Motiejus Jakštys
|
fcc52c1297
|
remove obsolete comment
|
2023-09-15 14:44:17 +03:00 |
Motiejus Jakštys
|
382ef7b0d7
|
install pdftk
|
2023-09-15 14:43:56 +03:00 |
Motiejus Jakštys
|
9821b197c0
|
add system-wide firefox too
|
2023-09-15 14:42:55 +03:00 |
Motiejus Jakštys
|
f93555770a
|
firefox: back to standard
|
2023-09-15 14:41:56 +03:00 |
Motiejus Jakštys
|
2bc3275dfc
|
add some applications and extensions
|
2023-09-15 14:39:04 +03:00 |
Motiejus Jakštys
|
d57b2e5a1b
|
enable pcscd
|
2023-09-15 13:27:12 +03:00 |
Motiejus Jakštys
|
e3c5f37b43
|
add some packages
|
2023-09-15 13:05:56 +03:00 |
Motiejus Jakštys
|
b1e57c93f1
|
install parallel everywhere
|
2023-09-15 12:51:10 +03:00 |
Motiejus Jakštys
|
d7888b000b
|
fix gp
|
2023-09-15 12:48:14 +03:00 |
Motiejus Jakštys
|
c5191372e8
|
install gpg
|
2023-09-15 12:46:10 +03:00 |
Motiejus Jakštys
|
211f580539
|
gpg-agent: move to per-user
|
2023-09-15 12:35:59 +03:00 |
Motiejus Jakštys
|
3b005f06cc
|
add firefox
|
2023-09-15 12:33:09 +03:00 |
Motiejus Jakštys
|
7ee6a0de71
|
zfsborg: remove the ${mountpoint}/.snapshot-latest prefix
The path in the filesystem is quite clear from the archive name.
|
2023-09-15 11:05:05 +03:00 |
Motiejus Jakštys
|
30426ad89e
|
zfsborg: mount the tmpfs on all units
|
2023-09-15 10:10:54 +03:00 |
Motiejus Jakštys
|
c80b1a996a
|
switch to lightdm/xfce4 + sound
|
2023-09-14 21:58:06 +03:00 |
Motiejus Jakštys
|
09f1b62cc8
|
add a desktop profile
|
2023-09-14 21:53:59 +03:00 |
Motiejus Jakštys
|
b38c4013e7
|
cosmetics: quoting
it's fine, there is overrides.conf
|
2023-09-14 15:15:27 +03:00 |
Motiejus Jakštys
|
b73f671bc0
|
silenceLogs is not picked up
Result:
$ cat result/etc/systemd/system/tailscaled.service
[Unit]
Description=Tailscale node agent
Documentation=https://tailscale.com/kb/
Wants=network-pre.target
After=network-pre.target NetworkManager.service systemd-resolved.service
[Service]
ExecStartPre=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup
ExecStart=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port=
ExecStopPost=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup
Restart=on-failure
RuntimeDirectory=tailscale
RuntimeDirectoryMode=0755
StateDirectory=tailscale
StateDirectoryMode=0700
CacheDirectory=tailscale
CacheDirectoryMode=0750
Type=notify
[Install]
WantedBy=multi-user.target
|
2023-09-14 15:10:18 +03:00 |
Motiejus Jakštys
|
76c07129f3
|
re-add ()
|
2023-09-14 14:51:36 +03:00 |
Motiejus Jakštys
|
fb3c39d7dc
|
re-enable tailscale, oops
|
2023-09-14 14:48:54 +03:00 |
Motiejus Jakštys
|
9eb8147660
|
tailscale: silence logs on some machines
|
2023-09-14 14:37:55 +03:00 |
Motiejus Jakštys
|
553cda8fc7
|
vno1-rp3b: enable vno3
|
2023-09-14 13:23:04 +03:00 |
Motiejus Jakštys
|
b1b046d78a
|
sudo: fix extraGroups of motiejus
this misses 'wheel'
|
2023-09-14 13:07:39 +03:00 |
Motiejus Jakštys
|
e341092306
|
fwminex: enable redistributable firmware, remove docker volume
|
2023-09-14 11:31:53 +03:00 |
Motiejus Jakštys
|
a7a6148d0f
|
fwminex: allow nonfree
|
2023-09-14 10:53:01 +03:00 |
Motiejus Jakštys
|
1430bf9d6d
|
fwminex: swap
|
2023-09-14 07:43:18 +03:00 |
Motiejus Jakštys
|
85917635fd
|
sshguard is now optional
|
2023-09-14 06:41:16 +03:00 |
Motiejus Jakštys
|
234933dee1
|
install smartmontools
|
2023-09-13 13:29:06 +03:00 |
Motiejus Jakštys
|
e38f446793
|
add fwminex
|
2023-09-13 13:04:40 +03:00 |
Motiejus Jakštys
|
e12e139128
|
samba: make file/dir masks a bit more restrictive
|
2023-09-13 09:00:28 +03:00 |
Motiejus Jakštys
|
00a6a27b92
|
zfsborg: use TemporaryFileSystem for temp snapshots
Otherwise:
Sep 13 00:01:05 vno1-oh2 systemd[1]: Started BorgBackup job -var-lib-1.
