1
0
Fork 0
Commit Graph

288 Commits

Author SHA1 Message Date
Sebastien Bourdeauducq 18a41e1c88 nixbld: work around for hydra input issues in restricted mode 2024-06-03 22:39:00 +08:00
Sébastien Bourdeauducq f07b292d3b nixbld: disallow user SSH keys 2024-06-02 14:10:10 +08:00
Sébastien Bourdeauducq bd6c61094f nixbld: update letsencrypt CAA URI
https://github.com/NixOS/nixpkgs/issues/316608
2024-06-02 13:50:48 +08:00
Sébastien Bourdeauducq cc0bf224df nixbld: install mpd 2024-06-02 13:50:24 +08:00
Sébastien Bourdeauducq 41aeae7b2d nixbld: update simple-nixos-mailserver 2024-06-02 12:59:47 +08:00
Sébastien Bourdeauducq 1eac9d249d nixbld: nixos 24.05 2024-06-02 12:52:17 +08:00
Sébastien Bourdeauducq c3d9b9a7a1 nixbld: small cleanup 2024-06-02 12:52:01 +08:00
Sebastien Bourdeauducq a22e270ac8 nixbld: replace deprecated gitea mailer setting 2024-05-28 11:44:55 +08:00
Sebastien Bourdeauducq 55cfda91e0 nixbld: fix nextcloud logging 2024-05-24 09:58:19 +08:00
Sebastien Bourdeauducq 543e9468cc nixbld: fix nextcloud opcache warning 2024-05-24 09:49:17 +08:00
Sebastien Bourdeauducq 6487eab3c7 nixbld: update nextcloud 2024-05-23 22:58:39 +08:00
Sebastien Bourdeauducq 96f7264258 nixbld: enable audio 2024-05-23 22:21:10 +08:00
Sebastien Bourdeauducq 6018eca294 nixbld: enable SSH X11 forwarding 2024-05-23 22:20:56 +08:00
Sébastien Bourdeauducq 4c7f35bc75 nixbld: allow routing between wifi and LAN 2024-05-06 10:57:33 +08:00
Sébastien Bourdeauducq 2cd3ae1337 nixbld: fix routing policy for wifi 2024-05-06 10:57:11 +08:00
Sébastien Bourdeauducq 7f1972fc9d nixbld: add backup IP to DNS 2024-05-06 10:44:54 +08:00
Sébastien Bourdeauducq 5729c4998a nixbld: add backup internet connection 2024-05-06 10:32:10 +08:00
Sébastien Bourdeauducq 60aacb6a1b nixbld: cleanup routing policy 2024-05-06 10:31:45 +08:00
Sébastien Bourdeauducq bfd5e0289a nixbld: enable indexing on perso.m-labs.hk 2024-05-06 09:48:16 +08:00
Sébastien Bourdeauducq 2c9be41ce4 Revert "nixbld: disable substituters"
NixOS bug festival

This reverts commit 5576b82d15.
2024-04-13 16:47:30 +08:00
Sébastien Bourdeauducq b1fc3914bf nixbld: update lp group 2024-04-12 09:40:40 +08:00
Sébastien Bourdeauducq 16fbcef5bf nixbld: add IP for new qnetp DNS slave 2024-04-12 09:40:17 +08:00
Sébastien Bourdeauducq bae360f4ca nixbld: update users 2024-04-10 11:40:16 +08:00
Sébastien Bourdeauducq 5576b82d15 nixbld: disable substituters 2024-04-05 12:51:33 +08:00
Sébastien Bourdeauducq 576087913a nixbld: remove sb from trusted users 2024-04-05 12:51:20 +08:00
Sébastien Bourdeauducq 22583c7f8e nixbld: enable network scanner 2024-01-23 17:35:29 +08:00
Sebastien Bourdeauducq f372bdb378 nixbld: add morgan account 2024-01-23 13:25:55 +08:00
Sébastien Bourdeauducq 82760bc05d backup: do not store on disk 2024-01-17 13:50:28 +08:00
Sébastien Bourdeauducq 139f6b3353 backup: skip 2023 mattermost files 2024-01-17 13:50:12 +08:00
Sebastien Bourdeauducq c01cea6f7a named: add CAA records everywhere, add IP for zynq board 2024-01-09 08:33:54 +08:00
Sebastien Bourdeauducq eddc77e026 nixbld: automatically build and set up netboot nixos installer 2024-01-07 19:13:27 +08:00
Sebastien Bourdeauducq 184936f4bc nixbld: remove munin 2023-12-16 13:55:31 +08:00
Sebastien Bourdeauducq b5d45edf79 nixbld: remove apparmor
