Commit Graph

169 Commits

Author SHA1 Message Date
b7d9df794e nixbld: close legacy firewall ports 2023-04-05 12:42:42 +08:00
6d31b77f0e add .ph site 2023-03-23 15:22:25 +08:00
ff37c5949e nixbld: add esavkin 2023-03-03 18:29:45 +08:00
8ea7b06218 remove therobs12 user 2023-02-16 11:55:29 +08:00
c9f774d011 nixbld: install labelprinter 2023-02-10 18:26:12 +08:00
9babd68652 nixbld: give backupdl access to nextcloud 2023-01-31 15:41:15 +08:00
b3f5f687aa nixbld: cleanup backupdl keys 2023-01-30 16:14:12 +08:00
af27584100 nixbld: remove topquark12 user 2023-01-30 16:12:13 +08:00
4c7a2dfce3 nixbld: label printer permissions 2023-01-30 16:12:00 +08:00
30fa569bdc nixbld: block more insecure devices 2023-01-30 16:08:27 +08:00
9dee7c1888 nixbld: update backupdl key 2023-01-29 20:19:05 +08:00
0faa05aec3 nixbld: add back qnetp DNS 2023-01-29 18:29:16 +08:00
21a7d1c36e nixbld: update LAN AAAA records 2023-01-29 18:01:31 +08:00
faff3a5eef nixbld: relocation 2023-01-29 12:11:31 +08:00
3210289ebf fix *.mil DNS lookups 2023-01-28 09:54:13 +08:00
dd0ebf1c47 nixbld: move to he.net DNS 2023-01-27 14:48:14 +08:00
2c770e9929 nixbld: better workaround against crappy registrar without glue records
PCCW's static.imsbiz.com is wonky and not always available for all IPs, so stop using it.
2023-01-16 16:07:58 +08:00
fb54880765 nixbld: start rt-fetchmail after dovecot 2023-01-04 11:54:30 +08:00
ea0b7d6dc7 nixbld: enable POP3 2022-12-25 11:07:02 +08:00
3b224c56aa nixbld: ignore local IP for fail2ban 2022-12-24 15:42:35 +08:00
162ad28a52 hydra: allow eval from duke gitlab 2022-12-17 14:58:35 +08:00
dbc9f4c68d remote setup 2022-12-10 19:17:22 +08:00
15d99bc68b nixbld: persist DNSSEC private key
https://github.com/NixOS/nixpkgs/issues/204391
2022-12-05 10:00:35 +08:00
70a7ce5d30 nixbld: remove obsolete ssh key 2022-12-03 17:14:23 +08:00
2af492e37e nixbld: NixOS 22.11 2022-12-03 16:29:32 +08:00
88dd1a5fc4 nixbld: update therobs shell 2022-11-11 17:58:10 +08:00
cecda7e28b nixbld: update users 2022-11-11 17:46:10 +08:00
2d9b7767a6 nixbld: enable aarch64-linux binfmt emulation 2022-11-09 21:14:11 +08:00
fb745a11e3 nixbld: new msys2 repos 2022-11-03 19:09:35 +08:00
0c8019516d nixbld: fix bind DNSSEC configuration for new version
https://gitlab.isc.org/isc-projects/bind9/-/issues/3554
2022-09-30 16:46:39 +08:00
d2bfca1f25 nixbld: serve nmigen docs 2022-09-27 11:07:13 +08:00
9bc617a019 nixbld: fix munin auth 2022-09-23 11:00:49 +08:00
4b23f8d66f nixbld: update DNS zone 2022-09-23 10:58:41 +08:00
e2e4b0842a nixbld: add yuk account 2022-09-21 10:12:25 +08:00
382c8bfaab nixbld: add aux key for backupdl 2022-09-17 19:19:00 +08:00
ac022776e7 nixbld: SSH reverse proxy setup 2022-09-17 19:13:54 +08:00
e9b02d0c72 nixbld: disable kk105 account 2022-09-13 08:50:16 +08:00
cd215e9e66 nixbld: backup hedgedoc 2022-09-02 18:10:17 +08:00
663e030aa8 nixbld: update named zone serial 2022-09-01 11:39:56 +08:00
365ec54358 nixbld: install hedgedoc 2022-09-01 11:39:47 +08:00
20175f7bc0 nixbld: rfc2181 forbids mx cname 2022-09-01 10:55:31 +08:00
dc8db5fbee rfq: do not write email password to the Nix store 2022-08-13 11:43:01 +08:00
dc08412ba2 update email settings 2022-08-13 11:22:01 +08:00
13bfee7be2 switch email server 2022-08-13 10:25:53 +08:00
a517d429ab work around Google DNS geolocation fuckup 2022-08-12 18:37:42 +08:00
7dc4866314 nixbld: more email setup 2022-08-09 17:45:26 +08:00
5f7cb6113e nixbld: block siglent internet 2022-08-03 12:52:26 +08:00
a147bb3883 nixbld: add topquark12 2022-07-31 19:40:45 +08:00
80ee7911cd nixbld: disable jitsi
Jitsi is bloated and overly complex, and the NixOS package is too limited.
https://discourse.nixos.org/t/setting-up-authentication-on-a-jitsi-server/17549
2022-07-25 18:33:40 +08:00
66d7dd6efe nixbld: enable more fail2ban filters 2022-07-25 18:33:24 +08:00