Commit Graph

603 Commits

Author SHA1 Message Date
tv
8b58e6e6e2 nginx: use host name and aliases as default server-names 2016-07-22 13:06:41 +02:00
makefu
864e711114
k 3 nginx: add ssl.force_encryption 2016-07-21 21:03:36 +02:00
makefu
0c40af375f
/ : s/krebs\.retiolum/krebs.tinc.retiolum/g 2016-07-20 17:20:47 +02:00
makefu
13a5662feb
k 3 retiolum: krebs.retiolum is now officially obsolete 2016-07-20 16:55:22 +02:00
makefu
c5d7e14e90
k 3 exim-retiolum: assert to krebs.tinc.retiolum.enable again 2016-07-20 16:51:25 +02:00
makefu
d04b0b4ebe
k 3 retiolum: prepare fallback to krebs.retiolum 2016-07-20 16:50:32 +02:00
makefu
4e0eb7d9c0
k 3 retiolum: formatting 2016-07-20 14:38:59 +02:00
makefu
2d4b0dc227
k 3 retiolum: remove lib. for imp part 2016-07-20 14:24:58 +02:00
makefu
d35fc9f6d2
k 3 retiolum: explicitly build users, secrets and services 2016-07-20 14:15:47 +02:00
makefu
24db6439c4
retiolum: config which is working but not functioning (see TODO in retiolum.nix) 2016-07-20 10:06:04 +02:00
makefu
a6a0cddeaa
k 3 m: filepimp,omo expose lan net 2016-07-18 15:35:36 +02:00
makefu
01ee8749ac
k 3 retiolum-bootstrap: use secrets path as default, not /root/secrets 2016-07-18 15:13:22 +02:00
makefu
33c96a89c5
Merge 'cd/master' 2016-07-18 12:15:10 +02:00
tv
e2157dade8 alnus: init 2016-07-17 22:19:00 +02:00
tv
0bc55750cf krebs.build.profile :: str => absolute-path 2016-07-17 00:53:21 +02:00
tv
d861643919 krebs.build: simplify structure 2016-07-17 00:53:21 +02:00
tv
514daf3d46 replace krebs.build.populate by populate 2016-07-17 00:53:21 +02:00
makefu
393f5cb5c7
k 3 m: init honeydrive 2016-07-11 20:44:16 +02:00
lassulus
18ff162945 Merge remote-tracking branch 'gum/master' 2016-07-07 23:33:49 +02:00
tv
f7d966043d Merge remote-tracking branch 'prism/master' 2016-07-07 23:05:06 +02:00
tv
f18ababed5 Merge remote-tracking branch 'prism/lassulus' 2016-07-07 23:02:41 +02:00
tv
0c72da81cc zu: init 2016-07-07 22:31:50 +02:00
lassulus
4cd09fa26b k 3 buildbot: use last working nixpkgs 2016-07-07 21:32:21 +02:00
lassulus
2db6515213 use buildbot from 15.09 2016-07-04 00:14:50 +02:00
tv
8822005f00 net.addrs: readOnly = false 2016-07-03 20:34:51 +02:00
tv
7aedefa476 {mk,rm}dir: RIP 2016-07-03 20:32:16 +02:00
tv
cc6b1f6ad1 caxi: init 2016-07-03 20:22:45 +02:00
tv
75b2c8e6c9 prism: AKA cgit.prism.r 2016-07-01 01:07:20 +02:00
tv
2408e27fb1 ju: init 2016-06-30 22:41:44 +02:00
tv
d81b068113 Merge remote-tracking branch 'prism/master' 2016-06-30 16:31:05 +02:00
tv
1542f9bbee miefda: stash 2016-06-30 16:26:13 +02:00
tv
385b0345a6 mv: stash 2016-06-30 01:43:33 +02:00
lassulus
1012224e67 little bit of code cleanup 2016-06-28 17:41:15 +02:00
makefu
f2a13d6281
k 3 m: add siem network, add ossim stub 2016-06-27 12:57:08 +02:00
lassulus
13f7ef405b k 3 repo-sync: use the privateKeyFile 2016-06-26 18:20:56 +02:00
lassulus
16b639e50a k 3 repo-sync: add unitConfig option 2016-06-26 17:53:11 +02:00
lassulus
fe07d46310 k 3 l: add user mors-repo-sync 2016-06-26 17:51:52 +02:00
lassulus
ba0a7978ba k 3 repo-sync: set REPONAME
This is needed to allow multiple repo fetching at the same time