Sep 13 00:01:06 vno1-oh2 borgbackup-job--var-lib-1-start[329228]: filesystem 'rpool/nixos/var/lib@autosnap_2023-09-12_21:00:06_hourly' is already mounted
Sep 13 00:01:06 vno1-oh2 borgbackup-job--var-lib-1-start[329209]: umount: /var/lib/.snapshot-latest: not mounted.
Sep 13 00:01:06 vno1-oh2 systemd[1]: borgbackup-job--var-lib-1.service: Main process exited, code=exited, status=32/n/a
Sep 13 00:01:06 vno1-oh2 systemd[1]: borgbackup-job--var-lib-1.service: Failed with result 'exit-code'.
Sep 13 00:01:06 vno1-oh2 systemd[1]: borgbackup-job--var-lib-1.service: Triggering OnFailure= dependencies.
|
2023-09-13 08:37:35 +03:00 |
Motiejus Jakštys
|
4f152205ce
|
samba: log level = 0
|
2023-09-12 23:27:23 +03:00 |
Motiejus Jakštys
|
bef137b967
|
wsdd: specify existing hostname
|
2023-09-12 23:18:46 +03:00 |
Motiejus Jakštys
|
53ce3910aa
|
replace nmbd with wsdd
https://askubuntu.com/questions/661611/make-samba-share-visible-in-windows-network
|
2023-09-12 23:10:59 +03:00 |
Motiejus Jakštys
|
e45573c8a6
|
fix samba config
works!
|
2023-09-12 22:55:17 +03:00 |
Motiejus Jakštys
|
4f45d605e1
|
vno1-rp3b: some attempts at samba
|
2023-09-12 17:44:17 +03:00 |
Motiejus Jakštys
|
7891663a65
|
jakstpub: change home dir to /var/empty
|
2023-09-12 17:27:11 +03:00 |
Motiejus Jakštys
|
2dd8cda85a
|
open up samba
|
2023-09-12 16:08:32 +03:00 |
Motiejus Jakštys
|
e61944dfde
|
rewrite firewall rules
|
2023-09-12 15:46:44 +03:00 |
Motiejus Jakštys
|
2b5b9bc57f
|
samba some progress
|
2023-09-12 13:31:46 +03:00 |
Motiejus Jakštys
|
49d92971c9
|
pass BORG_HOST_ID correctly
|
2023-09-12 11:41:45 +03:00 |
Motiejus Jakštys
|
b204d5532f
|
zfsborg: add BORG_HOST_ID if nics change
|
2023-09-12 11:30:08 +03:00 |
Motiejus Jakštys
|
563d340013
|
add lshw
|
2023-09-12 11:17:50 +03:00 |
Motiejus Jakštys
|
94253212c6
|
networking.firewall.checkReversePath = "loose" for tailscale
|
2023-09-11 22:38:44 +03:00 |
Motiejus Jakštys
|
f33f8b3d1b
|
add bonnie++, remove nix-top
|
2023-09-11 22:01:59 +03:00 |
Motiejus Jakštys
|
80aca1ede2
|
Revert "firewall: open iperf3 fully"
This reverts commit 56bc914934 .
