dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
670 Commits 2 Branches 1 Tag 8.7 MiB
master
Commit Graph

479 Commits

Author SHA1 Message Date
Jack O'Sullivan
8300e49b00 nixos/estuary: Fix BIRD2 startup / route export to kernel 2022-10-08 21:13:16 +01:00
Jack O'Sullivan
401401f6bc nixos/estuary: Add BGP4 and export routes to kernel 2022-10-08 20:20:10 +01:00
Jack O'Sullivan
176e603f19 nixos/colony: Fix estuary waiting for ConnectX-2 2022-10-07 20:26:23 +01:00
Jack O'Sullivan
fcc99a92e9 nixos/estuary: Add initial BIRD2 config 2022-10-06 22:12:30 +01:00
Jack O'Sullivan
e8d6a702e6 nixos/colony: Initial (attempt at) switch to ColoClue 2022-10-06 19:03:29 +01:00
Jack O'Sullivan
89e39ca2e2 nixos/tower: Kernel fix to 5.19.14 and power improvements 2022-10-06 11:57:12 +01:00
Jack O'Sullivan
4f6256d08d nixos/common: Make Nix daemon's TMPDIR /nix/tmp 2022-10-06 11:57:12 +01:00
Jack O'Sullivan
fdee5ae879 nixos/server: Disable system gui module 2022-10-06 11:57:12 +01:00
Jack O'Sullivan
d9b0ba2e6e Remove nix-cache.nul.ie for now 2022-10-06 11:57:06 +01:00
Jack O'Sullivan
4fda577040 nixos/middleman: Add default nginx pages 2022-10-03 22:39:35 +01:00
Jack O'Sullivan
ccb6be84b5 Add screenshot support 2022-09-09 18:57:14 +01:00
Jack O'Sullivan
5d04f72d00 nixos/gui: Add fonts 2022-09-09 17:47:27 +01:00
Jack O'Sullivan
b0054f36d5 nixos/tower: Disable DNSSEC 2022-09-09 17:42:12 +01:00
Jack O'Sullivan
4b4eaa8dcc nixos/tower: Set bootloader timeout to 10 seconds 2022-09-09 17:39:59 +01:00
Jack O'Sullivan
5203b9ad98 nixos/tower: Enable doas fingerprint auth 2022-09-09 14:25:39 +01:00
Jack O'Sullivan
09ddeecf4f nixos/tower: Enable TLP 2022-09-09 14:16:05 +01:00
Jack O'Sullivan
37b0526524 nixos/tower: Enable bluez 2022-09-09 14:11:34 +01:00
Jack O'Sullivan
edfe38591b devshell: Use nixos-rebuild instead of calling config directly 2022-09-09 14:11:01 +01:00
Jack O'Sullivan
5157ca2541 Further configs for tower 2022-09-09 01:04:25 +01:00
Jack O'Sullivan
64847d5e8e Add initial config for tower 2022-09-08 20:31:44 +01:00
Jack O'Sullivan
3b55a1fa67 nixos/whale2/valheim: Fix volume names 2022-08-01 23:07:24 +01:00
Jack O'Sullivan
ca8ad4c043 nixos/whale2: Add Valheim server 😳 2022-08-01 22:55:59 +01:00
Jack O'Sullivan
9750bc5052 Add OCI container VM 2022-08-01 17:50:52 +01:00
Jack O'Sullivan
def3d440d0 nixos/chatterbox: Add Heisenbridge 2022-07-22 00:45:25 +01:00
Jack O'Sullivan
cf053a3f32 home-manager/common: Use nixpkgs flake for pkgs in Nix registry 2022-07-21 11:47:27 +01:00
Jack O'Sullivan
eef2b0bf8d nixos/shill: Implement basic GC for Nix cache 2022-07-17 02:58:59 +01:00
Jack O'Sullivan
940aa6145f Fix missing key for cache.nixos.org 2022-07-17 02:56:26 +01:00
Jack O'Sullivan
b2e06a626c nixos/estuary: bandwidth.py tab to space 2022-07-17 02:31:14 +01:00
Jack O'Sullivan
dfe714b964 nixos/shill: Don't use own cache 2022-07-16 21:33:07 +01:00
Jack O'Sullivan
