Commit graph

345 commits

Author SHA1 Message Date
magic_rb 6ad7df336e
hela: fix patch to ifstate for interface -> netns movement
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-10-03 00:02:19 +02:00
magic_rb 4a9e00e8ea
hela: Fix MTU settings
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-10-03 00:02:03 +02:00
magic_rb dd9ccd548e
Partially revert "Update ifstate to the latest version"
This reverts commit 8cffa82a38.

Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-10-02 02:43:16 +02:00
magic_rb cf49a16c9e
hela: ifstate dsa.address to dsa.permaddr
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-10-02 02:38:24 +02:00
magic_rb 2bf58cabcf
hela: switch to stable nixpkgs
The really complex nftable rules I have seem to not work or worse, segfault with nftables 1.09 which is the version in
`nixpkgs-stable`. Therefore we need to pull in 1.10 from `nixpkgs-unstable` for now.

Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-10-02 02:36:47 +02:00
magic_rb 63d0544407
hela: allow forwarding from dmz
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-10-02 02:36:11 +02:00
magic_rb 9e5403d774
Get very initial AP up
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-09-20 22:00:22 +02:00
magic_rb 8cffa82a38
Update ifstate to the latest version
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-09-20 21:25:15 +02:00
magic_rb 933fdad596
Fix the MTU being incorrect.
some servers which send big packets, like `cache.nixos.org` would not be able to
respond without this change.

Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-09-20 21:24:20 +02:00
magic_rb 49fea0bdf2
Setup VSCode in ANP devbox
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-09-18 00:44:35 +02:00
magic_rb 8965d75a04
Setup ANP container
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-09-17 23:11:24 +02:00
magic_rb f8023c8d72
Omen things
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-09-11 21:03:03 +02:00
magic_rb 8298fd15fe
omen: bump NVidia proprietary and switch to 6.10 for nouveau
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-09-04 23:22:09 +02:00
magic_rb c234160635
Border router, hela
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-09-04 22:39:43 +02:00
magic_rb 0061de839c
Properly route through Forgejo's SSH port
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-08-17 20:44:44 +02:00
magic_rb 4435cdfec7
Move out custom kernels and uboots into overlays
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-08-14 22:21:42 +02:00
magic_rb e0cc1a7efe
Switch to NVidia open module on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-08-14 15:58:37 +02:00
magic_rb 1c47abb07f
Allow LUKS discards on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-08-14 15:58:25 +02:00
magic_rb 50db2c9279
Further inkbook efforts
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-08-14 15:58:02 +02:00
magic_rb 0055c2263a
Allow uk3s to contact Vault
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-08-14 15:57:30 +02:00
magic_rb 5f23a4ab6a
Add rclone secret module
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-29 15:26:52 +02:00
magic_rb 6b3ba18d70
Make buildbot-nix workers secret, actually secret, duh
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-24 21:31:21 +02:00
magic_rb 7a1a64d23b
Include percept in flake
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-24 21:28:12 +02:00
magic_rb 00c9628e81
Add tooling for image gallery manipulation
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-21 13:03:08 +02:00
magic_rb eed771ad4d
uk3s updates
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-16 21:49:22 +02:00
magic_rb 10da34a3ca
Update terranix config for uk3s-nix and terranix changes
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-16 20:41:59 +02:00
magic_rb 46780335bf
Buildbot changes
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-15 19:31:54 +02:00
magic_rb e055a1535e
Fix server firewall activatuon script not rolling back correctly
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-13 21:00:06 +02:00
magic_rb 87400566be
Move Gitea over to the kubernetes "cluster"
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-12 22:04:52 +02:00
magic_rb 4ee7e7dec7
change /mnt/cctv source
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-11 23:43:25 +02:00
magic_rb dc1c43ad3b
Way too many changes to notnft
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-11 21:54:36 +02:00
magic_rb 908d402da1
Update buildbot-nix config
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-10 20:43:04 +02:00
magic_rb 1abc226d21
Enable VR on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-03 21:18:39 +02:00
magic_rb 8a1fdd0ff8
Fix up nvidia specialization on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-03 21:18:06 +02:00
magic_rb 87f5861b4e
Persist more stuff on omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-07-03 21:17:43 +02:00
magic_rb cf97fd1553
Switch DNS provider
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-26 23:20:16 +02:00
magic_rb 304b89bfe0
server: remove microvm
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-26 23:20:05 +02:00
magic_rb dd304b8694
inkbook enablement work
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-25 22:29:39 +02:00
magic_rb eac01b655c
Account for nftables tables not existing on bootup
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-16 00:04:56 +02:00
magic_rb 5b2a0468ca
Add netboot-xyz to server and omen
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-15 23:57:54 +02:00
magic_rb 740c395a3f
buildbot-nix now uses attrTag, no need for enable
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-13 16:20:56 +02:00
magic_rb b161392f01
Setup nftables dropped traffic logging somewhat
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-08 22:52:12 +02:00
magic_rb aa32366c4a
Don't drop the firewall on failed nftables apply
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-08 22:51:58 +02:00
magic_rb c411594226
Forward port 8344 to uk3s ingress
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-08 22:51:31 +02:00
magic_rb 13d4ec7842
Import jimmy on startup
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-03 00:00:55 +02:00
magic_rb a599561e8e
Fix heater not having the correct HM profile applied
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-03 00:00:42 +02:00
magic_rb ae09808920
Fix toothpick not running on stable
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-03 00:00:33 +02:00
magic_rb 88722d14eb
Update non-core inputs
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-02 21:29:31 +02:00
magic_rb 2998847634
Bump core inputs, switch servers to nixpkgs-stable
Bumps `nixpkgs-unstable`, `nixpkgs-stable`, `home-manager-stable`, `home-manager-unstable`.

Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-02 20:47:34 +02:00
magic_rb 8312a14c53
Bump blowhole to nixos-24.05
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-06-02 17:26:00 +02:00