nhnn
|
73cbdf994e
|
refactor: switch to upstream nixos kanidm module
|
2025-09-05 15:31:49 +03:00 |
|
nhnn
|
e6f369a823
|
fix: don't check logrotate config due to bug with hardened profile
|
2025-08-15 15:38:33 +03:00 |
|
nhnn
|
c218df50cb
|
feat: add rootPartition option to userdata
|
2025-07-23 18:16:16 +03:00 |
|
nhnn
|
30f4a10a97
|
fix: pin nix version at 2.26
|
2025-07-03 18:22:34 +03:00 |
|
nhnn
|
71c32f5ca6
|
fix: remove nix override
|
2025-07-03 18:22:29 +03:00 |
|
nhnn
|
854f515006
|
fix: old nix was removed
|
2025-07-03 18:22:17 +03:00 |
|
nhnn
|
14e8cf359d
|
fix: various kanidm, jitsi and general fixes
|
2025-07-03 18:22:16 +03:00 |
|
nhnn
|
eb29949a03
|
refactor: remove sudo
|
2025-07-03 18:22:07 +03:00 |
|
nhnn
|
5e985d0517
|
feat: conservative hardening options
|
2025-06-18 20:38:54 +03:00 |
|
Inex Code
|
43b8ee9726
|
fix: Downgrade nix version
|
2025-06-18 20:38:52 +03:00 |
|
Inex Code
|
9d5789bb44
|
fix: Use a newer nix version
|
2025-06-18 20:38:51 +03:00 |
|
nhnn
|
23f93f84d8
|
fix: remove repl-flake feature
|
2025-06-18 20:08:13 +03:00 |
|
nhnn
|
887b681f55
|
fix: switch to nix 2.26 so we can update to 25.05 without issues
|
2025-06-18 20:00:38 +03:00 |
|
nhnn
|
86233cac27
|
style: format tree
|
2025-06-18 19:53:44 +03:00 |
|
Inex Code
|
604c3caa44
|
chore: Prepare SSO branch for release
|
2025-04-25 15:08:38 +03:00 |
|
Alexander Tomokhov
|
5e3bb329bd
|
autoUpgrade: change hardcoded selfprivacy-nixos-config git ref to "sso"
|
2025-04-07 01:08:11 +04:00 |
|
nhnn
|
4dd08c942a
|
fix: disable root login using password
|
2025-03-28 21:35:40 +03:00 |
|
Inex Code
|
b571449efe
|
refactor: Disable SSH login using password
|
2025-03-28 17:08:09 +03:00 |
|
Alexander Tomokhov
|
8013f2e394
|
auth: module for easier integration of new services with Kanidm
- Forgejo is migrated to this module.
|
2025-03-21 16:40:18 +04:00 |
|
Inex Code
|
bf299b19b8
|
fix: Remove lib.mkForce from allowed ports as it prevents SP modules from opening required ports
|
2024-12-26 18:19:21 +03:00 |
|
Inex Code
|
cc553d5d64
|
fix: Remote fetcher used wrong path
|
2024-12-24 20:46:43 +03:00 |
|
Inex Code
|
e348a491b0
|
feat: PostgreSQL migration
|
2024-12-24 20:44:41 +03:00 |
|
Inex Code
|
cca51699ee
|
feat: Dynamic templating
|
2024-12-24 20:40:45 +03:00 |
|
Houkime
|
4b0dfcd23c
|
fix permissions
|
2024-10-04 15:03:42 +03:00 |
|
Houkime
|
321b079215
|
feature(backup): a dir to dump configs into
|
2024-10-04 15:03:42 +03:00 |
|
Inex Code
|
ccd59f628d
|
feat: Enable fail2ban
Closes #89
|
2024-10-02 16:54:13 +03:00 |
|
Alexander Tomokhov
|
cfbc5ce7fa
|
docs: provide and document a quick way to apply a change to nixpkgs (#90)
Only one way is documented, when a typical overlay for a single package is used, which brings its own dependencies from a given nixpkgs commit.