2016-06-24 16:04:04 +02:00
lassulus
2de4843bae k 3 l: add prism-repo-sync pubkey 2016-06-24 15:27:23 +02:00
lassulus
edcc01d8e3 k 3 repo-sync: refactor, allow multiple repos 2016-06-24 15:24:42 +02:00
lassulus
93567fa818 Merge remote-tracking branch 'cd/master' 2016-06-23 23:18:06 +02:00
tv
74f778c6e1 tv.pgp.pubkeys.default = readFile ./pgp/CBF89B0B.asc 2016-06-23 23:14:23 +02:00
makefu
271a59b1d6
Merge remote-tracking branch 'prism/master' 2016-06-23 17:04:07 +02:00
makefu
5894ecc942
add siem internal network 2016-06-23 16:45:44 +02:00
makefu
a7310f526d
krebs 3 tinc_graphs: allow network different from retiolum 2016-06-23 16:45:06 +02:00
lassulus
27522d311c k 3 l: add domsen-nas 2016-06-16 22:09:05 +02:00
lassulus
1e957a1255 k 3 l: RIP fastpoke 2016-06-16 22:07:29 +02:00
tv
88a486f26a ju: init 2016-06-14 16:25:49 +02:00
lassulus
d5cfc4bf19 Merge remote-tracking branch 'wolf/master' 2016-06-14 09:54:02 +02:00
makefu
eb710a17e2
Merge remote-tracking branch 'cd/master' 2016-06-14 01:36:15 +02:00
makefu
8656e83d4c
k 3 ma: update shoney ip after failed deploy :3 2016-06-14 01:34:08 +02:00
lassulus
23385c2984 Merge remote-tracking branch 'cd/master' 2016-06-13 13:50:52 +02:00
lassulus
b244441223 Merge remote-tracking branch 'gum/master' 2016-06-13 12:54:15 +02:00
tv
a16f438314 sprinkle with some write{B,D}ash 2016-06-13 02:10:02 +02:00
lassulus
4e001014c9 Merge remote-tracking branch 'cd/master' 2016-06-12 21:37:27 +02:00
makefu
b9c0c46b4d
m shoney: init 2016-06-12 19:48:15 +02:00
makefu
ed1d336fc8
Merge remote-tracking branch 'cd/master' 2016-06-12 17:49:59 +02:00
lassulus
0d20b15ae3 k 3 l: add cache.prism.r as alias 2016-06-11 00:27:44 +02:00
makefu
7fe3cdd804
k 3 m: fix filepimp pubkey 2016-06-09 22:55:28 +02:00
tv
b419d6cd36 krebs.git.user.home: /var/lib/git -> pkgs.empty 2016-06-07 23:38:33 +02:00
tv
a431e036e3 krebs.git: move assert to etcDir's type 2016-06-07 23:34:16 +02:00
tv
567800c98e krebs.git.cgit.settings.virtual-root: init 2016-06-07 23:23:06 +02:00
tv
c8b0a57549 krebs.git.cgit: add server name for cgit.*.r 2016-06-07 23:08:55 +02:00
tv
922389ef20 krebs.git.cgit.fcgiwrap: make user configurable 2016-06-07 23:02:37 +02:00
tv
a3644a38a5 krebs.git: make user configurable 2016-06-07 22:49:26 +02:00
tv
c655e1246d krebs.git: s/ensureList/toList/ 2016-06-07 22:41:40 +02:00
tv
4a34b27c1c krebs.git.cgit: make cache-root configurable
... along with all the other stuff :)
2016-06-07 22:38:38 +02:00
tv
b5bdd9aed4 krebs.git.cgit :: { bool => submodule { enable :: bool } } 2016-06-07 03:11:26 +02:00
tv
dda2887e2c Merge remote-tracking branch 'cloudkrebs/master' 2016-06-06 17:17:07 +02:00
lassulus
baa20586b8 Merge remote-tracking branch 'cd/master' 2016-06-05 00:38:00 +02:00
tv
c1c645b545 krebs.setuid: add option "envp" 2016-06-05 00:31:36 +02:00
makefu
ff38a9bf0b
k 3 ma: fix addrs4 for tpsw 2016-06-02 14:41:38 +02:00
makefu
4f28d9a306
Merge remote-tracking branch 'prism/master' 2016-06-02 11:17:18 +02:00
lassulus
806e592d3e k 3 nginx: unique server-names to silence nginx 2016-06-01 00:07:14 +02:00
lassulus