963eeee391 nixos/estuary: Override nix-cache.nul.ie to not hairpin via Cloudflare 2022-07-16 21:32:46 +01:00
Jack O'Sullivan
1b67ac1da0 Add custom Nix cache to Nix configs 2022-07-16 21:04:11 +01:00
Jack O'Sullivan
0ca615a389 nixos: Add Hercules CI and Nix cache 2022-07-16 21:03:52 +01:00
Jack O'Sullivan
accb14721d nixos/shill: Add MinIO container 2022-07-16 15:01:15 +01:00
Jack O'Sullivan
408177adb3 nixos/estuary: Implement 95% bandwidth limiter 2022-07-10 23:27:57 +01:00
Jack O'Sullivan
e240b9a54e nixos/estuary: Implement bandwidth limiting 2022-07-10 19:12:16 +01:00
Jack O'Sullivan
ee7b79c686 nixos/shill: Remove some network sysctls 2022-07-10 18:16:51 +01:00
Jack O'Sullivan
17b0f9e3de nixos/chatterbox: Production config 2022-07-10 18:16:35 +01:00
Jack O'Sullivan
f6c5a726de nixos/estuary: Use ndisc6 instead of ping for keepalive thing 2022-07-10 16:18:20 +01:00
Jack O'Sullivan
c68a48eb34 nixos/middleman: Switch Sonarr, Radarr, Jackett and torrents to prod 2022-07-10 13:07:02 +01:00
Jack O'Sullivan
5795a04634 nixos/middleman: Switch jackflix away from test 2022-07-08 21:40:59 +01:00
Jack O'Sullivan
d12fc982f6 nixos/estuary: Add ping service to keep router happy for IPv6 2022-07-07 23:49:22 +01:00
Jack O'Sullivan
31561867f5 nixos/jackflix: Add speed limits for Transmission 2022-07-07 23:05:39 +01:00
Jack O'Sullivan
b6f9403d11 nixos/estuary: Set up HE DNS for slave of reverse IPv6 2022-07-07 15:25:52 +01:00
Jack O'Sullivan
4bf1fba7c5 nixos/estuary: Make authoritative for whole IPv6 prefix 2022-07-07 15:01:14 +01:00
Jack O'Sullivan
f71ead2bde nixos/estuary: Disable link-local addressing on WAN 2022-07-06 20:51:51 +01:00
Jack O'Sullivan
414fa50b30 nixos/colony: Fix wan dependencies for estuary 2022-07-01 02:30:29 +01:00
Jack O'Sullivan
2e63a56dd4 nixos/chatterbox: Disable Matrix server for now 2022-07-01 01:38:20 +01:00
Jack O'Sullivan
2effd928d7 nixos/estuary: Fix pdns forward-zones 2022-07-01 01:15:45 +01:00
Jack O'Sullivan
4fd6330274 nixos: Production network configuration 2022-07-01 01:07:38 +01:00
Jack O'Sullivan
a92358f28b nixos: Add VM TAP FD, use real WAN (via macvtap) and fix deps 2022-06-30 23:16:02 +01:00
Jack O'Sullivan
0310da9227 nixos/vms: Add more parameters for PCIe passthrough 2022-06-30 00:50:50 +01:00
Jack O'Sullivan
8ec6804f80 Slight installer improvements 2022-06-30 00:49:23 +01:00
Jack O'Sullivan
9a9e58bc1a nixos/colony-psql: Real hardware config 2022-06-19 17:55:09 +01:00
Jack O'Sullivan
ca191f5c67 nixos/colony: Ignore IPMI VCCM alert 2022-06-19 14:07:27 +01:00
Jack O'Sullivan
47a34b6dec nixos/colony: Fix hyperthreading in VMs 2022-06-19 13:11:20 +01:00
Jack O'Sullivan
7234d2c96f nixos/vms: Fix QEMU attempting to execute netdev downscript 2022-06-19 13:10:55 +01:00
Jack O'Sullivan
75ce0a5ba9 nixos/jackflix: Real hardware config 2022-06-19 01:23:18 +01:00
Jack O'Sullivan
e194f5c6e6 nixos/estuary: Don't bother giving secrets new names 2022-06-18 23:25:00 +01:00
