3216700d7d
awesome: terminal is x-terminal-emulator
2023-09-17 16:16:44 +03:00
f571a87541
add awesome/rc.lua
2023-09-17 08:00:08 +03:00
74d3b2cb23
some autorandr
2023-09-17 07:12:05 +03:00
9f32c033a5
install two more browsers
2023-09-17 06:56:58 +03:00
3d258436a2
add a few packages
2023-09-17 06:48:00 +03:00
abd1d67c2c
firefox: do not configure search for now
...
Sep 16 23:05:45 fwminex hm-activate-motiejus[52877]: Activating checkLinkTargets
Sep 16 23:05:45 fwminex hm-activate-motiejus[52946]: Existing file '/home/motiejus/.mozilla/firefox/xdefault/search.json.mozlz4' is in the way of '/nix/store/pvmx5mz4gkffnbj826vql07dcqk56jga-home-manager-files/.mozilla/firefox/xdefault/search.json.mozlz4'
Sep 16 23:05:45 fwminex hm-activate-motiejus[52946]: Please move the above files and try again or use 'home-manager switch -b backup' to back up existing files automatically.
Sep 16 23:05:45 fwminex systemd[1]: home-manager-motiejus.service: Main process exited, code=exited, status=1/FAILURE
Sep 16 23:05:45 fwminex systemd[1]: home-manager-motiejus.service: Failed with result 'exit-code'.
Sep 16 23:05:45 fwminex systemd[1]: Failed to start Home Manager environment for motiejus.
2023-09-16 23:07:27 +03:00
0f9aa4ed0d
deploy-rs: remove --
2023-09-16 10:04:48 +03:00
a5d8ba9cdf
deploy-rs: fix typo
2023-09-16 09:35:12 +03:00
fb4b54b24b
deployerbot: use deploy-rs directly
2023-09-16 08:56:22 +03:00
b436195d49
hardware observability
2023-09-16 08:53:23 +03:00
948ce2da5a
enable autorandr
2023-09-15 22:06:05 +03:00
1f14703f0b
start with awesome
2023-09-15 22:04:03 +03:00
48c1bffcd3
add another kb layout
2023-09-15 15:53:07 +03:00
52a1c97f13
reduce number of packages on servers
2023-09-15 15:49:01 +03:00
2061294171
fwminex: add rox-filer
2023-09-15 15:06:55 +03:00
d196f85638
install gm
2023-09-15 15:04:25 +03:00
2bc7029395
joplin -> joplin-desktop
2023-09-15 14:59:00 +03:00
a083360516
firefox: some more settings and addons
2023-09-15 14:56:37 +03:00
fcc52c1297
remove obsolete comment
2023-09-15 14:44:17 +03:00
382ef7b0d7
install pdftk
2023-09-15 14:43:56 +03:00
9821b197c0
add system-wide firefox too
2023-09-15 14:42:55 +03:00
f93555770a
firefox: back to standard
2023-09-15 14:41:56 +03:00
2bc3275dfc
add some applications and extensions
2023-09-15 14:39:04 +03:00
d57b2e5a1b
enable pcscd
2023-09-15 13:27:12 +03:00
e3c5f37b43
add some packages
2023-09-15 13:05:56 +03:00
b1e57c93f1
install parallel everywhere
2023-09-15 12:51:10 +03:00
d7888b000b
fix gp
2023-09-15 12:48:14 +03:00
c5191372e8
install gpg
2023-09-15 12:46:10 +03:00
211f580539
gpg-agent: move to per-user
2023-09-15 12:35:59 +03:00
3b005f06cc
add firefox
2023-09-15 12:33:09 +03:00
7ee6a0de71
zfsborg: remove the ${mountpoint}/.snapshot-latest prefix
...
The path in the filesystem is quite clear from the archive name.
2023-09-15 11:05:05 +03:00
30426ad89e
zfsborg: mount the tmpfs on all units
2023-09-15 10:10:54 +03:00
c80b1a996a
switch to lightdm/xfce4 + sound
2023-09-14 21:58:06 +03:00
09f1b62cc8
add a desktop profile
2023-09-14 21:53:59 +03:00
b38c4013e7
cosmetics: quoting
...
it's fine, there is overrides.conf
2023-09-14 15:15:27 +03:00
b73f671bc0
silenceLogs is not picked up
...
