Commit Graph

158 Commits

Author SHA1 Message Date
80b1aaaac3 firewall: allow iperf3/udp 2023-10-24 14:46:12 +03:00
7dce601a24 enable iperf3 2023-10-24 14:30:48 +03:00
b243b82c30 fwminex gets dev environment 2023-10-09 22:07:42 +03:00
e05b9eed79 tmux: increase history limit 2023-10-09 09:42:11 +03:00
4b9674d7c6 starting with some scala 2023-10-08 23:00:52 +03:00
531d8dde37 hm: fix bugs when overriding things 2023-10-08 16:40:16 +03:00
1ed4646982 install dhcpcd 2023-10-08 16:25:16 +03:00
6230303b2f add email 2023-10-07 09:45:01 +03:00
b98d1bb9c8 move home-manager config to a dedicated location 2023-10-06 11:24:00 +03:00
ed11b05c37 add mtwork 2023-10-06 08:58:28 +03:00
e3f415a9a4 install sdparm and hdparm 2023-10-04 07:15:00 +03:00
32a1aff6d9 add usbutils 2023-10-03 21:53:21 +03:00
6000be5584 nix gc: TTL 2d, run weekly 2023-10-02 00:21:04 +03:00
76d01af5c6 install sloccount 2023-10-02 00:00:30 +03:00
1dd4f04725 statix: fix bugs with inherit
now I know better what it does.
2023-10-02 00:00:30 +03:00
652ce88b76 install cloc and tokei 2023-10-02 00:00:30 +03:00
25e8191177 enable statx 2023-10-02 00:00:30 +03:00
5c83f7407a install entr 2023-10-02 00:00:30 +03:00
0e9f90a960 nix run github:astro/deadnix 2023-10-01 22:15:45 +03:00
1525bdad40 rc: remove obsolete shell alias 2023-09-23 07:26:12 +03:00
537800ec59 zfsborg: sleep a bit before mounting 2023-09-18 10:06:44 +03:00
2c4598ba7b change snapshot dir 2023-09-18 07:51:47 +03:00
3d258436a2 add a few packages 2023-09-17 06:48:00 +03:00
b436195d49 hardware observability 2023-09-16 08:53:23 +03:00
948ce2da5a enable autorandr 2023-09-15 22:06:05 +03:00
52a1c97f13 reduce number of packages on servers 2023-09-15 15:49:01 +03:00
2bc3275dfc add some applications and extensions 2023-09-15 14:39:04 +03:00
e3c5f37b43 add some packages 2023-09-15 13:05:56 +03:00
b1e57c93f1 install parallel everywhere 2023-09-15 12:51:10 +03:00
d7888b000b fix gp 2023-09-15 12:48:14 +03:00
c5191372e8 install gpg 2023-09-15 12:46:10 +03:00
211f580539 gpg-agent: move to per-user 2023-09-15 12:35:59 +03:00
7ee6a0de71 zfsborg: remove the ${mountpoint}/.snapshot-latest prefix
The path in the filesystem is quite clear from the archive name.
2023-09-15 11:05:05 +03:00
30426ad89e zfsborg: mount the tmpfs on all units 2023-09-15 10:10:54 +03:00
9eb8147660 tailscale: silence logs on some machines 2023-09-14 14:37:55 +03:00
b1b046d78a sudo: fix extraGroups of motiejus
this misses 'wheel'
2023-09-14 13:07:39 +03:00
e341092306 fwminex: enable redistributable firmware, remove docker volume 2023-09-14 11:31:53 +03:00
a7a6148d0f fwminex: allow nonfree 2023-09-14 10:53:01 +03:00
1430bf9d6d fwminex: swap 2023-09-14 07:43:18 +03:00
85917635fd sshguard is now optional 2023-09-14 06:41:16 +03:00
234933dee1 install smartmontools 2023-09-13 13:29:06 +03:00
e38f446793 add fwminex 2023-09-13 13:04:40 +03:00
00a6a27b92 zfsborg: use TemporaryFileSystem for temp snapshots
Otherwise:

Sep 13 00:01:05 vno1-oh2 systemd[1]: Started BorgBackup job -var-lib-1.
Sep 13 00:01:06 vno1-oh2 borgbackup-job--var-lib-1-start[329228]: filesystem 'rpool/nixos/var/lib@autosnap_2023-09-12_21:00:06_hourly' is already mounted
Sep 13 00:01:06 vno1-oh2 borgbackup-job--var-lib-1-start[329209]: umount: /var/lib/.snapshot-latest: not mounted.
Sep 13 00:01:06 vno1-oh2 systemd[1]: borgbackup-job--var-lib-1.service: Main process exited, code=exited, status=32/n/a
Sep 13 00:01:06 vno1-oh2 systemd[1]: borgbackup-job--var-lib-1.service: Failed with result 'exit-code'.
Sep 13 00:01:06 vno1-oh2 systemd[1]: borgbackup-job--var-lib-1.service: Triggering OnFailure= dependencies.
2023-09-13 08:37:35 +03:00
2dd8cda85a open up samba 2023-09-12 16:08:32 +03:00
e61944dfde rewrite firewall rules 2023-09-12 15:46:44 +03:00
2b5b9bc57f samba some progress 2023-09-12 13:31:46 +03:00
49d92971c9 pass BORG_HOST_ID correctly 2023-09-12 11:41:45 +03:00
b204d5532f zfsborg: add BORG_HOST_ID if nics change 2023-09-12 11:30:08 +03:00
563d340013 add lshw 2023-09-12 11:17:50 +03:00
94253212c6 networking.firewall.checkReversePath = "loose" for tailscale 2023-09-11 22:38:44 +03:00
f33f8b3d1b add bonnie++, remove nix-top 2023-09-11 22:01:59 +03:00
80aca1ede2 Revert "firewall: open iperf3 fully"
This reverts commit 56bc914934.
2023-09-11 21:59:43 +03:00
56bc914934 firewall: open iperf3 fully 2023-09-11 21:54:12 +03:00
24412cbfc7 iperf: open up port 2023-09-11 21:43:34 +03:00
99342a6bb9 all: add iperf 2023-09-11 21:32:34 +03:00
27d663e63a bugfix in attrset merging 2023-09-11 17:48:08 +03:00
a522300158 borgbackup: add numbers to jobs 2023-09-11 17:38:18 +03:00
5721531486 nitpicking 2023-09-11 17:27:14 +03:00
583f74cf3f zfsborg: restructure config
Preparing for 2 repo destinations.
2023-09-11 17:25:12 +03:00
c7643a20d8 home-manager git name 2023-09-07 19:46:46 +03:00
2963f0a0d7 gc: every 7d 2023-09-03 07:20:49 +03:00
cc11726ed7 remove hel1-a 2023-08-27 15:17:54 +03:00
1db9253ae6 fra1-a 2023-08-26 23:37:16 +03:00
3f9db2ad12 configure nvim 2023-08-25 11:01:46 +03:00
6cf894ee68 move logRefusedConnections to base 2023-08-24 23:49:21 +03:00
86ee4ee571 enable chrony 2023-08-24 17:14:57 +03:00
8bd3af3878 tmux 2023-08-18 23:49:49 +03:00
4f337fe8c0 configure nvim system-wide 2023-08-18 23:33:56 +03:00
1522a5284e neovim: default editor 2023-08-18 21:45:38 +03:00
a9ab4b4514 re-enabling vim 2023-08-18 19:07:52 +03:00
7063b1d84e vim nitpicks 2023-08-18 18:50:39 +03:00
74b19c049b remove some old leftovers from vimrc 2023-08-18 18:44:21 +03:00
e1378a3617 start with vim 2023-08-18 18:43:34 +03:00
3be112cc46 home-manager: use global pkgs 2023-08-18 16:30:26 +03:00
47453cdfe1 home-manager/motiejus: add very basic test configs 2023-08-18 16:26:00 +03:00
b4ac54d9a7 install perf-tools 2023-08-16 00:04:38 +03:00
4354cde55e vno1-rp3b 2023-08-15 07:18:26 +03:00
43d6d25dd0 sysdig: enable everywhere 2023-08-05 17:27:13 +03:00
a030ae0879 fix syntax error 2023-07-28 14:25:36 +03:00
579f21b0d1 hel1-a: make initrd consistent with vno1-oh2 2023-07-28 14:25:14 +03:00
e9c8320f72 unitstatus: unit status cmd is more robust 2023-07-28 14:04:26 +03:00
3237810611 unitstatus: remove escaping
Otherwise:

    Invalid unit name "borgbackup/job//home" escaped as "borgbackup-job--home" (maybe you should use systemd-escape?).
2023-07-28 13:56:52 +03:00
0677c8eb2a a few network traffic observability programs 2023-07-26 15:42:10 +03:00
8cecf18f43 mount zfs snapshots read-only 2023-07-26 15:36:11 +03:00
4522af453b start/stop firewall commands 2023-07-26 15:14:12 +03:00
ab11ee31f2 vno1-oh2: pass ssh key to borg 2023-07-26 14:49:34 +03:00
bb5ae6d2f7 sshguard: whitelist all known public ips 2023-07-26 14:17:14 +03:00
99488618ce enable sshguard and plocate 2023-07-26 14:12:09 +03:00
cff18bfb8f move common zfs settings to modules/base 2023-07-26 14:01:57 +03:00
bccefbc4ba split backup dirs to their repos 2023-07-26 12:59:19 +03:00
77c40d676d add sysstat 2023-07-26 11:09:52 +03:00
9cf3ed3185 add procps 2023-07-26 11:06:28 +03:00
71fd71cb6b vno1-oh2: add updaterbot 2023-07-24 16:46:35 +03:00
f5d3249fa0 add en_US.UTF-8/UTF-8 locale 2023-07-24 12:47:41 +03:00
4611c08d4f cleanup ips; nix fmt 2023-07-24 12:36:34 +03:00
6c9cb09a6f root unlocking is more restrictive
akin to asking for a password
2023-07-23 16:05:07 +03:00
dd60e07a14 wip more intitrd unlockers 2023-07-23 15:24:38 +03:00
b529dd5c5c make host pubkeys reachable via myData 2023-07-23 15:10:22 +03:00
f4446cb506 wip vno1-oh2 2023-07-22 16:51:34 +03:00
28d12ab379 small cleanup 2023-07-20 15:04:50 +03:00