nix-community/srvos
1
1
Fork 0
mirror of https://github.com/nix-community/srvos.git synced 2024-09-11 14:17:02 +03:00
Code Issues Packages Projects Releases Wiki Activity
798 Commits 7 Branches 0 Tags 6.1 MiB
34a9390047
Commit Graph

798 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jörg Thalheim
a99a47da0f
networkd: better defaults to make nixos-rebuild less likely to fail (#20) 2023-01-01 21:02:22 +01:00
Jörg Thalheim
a1c9ed67ea add hetzner online profile 2023-01-01 17:06:12 +01:00
Jörg Thalheim
68de9b01d4 hetzner-cloud: make it easier to override default filesystem 2023-01-01 15:34:24 +01:00
Jonas Chevalier
ce7be8f0dc
Merge pull request #17 from numtide/add-hardware 
Add hardware
 2022-12-31 17:02:30 +01:00
zimbatm
e3dd501d2b
flake: extend test converage 
Hit all the files that we have
 2022-12-31 16:59:49 +01:00
zimbatm
b839938cd7
add hetzner-cloud hardware 2022-12-31 16:53:56 +01:00
zimbatm
204026c56f
add generic amazon hardware config 2022-12-31 16:53:56 +01:00
zimbatm
a47c24539a
add cloud-init profile 2022-12-31 16:31:09 +01:00
Jonas Chevalier
89c1beb1c4
expose modules list (#18) 
Make the modules list available outside of flakes and prefix them.
 2022-12-31 16:26:51 +01:00
Jörg Thalheim
aa181529b0
Merge pull request #12 from numtide/flake-profile 
add flake profile
 2022-12-31 08:23:20 +00:00
Jörg Thalheim
3f5410b95a add flake profile 
Co-authored-by: Jonas Chevalier <zimbatm@zimbatm.com>
 2022-12-31 09:22:26 +01:00
zimbatm
0b3a8aa5d6
avoid with keyword 2022-12-29 22:22:46 +01:00
zimbatm
bb5204525c
split the common profile 
Make it easier to pick and choose
 2022-12-29 19:20:43 +01:00
zimbatm
2204eb5169
nixpkgs-fmt 2022-12-29 17:37:05 +01:00
Jonas Chevalier
25daf1b08d
use systemd-networkd everywhere (#8) 
* use systemd-networkd everywhere

* Update profiles/common.nix

Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>

Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
 2022-12-29 14:45:12 +01:00
Jörg Thalheim
630d40561f
don't force authorizedKeysFiles if git server are enabled (#16) 2022-12-29 14:32:48 +01:00
Jonas Chevalier
db45a08ad2
use systemd-boot everywhere (#7) 
* introduce EFI profile

For machines that can boot on EFI

* common: use systemd in the initrd as well

Replace the pile of shell scripts with systemd in the initrd

* Update profiles/common.nix

Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>

* Update profiles/common.nix

Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>

Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
 2022-12-28 14:38:11 +01:00
Jörg Thalheim
819332c9da
improve defaults for serial console (#9) 2022-12-28 14:35:52 +01:00
Jörg Thalheim
0ef3c32aee
add desktop profile (#14) 
* add desktop profile