|
2023-09-11 21:59:43 +03:00 |
Motiejus Jakštys
|
56bc914934
|
firewall: open iperf3 fully
|
2023-09-11 21:54:12 +03:00 |
Motiejus Jakštys
|
24412cbfc7
|
iperf: open up port
|
2023-09-11 21:43:34 +03:00 |
Motiejus Jakštys
|
99342a6bb9
|
all: add iperf
|
2023-09-11 21:32:34 +03:00 |
Motiejus Jakštys
|
27d663e63a
|
bugfix in attrset merging
|
2023-09-11 17:48:08 +03:00 |
Motiejus Jakštys
|
a522300158
|
borgbackup: add numbers to jobs
|
2023-09-11 17:38:18 +03:00 |
Motiejus Jakštys
|
5721531486
|
nitpicking
|
2023-09-11 17:27:14 +03:00 |
Motiejus Jakštys
|
583f74cf3f
|
zfsborg: restructure config
Preparing for 2 repo destinations.
|
2023-09-11 17:25:12 +03:00 |
Motiejus Jakštys
|
866347b042
|
add borgstor
|
2023-09-11 15:51:33 +03:00 |
Motiejus Jakštys
|
377030d0c0
|
headscale: remove ipv6 subnet
it's confusing: I couldn't find an easy way to get the ipv4 address on a client
|
2023-09-11 14:37:05 +03:00 |
Motiejus Jakštys
|
20ccb666c8
|
smtp
|
2023-09-07 19:46:47 +03:00 |
Motiejus Jakštys
|
c7643a20d8
|
home-manager git name
|
2023-09-07 19:46:46 +03:00 |
Motiejus Jakštys
|
fd9f30f7d4
|
snmp exporter: maybe exposing the file will work now?
|
2023-09-05 14:58:30 +03:00 |
Motiejus Jakštys
|
24e6aa333e
|
snmp exporter: expose in vpn for all to see
|
2023-09-05 14:45:09 +03:00 |
Motiejus Jakštys
|
5c1cccb8a4
|
snmp: from package back to module
|
2023-09-05 14:41:52 +03:00 |
Motiejus Jakštys
|
2963f0a0d7
|
gc: every 7d
|
2023-09-03 07:20:49 +03:00 |
Motiejus Jakštys
|
fe30f6c32a
|
Add dl.jakstys.lt
|
2023-08-29 15:41:57 +03:00 |
Motiejus Jakštys
|
cc11726ed7
|
remove hel1-a
|
2023-08-27 15:17:54 +03:00 |
Motiejus Jakštys
|
617b829589
|
deployerbot: add fra1-a
|
2023-08-27 01:04:09 +03:00 |
Motiejus Jakštys
|
1db9253ae6
|
fra1-a
|
2023-08-26 23:37:16 +03:00 |
Motiejus Jakštys
|
23347f6952
|
matrix-synapse: listen on 127.0.0.1
reverse proxying is over
|
2023-08-25 17:00:30 +03:00 |
Motiejus Jakštys
|
3687d7cd73
|
matrix-synapse listen on 0.0.0.0
|
2023-08-25 16:14:12 +03:00 |
Motiejus Jakštys
|
2776f8c517
|
fix extraConfigFiles
|
2023-08-25 16:03:46 +03:00 |
Motiejus Jakštys
|
355d8c21cc
|
move matrix-synapse to it's module
|
2023-08-25 15:49:37 +03:00 |
Motiejus Jakštys
|
3f9db2ad12
|
configure nvim
|
2023-08-25 11:01:46 +03:00 |
Motiejus Jakštys
|
f87a712635
|
node_exporter gets its own uidgid
|
2023-08-25 09:55:21 +03:00 |
Motiejus Jakštys
|
9740b42493
|
gitea: listen on 3001
|
2023-08-25 09:41:42 +03:00 |
Motiejus Jakštys
|
6cf894ee68
|
move logRefusedConnections to base
