Commit graph

470 commits

Author SHA1 Message Date
magic_rb
1ea62e80e2
Fix up klipper
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-01-22 00:44:41 +01:00
magic_rb
d925c68f58
Add service to deploy home-assistant pyscript scripts
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-01-22 00:44:17 +01:00
magic_rb
b7d82b950c
Disable vault agent kodi mount
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-01-22 00:43:34 +01:00
magic_rb
b71e57e8af
Disable specialisations for omen, makes eval too long
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-01-20 22:59:44 +01:00
magic_rb
843047ea40
Fixed wrongly picked changes in omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-01-18 21:13:36 +01:00
magic_rb
f111b87b14
Statically pin podman default network subnet on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-01-18 14:10:57 +01:00
magic_rb
53e7c51b94
Restore podman iptable rules after nftable restart on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-01-18 14:09:59 +01:00
magic_rb
97d1ff5896
Remormat notnft module
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-01-18 13:16:00 +01:00
magic_rb
82774bc978
Add start stop hooks to notnftables
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-01-18 13:15:30 +01:00
magic_rb
39d36d5457
Add ssh-remote-access
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-12-30 19:42:55 +01:00
magic_rb
97ea6ffe4a
Disable CAP_SYS_NICE hack for steam
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-12-24 17:02:07 +01:00
magic_rb
9413748603
Add no-nvidia and nouveau specialization on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-12-24 17:01:41 +01:00
magic_rb
69eb47c2a1
Add PrismLauncher to impermenance on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-12-24 17:01:15 +01:00
magic_rb
e9f0b6b896
Add time to login notifications
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-12-23 20:18:30 +01:00
magic_rb
6331357b45
Add login notify module
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-12-23 20:01:59 +01:00
magic_rb
680004abdf
Unblock altra ZFS version
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-12-10 16:01:50 +01:00
magic_rb
ffed2f4fd0
Fix XDG portal selection
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-12-10 16:01:32 +01:00
magic_rb
843357e9ab
Bump altra's kernel to latest
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-12-10 15:28:28 +01:00
magic_rb
1d39c23d0b
Bump toothpicks kernel to latest
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-12-10 15:28:06 +01:00
magic_rb
ad6a5f6784
Add disk monitoring to blowhole
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-12-03 20:00:10 +01:00
magic_rb
b284c90451
Finally get gamescope working properly in Steam
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-25 17:59:48 +01:00
magic_rb
89afaf89c1
Disable a thing in ZFS which can cause file corruption
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-25 17:59:27 +01:00
magic_rb
0ca5e9e4aa
Fix creation of /dev/ttyZigbee on blowhole
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-25 17:50:38 +01:00
magic_rb
15908ba927
Give gamescope cap_sys_nice so it can renice itself
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-25 17:49:53 +01:00
magic_rb
52faaea7ac
Add output sync config for omen (works REALLY badly f you NVidia)
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-24 15:24:06 +01:00
magic_rb
1955d32b7c
Omen no longer needs weird NFS patch
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-20 09:59:06 +01:00
magic_rb
8cb85d620f Merge branch 'flake-update' 2023-11-19 23:18:38 +01:00
magic_rb
e3312566ba
Clean up imports on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-19 12:30:53 +01:00
magic_rb
57087a3400
Add Hydra as a substituter
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-19 12:28:10 +01:00
magic_rb
2ca3b3f6d1
Apparently IWD doesn't do DHCP by default because who needs DHCP
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-19 12:26:10 +01:00
82369662a4 Remove boot.loader.grub.version on toothpick as it does nothing
Signed-off-by: magic_rb <richard@brezak.sk>
2023-11-18 13:55:50 +01:00
0d37adfb9b Disable scripted DHCP on omen completely
Signed-off-by: magic_rb <richard@brezak.sk>
2023-11-18 13:55:50 +01:00
eba5c967ca Add NixOS state version for omen microvm