Result:
$ cat result/etc/systemd/system/tailscaled.service
[Unit]
Description=Tailscale node agent
Documentation=https://tailscale.com/kb/
Wants=network-pre.target
After=network-pre.target NetworkManager.service systemd-resolved.service
[Service]
ExecStartPre=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup
ExecStart=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port=
ExecStopPost=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup
Restart=on-failure
RuntimeDirectory=tailscale
RuntimeDirectoryMode=0755
StateDirectory=tailscale
StateDirectoryMode=0700
CacheDirectory=tailscale
CacheDirectoryMode=0750
Type=notify
[Install]
WantedBy=multi-user.target
2023-09-14 15:10:18 +03:00
76c07129f3
re-add ()
2023-09-14 14:51:36 +03:00
fb3c39d7dc
re-enable tailscale, oops
2023-09-14 14:48:54 +03:00
9eb8147660
tailscale: silence logs on some machines
2023-09-14 14:37:55 +03:00
553cda8fc7
vno1-rp3b: enable vno3
2023-09-14 13:23:04 +03:00
b1b046d78a
sudo: fix extraGroups of motiejus
...
this misses 'wheel'
2023-09-14 13:07:39 +03:00
e341092306
fwminex: enable redistributable firmware, remove docker volume
2023-09-14 11:31:53 +03:00
a7a6148d0f
fwminex: allow nonfree
2023-09-14 10:53:01 +03:00
1430bf9d6d
fwminex: swap
2023-09-14 07:43:18 +03:00
85917635fd
sshguard is now optional
2023-09-14 06:41:16 +03:00
234933dee1
install smartmontools
2023-09-13 13:29:06 +03:00
e38f446793
add fwminex
2023-09-13 13:04:40 +03:00
e12e139128
samba: make file/dir masks a bit more restrictive
2023-09-13 09:00:28 +03:00
00a6a27b92
zfsborg: use TemporaryFileSystem for temp snapshots
...
Otherwise:
Sep 13 00:01:05 vno1-oh2 systemd[1]: Started BorgBackup job -var-lib-1.
Sep 13 00:01:06 vno1-oh2 borgbackup-job--var-lib-1-start[329228]: filesystem 'rpool/nixos/var/lib@autosnap_2023-09-12_21:00:06_hourly' is already mounted
Sep 13 00:01:06 vno1-oh2 borgbackup-job--var-lib-1-start[329209]: umount: /var/lib/.snapshot-latest: not mounted.
Sep 13 00:01:06 vno1-oh2 systemd[1]: borgbackup-job--var-lib-1.service: Main process exited, code=exited, status=32/n/a
Sep 13 00:01:06 vno1-oh2 systemd[1]: borgbackup-job--var-lib-1.service: Failed with result 'exit-code'.
Sep 13 00:01:06 vno1-oh2 systemd[1]: borgbackup-job--var-lib-1.service: Triggering OnFailure= dependencies.
2023-09-13 08:37:35 +03:00
4f152205ce
samba: log level = 0
2023-09-12 23:27:23 +03:00
bef137b967
wsdd: specify existing hostname
2023-09-12 23:18:46 +03:00
53ce3910aa
replace nmbd with wsdd
...
https://askubuntu.com/questions/661611/make-samba-share-visible-in-windows-network
2023-09-12 23:10:59 +03:00
e45573c8a6
fix samba config
...
works!
2023-09-12 22:55:17 +03:00
4f45d605e1
vno1-rp3b: some attempts at samba
2023-09-12 17:44:17 +03:00
7891663a65
jakstpub: change home dir to /var/empty
2023-09-12 17:27:11 +03:00
2dd8cda85a
open up samba
2023-09-12 16:08:32 +03:00
e61944dfde
rewrite firewall rules
2023-09-12 15:46:44 +03:00
2b5b9bc57f
samba some progress
2023-09-12 13:31:46 +03:00
49d92971c9
pass BORG_HOST_ID correctly
2023-09-12 11:41:45 +03:00
b204d5532f
zfsborg: add BORG_HOST_ID if nics change
2023-09-12 11:30:08 +03:00
563d340013
add lshw
2023-09-12 11:17:50 +03:00
94253212c6
networking.firewall.checkReversePath = "loose" for tailscale
2023-09-11 22:38:44 +03:00
f33f8b3d1b
add bonnie++, remove nix-top
2023-09-11 22:01:59 +03:00
80aca1ede2
Revert "firewall: open iperf3 fully"
...