Jack O'Sullivan
661233344c nixos/vaultwarden: Real hardware config 2022-06-18 23:22:44 +01:00
Jack O'Sullivan
45ffefc328 nixos/colony: Log smartd data for Netdata 2022-06-18 03:38:04 +01:00
Jack O'Sullivan
803db12e31 nixos/middleman: Real hardware config 2022-06-18 03:28:09 +01:00
Jack O'Sullivan
128accbade nixos/vms: Make drives a list (for ordering) 2022-06-18 03:06:01 +01:00
Jack O'Sullivan
6971048268 nixos/shill: Real hardware config 2022-06-18 02:56:05 +01:00
Jack O'Sullivan
e27008c182 nixos/vms: Add -boot options 2022-06-18 02:55:08 +01:00
Jack O'Sullivan
49e80e0ce0 nixos/estuary: Re-organise secrets 2022-06-18 02:26:27 +01:00
Jack O'Sullivan
8c57e77382 nixos/estuary: Add iperf3 2022-06-18 02:13:54 +01:00
Jack O'Sullivan
6512669071 nixos/colony: Extra hardware bits 2022-06-18 02:13:37 +01:00
Jack O'Sullivan
c59c911e2f nixos/tmproot: Persist Nix cache 2022-06-17 23:15:39 +01:00
Jack O'Sullivan
2998dc7bff nixos/common: Disable command-not-found by default 2022-06-17 22:56:22 +01:00
Jack O'Sullivan
f744f77732 Fix pkgs ref in home-manager / NixOS registry.json 2022-06-17 22:48:47 +01:00
Jack O'Sullivan
c8e5859eb5 nixos/colony: Add AMD microcode 2022-06-17 22:26:51 +01:00
Jack O'Sullivan
2c3ca62965 nixos/vms: Add vm-tty utility inside host 2022-06-17 01:53:10 +01:00
Jack O'Sullivan
f6e04a0d6b nixos/installer: Add extra utils 2022-06-17 01:52:50 +01:00
Jack O'Sullivan
f2e5707c6a nixos/estuary: Real hardware config 2022-06-17 01:50:10 +01:00
Jack O'Sullivan
36d81cb656 nixos/colony: Configure for real hardware 2022-06-17 00:54:28 +01:00
Jack O'Sullivan
29ffec5de7 nixos/build: Add kexec build 2022-06-16 22:01:34 +01:00
Jack O'Sullivan
45b9c8b74b nixos/colony-psql: Add Netdata 2022-06-13 02:14:18 +01:00
Jack O'Sullivan
b886f06ea2 nixos/common: Fix netdata's python.d not working 2022-06-13 02:13:50 +01:00
Jack O'Sullivan
6958e86c94 nixos/chatterbox: Add Netdata 2022-06-13 01:12:01 +01:00
Jack O'Sullivan
25dd48b795 Fix bugs related to mismatched / missing nix 2022-06-12 23:21:57 +01:00
Jack O'Sullivan
8b807caf5a nixos/installer: Customise ISO a bit 2022-06-12 23:20:56 +01:00
Jack O'Sullivan
ed7679c96a nixos/common: Fix Netdata missing systemd units 2022-06-12 20:29:54 +01:00
Jack O'Sullivan
fa3ebb0319 nixos/common: Monitor systemd units with Netdata 2022-06-12 20:20:28 +01:00
Jack O'Sullivan
e846c4404e nixos/estuary: Add PowerDNS recursor Netdata monitoring 2022-06-12 19:37:52 +01:00
Jack O'Sullivan
e0f9d50713 nixos/estuary: Add PowerDNS auth Netdata monitoring 2022-06-12 18:57:00 +01:00
Jack O'Sullivan
6ae99062fd nixos/middleman: Add nginx netdata monitoring 2022-06-12 18:23:35 +01:00
Jack O'Sullivan
f01fa8f6b1 nixos/common: Add netdata to system when enabled 2022-06-12 17:54:00 +01:00
Jack O'Sullivan
f38c5872a4 nixos: Improve inner firewalls 2022-06-12 17:33:33 +01:00
Jack O'Sullivan
