Commit graph

360 commits

Author SHA1 Message Date
79ae0d7fef nix/pkgs/baserow/web-frontend: fix
We need to use openssl-legacy-provider to fix an issue with OpenSSL 3.x,
because Webpack (or Nuxt?) need to use deprecated hashes.
2022-11-09 00:35:09 +00:00
b03bf3ea87 baserow: drop mjml-tcpserver 2022-11-02 02:08:52 +00:00
f34d5e20db hm/common: no manuals 2022-11-02 00:49:53 +00:00
1d7a00e684 hm/graphical-client: add 'discord' 2022-10-31 20:09:53 +00:00
88334fa721 hm/porcorosso-wsl: drop genie 2022-10-08 21:27:01 +01:00
746c427690 hm/ext: init SSH config tweaks for 3p systems 2022-10-08 21:14:36 +01:00
e03ae8b853 treewide: fix things up for new nixpkgs 2022-10-02 22:23:44 +01:00
2796d03b22 nixos/client: add udisks2 2022-09-24 16:40:45 +01:00
27eb5b251e blade-router: tweak export filter to drop local communities 2022-08-17 02:30:09 +01:00
a8bb05ba1e blade-router: add ovh 2022-08-17 00:50:45 +01:00
9752742d76 bgp: force next-hop for OVH since I just can't talk to their router 2 2022-09-04 21:10:33 +01:00
2e56cddee5 hm/common: add a 'github' server alias 2022-09-04 21:10:20 +01:00
c16856f8ab treewide: add my.ip.tailscale6 2022-09-02 00:22:16 +01:00
04df4d0a98 depotwide: make closures smaller, especially on frantech machines 2022-08-27 19:38:03 +01:00
4d0091c35e as205479.net: add IPv6 tailnet, swap etheroute-lon01 2022-08-26 21:10:05 +01:00
203cba674d blade: oops, we need SPICE 2022-08-26 21:00:52 +01:00
e43e0a4e25 ops/nixos: switch from iosevka to iosevka-bin 2022-08-14 23:01:39 +01:00
e25a1ba6c4 depotwide: fix stuff 2022-08-14 21:01:26 +01:00
5c1742e13f depotwide: add google-cloudflare role 2022-08-10 01:51:46 +01:00
d1b8449d76 ops/nixos/blade-router: don't export routes to LINX collector
It confuses some other people on LINX, so for the avoidance of arguments let's Just Not.
2022-07-15 12:03:37 +01:00
49cab76737 nixos/hm/common: tweak ssh settings 2022-07-15 08:59:43 +01:00
64940e45d6 ops/nixos/graphical-client: install qFlipper 2022-07-07 22:06:35 +01:00
bd2be7196a nixos/common: add pam-ussh 2022-06-04 12:21:32 +01:00
2c6be52ce9 howl: add BGP for EMFIX 2022-06-04 12:15:43 +01:00
e68f8b615f hm/graphical-client-wayland: use wallpaper 2022-04-18 16:45:14 +01:00
60e6ae8af5 nixos/blade-router: bump LINX LON1 netmask to /21 2022-05-29 22:03:56 +01:00
977ee51c54 ops/nixos: change default for RP check to loose to silence Tailscale warnings 2022-05-21 16:31:58 +01:00
f7686f6a5a hm/common: add whitby alias for ssh 2022-05-17 01:41:48 +01:00
7f587564de porcorosso-wsl: don't try to load ed25519, use genie 2022-05-17 01:37:01 +01:00
4f3c21a8ea blade: tweak rbd_cache settings 2022-05-02 17:40:32 +01:00
cb383c46ad ops/nixos/lib/coredns: add IPv6 address for oracle-lon01 2022-05-12 18:38:16 +00:00
58793004a2 ops/nixos/hm/common: Tweak the IP for SAR1. 2022-04-30 16:48:35 +01:00
d21b733794 ops/nixos: add bgp.tools route collector 2022-04-30 16:48:01 +01:00
04e013b237 ops/nixos/bgp: add support for route collectors 2022-04-30 16:47:35 +01:00
6f70c36b8f ops/nixos/blade: further nuke forwardX11 2022-04-16 01:52:50 +01:00
514d703560 ops/nixos/blade: nuke forwardX11 2022-04-16 01:48:32 +01:00
7b4febe0ab ops/nixos/blade: honey I shrunk the closure 2022-04-10 02:20:41 +00:00
75d3386cd2 treewide: fix up for nixpkgs bump 2022-04-15 23:33:53 +01:00
b5fbf1f472 oracle-lon01: add my first aarch64-linux boxen 2022-04-13 12:03:56 +00:00
dca96efffe fup: move config to secret 2022-04-10 01:37:37 +01:00
8647af22d7 ops/nixos: put more things in Vault 2022-04-09 21:51:24 +01:00
2536214734 deluge: migrate auth file to vault 2022-04-09 20:59:11 +01:00
55b6bd2a19 ops/nixos: add nixos-size to measure total closure pinned by booted-system/current-system mismatch 2022-04-07 03:42:17 +00:00
57c5a7d1ce coredns: add bvm-paperless.int 2022-04-05 11:28:10 +01:00
8f6ae5cfd4 bvm-paperless: init 2022-04-04 19:11:22 +00:00
addba44d44 coredns: fix ipv6 zones 2022-03-30 17:25:25 +01:00
4b6b4842d1 update dns 2022-03-29 21:30:09 +01:00
3a32590571 go/access: init 2022-03-25 01:24:21 +00:00
eb163962a4 nixos/common: add wireguard-tools 2022-03-24 22:22:18 +00:00
7592e76a31 tokend: init
tokend is responsible for issuing service-scoped tokens based on the token held
and generated by the Vault Agent.

It can also generate "server-user" scoped tokens, which exist for convenience's
sake: they are not a strong attestation of the user on the machine, and have
limited privileges compared to a Vault token issued using e.g. `vault login
-method=oidc`.
2022-03-20 17:47:52 +00:00