* flake: also test server and desktop profile

Co-authored-by: Jonas Chevalier <zimbatm@zimbatm.com>
 2022-12-28 14:35:15 +01:00
Jörg Thalheim
ed4bb0740a
server: set tcp BBR as default congestion control (#15) 
This is default on GCP for example and in Google’s internal backbone
networks and google.com and YouTube Web servers throughput increased by
4 percent on average globally – and by more than 14 percent in some
countries.
 2022-12-28 14:28:36 +01:00
Jörg Thalheim
fc4e7483cd
add nginx role (#10) 2022-12-28 14:27:23 +01:00
Jörg Thalheim
fa5b42f0fd
drop udisks2 from server profile (#13) 
As far as I can see only desktop environments are enabling this option.
This is a rather low-level service, which seems unlikely to get enabled
by accident.
However setting this option to false will break `xrdp` in combination
with a desktop environment usage which is something you may need every
once in a while even in a server context.
 2022-12-28 13:38:51 +01:00
zimbatm
6423849123
split common and server profiles 2022-12-21 17:39:25 +01:00
Jörg Thalheim
dcd08ecab2
Merge pull request #5 from numtide/telegraf 
add telegraf configuration
 2022-12-19 20:45:43 +00:00
Jörg Thalheim
d38aea1853 add telegraf configuration 2022-12-19 21:44:31 +01:00
Jörg Thalheim
754b897b4c README: fix typo 2022-12-19 16:13:24 +01:00
Jörg Thalheim
bbed98e507
Merge pull request #4 from numtide/ci 
Add installation guide and code from nix-community
 2022-12-19 15:10:55 +00:00
Jörg Thalheim
54b32ddf08 expose github-actions-runner in flake 2022-12-19 16:09:46 +01:00
Jörg Thalheim
d25b67bd69 add some example configuration 2022-12-19 16:08:40 +01:00
Jörg Thalheim
85085d532d sshd: unbind local sockets for gnupg 2022-12-19 15:47:32 +01:00
Jörg Thalheim
207e856347 well-known-hosts: add also ed25519 key of github 2022-12-19 15:42:01 +01:00
Jörg Thalheim
d84989675d add zfs module 2022-12-19 15:38:47 +01:00
Jörg Thalheim
8b974cf4b9 make it easier to override max-free/min-free/log-lines 2022-12-19 15:38:47 +01:00
Jörg Thalheim
4ff11b0d39 README: add installation guide 2022-12-19 15:00:06 +01:00
Jonas Chevalier
8a04ec335a
Merge pull request #2 from numtide/kuutamo-fixes 
Kuutamo fixes
 2022-12-14 11:27:12 +01:00
Jean-François Roche
612041c787
Disable systemd-network wait online service using new option 
refs https://github.com/NixOS/nixpkgs/pull/202956
 2022-12-09 12:49:43 +01:00
Jörg Thalheim
e6fd2f278c expose as a flake 2022-12-08 18:59:07 +01:00
Jörg Thalheim
8c464032ab cloud-init: don't enable 
In environments where the network is not 100% trusted this can open up a
remote code execution. This should be only enabled in certain cloud
enviroments where there is actual support (i.e. there could be a cloud
profile spinoff)
 2022-12-08 18:35:31 +01:00
Jörg Thalheim
338c3cb9a2 drop numtide cache 
For machines that are not internal to numtide this binary cache is not
very useful.
 2022-12-08 18:34:29 +01:00
Jonas Chevalier
e9cb55e9ed
Merge pull request #1 from numtide/systemd-config 
Disable emergency mode and enable the systemd watchdogs.
 2022-12-05 23:22:52 +01:00
zimbatm
357cb2bccb
replace nscd with nsncd 
This is a better version that doesn't have all the problems that the old
version has.
 2022-12-05 16:59:25 +01:00
R-VdP
6bd88873aa
Disable emergency mode and enable the systemd watchdogs. 2022-12-05 16:12:02 +02:00
zimbatm
3c80bfc5fa
add more nix defaults 2022-12-05 12:05:39 +01:00
zimbatm
bd6e2e7983
roles/github-actions-runner: enable nix-ld 
Work around binary compatibility issues and the strictness of NixOS.
 2022-12-02 14:47:54 +01:00
zimbatm
b304bd11a1
enable cloud-init on all servers 
This opens the road to re-using the same NixOS system closure for
different deployments.

Have a static system configuration, and then cloud-init complete it with
the surrounding environment.
 2022-12-02 11:31:46 +01:00
zimbatm
2e33e01537
extend the server profile 2022-12-02 00:12:28 +01:00
zimbatm
47519a2f24
clean 2022-12-01 23:57:59 +01:00
zimbatm
05ec2584b6
snapshot! 2022-12-01 17:32:37 +01:00