Commit Graph

1613 Commits

Author SHA1 Message Date
8cecf18f43 mount zfs snapshots read-only 2023-07-26 15:36:11 +03:00
936286a847 backup syncthing keys too 2023-07-26 15:31:05 +03:00
4522af453b start/stop firewall commands 2023-07-26 15:14:12 +03:00
ab11ee31f2 vno1-oh2: pass ssh key to borg 2023-07-26 14:49:34 +03:00
e1b1715a48 vno1-oh2: backup /home/motiejus/annex2 2023-07-26 14:24:20 +03:00
bb5ae6d2f7 sshguard: whitelist all known public ips 2023-07-26 14:17:14 +03:00
99488618ce enable sshguard and plocate 2023-07-26 14:12:09 +03:00
6200488e32 remove nixos-upgrade 2023-07-26 14:04:45 +03:00
cff18bfb8f move common zfs settings to modules/base 2023-07-26 14:01:57 +03:00
d4527c24a6 mailutils comes with postfix 2023-07-26 13:32:03 +03:00
bac191ef2f postfix: add to vno1-oh2 2023-07-26 13:27:15 +03:00
60936605c9 vno1-oh2: snapshot /home 2023-07-26 13:09:40 +03:00
bccefbc4ba split backup dirs to their repos 2023-07-26 12:59:19 +03:00
4f1aa85659 syncthing 2023-07-26 12:55:15 +03:00
77c40d676d add sysstat 2023-07-26 11:09:52 +03:00
9cf3ed3185 add procps 2023-07-26 11:06:28 +03:00
f57a61cfc9 remove grub.version 2023-07-26 10:49:04 +03:00
727c0457f6 flake.lock: Update
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/0d8c5325fc81daf00532e3e26c6752f7bcde1143' (2023-07-14)
  → 'github:ryantm/agenix/d8c973fd228949736dedf61b7f8cc1ece3236792' (2023-07-24)
2023-07-26 08:21:14 +03:00
e85cfd5d08 add TODO 2023-07-24 16:46:35 +03:00
69fe567b00 vno1-oh2: trust updaterbot 2023-07-24 16:46:35 +03:00
71fd71cb6b vno1-oh2: add updaterbot 2023-07-24 16:46:35 +03:00
aac0ea1fec remove glibcLocales temporarily; it's null sometimes 2023-07-24 16:46:35 +03:00
8b673d25af change initrd pubkey of vno1-oh2 2023-07-24 16:46:35 +03:00
6977dcff77 flake.lock: Update
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/6da4bc6cb07cba1b8e53d139cbf1d2fb8061d967' (2023-07-21)
  → 'github:NixOS/nixpkgs/ac1acba43b2f9db073943ff5ed883ce7e8a40a2c' (2023-07-23)
2023-07-24 16:46:10 +03:00
5b44216b4b add zfsunlock for vno1-oh2 2023-07-24 12:50:17 +03:00
f5d3249fa0 add en_US.UTF-8/UTF-8 locale 2023-07-24 12:47:41 +03:00
6f7e911d4e flakes: add locale-archive 2023-07-24 12:42:37 +03:00
4611c08d4f cleanup ips; nix fmt 2023-07-24 12:36:34 +03:00
c2249cebb1 zfsunlock: quiet diagnostics 2023-07-24 10:38:29 +03:00
679226b60f zfsunlock 2023-07-24 10:31:29 +03:00
6c9cb09a6f root unlocking is more restrictive
akin to asking for a password
2023-07-23 16:05:07 +03:00
9c116fa8c7 add vno1-oh2 pubkey to hel1-a initrd 2023-07-23 15:58:54 +03:00
16c024ae47 zfs-passphrases are one-level now 2023-07-23 15:43:55 +03:00
039ea29829 flake.lock: Update
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/08700de174bc6235043cb4263b643b721d936bdb' (2023-07-18)
  → 'github:NixOS/nixpkgs/6da4bc6cb07cba1b8e53d139cbf1d2fb8061d967' (2023-07-21)
2023-07-23 15:38:24 +03:00
7307ef57f7 comment zfs passphrases temporarily 2023-07-23 15:37:59 +03:00
4d927856e6 move pubkeys back to data.nix 2023-07-23 15:34:16 +03:00
dd60e07a14 wip more intitrd unlockers 2023-07-23 15:24:38 +03:00
af1f4be6a2 make DNS configuration consistent 2023-07-23 15:11:59 +03:00
b529dd5c5c make host pubkeys reachable via myData 2023-07-23 15:10:22 +03:00
a6a1229825 add rootfs secrets 2023-07-23 14:27:29 +03:00
0a2cafb830 use motiejus for deployment 2023-07-22 20:27:49 +03:00
e4679c8299 rekeying 2023-07-22 20:25:28 +03:00
f4446cb506 wip vno1-oh2 2023-07-22 16:51:34 +03:00
7ac1264454 add motiejus_yk2 2023-07-20 16:32:46 +03:00
95d6326c5a update yubikey-installer.nix to 23.05 and nix flake update 2023-07-20 15:19:33 +03:00
28d12ab379 small cleanup 2023-07-20 15:04:50 +03:00
5313a3ffeb users and passwords 2023-07-20 15:02:38 +03:00
16a8eff543 small cleanup 2023-07-20 11:56:37 +03:00
0f1d12cb34 unitstatus: pre-defined service units now exist 2023-07-20 10:25:53 +03:00
1bfd201028 add unitstatus
with some TODOs
2023-07-20 06:58:47 +03:00