Commit graph

345 commits

Author SHA1 Message Date
magic_rb 1955d32b7c
Omen no longer needs weird NFS patch
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-20 09:59:06 +01:00
magic_rb 8cb85d620f Merge branch 'flake-update' 2023-11-19 23:18:38 +01:00
magic_rb e3312566ba
Clean up imports on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-19 12:30:53 +01:00
magic_rb 57087a3400
Add Hydra as a substituter
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-19 12:28:10 +01:00
magic_rb 2ca3b3f6d1
Apparently IWD doesn't do DHCP by default because who needs DHCP
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-19 12:26:10 +01:00
magic_rb 82369662a4 Remove boot.loader.grub.version on toothpick as it does nothing
Signed-off-by: magic_rb <richard@brezak.sk>
2023-11-18 13:55:50 +01:00
magic_rb 0d37adfb9b Disable scripted DHCP on omen completely
Signed-off-by: magic_rb <richard@brezak.sk>
2023-11-18 13:55:50 +01:00
magic_rb eba5c967ca Add NixOS state version for omen microvm
Signed-off-by: magic_rb <richard@brezak.sk>
2023-11-18 13:55:50 +01:00
magic_rb 705eeea37d Fix deprecated usage of nix.allowedUsers on altra
Signed-off-by: magic_rb <richard@brezak.sk>
2023-11-18 13:55:15 +01:00
magic_rb 37af8fca1e Update state version on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-11-18 13:55:15 +01:00
magic_rb 26b1be45a2 Fix incorrect usages of getExe
Signed-off-by: magic_rb <richard@brezak.sk>
2023-11-18 13:55:15 +01:00
magic_rb e8a2007a29
Rip out Matlab
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-03 20:23:05 +01:00
magic_rb c54d257319
Make use of /nix/tmp on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-03 20:12:56 +01:00
magic_rb 366e2c34a3
Apply kernel patch for NFSv4 SELinux issue
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-03 20:12:03 +01:00
magic_rb fd97d611f6
Fix usage of rolling_datasets on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-03 20:11:43 +01:00
magic_rb 2b11913dc9
Better pin zigbee dongle serial device
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-23 23:30:38 +02:00
magic_rb 671aff30e4
Delete ical2org completely
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-22 16:56:31 +02:00
magic_rb e59817b20f
Persist more stuff on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-22 00:34:04 +02:00
magic_rb 880ffeec87
Fix evaluation without secrets
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-21 17:46:17 +02:00
magic_rb 23c7002368
Mount old versions of home on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-18 14:30:17 +02:00
magic_rb 60622f12cc
Add hledger to omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-16 14:57:43 +02:00
magic_rb 9e3c0ff11f
Fix path to secrets on altra
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-10 14:11:58 +02:00
magic_rb ec32e1c1a9
Add rolling_dataset overlay to omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:50:25 +02:00
magic_rb cf4e2472cd
Add experimental numen stuff into omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:49:56 +02:00
magic_rb 9549ef1003
Pin interface to specific name in microvm-extras
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:49:16 +02:00
magic_rb 05cf178c7a
Assign default values to service attrs in microvm-extras
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:48:54 +02:00
magic_rb c16147f323
Don't include containers in microvm-extras for now
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:48:39 +02:00
magic_rb 6175d518ce
Fix bug in notnftables where dontFlush wasn't being respected
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:48:01 +02:00
magic_rb 52d2b22844
Use path instead of export in nftables service on blowhole
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:47:29 +02:00
magic_rb ca4775b49e
Move firewall and test microvm out into seperate files on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:45:51 +02:00
magic_rb 985d7ea696
Switch the dhcp server on blowhole to kea
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:44:42 +02:00
magic_rb f59ae5dc71
Make use of rolling_datasets on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:43:51 +02:00
magic_rb 85db381a7e
Fixup altra's mountpoints
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:40:28 +02:00
magic_rb e49ef5e713
Disable monitoring on blowhole
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:29:46 +02:00
magic_rb efeb5579db
Persist .password-store on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 20:59:19 +02:00
magic_rb 8db1c182ef
Update blowhole
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 15:45:26 +02:00
magic_rb b8f01a4d15
Persist more things on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-06 15:07:13 +02:00
magic_rb 40245f35ca
Update flake
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-06 15:01:20 +02:00
MagicRB 5490245849
Persist mre stuff, mostly caches
Signed-off-by: MagicRB <richard@brezak.sk>
2023-10-04 00:08:03 +02:00
MagicRB d9161d3b7d
Persist SchildiChat
Signed-off-by: MagicRB <richard@brezak.sk>
2023-10-03 23:49:15 +02:00
MagicRB 245e6d891b
Matlab, ew, stuff
Signed-off-by: MagicRB <richard@brezak.sk>
2023-10-03 23:49:04 +02:00
MagicRB 260a917558
Add omen impermenance
Signed-off-by: MagicRB <richard@brezak.sk>
2023-10-03 16:55:14 +02:00
Magic_RB 580fec0979
Update flake.lock
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-28 14:42:44 +02:00
Magic_RB 34bb23c67f
Initial implementation of microvm-extras
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-28 10:31:25 +02:00
Magic_RB 6a36890077
Add matlab...