cc938e61f8 k 3 iptables: allow DNAT rules 2016-05-29 00:32:55 +02:00
lassulus
48502fb07e k 3 l: add fritz pubkey 2016-05-24 23:19:43 +02:00
lassulus
ce0cef9806 Merge remote-tracking branch 'cd/master' 2016-05-24 22:49:52 +02:00
makefu
c1971f5aa0
Merge remote-tracking branch 'cloudkrebs/master' 2016-05-24 22:27:21 +02:00
makefu
9cba0ffefa
merge cd/master 2016-05-24 22:12:38 +02:00
tv
c44e649455 krebs.exim-retiolum: disable TLS 2016-05-24 20:59:05 +02:00
lassulus
facb65bd22 Merge remote-tracking branch 'cd/master' 2016-05-21 13:57:45 +02:00
lassulus
41e93449bb k 3 l: add shodan keys 2016-05-21 13:46:41 +02:00
lassulus
7c8bd6c551 k 3 l: move pubkeys to seperate files 2016-05-21 13:45:48 +02:00
tv
97c2e4bbd9 krebs.exim: validate config file syntax 2016-05-21 11:19:35 +02:00
tv
ace70674aa {mv,tv}.mail: retiolum -> r 2016-05-21 11:19:35 +02:00
tv
1e9199f939 krebs internet-aliases: *@eloop.org -> eloop2016@krebsco.de 2016-05-21 09:28:50 +02:00
tv
ca48a77050 exim-smarthost: allow per-domain defaults in internet-aliases 2016-05-21 09:27:55 +02:00
lassulus
fc867f652f Merge remote-tracking branch 'cd/master' 2016-05-20 00:18:00 +02:00
lassulus
88e53970c1 k 3 per-user: use new symlinkJoin interface 2016-05-19 21:16:45 +02:00
lassulus
127507ccc7 k 3 l: add shodan 2016-05-19 21:11:16 +02:00
tv
ee0c30cbe5 exim-smarthost: update ciko's mail 2016-05-19 15:43:06 +02:00
tv
c40ff531b4 exim-smarthost: cfp@eloop.org -> eloop2016 ML 2016-05-19 15:18:26 +02:00
tv
289231f197 exim-smarthost: add eloop2016 ML 2016-05-19 15:05:16 +02:00
lassulus
abf23d1305 k 3 l: update echelon ip 2016-05-17 11:46:09 +02:00
makefu
cee893f371 k 3 makefu: add tpsw, owned by ciko 2016-05-16 23:08:20 +02:00
lassulus
e7528ccc2f Merge remote-tracking branch 'gum/master' 2016-05-09 11:27:06 +02:00
lassulus
fb87c76112 Merge remote-tracking branch 'cd/master' 2016-05-09 11:26:04 +02:00
lassulus
ba5ea161f2 k 3 l: update echelon ip 2016-05-09 11:14:34 +02:00
makefu
56ca7859fa k 3 m: fix filebitch key 2016-05-07 00:21:56 +02:00
makefu
e4251e63ac k 3 fetchWallpaper: move only if exists 2016-05-02 17:36:16 +02:00
tv
9b0edc2ee8 krebs.build.populate: set SSL_CERT_FILE 2016-04-28 22:24:44 +02:00
lassulus
94fa4005d6 Merge remote-tracking branch 'cd/master' 2016-04-27 12:47:13 +02:00
tv
4abd59f59d krebs.exim-{retiolum,smarthost}: use krebs.exim 2016-04-27 01:54:58 +02:00
tv
96301634b9 services.exim -> krebs.exim 2016-04-27 01:52:52 +02:00
tv
f9d42f3a81 import NixOS' services.exim 2016-04-27 01:45:47 +02:00
lassulus
558eede973 k 3 fetchWallpaper: use writeDash 2016-04-27 01:31:26 +02:00
lassulus
6762a8790c Merge remote-tracking branch 'cd/master' 2016-04-20 16:05:38 +02:00
tv
54947849ff tv: "fix" PGP key 2016-04-20 16:03:02 +02:00
lassulus
2f99d1f4b7 k 3 l: update pgp key 2016-04-19 16:56:44 +02:00
lassulus
c7a6e74b3d Merge remote-tracking branch 'cd/master' 2016-04-18 15:10:43 +02:00
tv
41ff57c6d6 krebs.backup: use globally configured ssh ports 2016-04-17 11:23:35 +02:00
tv
f5f7abce0d krebs: programs.ssh.extraConfig += Host ... Port ... 2016-04-17 10:23:01 +02:00
tv