c0ca7888aa nixos: Add Netdata 2022-06-12 17:27:11 +01:00
Jack O'Sullivan
f99eb399dc nixos/jackflix: Add Sonarr 2022-06-12 15:17:35 +01:00
Jack O'Sullivan
e52518259c nixos/jackflix: Add Jellyfin 2022-06-12 14:56:44 +01:00
Jack O'Sullivan
7e5c051bfc nixos/jackflix: Improve firewall 2022-06-12 14:03:44 +01:00
Jack O'Sullivan
46c9aa655a nixos/jackflix: Bind Jackett and Transmission to vpn 2022-06-12 13:00:24 +01:00
Jack O'Sullivan
3be78c45f6 nixos/jackflix: Make gid for media fixed 2022-06-12 13:00:03 +01:00
Jack O'Sullivan
4ceba60918 nixos/containers: Fix users and group revival 2022-06-12 12:51:47 +01:00
Jack O'Sullivan
86fffdcc8d nixos/secrets: Change runtime directory 2022-06-12 11:45:21 +01:00
Jack O'Sullivan
fe9825fa05 nixos/nginx-sso: Disable by default 2022-06-12 11:39:53 +01:00
Jack O'Sullivan
f9206d68d0 nixos/jackflix: Add Transmission 2022-06-12 02:40:57 +01:00
Jack O'Sullivan
87fbd63c46 nixos/jackflix: Add Jackett and Radarr 2022-06-12 01:40:57 +01:00
Jack O'Sullivan
26d2608a66 nixos/middleman: Add simple auth 2022-06-12 01:00:26 +01:00
Jack O'Sullivan
0b8b6fccc8 nixos/middleman: Add nginx-sso 2022-06-12 00:31:08 +01:00
Jack O'Sullivan
7dc6b5df8c nixos: Initial jackflix container 2022-06-11 19:13:20 +01:00
Jack O'Sullivan
d2deabc6b2 nixos/deploy-rs: Start container if not running on deploy 2022-06-11 17:04:38 +01:00
Jack O'Sullivan
502b96996a nixos/colony: Increase shill resources 2022-06-11 16:42:00 +01:00
Jack O'Sullivan
1f51a3ec08 nixos: Check for duplicate assignments 2022-06-11 16:33:32 +01:00
Jack O'Sullivan
58b2c6d8c5 nixos/containers: Fix agenix being broken with no dev key 2022-06-11 01:33:56 +01:00
Jack O'Sullivan
106698b53e nixos/middleman: Working Matrix 2022-06-11 01:20:32 +01:00
Jack O'Sullivan
ffdff3d403 nixos/tmproot: Ignore /persist symlinks whose targets don't exist 2022-06-10 23:42:20 +01:00
Jack O'Sullivan
3085df1710 nixos: Initial Synapse 2022-06-10 23:25:55 +01:00
Jack O'Sullivan
3edb54fef6 nixos/deploy-rs: Show container unit log while deploying 2022-06-10 22:14:42 +01:00
Jack O'Sullivan
30c8913c08 nixos/estuary: Generate DNS records for non-default interfaces 2022-06-10 20:42:13 +01:00
Jack O'Sullivan
68f6942bda nixos/estuary: Fix IPv6 PTR generated records 2022-06-07 14:04:41 +01:00
Jack O'Sullivan
646b582984 nixos/shill: Add postgres container 2022-06-06 17:52:36 +01:00
Jack O'Sullivan
3ec00b60f5 nixos/middleman: Add element-web 2022-06-06 17:10:53 +01:00
Jack O'Sullivan
da22c4d12f nixos/middleman: Split vhosts into separate file 2022-06-06 16:17:33 +01:00
Jack O'Sullivan
4c2019299c nixos: Disk layout cleanup 2022-06-06 15:53:57 +01:00
Jack O'Sullivan
6d3fa55a10 nixos/network: Backport systemd-networkd-wait-online@.service from 251 2022-06-06 15:21:37 +01:00
Jack O'Sullivan
2037dca766 nixos/pdns: Fix file records content with spaces 2022-06-06 14:17:19 +01:00
Jack O'Sullivan
57f3bbe794 nixos/pdns: Move file records into module 2022-06-06 14:11:52 +01:00
