ahuston-0/nix-dotfiles
1
0
Fork 0
Code Issues Pull Requests 4 Actions Packages Projects Releases Wiki Activity
283 Commits 12 Branches 0 Tags
Commit Graph

283 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alice Huston
5d2f5934f8 Add pre-commit-update hook, make nixpkgs-fmt check only (#40) 
* Add pre-commit-update hook, make nixpkgs-fmt check only

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Pin pre-commit-update at commit ID of latest version

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

---------

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-01-15 13:18:56 -05:00
Richie Cahill
5af2c60bdb Securing jeevesjr (#39) 
* secured openssh

* removing MaxSessions

* setup endlessh

* set openssh logging to VERBOSE

* fix

* got MaxSessions working

* set ClientAliveCountMax

* setup usbguard

* updated central openssh settings

* added sysstat service

* add auditd

* testing lynis setting

* fixed typo

* setup login.defs

* removed login.defs

* updated ChallengeResponseAuthentication to no

* made LogLevel a Default

Co-authored-by: Dennis <52411861+DerDennisOP@users.noreply.github.com>

---------

Co-authored-by: Dennis <52411861+DerDennisOP@users.noreply.github.com>
 2024-01-13 22:20:01 -05:00
Dennis
fb4039022d Mail secrets update (#38) 
* secrets update

* mail server update
 2024-01-13 18:19:32 +01:00
Dennis
4a228aca5b Firewall change (#37) 
* secrets update

* change firewall
 2024-01-13 16:49:09 +01:00
Dennis
9ba3d31e09 secrets update (#36) 2024-01-13 16:17:13 +01:00
Dennis
26112d1f22 remove gitea http (#35) 2024-01-10 22:52:39 +01:00
Alice Huston
fb3128b5ae Disable podman, fix topgrade config (#34) 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-01-09 11:11:00 -05:00
Dennis
307e6a48ab add networking pingLimit (#33) 2024-01-09 17:09:29 +01:00
Dennis
d7f026b05b add endlessh-go autometic setup (#32) 2024-01-09 16:21:22 +01:00
Alice Huston
a05be0f2d3 Fix topgrade config :( (#31) 
There should be a top-level MISC for topgrade.toml.

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-01-08 22:54:43 -05:00
Alice Huston
962baa4e64 Disable system,nix updates from Topgrade (#29) 
Topgrade is upgrading from local instead of remote, and throws an error
when it tries to upgrade nix. Disabling these checks.

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-01-08 19:11:33 -05:00
Dennis Wuitz
93ce3a6de3 changed ssh port 2024-01-08 19:16:20 +01:00
Dennis
26c79c3b75 Security changes (#28) 
* mail client setup

* change ssh port
 2024-01-08 17:59:25 +01:00
Dennis
26917d53cd mail client setup (#27) 2024-01-08 16:24:53 +01:00
Richie Cahill
6e239a8e90 creating groups for sops.yaml (#25) 
* creating groups for sops.yaml
I used yaml anchors
https://en.wikipedia.org/wiki/YAML#Advanced_components
I also ran the redhat YAML formater

* fixed typo
 2024-01-07 16:57:42 -05:00
Richie Cahill
4abf1a806e Adding zeroteir to jeeves jr (#26) 
* added test.* to .gitignore

* adding zerotier to jeeves-jr

* added comments to .gitignore
 2024-01-07 16:28:09 -05:00
Richie Cahill
9c58bc47c4 Adding packages (#24) 
* adding-packages

* removed TODO

* removed usbutils and     speedtest-cli
 2024-01-06 17:08:43 -05:00
Dennis
a06e3d7347 change ldap search user pass (#23) 2024-01-04 21:07:38 +01:00
Alice Huston
fb2f9253b6 update secrets (#22) 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-01-03 18:05:53 -05:00
Dennis
deb454af8d quckfix (#21) 2024-01-03 23:02:36 +01:00
Dennis
ad29c68aea Move gitea (#20) 
* formatting

* update

* add mailserver

* flake update

* update ldap password

* update ldap password

* update ldap password

* recreate database
 2024-01-03 22:17:22 +01:00
Alice Huston
ec7a51f254 Add smartmontools to global program list, alice config changes (#19) 
* Update ssh keys, home-manager packages

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Add smartmontools to the global program list

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Fix formatting

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

---------

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-01-03 22:08:16 +01:00
Dennis
ef51f72e8c Feature email server (#18) 
* formatting

* update

* add mailserver

* flake update

* update ldap password

* update ldap password

* update ldap password
 2024-01-03 13:42:14 +01:00
Dennis
3963808c78 Feature email server (#17) 
* formatting

* update

* add mailserver

* flake update

* update ldap password

* update ldap password
 2024-01-03 13:40:13 +01:00
Dennis
73dd4211dd Feature email server (#16) 
* formatting