Signed-off-by: magic_rb <richard@brezak.sk>
2023-11-18 13:55:50 +01:00
705eeea37d Fix deprecated usage of nix.allowedUsers on altra
Signed-off-by: magic_rb <richard@brezak.sk>
2023-11-18 13:55:15 +01:00
37af8fca1e Update state version on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-11-18 13:55:15 +01:00
26b1be45a2 Fix incorrect usages of getExe
Signed-off-by: magic_rb <richard@brezak.sk>
2023-11-18 13:55:15 +01:00
magic_rb
e8a2007a29
Rip out Matlab
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-03 20:23:05 +01:00
magic_rb
c54d257319
Make use of /nix/tmp on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-03 20:12:56 +01:00
magic_rb
366e2c34a3
Apply kernel patch for NFSv4 SELinux issue
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-03 20:12:03 +01:00
magic_rb
fd97d611f6
Fix usage of rolling_datasets on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2023-11-03 20:11:43 +01:00
2b11913dc9
Better pin zigbee dongle serial device
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-23 23:30:38 +02:00
671aff30e4
Delete ical2org completely
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-22 16:56:31 +02:00
e59817b20f
Persist more stuff on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-22 00:34:04 +02:00
880ffeec87
Fix evaluation without secrets
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-21 17:46:17 +02:00
23c7002368
Mount old versions of home on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-18 14:30:17 +02:00
60622f12cc
Add hledger to omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-16 14:57:43 +02:00
9e3c0ff11f
Fix path to secrets on altra
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-10 14:11:58 +02:00
ec32e1c1a9
Add rolling_dataset overlay to omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:50:25 +02:00
cf4e2472cd
Add experimental numen stuff into omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:49:56 +02:00
9549ef1003
Pin interface to specific name in microvm-extras
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:49:16 +02:00
05cf178c7a
Assign default values to service attrs in microvm-extras
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:48:54 +02:00
c16147f323
Don't include containers in microvm-extras for now
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:48:39 +02:00
6175d518ce
Fix bug in notnftables where dontFlush wasn't being respected
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:48:01 +02:00
52d2b22844
Use path instead of export in nftables service on blowhole
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:47:29 +02:00
ca4775b49e
Move firewall and test microvm out into seperate files on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:45:51 +02:00
985d7ea696
Switch the dhcp server on blowhole to kea
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:44:42 +02:00
f59ae5dc71
Make use of rolling_datasets on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:43:51 +02:00
85db381a7e
Fixup altra's mountpoints
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:40:28 +02:00
e49ef5e713
Disable monitoring on blowhole
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 22:29:46 +02:00
efeb5579db
Persist .password-store on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 20:59:19 +02:00
8db1c182ef
Update blowhole
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-07 15:45:26 +02:00
b8f01a4d15
Persist more things on omen
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-06 15:07:13 +02:00
40245f35ca
Update flake
Signed-off-by: magic_rb <richard@brezak.sk>
2023-10-06 15:01:20 +02:00
5490245849
Persist mre stuff, mostly caches
Signed-off-by: MagicRB <richard@brezak.sk>
2023-10-04 00:08:03 +02:00
d9161d3b7d
Persist SchildiChat
Signed-off-by: MagicRB <richard@brezak.sk>
2023-10-03 23:49:15 +02:00
245e6d891b
Matlab, ew, stuff
Signed-off-by: MagicRB <richard@brezak.sk>
2023-10-03 23:49:04 +02:00
260a917558
Add omen impermenance
Signed-off-by: MagicRB <richard@brezak.sk>
2023-10-03 16:55:14 +02:00
Magic_RB
580fec0979
Update flake.lock
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-28 14:42:44 +02:00
Magic_RB
34bb23c67f
Initial implementation of microvm-extras
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-28 10:31:25 +02:00
Magic_RB
6a36890077
Add matlab...
