rebmit/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
108 commits 1 branch 0 tags 6.6 MiB
Commit graph

52 commits

Author SHA1 Message Date
Lu Wang e54ad53ab8
treewide: avoid unnecessary permission management with preservation 2024-12-27 16:46:04 +08:00
Lu Wang 4de514f6b4
treewide: refine the granularity of preservation 2024-12-27 02:39:40 +08:00
Lu Wang f28c4d7d7c
treewide: drop impermanence in favor of preservation 2024-12-27 02:38:57 +08:00
Lu Wang 6c422a41c6
services/logrotate: init for custom state path 2024-12-27 02:38:57 +08:00
Lu Wang fa9a4b9ae0
services/nscd: preserve /run/nscd for bind mounts and hardening nsncd 2024-12-25 18:30:53 +08:00
Lu Wang 49521a3df5
treewide: dedup global persistence configuration 2024-12-24 21:55:34 +08:00
Lu Wang bf02e988b3
treewide: dedup btrfs auto scrub configuration 2024-12-24 21:41:45 +08:00
Lu Wang fd97c33c56
treewide: dedup disko configuration 2024-12-24 21:17:36 +08:00
Lu Wang 71ed8b5ebb
services/prometheus: collect ping metrics in enthalpy network 2024-12-22 23:41:00 +08:00
Lu Wang ac082d8fec
services/prometheus: collect caddy metrics 2024-12-22 22:20:43 +08:00
Lu Wang 4d72d754ed
services/prometheus: setup alertmanager with ntfy 2024-12-22 17:21:03 +08:00
Lu Wang 9a5198aabd
services/prometheus: add blackbox exporter for dns_soa and http check 2024-12-22 17:21:01 +08:00
Lu Wang d201469424
infra: reverse proxy prometheus with cloudflare 2024-12-22 15:11:34 +08:00
Lu Wang 20b9063f37
infra: init authenticated origin pulls for ntfy 2024-12-22 02:49:43 +08:00
Lu Wang 37af72eb5b
services/prometheus: add rules 2024-12-21 22:04:05 +08:00
Lu Wang c6935ca7f7
inputs: bump 2024-12-21 21:36:01 +08:00
Lu Wang 68d8d0a13c
services/prometheus: init server 2024-12-21 20:42:30 +08:00
Lu Wang 8bb43c697c
services/prometheus: init metrics 2024-12-21 20:22:42 +08:00
Lu Wang bc44eb8424
services/mail: hardening postfix and dovecot 2024-12-20 21:41:02 +08:00
Lu Wang 22700c13c7
system/boot: increase maximum buffer size 
References: https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes
 2024-12-20 16:45:17 +08:00
Lu Wang a75d3f9ea8
zones/rebmit.moe: add srv records for mail service 
References: https://www.rfc-editor.org/rfc/rfc6186
 2024-12-19 23:38:45 +08:00
Lu Wang 4177868f1c
services/mail: init postfix, dovecot and rspamd 2024-12-19 22:12:03 +08:00
Lu Wang ba323843c8
services/caddy: use caddy-l4 2024-12-19 15:14:46 +08:00
Lu Wang 8474837509
services/matrix: backup synapse media repo for now 2024-12-19 14:00:02 +08:00
Lu Wang 624323f07a
services/matrix: stop serving element-web 2024-12-19 00:52:12 +08:00
Lu Wang 742595fa65
services/matrix: init mautrix-telegram 2024-12-19 00:09:09 +08:00
Lu Wang 1e71d7fc3e
services/matrix: drop synapse-admin 2024-12-18 20:35:38 +08:00
Lu Wang 97136a9663
services/matrix: init heisenbridge 2024-12-18 20:17:57 +08:00
Lu Wang f3ea502179
services/matrix-synapse: init 2024-12-18 16:36:47 +08:00
Lu Wang d1eda7df1b
services/well-known: init 2024-12-18 01:18:04 +08:00
Lu Wang 5b884c320a
infra/passwords: rename tsig secret name 2024-12-17 23:36:44 +08:00
Lu Wang 9ac31f00fa
services/miniflux: init 2024-12-17 16:32:59 +08:00
Lu Wang acc70f889e
zones: resolve enthalpy addresses temporarily 2024-12-16 22:46:41 +08:00
Lu Wang c615e72739
services/knot: init ddns 2024-12-16 21:45:28 +08:00
Lu Wang 6d1d1af12c
services/vnstat: init 2024-12-16 20:28:28 +08:00
Lu Wang 19fc2292f8
services/restic: add some common paths to backup 2024-12-16 20:08:14 +08:00
Lu Wang 2734bc70c4
services/knot: enable dnssec 2024-12-16 00:14:43 +08:00
Lu Wang b99ee2913a
services/knot: init 2024-12-15 22:34:29 +08:00
Lu Wang 5fc1c3d71c
services/keycloak: init 2024-12-15 02:52:27 +08:00
Lu Wang 7db8aae188
services/ntfy: init 2024-12-15 01:20:55 +08:00
Lu Wang f87f518779
services/postgresql: init 2024-12-14 23:38:28 +08:00
Lu Wang 44cf0004f4
services/caddy: init 2024-12-14 22:38:29 +08:00
Lu Wang 2f202aac57
security/sudo: disable lecture and no longer persist /var/db 2024-12-14 22:38:29 +08:00
Lu Wang ee55e4a237
treewide: init restic backup 2024-12-14 22:38:28 +08:00
Lu Wang 86b5571f75
users/root: add password 2024-12-12 19:26:20 +08:00
Lu Wang f1ad024cd7
services/enthalpy: dedup enthalpy configuration 2024-12-08 18:55:05 +08:00
Lu Wang ead436be82
virtualization/libvirtd: init 2024-12-03 21:16:59 +08:00
Lu Wang dc56af5c6b
services/enthalpy: fixup dns leak in network namespace 2024-12-02 20:17:09 +08:00
Lu Wang a67263f5dd
services/pipewire: switch to system-wide pipewire 2024-12-02 18:10:17 +08:00
Lu Wang a746646d5e
services/enthalpy: refactor for better network isolation and usability 2024-12-02 01:36:32 +08:00