Jack O'Sullivan
daa4ed45f5 nixos/estuary: Fix pdns-file-records clobbering .dat ownership 2022-06-06 13:48:03 +01:00
Jack O'Sullivan
77eaaf52c7 nixos: Remove containers from global deploy list 2022-06-06 13:25:05 +01:00
Jack O'Sullivan
796e1582a3 nixos/common: Add automatic Nix store GC 2022-06-06 13:24:46 +01:00
Jack O'Sullivan
88d0701689 nixos/deploy-rs: Delete old generations on deployment 2022-06-06 13:09:31 +01:00
Jack O'Sullivan
d2826ec1f4 nixos/middleman: Add config for Vaultwarden 2022-06-06 01:38:26 +01:00
Jack O'Sullivan
ffeb333bbc nixos/middleman: Let's Encrypt for main domain 2022-06-06 01:17:19 +01:00
Jack O'Sullivan
60b2b6ec80 nixos/middleman: Working HTTPS 2022-06-06 00:57:11 +01:00
Jack O'Sullivan
7da7458a34 nixos: Working ACME certs 2022-06-06 00:19:31 +01:00
Jack O'Sullivan
b472f4fe2e nixos/estuary: Add Lua file-based DNS records 2022-06-06 00:19:31 +01:00
Jack O'Sullivan
42a3ce22af nixos/middleman: Improve basic nginx configuration 2022-06-06 00:19:23 +01:00
Jack O'Sullivan
276ccc8015 nixos/estuary: Update IP address 2022-06-05 16:41:57 +01:00
Jack O'Sullivan
4e36748154 nixos: Add domain to assignments 2022-06-05 16:40:44 +01:00
Jack O'Sullivan
fd4fcdc2a4 nixos: Add wildcard reverse DNS 2022-06-05 16:21:24 +01:00
Jack O'Sullivan
575561a330 nixos: Avoid hardcoding any IP prefixes 2022-05-31 21:58:29 +01:00
Jack O'Sullivan
11dbc01ba0 Add initial nginx container 2022-05-31 21:25:51 +01:00
Jack O'Sullivan
62c00b8b22 nixos/estuary: Make public IP be internal assignment 2022-05-29 15:48:26 +01:00
Jack O'Sullivan
baed6f24f6 nixos: Improve VM networking 2022-05-29 15:22:49 +01:00
Jack O'Sullivan
00493bf30f nixos: Add working container VM (w/ vaultwarden) 
Also improve IPv6 addressing / routing
 2022-05-29 03:30:40 +01:00
Jack O'Sullivan
38e8827487 nixos: Move colony VMs into subdirectory 2022-05-28 23:10:29 +01:00
Jack O'Sullivan
e6e4a1d38e nixos: Test setup with public networking 2022-05-28 22:59:50 +01:00
Jack O'Sullivan
32421f7af1 nixos/firewall: Fixes for NAT and IPv6 2022-05-28 21:50:26 +01:00
Jack O'Sullivan
4660406120 nixos/user: Load password from secret 2022-05-28 19:02:13 +01:00
Jack O'Sullivan
c841b37f19 Move NixOS and home-manager stable to 22.05 2022-05-28 18:38:03 +01:00
Jack O'Sullivan
64def7f564 nixos: Tweak networking and prepare for more VMs 2022-05-28 15:34:50 +01:00
Jack O'Sullivan
dc69948112 nixos: Minor tweaks 2022-05-28 13:57:13 +01:00
Jack O'Sullivan
98fbbbd1e2 nixos/estuary: Implement recursive DNS 2022-05-23 00:57:25 +01:00
Jack O'Sullivan
1789d11927 nixos: Add auth DNS module (and serving from estuary) 2022-05-22 23:24:57 +01:00
Jack O'Sullivan
b504f11c6b nixos: Internal network tidying 2022-05-18 23:29:52 +01:00
Jack O'Sullivan
0a5a554ab3 nixos: Attempt to get LLDP working 2022-05-18 22:52:42 +01:00
Jack O'Sullivan
89928a8fee nixos/colony: Hopefully fix estuary attempting to start early 2022-05-18 20:57:26 +01:00