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-16 16:42:21 +02:00
Magic_RB
61bab3a8bf
Fix backup issue on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-16 16:41:41 +02:00
Magic_RB
9d390511eb
Auto mount second sdcard too
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-16 16:41:21 +02:00
Magic_RB
9b371b8662
Add InfluxDB provisioning script
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-03 18:03:00 +02:00
Magic_RB
410b6c0838
Expose some services to semi wan
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-02 23:19:01 +02:00
Magic_RB
5f9b37a2ca
Add a ~s0ix~ test script to the ~liveusb~ system
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-02 16:43:44 +02:00
Magic_RB
36120abf6b
Update filesystems for omen
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-09-02 16:43:30 +02:00
Magic_RB
fd2ce42d15
Setup grok parsing for apache and nginx
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-28 20:06:11 +02:00
Magic_RB
b7cdd44967
Increase dnscrypt-proxy cache size to 32768
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-28 14:34:00 +02:00
Magic_RB
9268fe52af
Allow more ports for synapse-proxy apache
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-28 00:23:33 +02:00
Magic_RB
6bb313137b
Allow more workers for synapse-proxy apache
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-28 00:23:16 +02:00
Magic_RB
16d3d01c23
Tune dnscrypt-proxy2 a tiny bit
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-28 00:22:54 +02:00
Magic_RB
fabd23d92d
Fix dns zone for in.redalder.org
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-27 22:36:47 +02:00
Magic_RB
3dd66e0a9b
Add altra to DNS
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-27 21:04:21 +02:00
Magic_RB
6a4cbd9e81
Add nvidia-offload command to omen
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-27 21:02:56 +02:00
Magic_RB
023be90378
Add gamescope, mangohud globally to common steam config
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-27 21:00:44 +02:00
Magic_RB
6099b301cd
Fixup altra http proxy for synapse
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-27 21:00:09 +02:00
Magic_RB
262a2fba32
Setup wireguard on altra
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-27 20:58:53 +02:00
Magic_RB
f79b6fea76
Attempt to setup a forward proxy with nginx on altra
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-26 22:09:05 +02:00
Magic_RB
bd556bcc11
Reduce watchdog reboot time to 3 minutes
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-20 12:35:50 +02:00
Magic_RB
369b6ddadf
Enable Serial over Lan on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-20 12:35:34 +02:00
Magic_RB
d27a09b0ab
Enable connecting to blowhole over IPMI on gooseberry
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-19 01:50:41 +02:00
Magic_RB
5d516e080b Add new Minecraft modules and containers
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-19 00:37:47 +02:00
Magic_RB
74d928eb7e
Add gooseberry
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-18 20:40:57 +02:00
Magic_RB
0f0ebf822a
Fix wrong interface on nomad on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-18 11:47:43 +02:00
Magic_RB
c763d66183
Enable docker compat for podman on omen
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-18 11:45:37 +02:00
Magic_RB
686582722c
Fix wrong mount for vault on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-18 11:45:01 +02:00
Magic_RB
361e6b2065
Add ipmi_watchdog to blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-18 11:44:48 +02:00
Magic_RB
cbc32aef09
Disable wlan on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-18 11:44:27 +02:00
Magic_RB
f0cf4e1a54
Move Consul and Vault onto ZFS on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-10 23:36:07 +02:00
Magic_RB
a5075271b4
Update inputs
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-10 23:35:56 +02:00
Magic_RB
9bc92124ed
Adjust firewall on blowhole to new motherboard
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-09 23:54:19 +02:00
Magic_RB
de00d86dc4
Accept wireguard on the WAN interface
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-09 23:44:15 +02:00
Magic_RB
365fd41adc
Add gamescope and mangohud directly into steams FHSEnv
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-07-09 23:43:50 +02:00
Magic_RB
005cfe5eb1
Disable hostapd on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 21:53:17 +02:00
Magic_RB
a64b46e61a
Make vault-agent not freak out on failed service restarts
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 21:52:45 +02:00
Magic_RB
06d8b381c4
Remove udp2tcp
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:46:42 +02:00
Magic_RB
eb1dc094f1
More Wireguard
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:45:27 +02:00
Magic_RB
39742dc4a2
Mark camera mount as nofail
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:25:51 +02:00
Magic_RB
e73ff8a96a
Remove wacky NAS mounts, they're handled by ZFS natively now
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:25:16 +02:00
Magic_RB
8cfde06cdd
Switch jellyfin to a host volume and add new share for media
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:25:00 +02:00
Magic_RB
004cfb039b
Harden blowhole agains sealed Vault
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:23:08 +02:00
Magic_RB
8b2321dde4
Reenable emulated systems on omen
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:22:27 +02:00
