wurzel/fruitbasket
9
1
Fork 0
Code Issues 5 Pull requests Packages Projects Releases Wiki Activity
813 commits 5 branches 0 tags 8.7 MiB
Commit graph

80 commits

Author SHA1 Message Date
Rouven Seifert 37bf91a57a
close wireguard port 2024-10-13 22:53:15 +02:00
Rouven Seifert 6fa82f7453
remove ese secret 2024-10-13 22:51:18 +02:00
Rouven Seifert f518bd545d
remove ese wireguard 2024-10-13 22:50:06 +02:00
Rouven Seifert 7d69600115
switch to lts kernel 
zfs latestCompatibleLinuxPackages will be deprecated at some point
 2024-10-08 21:39:17 +02:00
Rouven Seifert fcffa5f79c
fix ese wireguard 2024-10-04 16:34:54 +02:00
Rouven Seifert 0d9bd777c8
network: init ese wireguard 2024-10-04 15:39:10 +02:00
Rouven Seifert af3c401cf6
core: add sudo rule 2024-10-03 00:17:05 +02:00
Rouven Seifert d01694587a
mlx5_core got fixed 2024-06-21 14:55:59 +02:00
Rouven Seifert 97de6f6489
fix warnings 2024-06-21 13:31:41 +02:00
Rouven Seifert 4fa9a2fe7d
treewide: cleanup with deadnix 2024-05-06 11:21:12 +02:00
Rouven Seifert 81ac3b4c0d
ssh: disable password login 2024-05-06 11:12:19 +02:00
Rouven Seifert 126cff2263
quitte: pin kernel to 6.6.27 
6.6.28 broke the network driver
 2024-04-29 14:26:49 +02:00
Rouven Seifert d5ab09207a
core: set zsh as default shell for the root user 2024-04-16 21:44:48 +02:00
Rouven Seifert 3a47c43741
tomate: use zsh as default shell 2024-04-16 18:50:51 +02:00
Rouven Seifert 5b95918c29
tomate: configure ifsr-apb network 2024-04-16 10:58:35 +02:00
Rouven Seifert 83db5399d7
quitte: format hardware config 2024-04-14 11:40:00 +02:00
Rouven Seifert 4b173581dc
mount boot drives with the nofail option 
One drive failure shouldn't block the entire boot
 2024-04-14 11:39:11 +02:00
Rouven Seifert be638b274d
systemd-boot: copy the entire bootloader to the second disc on every switch 2024-04-14 11:35:47 +02:00
Rouven Seifert 31901ddffe
Revert "network: use TUD ntp servers" 
This reverts commit a87ecffa6b.

Doesn't work. Nevermind
 2024-04-08 18:42:48 +02:00
Rouven Seifert a87ecffa6b
network: use TUD ntp servers 2024-04-08 18:39:14 +02:00
Rouven Seifert b12ed4b803
zfs: add some maintenance services 2024-04-01 16:12:53 +02:00
Rouven Seifert 58e9794dff
network: enable lldp 2024-03-28 23:49:49 +01:00
Rouven Seifert 4334b5ef50
treewide: minor cleanups 2024-03-28 20:55:47 +01:00
Rouven Seifert f2af8d0a75
quitte: move back to bare-metal 
Das Proxmox ist tot. Lang lebe NixOS!
 2024-03-28 18:06:41 +01:00
Rouven Seifert d086eed901
network: clean up secrets 2024-03-21 15:49:50 +01:00
Rouven Seifert 3be5380c58
quitte: network fixes 2024-03-21 15:47:32 +01:00
Rouven Seifert 736c84cce9
treewide: ran deadnix 2024-03-11 22:49:12 +01:00
Rouven Seifert 1e47c01032
ulimit: limit nix builders to 10000 processes at once 2024-03-03 11:39:52 +01:00
Rouven Seifert d611cc5a26
ulimit: limit maximum number of processes per user 
- Limits the number of processes a user can start to 2000
  Mostly in place to prevent fork bombs taking down the host.
- If anyone encounters problems with this number we can raise it
 2024-03-03 11:34:39 +01:00
Rouven Seifert ae74749c28
tomate: add ifsr cache 2024-02-25 23:26:13 +01:00
Rouven Seifert 522351905c
quitte: enable memory resource control 
Limits the Memory of some important slices via systemd cgroup management.

- nix-daemon may not use more than 32 GB of Memory
- all users together may not use more than 32GB of Memory

See man systemd.resource-control(5) for more detailed information.
 2024-02-25 21:52:36 +01:00
Rouven Seifert 7e2dc399bb
formatting 2024-02-03 20:03:45 +01:00
Rouven Seifert 175e2750ce
quitte: fix hosts 2024-02-03 20:02:15 +01:00
Rouven Seifert b8c31b4e4a
initrd: fix network 2024-01-29 16:23:56 +01:00
Rouven Seifert a9f6bc3ed0
print: initial config 2024-01-29 14:51:37 +01:00
Rouven Seifert d30e35cd8f
tomate: fix printing 2024-01-13 16:38:40 +01:00
Rouven Seifert 63551dd42a
tomate: enable login per u2f 2023-12-12 18:12:39 +01:00
Rouven Seifert 220136af25
tomate: init sssd 2023-12-12 12:57:47 +01:00
Rouven Seifert 8b9099fe04
tomate: remove fsr from wheel 2023-11-28 11:48:11 +01:00
Rouven Seifert 71f197c2f5
tomate: reformat 2023-11-28 11:40:04 +01:00
Rouven Seifert e86fdf1819
tomate: init 2023-11-28 11:37:35 +01:00
Rouven Seifert 4324dceddc
firewall: stop logging every refused connection 2023-11-14 14:00:22 +01:00
Rouven Seifert 6e269d8dc7
firewall: use nftables 2023-10-23 11:59:12 +02:00
Rouven Seifert 02cd8440f1
refactor: ran deadnix 2023-09-17 20:14:32 +02:00
Rouven Seifert 62825e357f
refactor: fsr.domain -> networking.domain 2023-09-17 20:10:55 +02:00
Rouven Seifert 0e0b3b0454
networking: update rDNS 2023-09-15 16:49:21 +02:00
Rouven Seifert 6dd628403c
networking: introduce rdns option 2023-09-01 10:42:22 +02:00
Rouven Seifert 38c947fe01
remove the vm 2023-08-16 14:51:01 +02:00
Rouven Seifert f141dcddc3
format hardware-configuration.nix 2023-07-26 16:44:32 +02:00
quitte 186f4ccb08 encrypted setup 2023-07-26 16:41:55 +02:00