Commit Graph

726 Commits

Author SHA1 Message Date
382ef7b0d7 install pdftk 2023-09-15 14:43:56 +03:00
9821b197c0 add system-wide firefox too 2023-09-15 14:42:55 +03:00
f93555770a firefox: back to standard 2023-09-15 14:41:56 +03:00
2bc3275dfc add some applications and extensions 2023-09-15 14:39:04 +03:00
588f530f22 disable syncthing temporarily 2023-09-15 13:29:55 +03:00
6b3f073b5b secrets for fwminex 2023-09-15 13:28:15 +03:00
d57b2e5a1b enable pcscd 2023-09-15 13:27:12 +03:00
e3c5f37b43 add some packages 2023-09-15 13:05:56 +03:00
b1e57c93f1 install parallel everywhere 2023-09-15 12:51:10 +03:00
d7888b000b fix gp 2023-09-15 12:48:14 +03:00
c5191372e8 install gpg 2023-09-15 12:46:10 +03:00
211f580539 gpg-agent: move to per-user 2023-09-15 12:35:59 +03:00
3b005f06cc add firefox 2023-09-15 12:33:09 +03:00
831bce0813 move to non-small
I'd rather not compile firefox.
2023-09-15 12:32:47 +03:00
93b95af851 borgstor: allow motiejus to read borg backups 2023-09-15 11:17:40 +03:00
7ee6a0de71 zfsborg: remove the ${mountpoint}/.snapshot-latest prefix
The path in the filesystem is quite clear from the archive name.
2023-09-15 11:05:05 +03:00
331ffa9450 vno3-rp3b: add borgbackup app 2023-09-15 10:49:27 +03:00
30426ad89e zfsborg: mount the tmpfs on all units 2023-09-15 10:10:54 +03:00
317141fefb flake.lock: Update
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/d8c973fd228949736dedf61b7f8cc1ece3236792' (2023-07-24)
  → 'github:ryantm/agenix/54693c91d923fecb4cf04c4535e3d84f8dec7919' (2023-09-14)
2023-09-14 23:30:50 +00:00
7aa458e77b nixos-hardware: remove non-existing override 2023-09-14 22:12:17 +03:00
c80b1a996a switch to lightdm/xfce4 + sound 2023-09-14 21:58:06 +03:00
09f1b62cc8 add a desktop profile 2023-09-14 21:53:59 +03:00
9688e4147b fwminex: follow nixos-hardware 2023-09-14 21:46:01 +03:00
0389fa709a vno1-rp3b: enable zfs misc 2023-09-14 21:38:29 +03:00
350c9a8d49 disable zfs-mount 2023-09-14 15:26:16 +03:00
8b0573409d fwminex: enable firewall 2023-09-14 15:25:08 +03:00
b38c4013e7 cosmetics: quoting
it's fine, there is overrides.conf
2023-09-14 15:15:27 +03:00
b73f671bc0 silenceLogs is not picked up
Result:
$ cat result/etc/systemd/system/tailscaled.service
[Unit]
Description=Tailscale node agent
Documentation=https://tailscale.com/kb/
Wants=network-pre.target
After=network-pre.target NetworkManager.service systemd-resolved.service

[Service]
ExecStartPre=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup
ExecStart=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port=
ExecStopPost=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup

Restart=on-failure

RuntimeDirectory=tailscale
RuntimeDirectoryMode=0755
StateDirectory=tailscale
StateDirectoryMode=0700
CacheDirectory=tailscale
CacheDirectoryMode=0750
Type=notify

[Install]
WantedBy=multi-user.target
2023-09-14 15:10:18 +03:00
76c07129f3 re-add () 2023-09-14 14:51:36 +03:00
fb3c39d7dc re-enable tailscale, oops 2023-09-14 14:48:54 +03:00
9eb8147660 tailscale: silence logs on some machines 2023-09-14 14:37:55 +03:00
aad4502030 rename vno1-rp3b to vno3-rp3b
ready for deployment
2023-09-14 13:27:05 +03:00
45a9b7475b vno1-rp3b: dhcp 2023-09-14 13:24:40 +03:00
553cda8fc7 vno1-rp3b: enable vno3 2023-09-14 13:23:04 +03:00
b1b046d78a sudo: fix extraGroups of motiejus
this misses 'wheel'
2023-09-14 13:07:39 +03:00
4a5893ae73 fwminex: some hardware updates 2023-09-14 09:42:14 +00:00
8e32a16f01 add iwlwifi to early-ish boot 2023-09-14 11:35:29 +03:00
e341092306 fwminex: enable redistributable firmware, remove docker volume 2023-09-14 11:31:53 +03:00
a7a6148d0f fwminex: allow nonfree 2023-09-14 10:53:01 +03:00
280b8cf3ad fwminex: fix mountpoint to /var/lib/docker 2023-09-14 10:40:23 +03:00
1430bf9d6d fwminex: swap 2023-09-14 07:43:18 +03:00
90be8b6e5f fwminex: fix typo 2023-09-14 06:42:44 +03:00
62e00f3bc7 fwminex: firewall and swap devices 2023-09-14 06:41:37 +03:00
85917635fd sshguard is now optional 2023-09-14 06:41:16 +03:00
f34af96bc4 flake.lock: Update
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/36bee398beca22e2428074e0a2e068d87f801718' (2023-09-12)
  → 'github:NixOS/nixpkgs/e27ca312d56522b907b998c2ff99169bf12639f2' (2023-09-13)
2023-09-13 23:30:50 +00:00
182a87b0b9 another fix for swap devices 2023-09-13 15:18:25 +03:00
e617dbf55f fwminex: fix swap and docker 2023-09-13 15:13:44 +03:00
2220be3c81 fwminex: set hostid 2023-09-13 14:46:58 +03:00
b5a3e29e6f force no legacy grub (now) 2023-09-13 14:14:25 +03:00
7775c760fa fwminex: update partition scheme 2023-09-13 13:54:22 +03:00