Co-authored-by: Alexander Tomokhov <alexoundos@gmail.com>
Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/pulls/90
Reviewed-by: Inex Code <inex.code@selfprivacy.org>
Co-authored-by: Alexander Tomokhov <alexoundos@selfprivacy.org>
Co-committed-by: Alexander Tomokhov <alexoundos@selfprivacy.org>
|
2024-08-16 13:55:12 +03:00 |
|
Inex Code
|
5218868b33
|
feat: Server monitroing, NixOS 24.05 (#84)
Co-authored-by: nhnn <nhnn@disroot.org>
Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/pulls/84
|
2024-07-30 19:19:06 +03:00 |
|
Inex Code
|
363d18421d
|
chore: Allow installing Forgejo 1.20
|
2024-07-01 19:33:18 +04:00 |
|
Inex Code
|
7dd4860735
|
fix: CVE CVE-2024-6387 workaround
|
2024-07-01 19:14:28 +04:00 |
|
Alexander Tomokhov
|
94d016e5f5
|
add script, which prints SP API token
|
2024-05-30 04:11:41 +04:00 |
|
Inex Code
|
a8aca42762
|
feat(ssh): Allow ecdsa-sha2-nistp256 keys
|
2024-01-19 03:01:20 +04:00 |
|
Alexander Tomokhov
|
643f7716ae
|
remove DOMAIN environment variable
|
2024-01-19 02:48:27 +04:00 |
|
Alexander Tomokhov
|
1e73c88547
|
uppercase config.selfprivacy.server.provider
|
2023-12-28 20:05:33 +04:00 |
|
Alexander Tomokhov
|
51f3f12640
|
system.autoUpgrade: no verbosity of nixos-rebuild
|
2023-12-28 13:28:46 +04:00 |
|
Alexander Tomokhov
|
a32613ece4
|
nixos-upgrade.serviceConfig.ExecCondition on /etc/nixos changes
|
2023-12-28 13:19:47 +04:00 |
|
Alexander Tomokhov
|
08aa0b9ffc
|
systemd.services.nixos-upgrade.serviceConfig.WorkingDirectory
|
2023-12-28 10:57:45 +04:00 |
|
Alexander Tomokhov
|
be45d3ed52
|
systemd.services.nixos-upgrade.serviceConfig.ExecStartPre
|
2023-12-28 10:42:58 +04:00 |
|
Alexander Tomokhov
|
cc78c2915f
|
remove channel option value from syustem.autoUpgrade
|
2023-12-28 02:07:46 +04:00 |
|
Alexander Tomokhov
|
23332cda46
|
add TODO about environment.variables.DOMAIN
|
2023-12-27 12:54:10 +04:00 |
|
Alexander Tomokhov
|
85f85239a3
|
do not set nix.package
|
2023-12-27 11:37:59 +04:00 |
|
Alexander Tomokhov
|
5bd15a768a
|
system.stateVersion: default or config.selfprivacy.stateVersion
|
2023-12-22 23:04:03 +04:00 |
|
Alexander Tomokhov
|
5aba990f95
|
move system.stateVersion back to userdata
|
2023-12-22 19:33:24 +04:00 |
|
Alexander Tomokhov
|
5cd12848cc
|
nix.channel.enable = false since we're on flakes
|
2023-12-20 17:43:46 +04:00 |
|
Alexander Tomokhov
|
d881cc8ce5
|
upgrade nixpkgs to NixOS 23.11
|
2023-12-18 18:44:18 +04:00 |
|
Alexander Tomokhov
|
83e8f6e8a1
|
get rid of files.nix; ACME/credentialsFile and other cleanup
|
2023-12-18 07:49:27 +04:00 |
|
Alexander Tomokhov
|
defaca8793
|
clean configuration; simple-nixos-mailserver is an ordinary SP module
|
2023-12-12 08:25:10 +04:00 |
|
Alexander Tomokhov
|
25bd151ef3
|
use lower case for config.selfprivacy.server.provider
|
2023-12-11 21:58:12 +04:00 |
|
Alexander Tomokhov
|
519ebbcb69
|
get rid of system argument; do not set nixpkgs.hostPlatform
|
2023-12-05 07:36:26 +04:00 |
|
Alexander Tomokhov
|
4c4aef5363
|
get system.stateVersion from "deployment" argument
|
2023-12-05 04:51:37 +04:00 |
|