Jack O'Sullivan
498888aad0 nixos: Reworked network assignments 2022-05-17 23:27:14 +01:00
Jack O'Sullivan
009dec03cf Initial networking VM 
Also general improvements around VMs
 2022-05-16 00:05:02 +01:00
Jack O'Sullivan
5563d1be46 nixos/vms: Add UUID and MAC address options 2022-05-12 21:20:37 +01:00
Jack O'Sullivan
b3862a129a nixos/vms: Implement clean shutdown 2022-05-07 19:56:47 +01:00
Jack O'Sullivan
a907ae428f nixos/vms: Add disk support 2022-05-07 17:27:12 +01:00
Jack O'Sullivan
1a61c9e1b2 Update nixpkgs and home-manager 
And fix weird nixpkgs config behaviour
 2022-05-07 15:12:29 +01:00
Jack O'Sullivan
39f8e65f74 nixos: Add initial QEMU-based VM module 2022-05-02 20:40:33 +01:00
Jack O'Sullivan
5290c78b06 nixos/modules/containers: Remove host bridge config 2022-05-02 20:40:33 +01:00
Jack O'Sullivan
6bc27ac4db nixos/containers: Add hot reload on deploy 2022-04-18 15:46:38 +01:00
Jack O'Sullivan
91e3e55077 nixos: Fix secrets in containers 2022-04-18 15:34:08 +01:00
Jack O'Sullivan
a817c7e23a nixos/containers: Don't rm /etc/machine-id on activation 2022-04-18 11:14:35 +01:00
Jack O'Sullivan
0a5d9a809b nixos/containers: Restart systemd-nspawn@ unit when .nspawn file changes 2022-04-04 18:18:01 +01:00
Jack O'Sullivan
19dcdcfa30 Initial custom systemd-nspawn based containers rewrite 2022-04-04 18:18:01 +01:00
Jack O'Sullivan
67114c1336 Implement initial containers module 2022-03-26 14:20:54 +00:00
Jack O'Sullivan
fcad909111 Add secrets support to dev VMs 2022-02-22 01:30:27 +00:00
Jack O'Sullivan
8c61cea30d Add secret support 2022-02-22 00:59:57 +00:00
Jack O'Sullivan
953770f339 Re-enable installer documentation 2022-02-21 01:15:27 +00:00
Jack O'Sullivan
132e5c239c nixos/boxes/colony: Disable DHCP in dev VM 2022-02-21 00:37:09 +00:00
Jack O'Sullivan
9d2272b3df Use fish instead of bash as default shell 2022-02-20 23:55:51 +00:00
Jack O'Sullivan
c258230d74 Modularise deploy-rs and add home-manager configs 2022-02-20 20:16:49 +00:00
Jack O'Sullivan
15b10f22cf Update inputs and disable kmscon 2022-02-20 16:10:57 +00:00
Jack O'Sullivan
26ab49d91c Modularise NixOS and home-manager configs 2022-02-20 15:59:07 +00:00
Jack O'Sullivan
31d21e7870 Make devshell commands to run command builds 2022-02-19 23:57:20 +00:00
Jack O'Sullivan
17e4feb542 Extract default user to separate module 2022-02-19 23:37:12 +00:00
Jack O'Sullivan
7537cf4205 Functioning installation 2022-02-19 22:55:53 +00:00
Jack O'Sullivan
ac0d2bc001 Add checks 2022-02-17 20:50:53 +00:00
Jack O'Sullivan
22c878bb69 Fix dev VM networking 2022-02-17 19:14:10 +00:00
Jack O'Sullivan
778f635542 nixos/modules/firewall: Inherit networking.firewall.allowed*Ports 2022-02-17 17:08:25 +00:00
Jack O'Sullivan
21ce843a8f Use nixos-unstable nixVersions.stable as nix package 2022-02-17 15:59:00 +00:00
Jack O'Sullivan
c0414cd062 Add initial installer 2022-02-17 15:47:24 +00:00