377b0dff1c krebs.backup: don't create plan.dst.path implicitly 2016-04-17 06:00:48 +02:00
tv
70c27e21b1 krebs.backup: rm stale TODO
Done in 13df24f8f0
2016-04-17 05:26:02 +02:00
tv
6ec3d922a4 krebs.backup network-ssh-port -> pkgs.get-ssh-port 2016-04-17 05:24:33 +02:00
tv
affb69250d krebs.backup network-ssh-port: fail if cannot find port 2016-04-17 04:13:32 +02:00
tv
453384b60b krebs.backup: inject dst_path into dst shell 2016-04-17 03:51:55 +02:00
tv
904d037bd7 krebs.backup: allow injecting variables into dst shell 2016-04-17 03:50:49 +02:00
tv
e4422212d4 krebs.on-failure: send journal since start of failed plan 2016-04-17 02:04:52 +02:00
makefu
f043929668 k 3 retiolum: use more precise description for connectTo 2016-04-17 02:04:33 +02:00
makefu
26e43d47a7 k 3 retiolum: add description to configure Address= 2016-04-17 00:05:42 +02:00
lassulus
edbf4050ef Merge remote-tracking branch 'cd/master' 2016-04-13 16:52:36 +02:00
lassulus
54ec57b511 k 3 l: change ssh port to 45621 2016-04-13 16:32:55 +02:00
tv
2b0c6616b6 doppelbock -> cd 2016-04-12 17:13:33 +02:00
lassulus
7023d41410 k 3 iptables: allow REDIRECT target 2016-04-12 15:09:08 +02:00
tv
a0d08d4793 exim-smarthost: don't tls_advertise_hosts 2016-04-12 14:26:37 +02:00
tv
e74f4ddf81 krebs types.addr6: str -> IPv6 address* 2016-04-08 04:41:30 +02:00
tv
0dc2a751a9 krebs.retiolum: use krebs.secret 2016-04-08 04:11:00 +02:00
tv
7b7e8b11b5 retiolum netname: hostname -> enum 2016-04-08 03:59:26 +02:00
tv
46e818ebbc retiolum: don't hardcode routing prefixes 2016-04-08 03:53:34 +02:00
tv
827f179080 doppelbock: init 2016-04-07 21:43:22 +02:00
tv
7fb1a3e775 krebs.nginx: don't abuse extraConfig 2016-04-07 20:48:07 +02:00
makefu
66b7a76a26 Merge branch 'master' of gum.krebsco.de:stockholm 2016-04-07 19:54:23 +02:00
makefu
43ea1e5ab3 k 3 makefu: add senderechner 2016-04-07 19:54:17 +02:00
makefu
caf6ce1291 Merge remote-tracking branch 'cd/master' 2016-04-03 21:57:09 +02:00
tv
e1cd9fa013 tv: import mu 2016-03-31 03:58:51 +02:00
makefu
a8c7618699 Merge remote-tracking branch 'prism/master' 2016-03-20 00:03:52 +01:00
makefu
90ef4d08a1 k 3 ma: update to real tinc pubkey 2016-03-19 23:55:43 +01:00
lassulus
fda0262111 Merge remote-tracking branch 'cd/master' 2016-03-19 22:12:11 +01:00
lassulus
3883a9fce7 k 3 l: add fastpoke pubkey 2016-03-19 21:59:32 +01:00
tv
3bead2641e {nukular,darth}: fix addrs6 2016-03-17 12:03:15 +01:00
lassulus
4143f1d6ec k 3 l: add lass.pgp.pubkeys.default 2016-03-16 09:20:05 +01:00
lassulus
9e9bc01fc9 Merge remote-tracking branch 'gum/master' 2016-03-16 09:16:41 +01:00
makefu
61e312dff1 k 3 ma: expose pgp pubkeys 2016-03-16 08:35:06 +01:00
makefu
90150375a8 Merge remote-tracking branch 'cd/master' 2016-03-16 08:26:27 +01:00
makefu
57476fb24a Merge branch 'master' of gum:stockholm 2016-03-16 08:25:50 +01:00
makefu
be5a136464 k 3 ma: add default and brain 2016-03-16 08:25:26 +01:00
tv
9d16ea6145 krebs types += pgp-pubkey, user.pgp.pubkey 2016-03-16 02:03:17 +01:00
tv
91844576fd krebs.users.tv.pgp.pubkey: 2CAEE3B5 2016-03-16 00:49:32 +01:00
tv
2452d21173 Merge remote-tracking branch 'gum/master' 2016-03-16 00:13:58 +01:00