79ae0d7fef
nix/pkgs/baserow/web-frontend: fix
...
We need to use openssl-legacy-provider to fix an issue with OpenSSL 3.x,
because Webpack (or Nuxt?) need to use deprecated hashes.
2022-11-09 00:35:09 +00:00
b03bf3ea87
baserow: drop mjml-tcpserver
2022-11-02 02:08:52 +00:00
f34d5e20db
hm/common: no manuals
2022-11-02 00:49:53 +00:00
1d7a00e684
hm/graphical-client: add 'discord'
2022-10-31 20:09:53 +00:00
88334fa721
hm/porcorosso-wsl: drop genie
2022-10-08 21:27:01 +01:00
746c427690
hm/ext: init SSH config tweaks for 3p systems
2022-10-08 21:14:36 +01:00
e03ae8b853
treewide: fix things up for new nixpkgs
2022-10-02 22:23:44 +01:00
2796d03b22
nixos/client: add udisks2
2022-09-24 16:40:45 +01:00
27eb5b251e
blade-router: tweak export filter to drop local communities
2022-08-17 02:30:09 +01:00
a8bb05ba1e
blade-router: add ovh
2022-08-17 00:50:45 +01:00
9752742d76
bgp: force next-hop for OVH since I just can't talk to their router 2
2022-09-04 21:10:33 +01:00
2e56cddee5
hm/common: add a 'github' server alias
2022-09-04 21:10:20 +01:00
c16856f8ab
treewide: add my.ip.tailscale6
2022-09-02 00:22:16 +01:00
04df4d0a98
depotwide: make closures smaller, especially on frantech machines
2022-08-27 19:38:03 +01:00
4d0091c35e
as205479.net: add IPv6 tailnet, swap etheroute-lon01
2022-08-26 21:10:05 +01:00
203cba674d
blade: oops, we need SPICE
2022-08-26 21:00:52 +01:00
e43e0a4e25
ops/nixos: switch from iosevka to iosevka-bin
2022-08-14 23:01:39 +01:00
e25a1ba6c4
depotwide: fix stuff
2022-08-14 21:01:26 +01:00
5c1742e13f
depotwide: add google-cloudflare role
2022-08-10 01:51:46 +01:00
d1b8449d76
ops/nixos/blade-router: don't export routes to LINX collector
...
It confuses some other people on LINX, so for the avoidance of arguments let's Just Not.
2022-07-15 12:03:37 +01:00
49cab76737
nixos/hm/common: tweak ssh settings
2022-07-15 08:59:43 +01:00
64940e45d6
ops/nixos/graphical-client: install qFlipper
2022-07-07 22:06:35 +01:00
bd2be7196a
nixos/common: add pam-ussh
2022-06-04 12:21:32 +01:00
2c6be52ce9
howl: add BGP for EMFIX
2022-06-04 12:15:43 +01:00
e68f8b615f
hm/graphical-client-wayland: use wallpaper
2022-04-18 16:45:14 +01:00
60e6ae8af5
nixos/blade-router: bump LINX LON1 netmask to /21
2022-05-29 22:03:56 +01:00
977ee51c54
ops/nixos: change default for RP check to loose to silence Tailscale warnings
2022-05-21 16:31:58 +01:00
f7686f6a5a
hm/common: add whitby alias for ssh
2022-05-17 01:41:48 +01:00
7f587564de
porcorosso-wsl: don't try to load ed25519, use genie
2022-05-17 01:37:01 +01:00
4f3c21a8ea
blade: tweak rbd_cache settings
2022-05-02 17:40:32 +01:00
cb383c46ad
ops/nixos/lib/coredns: add IPv6 address for oracle-lon01
2022-05-12 18:38:16 +00:00
58793004a2
ops/nixos/hm/common: Tweak the IP for SAR1.
2022-04-30 16:48:35 +01:00
d21b733794
ops/nixos: add bgp.tools route collector
2022-04-30 16:48:01 +01:00
04e013b237
ops/nixos/bgp: add support for route collectors
2022-04-30 16:47:35 +01:00
6f70c36b8f
ops/nixos/blade: further nuke forwardX11
2022-04-16 01:52:50 +01:00
514d703560
ops/nixos/blade: nuke forwardX11
2022-04-16 01:48:32 +01:00
7b4febe0ab
ops/nixos/blade: honey I shrunk the closure
2022-04-10 02:20:41 +00:00
75d3386cd2
treewide: fix up for nixpkgs bump
2022-04-15 23:33:53 +01:00
b5fbf1f472
oracle-lon01: add my first aarch64-linux boxen
2022-04-13 12:03:56 +00:00
dca96efffe
fup: move config to secret
2022-04-10 01:37:37 +01:00
8647af22d7
ops/nixos: put more things in Vault
2022-04-09 21:51:24 +01:00
2536214734
deluge: migrate auth file to vault
2022-04-09 20:59:11 +01:00
55b6bd2a19
ops/nixos: add nixos-size to measure total closure pinned by booted-system/current-system mismatch
2022-04-07 03:42:17 +00:00
57c5a7d1ce
coredns: add bvm-paperless.int
2022-04-05 11:28:10 +01:00
8f6ae5cfd4
bvm-paperless: init
2022-04-04 19:11:22 +00:00
addba44d44
coredns: fix ipv6 zones
2022-03-30 17:25:25 +01:00
4b6b4842d1
update dns
2022-03-29 21:30:09 +01:00
3a32590571
go/access: init
2022-03-25 01:24:21 +00:00
eb163962a4
nixos/common: add wireguard-tools
2022-03-24 22:22:18 +00:00
7592e76a31
tokend: init
...
tokend is responsible for issuing service-scoped tokens based on the token held
and generated by the Vault Agent.
It can also generate "server-user" scoped tokens, which exist for convenience's
sake: they are not a strong attestation of the user on the machine, and have
limited privileges compared to a Vault token issued using e.g. `vault login
-method=oidc`.
2022-03-20 17:47:52 +00:00