This reverts commit 56bc914934
.
2023-09-11 21:59:43 +03:00
56bc914934
firewall: open iperf3 fully
2023-09-11 21:54:12 +03:00
24412cbfc7
iperf: open up port
2023-09-11 21:43:34 +03:00
99342a6bb9
all: add iperf
2023-09-11 21:32:34 +03:00
27d663e63a
bugfix in attrset merging
2023-09-11 17:48:08 +03:00
a522300158
borgbackup: add numbers to jobs
2023-09-11 17:38:18 +03:00
5721531486
nitpicking
2023-09-11 17:27:14 +03:00
583f74cf3f
zfsborg: restructure config
...
Preparing for 2 repo destinations.
2023-09-11 17:25:12 +03:00
866347b042
add borgstor
2023-09-11 15:51:33 +03:00
377030d0c0
headscale: remove ipv6 subnet
...
it's confusing: I couldn't find an easy way to get the ipv4 address on a client
2023-09-11 14:37:05 +03:00
20ccb666c8
smtp
2023-09-07 19:46:47 +03:00
c7643a20d8
home-manager git name
2023-09-07 19:46:46 +03:00
fd9f30f7d4
snmp exporter: maybe exposing the file will work now?
2023-09-05 14:58:30 +03:00
24e6aa333e
snmp exporter: expose in vpn for all to see
2023-09-05 14:45:09 +03:00
5c1cccb8a4
snmp: from package back to module
2023-09-05 14:41:52 +03:00
2963f0a0d7
gc: every 7d
2023-09-03 07:20:49 +03:00
fe30f6c32a
Add dl.jakstys.lt
2023-08-29 15:41:57 +03:00
cc11726ed7
remove hel1-a
2023-08-27 15:17:54 +03:00
617b829589
deployerbot: add fra1-a
2023-08-27 01:04:09 +03:00
1db9253ae6
fra1-a
2023-08-26 23:37:16 +03:00
23347f6952
matrix-synapse: listen on 127.0.0.1
...
reverse proxying is over
2023-08-25 17:00:30 +03:00
3687d7cd73
matrix-synapse listen on 0.0.0.0
2023-08-25 16:14:12 +03:00
2776f8c517
fix extraConfigFiles
2023-08-25 16:03:46 +03:00
355d8c21cc
move matrix-synapse to it's module
2023-08-25 15:49:37 +03:00
3f9db2ad12
configure nvim
2023-08-25 11:01:46 +03:00
f87a712635
node_exporter gets its own uidgid
2023-08-25 09:55:21 +03:00
9740b42493
gitea: listen on 3001
2023-08-25 09:41:42 +03:00
6cf894ee68
move logRefusedConnections to base
2023-08-24 23:49:21 +03:00
c3168bb2d3
headscale
2023-08-24 23:46:45 +03:00
be4df58cbb
move gitea to its own module
2023-08-24 23:34:48 +03:00
86ee4ee571
enable chrony
2023-08-24 17:14:57 +03:00
407024dfa9
zfsunlock: use IP addresses + zfsunlock
2023-08-22 14:14:20 +03:00
8bd3af3878
tmux
2023-08-18 23:49:49 +03:00
4f337fe8c0
configure nvim system-wide
2023-08-18 23:33:56 +03:00
1522a5284e
neovim: default editor
2023-08-18 21:45:38 +03:00
a9ab4b4514
re-enabling vim
2023-08-18 19:07:52 +03:00
7063b1d84e
vim nitpicks
2023-08-18 18:50:39 +03:00
74b19c049b
remove some old leftovers from vimrc
2023-08-18 18:44:21 +03:00
e1378a3617
start with vim
2023-08-18 18:43:34 +03:00
3be112cc46
home-manager: use global pkgs
2023-08-18 16:30:26 +03:00
47453cdfe1
home-manager/motiejus: add very basic test configs
2023-08-18 16:26:00 +03:00
bbf562d205
move node_exporter to its own module
2023-08-18 09:32:01 +03:00
4dee4159e7
nix --accept-flake-config
2023-08-16 20:26:37 +03:00
b4ac54d9a7
install perf-tools
2023-08-16 00:04:38 +03:00
4354cde55e
vno1-rp3b
2023-08-15 07:18:26 +03:00
98a4ad79f8
grafana now on https://grafana.jakstys.lt , over vpn
2023-08-14 09:04:09 +03:00
a2a741d27e
fmt and formatting; nsd-acme is less verbose
2023-08-10 10:48:34 +03:00
fa435f65d0
zones don't need to be sanitized
...
it's DNS!