setting up profiles remains a pain
2023-12-16 13:55:11 +08:00
Sebastien Bourdeauducq e7c1746832 nixbld: NixOS 23.11 2023-12-16 13:03:19 +08:00
Sebastien Bourdeauducq c34d9cc7cf nixbld: host malloctech email 2023-12-13 18:29:51 +08:00
Sebastien Bourdeauducq 9ca16a2677 nixbld: fix 193thz.com DNS zone 2023-12-13 18:27:46 +08:00
Sebastien Bourdeauducq e319c2f65c nixbld: enable armv7l-linux binfmt emulation 2023-12-12 17:23:05 +08:00
Sebastien Bourdeauducq e9801c8ca3 nixbld: fix hydra job name for msys2 nac3 packages 2023-11-25 17:24:33 +08:00
Sebastien Bourdeauducq 3cbd3f5bf3 nixbld: try ACME-CAA 2023-11-20 12:01:37 +08:00
Sebastien Bourdeauducq 351229b866 update sb key 2023-11-01 19:22:51 +08:00
Sebastien Bourdeauducq b10f158a48 nixbld: update CPU microcode 2023-09-29 11:53:48 +08:00
Sebastien Bourdeauducq 68333e5616 nixbld: add DNS entries for nasty-gareth.alt 2023-09-28 10:39:08 +08:00
Sebastien Bourdeauducq 656d4e1901 nixbld: add derppening user 2023-09-20 18:23:27 +08:00
Sebastien Bourdeauducq 60fe5a91de nixbld: backup 193THz.com 2023-09-06 18:39:17 +08:00
Sebastien Bourdeauducq e5257122b1 nixbld: host 193thz.com 2023-09-05 22:04:27 +08:00
Sebastien Bourdeauducq 522accf0a8 nixbld: fix sending email to altnet 2023-09-03 17:23:53 +08:00
Sebastien Bourdeauducq 6550ad5302 nixbld: debloat backups 2023-08-31 14:15:53 +08:00
Sebastien Bourdeauducq 4c9d96dae3 nixbld: add HP printer to firewall blocklist 2023-08-08 19:02:59 +08:00
Sebastien Bourdeauducq 9ebdb06699 nixbld: add dpn user 2023-08-04 19:45:44 +08:00
Sebastien Bourdeauducq 98072481e7 nixbld: add atse.alt.m-labs.hk 2023-08-04 17:11:36 +08:00
Sebastien Bourdeauducq c89551c610 nixbld: open strongswan ports 2023-07-15 14:23:06 +08:00
Sebastien Bourdeauducq 6ec5e436a2 nixbld: fix altnet routing 2023-07-13 18:25:05 +08:00
Sebastien Bourdeauducq 39a6ea69f6 nixbld: altnet setup 2023-07-13 13:56:10 +08:00
Sebastien Bourdeauducq c2c7e67549 nixbld: block zyxel cloud switch 2023-07-13 09:35:32 +08:00
Sebastien Bourdeauducq 4c62ba7f9d nixbld: block hikvision device 2023-07-12 17:41:05 +08:00
Sebastien Bourdeauducq 257c2dc432 nixbld: fix mysql backup auth 2023-07-07 17:29:24 +08:00
Sebastien Bourdeauducq e2c2dbbeeb nixbld: autostart iPXE HTTP boot 2023-07-02 16:31:25 +08:00
Sebastien Bourdeauducq a9ee77b9e8 nixbld: serve iPXE on LAN 2023-07-02 16:15:24 +08:00
Sebastien Bourdeauducq dbd20c6418 nixbld: update simple-nixos-mailserver 2023-06-13 10:54:20 +08:00
Sebastien Bourdeauducq 2227e816bc nixbld: update dnsmasq settings 2023-06-04 22:40:14 +08:00
Sebastien Bourdeauducq 6b35c751d8 nixbld: NixOS 23.05 compatibility 2023-06-02 17:36:05 +08:00
Sebastien Bourdeauducq d21c31aae5 nixbld: add esavkin to lp group 2023-05-31 18:11:18 +08:00
Sebastien Bourdeauducq f5837877d2 nixbld: increase nextcloud max upload size 2023-05-30 21:34:36 +08:00
Sebastien Bourdeauducq 77ba57e8fa disable X11 forwarding (replaced with waypipe) 2023-05-24 12:45:34 +08:00
Sebastien Bourdeauducq 5223d9fd89 afws: move more code into module file, use new reload mechanism 2023-04-08 17:49:03 +08:00
Sebastien Bourdeauducq 0640cfad04 nixbld: increase AFWS WebSocket timeout 2023-04-07 16:02:07 +08:00
Sebastien Bourdeauducq 6c6f11ed7d nixbld: set up ACME certificate for AFWS 2023-04-07 14:39:05 +08:00