* update

* add mailserver

* flake update

* update ldap password
 2024-01-03 13:36:43 +01:00
Dennis
502902c833 Feature email server (#15) 
* formatting

* update

* add mailserver

* flake update

* update ldap password
 2024-01-02 17:07:32 +01:00
Dennis
db67a9d7e5 Feature email server (#14) 
* formatting

* update

* add mailserver

* flake update
 2024-01-02 16:30:08 +01:00
Alice Huston
477b4cf466 Add autopull service for testing & pre-commit-hooks (#4) 
* configure programs for photon

* sops fix

* Add flake-update-service for testing

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Add sops config

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* add photon password

* Fix user password

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* actually fix user config

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* change password for user dennis

* removed user password

* fixed yaml secrets

* yaml is silly, fix my yamls pls

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* quickfix

* Enforce systemdboot on palatine-hill

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* reconfigure photon

* Fix ZFS config on palatine-hill

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Fix systemd-boot on palatine-hill

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* sops update-keys

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Fix botched merge

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Add custom ssh command

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Fix option name, add package dependency

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Fix option name, add dependency

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* ssh-key path to str

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Fix git command

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Set up nixpkgs.fmt

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Allow autopull to trigger a rebuild

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Revert triggerRebuild on palatine-hill, add clarifying comment

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Attempt pre-commit hooks

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Increase pull frequency

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Fix duplicate flake-utils url

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Add fmt hook

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* add nix-flake-check hook

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Remove unnecessary flake-utils import by name

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Trying to setup inputs for nix-pre-commit

Co-authored-by: Dennis <52411861+DerDennisOP@users.noreply.github.com>

* Fixing input with flake inputs

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* make autopull service default and fix flake check hook

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Remove pre-commit-config.yml from gitignore

that decision seems to be something from one of my previous attempts at
this. Given that the config is needed for this to work it only makes
sense to have it.

/.pre-commit-config.yaml
/.pre-commit-config.yaml

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

* Rollback previous commit. yml file is a softlink

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>

---------

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
Co-authored-by: Dennis Wuitz <dennish@wuitz.de>
Co-authored-by: Dennis <52411861+DerDennisOP@users.noreply.github.com>
 2024-01-01 12:41:32 -05:00
Dennis
d5bd40ed67 gitea ldap connection (#13) 
* gitea ldap connection

* name change
 2024-01-01 16:38:17 +01:00
Alice Huston
67bc474739 Fix found for docker haproxy. Removing haproxy from nix config (#12) 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2024-01-01 01:19:19 -05:00
Dennis
5cba7f18da Feature gitea ldap (#11) 
* configure gitea with ldap

* used default config
 2023-12-31 06:16:49 +01:00
Dennis
6c992805c8 bitwarden secret (#10) 2023-12-30 17:31:59 +01:00
Dennis
bc6744911d Wordpress (#8) 
* add wordpress module

* update secrets
 2023-12-30 17:25:48 +01:00
Dennis
85ab0e229e add patch feature (#6) 
* add patch feature

* refactor
 2023-12-30 17:18:25 +01:00
Dennis
5835291841 add wordpress module (#7) 2023-12-30 17:18:13 +01:00
Dennis Wuitz
8d36eb6381 quickfix 2023-12-29 21:35:33 +01:00
Richie Cahill
96f8203cb4 Merge pull request #5 from RAD-Development/jeeves-jr 
Seting up Jeeves jr
 2023-12-29 15:25:11 -05:00
Richie Cahill
55b37120ec added zpool name 2023-12-29 15:02:48 -05:00
Dennis Wuitz
91e3cb92b5 update secrets 2023-12-29 21:01:19 +01:00
Dennis Wuitz
51e8302c29 add fail2ban 2023-12-29 20:54:12 +01:00
Richie Cahill
4d336ef7a3 removed invaled pool name 2023-12-29 14:48:16 -05:00
ahuston-0
4b93a75b05 add instructions 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2023-12-29 14:25:01 -05:00
ahuston-0
522b663fdf update keys 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2023-12-29 14:23:01 -05:00
Richie Cahill
fbf7a9c3c4 added secrets.yaml fro richie 2023-12-29 14:18:27 -05:00
Richie Cahill
60e12e0aaa added richie.asc 2023-12-29 14:07:14 -05:00
Richie Cahill
097cfa3f7d updated .sops.yaml 2023-12-29 13:53:36 -05:00
Richie Cahill
60442534f2 added hardware.nix 2023-12-29 13:46:49 -05:00
Richie Cahill
066a9f134e added jeeves-jr constructSystem and richie user 2023-12-29 13:32:20 -05:00
Richie Cahill
66fca9da44 made configuration.nix for jeeves-jr 2023-12-29 13:23:05 -05:00
ahuston-0
774bd99550 Fix hostkeys, zfs autoscrub service 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
 2023-12-29 11:42:31 -05:00