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-16 16:42:21 +02:00
Magic_RB 61bab3a8bf
Fix backup issue on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-16 16:41:41 +02:00
Magic_RB 9d390511eb
Auto mount second sdcard too
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-16 16:41:21 +02:00
Magic_RB 9b371b8662
Add InfluxDB provisioning script
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-03 18:03:00 +02:00
Magic_RB 410b6c0838
Expose some services to semi wan
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-02 23:19:01 +02:00
Magic_RB 5f9b37a2ca
Add a ~s0ix~ test script to the ~liveusb~ system
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-02 16:43:44 +02:00
Magic_RB 36120abf6b
Update filesystems for omen
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-02 16:43:30 +02:00
Magic_RB fd2ce42d15
Setup grok parsing for apache and nginx
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-28 20:06:11 +02:00
Magic_RB b7cdd44967
Increase dnscrypt-proxy cache size to 32768
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-28 14:34:00 +02:00
Magic_RB 9268fe52af
Allow more ports for synapse-proxy apache
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-28 00:23:33 +02:00
Magic_RB 6bb313137b
Allow more workers for synapse-proxy apache
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-28 00:23:16 +02:00
Magic_RB 16d3d01c23
Tune dnscrypt-proxy2 a tiny bit
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-28 00:22:54 +02:00
Magic_RB fabd23d92d
Fix dns zone for in.redalder.org
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-27 22:36:47 +02:00
Magic_RB 3dd66e0a9b
Add altra to DNS
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-27 21:04:21 +02:00
Magic_RB 6a4cbd9e81
Add nvidia-offload command to omen
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-27 21:02:56 +02:00
Magic_RB 023be90378
Add gamescope, mangohud globally to common steam config
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-27 21:00:44 +02:00
Magic_RB 6099b301cd
Fixup altra http proxy for synapse
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-27 21:00:09 +02:00
Magic_RB 262a2fba32
Setup wireguard on altra
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-27 20:58:53 +02:00
Magic_RB f79b6fea76
Attempt to setup a forward proxy with nginx on altra
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-26 22:09:05 +02:00
Magic_RB bd556bcc11
Reduce watchdog reboot time to 3 minutes
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-20 12:35:50 +02:00
Magic_RB 369b6ddadf
Enable Serial over Lan on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-20 12:35:34 +02:00
Magic_RB d27a09b0ab
Enable connecting to blowhole over IPMI on gooseberry
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-19 01:50:41 +02:00
Magic_RB 5d516e080b Add new Minecraft modules and containers
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-19 00:37:47 +02:00
Magic_RB 74d928eb7e
Add gooseberry
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-18 20:40:57 +02:00
Magic_RB 0f0ebf822a
Fix wrong interface on nomad on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-18 11:47:43 +02:00
Magic_RB c763d66183
Enable docker compat for podman on omen
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-18 11:45:37 +02:00
Magic_RB 686582722c
Fix wrong mount for vault on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-18 11:45:01 +02:00
Magic_RB 361e6b2065
Add ipmi_watchdog to blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-18 11:44:48 +02:00
Magic_RB cbc32aef09
Disable wlan on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-18 11:44:27 +02:00
Magic_RB f0cf4e1a54
Move Consul and Vault onto ZFS on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-10 23:36:07 +02:00
Magic_RB a5075271b4
Update inputs
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-10 23:35:56 +02:00
Magic_RB 9bc92124ed
Adjust firewall on blowhole to new motherboard
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-09 23:54:19 +02:00
Magic_RB de00d86dc4
Accept wireguard on the WAN interface
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-09 23:44:15 +02:00
Magic_RB 365fd41adc
Add gamescope and mangohud directly into steams FHSEnv
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-09 23:43:50 +02:00
Magic_RB 005cfe5eb1
Disable hostapd on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 21:53:17 +02:00
Magic_RB a64b46e61a
Make vault-agent not freak out on failed service restarts
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 21:52:45 +02:00
Magic_RB 06d8b381c4
Remove udp2tcp
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:46:42 +02:00
Magic_RB eb1dc094f1
More Wireguard
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:45:27 +02:00
Magic_RB 39742dc4a2
Mark camera mount as nofail
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:25:51 +02:00
Magic_RB e73ff8a96a
Remove wacky NAS mounts, they're handled by ZFS natively now
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:25:16 +02:00
Magic_RB 8cfde06cdd
Switch jellyfin to a host volume and add new share for media
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:25:00 +02:00
Magic_RB 004cfb039b
Harden blowhole agains sealed Vault
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:23:08 +02:00
Magic_RB 8b2321dde4
Reenable emulated systems on omen
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:22:27 +02:00
Magic_RB a96f79171a
Fix bluetooth not working on omen properly
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:22:11 +02:00
Magic_RB b0eaa7929d
Wireguard
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:21:54 +02:00
Magic_RB 090684d8f5
Enable xdg-desktop-portal, required by newer versions of Steam
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:21:19 +02:00
Magic_RB 8fb752ae01
Initial altra configuration
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:17:17 +02:00
Magic_RB b1cafd8f81
Fix Docker DNS on toothpick
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-22 17:19:47 +02:00
Magic_RB 134082a1da
Fix mainsail http path
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-19 02:40:50 +02:00
Magic_RB 9c0c892050
Fix blowhole nomad network
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-19 02:05:35 +02:00
Magic_RB c38b7e1918
Allow communication between containers
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-19 01:10:07 +02:00
Magic_RB ca2f480255
Fix incorrect flake host
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-19 00:55:05 +02:00
Magic_RB 637dc2877f
Permit unsupported envoy version
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-19 00:30:07 +02:00
Magic_RB de385c1d60
Fix nomad on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-18 23:20:10 +02:00
Magic_RB 64db0229c0
Fix failed evaluation without secrets in blowhole/firewall.nix
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-18 20:08:35 +02:00
Magic_RB 3b5a09f9cb
Enable the extension of lib
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-18 20:07:47 +02:00