Sebastien Bourdeauducq 0442916420 nixbld: afws websocket proxy settings 2023-04-05 13:37:35 +08:00
Sebastien Bourdeauducq c8c38f79c0 nixbld: set recommendedTlsSettings 2023-04-05 13:37:11 +08:00
Sebastien Bourdeauducq b7d9df794e nixbld: close legacy firewall ports 2023-04-05 12:42:42 +08:00
Sebastien Bourdeauducq 6d31b77f0e add .ph site 2023-03-23 15:22:25 +08:00
Sebastien Bourdeauducq ff37c5949e nixbld: add esavkin 2023-03-03 18:29:45 +08:00
Sebastien Bourdeauducq 8ea7b06218 remove therobs12 user 2023-02-16 11:55:29 +08:00
Sebastien Bourdeauducq c9f774d011 nixbld: install labelprinter 2023-02-10 18:26:12 +08:00
Sebastien Bourdeauducq 9babd68652 nixbld: give backupdl access to nextcloud 2023-01-31 15:41:15 +08:00
Sebastien Bourdeauducq b3f5f687aa nixbld: cleanup backupdl keys 2023-01-30 16:14:12 +08:00
Sebastien Bourdeauducq af27584100 nixbld: remove topquark12 user 2023-01-30 16:12:13 +08:00
Sebastien Bourdeauducq 4c7a2dfce3 nixbld: label printer permissions 2023-01-30 16:12:00 +08:00
Sebastien Bourdeauducq 30fa569bdc nixbld: block more insecure devices 2023-01-30 16:08:27 +08:00
Sebastien Bourdeauducq 9dee7c1888 nixbld: update backupdl key 2023-01-29 20:19:05 +08:00
Sebastien Bourdeauducq 0faa05aec3 nixbld: add back qnetp DNS 2023-01-29 18:29:16 +08:00
Sebastien Bourdeauducq 21a7d1c36e nixbld: update LAN AAAA records 2023-01-29 18:01:31 +08:00
Sebastien Bourdeauducq faff3a5eef nixbld: relocation 2023-01-29 12:11:31 +08:00
Sebastien Bourdeauducq 3210289ebf fix *.mil DNS lookups 2023-01-28 09:54:13 +08:00
Sebastien Bourdeauducq dd0ebf1c47 nixbld: move to he.net DNS 2023-01-27 14:48:14 +08:00
Sebastien Bourdeauducq 2c770e9929 nixbld: better workaround against crappy registrar without glue records
PCCW's static.imsbiz.com is wonky and not always available for all IPs, so stop using it.
2023-01-16 16:07:58 +08:00
Sebastien Bourdeauducq fb54880765 nixbld: start rt-fetchmail after dovecot 2023-01-04 11:54:30 +08:00
Sebastien Bourdeauducq ea0b7d6dc7 nixbld: enable POP3 2022-12-25 11:07:02 +08:00
Sebastien Bourdeauducq 3b224c56aa nixbld: ignore local IP for fail2ban 2022-12-24 15:42:35 +08:00
Sebastien Bourdeauducq 162ad28a52 hydra: allow eval from duke gitlab 2022-12-17 14:58:35 +08:00
Sebastien Bourdeauducq dbc9f4c68d remote setup 2022-12-10 19:17:22 +08:00
Sebastien Bourdeauducq 15d99bc68b nixbld: persist DNSSEC private key
https://github.com/NixOS/nixpkgs/issues/204391
2022-12-05 10:00:35 +08:00
Sebastien Bourdeauducq 70a7ce5d30 nixbld: remove obsolete ssh key 2022-12-03 17:14:23 +08:00
Sebastien Bourdeauducq 2af492e37e nixbld: NixOS 22.11 2022-12-03 16:29:32 +08:00
Sebastien Bourdeauducq 88dd1a5fc4 nixbld: update therobs shell 2022-11-11 17:58:10 +08:00
Sebastien Bourdeauducq cecda7e28b nixbld: update users 2022-11-11 17:46:10 +08:00
Sebastien Bourdeauducq 2d9b7767a6 nixbld: enable aarch64-linux binfmt emulation 2022-11-09 21:14:11 +08:00
Sebastien Bourdeauducq fb745a11e3 nixbld: new msys2 repos 2022-11-03 19:09:35 +08:00
Sebastien Bourdeauducq 0c8019516d nixbld: fix bind DNSSEC configuration for new version
https://gitlab.isc.org/isc-projects/bind9/-/issues/3554
2022-09-30 16:46:39 +08:00
Sebastien Bourdeauducq d2bfca1f25 nixbld: serve nmigen docs 2022-09-27 11:07:13 +08:00