Magic_RB
a96f79171a
Fix bluetooth not working on omen properly
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:22:11 +02:00
Magic_RB
b0eaa7929d
Wireguard
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:21:54 +02:00
Magic_RB
090684d8f5
Enable xdg-desktop-portal, required by newer versions of Steam
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:21:19 +02:00
Magic_RB
8fb752ae01
Initial altra configuration
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-28 14:17:17 +02:00
Magic_RB
b1cafd8f81
Fix Docker DNS on toothpick
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-22 17:19:47 +02:00
Magic_RB
134082a1da
Fix mainsail http path
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-19 02:40:50 +02:00
Magic_RB
9c0c892050
Fix blowhole nomad network
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-19 02:05:35 +02:00
Magic_RB
c38b7e1918
Allow communication between containers
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-19 01:10:07 +02:00
Magic_RB
ca2f480255
Fix incorrect flake host
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-19 00:55:05 +02:00
Magic_RB
637dc2877f
Permit unsupported envoy version
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-19 00:30:07 +02:00
Magic_RB
de385c1d60
Fix nomad on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-18 23:20:10 +02:00
Magic_RB
64db0229c0
Fix failed evaluation without secrets in blowhole/firewall.nix
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-18 20:08:35 +02:00
Magic_RB
3b5a09f9cb
Enable the extension of lib
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-18 20:07:47 +02:00
Magic_RB
fed32ecfca Possibly functional blowhole configuration
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-16 16:08:09 +02:00
Magic_RB
519d7b3841
Fill out omen, toothpick and heater
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-16 16:08:01 +02:00
Magic_RB
b673fb12c1
Clean out the repository
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-06-10 10:34:14 +02:00
Magic_RB
dfed19f455
Enable wireplumber
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-28 19:09:04 +02:00
Magic_RB
8ce216d3f3
Add second DoH endpoint to proxy
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-28 16:14:30 +02:00
Magic_RB
6fdfe3511a
Rename stubby to dnscrypt-proxy2 in nftables comment on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-28 12:51:14 +02:00
Magic_RB
1b63b0aa1a
Allow containers in Nomad to reach Nomad
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-28 12:50:39 +02:00
Magic_RB
6bab5c1707
Switch out stubby for dnscrypt-proxy2
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-28 12:48:13 +02:00
Magic_RB
2b707885ab
Fixup klipper container
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-28 12:47:48 +02:00
Magic_RB
602b194cf8
Fix restarting of monitoring proxies by vault-agent
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-28 12:47:20 +02:00
Magic_RB
6f2ed9250a
Fix vault-agent restart on blowhole breaking klipper
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-28 12:46:56 +02:00
Magic_RB
a34b2e3c7b
Reenable primeOffload on omen
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-28 12:46:43 +02:00
Magic_RB
d8dce01fc1
Add nomad and matrix to internal DNS
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-28 12:46:27 +02:00
Magic_RB
937479dbba
xorg: reenable primeSync on nvidia and enable disableWhileTyping
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-28 12:45:57 +02:00
Magic_RB
556ecef190
Switch omen's kernel
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-28 12:45:25 +02:00
Magic_RB
9bd3b12c4a
Increase watchdog times on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-03 12:12:47 +02:00
Magic_RB
eaa22d8e4c
Take logs from Docker
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-03 12:12:13 +02:00
Magic_RB
9a50d57305
Include extra labels in Docker from Nomad
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-03 12:11:43 +02:00
Magic_RB
0adf0a25f2
Fixop provisioning support in Grafana module
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-02 14:45:05 +02:00
Magic_RB
59f2848e1b
Add non reload option to envoy
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-02 14:44:42 +02:00
Magic_RB
460b4e1ddc
Add amd support to xorg module
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-02 14:44:29 +02:00
Magic_RB
afa6ce6247
Fix hostapd mac address passwords
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-02 14:44:15 +02:00
Magic_RB
19fb889ade
Enable fwupd and emergency on omen
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-02 14:44:07 +02:00
Magic_RB
30ba25f277
Enable InfluxDB provider and provision Grafana
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-05-02 14:41:55 +02:00
Magic_RB
0804d717fc
consul on blowhole change loglevel go INFO
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-23 23:23:06 +02:00
Magic_RB
22a76d6274
Fix klipper envoy tokens on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-16 11:57:22 +02:00
Magic_RB
a4dc73f311
Repin nixpkgs for hashicorp things
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-16 11:47:53 +02:00
Magic_RB
eec8f409d6
Don't block outgoing DoT traffic, iifname doesn't work in output
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-04 00:41:25 +02:00
Magic_RB
d2374ad9f6
Revert "Add codespace container"
This reverts commit 48066a7e0d.

Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 18:40:20 +02:00
Magic_RB
48066a7e0d
Add codespace container
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 18:37:57 +02:00
Magic_RB
41874fde15
Disable NVidia modeset on omen as it causes failed suspends
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 18:06:16 +02:00
Magic_RB
8e3b1fc69d
Add monitoring container PoC
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 17:54:35 +02:00
Magic_RB
a38cad8913
Add more GPG related things to recovery USB
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 17:45:43 +02:00
Magic_RB
8b5c787b8a
Move klipper into NixOS container
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 17:45:14 +02:00
Magic_RB
dfe57b87da
Fix hostapd with per mac address psk
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 13:23:10 +02:00
Magic_RB
0a356cb01a
Update mark to be RAIDed on ZFS
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 12:41:58 +02:00
Magic_RB
f8bbdc9a54
Use tf in blowhole uterranix config
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 02:12:16 +02:00
Magic_RB
cdc6d1b263
Use nixpkgs-hashicorp for vault and vault-agent
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 02:11:08 +02:00
Magic_RB
566db22374
Fix internal nomad interface on toothpick to wg
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 01:35:33 +02:00
Magic_RB
283ef1c1be
Improve hashicorp-envoy module
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 01:35:18 +02:00
Magic_RB
48920aae1a
Set password for root user
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 01:33:45 +02:00
Magic_RB
ba73eb214f
Switch nixinate host to domain for blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 01:33:20 +02:00
Magic_RB
0bd739cab7
Add watchdog to blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 01:32:57 +02:00
Magic_RB
0328cac478
Fix ipv6 issues on blowhole which break adb
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 01:32:36 +02:00
Magic_RB
661c32b1fe
Remove 25565 from allowed ports on deck
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 01:32:01 +02:00
Magic_RB
a55613fefa
Add tmpfiles configuration to hashicorp-vault-agent on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 01:31:37 +02:00
Magic_RB
807f776c35
Add new uterranix config
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 01:29:47 +02:00
Magic_RB
1877d128b3
Add domain for influx
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 01:28:33 +02:00
Magic_RB
0bd14910e3
Fix consul and nomad reload on toothpick
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 01:28:14 +02:00
Magic_RB
3f7585af77
Use specific nixpkgs pin for Hashicorp stuff
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-04-03 01:26:58 +02:00
Magic_RB
2fffbad037
minor formatting
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-03-28 12:26:21 +02:00
Magic_RB
eae03c9699
fix DNS
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-03-28 00:06:49 +02:00
Magic_RB
8bbce49068
Disable Serokell cache temporarily
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-03-10 00:16:55 +01:00
Magic_RB
00773af3d3
Add option to disable hot restart support in envoy
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-03-07 23:40:00 +01:00
Magic_RB
5532262053
Fix telegraf module
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-03-07 23:36:15 +01:00
Magic_RB
dd2a8accba
Redo envoy module to be standalone
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-03-07 23:36:02 +01:00
Magic_RB
27f1978d23
Make module imports in blowhole relative
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-03-06 00:32:20 +01:00
Magic_RB
25a8e23045
Add new public modules: grafana, envoy, telegraf
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-03-06 00:31:31 +01:00
Magic_RB
bbe1a2a6ad
Move secrets templates out of vault-agent module
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-03-06 00:30:29 +01:00
Magic_RB
f39cea90f2
add dontUseConfig to hashicorp for config less things
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-03-06 00:29:58 +01:00
Magic_RB
abad79541e
Simplify DNS zones
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-03-06 00:29:03 +01:00
Magic_RB
e16e3fb2f5
Rebind omen key again according to upstream
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-26 15:41:58 +01:00
Magic_RB
a0a3ae2656
Get rid off the wireguard RestartSec hack
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-19 01:11:03 +01:00
Magic_RB
f923362537
Update inputs
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-19 01:03:49 +01:00
Magic_RB
ceb38b807f
omen: fix network manager dispatcher scripts
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-16 14:47:04 +01:00
Magic_RB
084eb2edb6
fixup network mounting on omen
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-16 14:46:20 +01:00
Magic_RB
648e6cf8c1
basic hostap config
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-14 20:18:11 +01:00
Magic_RB
87d0a38d52
switch from antiquotation in roots to concatanation
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-14 15:28:51 +01:00
Magic_RB
dac0d1a8da
Update the kernel on blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-10 00:34:17 +01:00
Magic_RB
b9056bc6c1
omen: mount the volumes exported from blowhole
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-10 00:32:41 +01:00
Magic_RB
2942198a6f
Disable NVidia params on omen to increase stability
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-10 00:32:13 +01:00
Magic_RB
5643d663cd
Allow mounting certain shares from omen
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-10 00:31:50 +01:00
Magic_RB
45df9165a1
Increase file limit for nfs-mountd
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-10 00:31:23 +01:00
Magic_RB
dd50adb45f
Switch to the 4port intel NIC
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-10 00:30:41 +01:00
Magic_RB
328c8b472c
Implement udp2tcp on/off based on WiFi network name
Signed-off-by: Magic_RB <magic_rb@redalder.org>
2023-02-05 17:26:35 +01:00