|
2023-08-24 23:49:21 +03:00 |
Motiejus Jakštys
|
c3168bb2d3
|
headscale
|
2023-08-24 23:46:45 +03:00 |
Motiejus Jakštys
|
be4df58cbb
|
move gitea to its own module
|
2023-08-24 23:34:48 +03:00 |
Motiejus Jakštys
|
86ee4ee571
|
enable chrony
|
2023-08-24 17:14:57 +03:00 |
Motiejus Jakštys
|
407024dfa9
|
zfsunlock: use IP addresses + zfsunlock
|
2023-08-22 14:14:20 +03:00 |
Motiejus Jakštys
|
8bd3af3878
|
tmux
|
2023-08-18 23:49:49 +03:00 |
Motiejus Jakštys
|
4f337fe8c0
|
configure nvim system-wide
|
2023-08-18 23:33:56 +03:00 |
Motiejus Jakštys
|
1522a5284e
|
neovim: default editor
|
2023-08-18 21:45:38 +03:00 |
Motiejus Jakštys
|
a9ab4b4514
|
re-enabling vim
|
2023-08-18 19:07:52 +03:00 |
Motiejus Jakštys
|
7063b1d84e
|
vim nitpicks
|
2023-08-18 18:50:39 +03:00 |
Motiejus Jakštys
|
74b19c049b
|
remove some old leftovers from vimrc
|
2023-08-18 18:44:21 +03:00 |
Motiejus Jakštys
|
e1378a3617
|
start with vim
|
2023-08-18 18:43:34 +03:00 |
Motiejus Jakštys
|
3be112cc46
|
home-manager: use global pkgs
|
2023-08-18 16:30:26 +03:00 |
Motiejus Jakštys
|
47453cdfe1
|
home-manager/motiejus: add very basic test configs
|
2023-08-18 16:26:00 +03:00 |
Motiejus Jakštys
|
bbf562d205
|
move node_exporter to its own module
|
2023-08-18 09:32:01 +03:00 |
Motiejus Jakštys
|
4dee4159e7
|
nix --accept-flake-config
|
2023-08-16 20:26:37 +03:00 |
Motiejus Jakštys
|
b4ac54d9a7
|
install perf-tools
|
2023-08-16 00:04:38 +03:00 |
Motiejus Jakštys
|
4354cde55e
|
vno1-rp3b
|
2023-08-15 07:18:26 +03:00 |
Motiejus Jakštys
|
98a4ad79f8
|
grafana now on https://grafana.jakstys.lt, over vpn
|
2023-08-14 09:04:09 +03:00 |
Motiejus Jakštys
|
a2a741d27e
|
fmt and formatting; nsd-acme is less verbose
|
2023-08-10 10:48:34 +03:00 |
Motiejus Jakštys
|
fa435f65d0
|
zones don't need to be sanitized
it's DNS!
|
2023-08-10 10:46:06 +03:00 |
Motiejus Jakštys
|
7bedc09abb
|
deployerbot: do not restart if changed
leads to interesting deadlocks when upgrading self
|
2023-08-10 10:40:07 +03:00 |
Motiejus Jakštys
|
4878c42ca9
|
cron + alerting for cert updates
|
2023-08-10 00:46:36 +03:00 |
Motiejus Jakštys
|
9059f84632
|
uacme can return 1 when cert is up to date
|
2023-08-10 00:37:21 +03:00 |
Motiejus Jakštys
|
76a748e086
|
grafana is now prod
|
2023-08-10 00:29:56 +03:00 |
Motiejus Jakštys
|
98816538d2
|
trying grafana1
|
2023-08-10 00:24:36 +03:00 |
Motiejus Jakštys
|
69e6734eb7
|
nsd-acme: misc fixes
|
2023-08-09 15:55:05 +03:00 |
Motiejus Jakštys
|
9a456192af
|
nsd-acme
|
2023-08-09 15:34:44 +03:00 |