tv
13a7209ca2
tv hosts: add all the ed25519 keys
2021-12-28 18:18:35 +01:00
Kierán Meinhardt
98e45d2075
mic92: fix ssh ed25519 keys
2021-12-28 16:49:07 +01:00
lassulus
7870cc2b04
external: fix ed25519 pubkey syntax
2021-12-28 16:44:23 +01:00
lassulus
02fbaca275
external kmein: fix ed25519 pubkey syntax
2021-12-28 16:41:24 +01:00
lassulus
b2f87082c1
types net tinc: include pubkey_ed25519
2021-12-28 16:37:54 +01:00
Pablo Ovelleiro Corral
17e614cb00
external: add pinpox-ahorn
2021-12-28 16:30:33 +01:00
Kierán Meinhardt
6104ec910e
external: add kmein ed25519 keys
2021-12-28 16:10:19 +01:00
lassulus
c7b7bd48b5
l tinc: define ed25519 keys for all hosts
2021-12-28 16:09:42 +01:00
makefu
876aecb4d2
ma tonie: use new backend_is_local deployment
2021-12-27 13:12:39 +01:00
makefu
00b5478f09
ma home/tonie: fall back to container for front-end
2021-12-27 00:20:23 +01:00
makefu
6d376ce17a
ma home: add wip tonie module
2021-12-27 00:17:13 +01:00
lassulus
8692db1285
Merge remote-tracking branch 'mic92/master'
2021-12-25 20:08:31 +01:00
lassulus
9f194012bd
Merge remote-tracking branch 'ni/master'
2021-12-25 20:08:03 +01:00
lassulus
f31f9f3790
l green.r: add ssh workaround for android yubikey
2021-12-25 20:07:25 +01:00
lassulus
4eab43449a
l green.r: don't use bindfs for sync folder
2021-12-25 20:07:03 +01:00
tv
a1a0f11af4
tv ejabberd: use LoadCredential
2021-12-25 16:43:51 +01:00
tv
d4b12744d5
tv charybdis: use LoadCredential
2021-12-25 16:43:51 +01:00
tv
8ee6e71092
tv x0vncserver: use LoadCredential
2021-12-25 16:43:51 +01:00
lassulus
02f6757bf6
l krops: useChecksum for stockholm
2021-12-25 09:58:44 +01:00
cb26de2f5c
matchbox: remove ipv4
2021-12-25 08:39:02 +01:00
tv
969bd9767e
exim-smarthost: dkim_strict = true
2021-12-24 10:19:13 +01:00
tv
b33381d15e
exim-smarthost: use LoadCredential
2021-12-24 09:22:41 +01:00
tv
7219292dd5
repo-sync: use LoadCredential
2021-12-24 00:51:28 +01:00
tv
71d11e8f2b
repo-sync: add group
2021-12-24 00:51:28 +01:00
tv
234d9d96bf
krebs.systemd: allow LoadCredential to be a string
2021-12-24 00:51:28 +01:00
tv
f7ab46c2ec
tv ejabberd: add group
2021-12-24 00:51:28 +01:00
tv
20e0a7e0b1
tv charybdis: add group
2021-12-24 00:51:28 +01:00
lassulus
2be08e3c52
systemd module: use LoadCredentials from config.systemd.services
2021-12-23 23:59:22 +01:00
lassulus
29b796f521
Merge remote-tracking branch 'ni/master'
2021-12-23 21:49:55 +01:00
tv
d4521eb339
krebs.systemd: allow reload if credentials change
2021-12-23 20:18:28 +01:00
tv
1cf495d6eb
krebs.systemd: support credentials of any service
2021-12-23 20:18:28 +01:00
lassulus
fb9ef6eda6
l pkgs.dpass: RIP
2021-12-23 16:20:33 +01:00
lassulus
5a7e6ef803
Merge remote-tracking branch 'mic92/master'
2021-12-23 11:00:51 +01:00
a9d324f176
mic92: update ip for eve
2021-12-23 08:36:49 +01:00
tv
5f7ab23ebf
krebs.tinc: drop environment.systemPackages TODO
...
Nobody bothered about this for more than five years. And even though
fixable, chances are quite high that this feature is not needed anymore.
2021-12-23 03:20:36 +01:00
tv
8029e80632
krebs.tinc: drop api and imp boilerplate
2021-12-23 03:16:44 +01:00
tv
018018e16b
krebs.tinc: don't bother aliasing packages
2021-12-23 03:12:58 +01:00
tv
5410c7dccc
ci: configure krebs.build.host
2021-12-23 01:59:25 +01:00
tv
21e407aa59
krebs.tinc: use LoadCredential
2021-12-23 01:59:25 +01:00
tv
d6ebd497f0
krebs.systemd.services: restart by LoadCredential
2021-12-23 01:59:25 +01:00
tv
9d65a3cdd8
lib: add maybeHead
2021-12-23 00:46:12 +01:00
tv
448cd3b9af
Merge remote-tracking branch 'prism/master'
2021-12-22 23:33:05 +01:00
tv
2656cbf2a9
empty -> emptyDirectory
2021-12-22 23:27:07 +01:00
lassulus
6f0d4d9d03
l hass: fix mosquitto for real this time
2021-12-22 22:19:54 +01:00
lassulus
576c05cf3a
l tinc: remove enableLegacy
2021-12-22 13:59:46 +01:00
lassulus
c9f0c17660
tinc module: reload instead of restart
...
remove enableLegacy option since reloading is dependant on
/etc/tinc/<netname> existing
2021-12-22 13:58:30 +01:00
lassulus
8f94e0bc4b
Merge remote-tracking branch 'ni/master'
2021-12-21 16:45:56 +01:00
tv
e888b00a6b
secret service: don't be wanted by multi-user.target
...
This fixes an issue causing secret-trigger-*.service to be restarted on
every activation because after triggering these services are dead, this
in turn causes restarts of secret-*.service.
And finally this caused the issue of always restarting tinc services
as they are PartOf= a couple of secert-*.service.
2021-12-21 15:27:44 +01:00
tv
cd73053944
tv vim: admit nftables
2021-12-21 12:50:29 +01:00
lassulus
0a7d779cc1
iptables module: add compat layer to networking.firewall
2021-12-21 12:38:07 +01:00