2023-08-10 10:46:06 +03:00
7bedc09abb
deployerbot: do not restart if changed
...
leads to interesting deadlocks when upgrading self
2023-08-10 10:40:07 +03:00
4878c42ca9
cron + alerting for cert updates
2023-08-10 00:46:36 +03:00
9059f84632
uacme can return 1 when cert is up to date
2023-08-10 00:37:21 +03:00
76a748e086
grafana is now prod
2023-08-10 00:29:56 +03:00
98816538d2
trying grafana1
2023-08-10 00:24:36 +03:00
69e6734eb7
nsd-acme: misc fixes
2023-08-09 15:55:05 +03:00
9a456192af
nsd-acme
2023-08-09 15:34:44 +03:00
3e66f95668
zfsunlock nitpick
2023-08-09 14:26:49 +03:00
9a7e42b95d
nsd: ConditionPathExists all files
2023-08-07 14:50:32 +03:00
5ae9886929
deployerbot: set PATH in systemd service definition
2023-08-07 14:39:38 +03:00
c8525b4e6b
node_exporter on hel1-a
2023-08-06 01:00:02 +03:00
665e79a984
prometheus: beginnings
2023-08-05 18:32:28 +03:00
f4e04faef3
friendlyport
2023-08-05 18:18:30 +03:00
43d6d25dd0
sysdig: enable everywhere
2023-08-05 17:27:13 +03:00
cf6eeb6f29
deployerbot: start action at 23:30 UTC
...
According to 'nixos infra status' finding a good time of day to run the
updates for nixos release non-small is futile.
2023-08-02 15:41:07 +03:00
07921f1eaa
nix flake update: schedule at 16:00 UTC
2023-08-01 14:24:32 +03:00
7a224096ba
set PATH once
2023-07-30 09:01:27 +03:00
c99adbbaa1
bring back exec
2023-07-30 08:59:58 +03:00
d536eb5656
set OLD_PATH once
2023-07-30 08:56:38 +03:00
afd7743f37
deployerbot: push after a successful deploy
2023-07-30 08:53:19 +03:00
482f01bb01
deployer: set -x
2023-07-30 07:36:12 +03:00
36bbceac03
limit deployerbot-follower to our vpn
2023-07-30 07:23:43 +03:00
d1b19e6cf6
deployerbot: do not set -x
2023-07-30 07:00:10 +03:00
a9e8904d28
add deployerbot-follower to trusted users
2023-07-30 06:55:04 +03:00
ef050725c1
deploy-rs can deploy multiple targets with --targets
2023-07-30 06:50:06 +03:00
69ee6c9caa
add comment re calendar time
2023-07-30 06:45:54 +03:00
f18a2ff855
deploy updates regularly
2023-07-30 06:41:13 +03:00
9de5120cc3
updaterbot: move all to deployer
2023-07-30 06:30:52 +03:00
9e0bd48a22
clean up old paths -- untested
2023-07-28 16:15:59 +03:00
49b9cc8351
vno1-oh2: enable deployerbot master
2023-07-28 16:09:41 +03:00
bff8cef210
fixes in deployment script
2023-07-28 15:55:16 +03:00
e588514c07
updater
2023-07-28 15:43:23 +03:00
a030ae0879
fix syntax error
2023-07-28 14:25:36 +03:00
579f21b0d1
hel1-a: make initrd consistent with vno1-oh2
2023-07-28 14:25:14 +03:00
bddb20cd13
updater: move to it's own service
2023-07-28 14:22:40 +03:00
e9c8320f72
unitstatus: unit status cmd is more robust
2023-07-28 14:04:26 +03:00
3237810611
unitstatus: remove escaping
...
Otherwise:
Invalid unit name "borgbackup/job//home" escaped as "borgbackup-job--home" (maybe you should use systemd-escape?).
2023-07-28 13:56:52 +03:00
45724064d1
add M-R
2023-07-28 09:10:40 +03:00
89f7838c93
add Irenos folder
2023-07-26 22:24:51 +03:00