through perl env wrapper h7x4 2026-05-25 17:05:02 +09:00
  • bd244e7797 temmie/userweb: add www2 server alias h7x4 2026-05-25 16:24:35 +09:00
  • e9220bb31e temmie/userweb: use www-datas UID + GID for backwards compat h7x4 2026-05-25 15:23:25 +09:00