|
|
6aed640402
|
fix(hosts/luna): ensure wrapped laurel is available before auditd
|
2024-03-24 11:43:12 -05:00 |
|
|
|
1fcd271b20
|
refactor(hosts/luna): enable setSocketVariable for docker rootless
|
2024-03-24 11:43:12 -05:00 |
|
|
|
95d676cb67
|
perf(hosts/luna): do not run gitea nix-runner on startup
|
2024-03-24 11:43:12 -05:00 |
|
|
|
1a2949f020
|
feat(hosts/luna): use custom nixos runner image for gitea actions
|
2024-03-24 11:43:12 -05:00 |
|
|
|
8f98138721
|
refactor(hosts/luna): run docker with rootless
|
2024-03-16 13:54:54 -05:00 |
|
|
|
c139be670a
|
style: format with nixfmt
|
2024-03-16 03:30:20 -05:00 |
|
|
|
bf08aec4b6
|
refactor(hosts/luna): disable mutableUsers
|
2024-03-16 03:12:18 -05:00 |
|
|
|
4f23edeaef
|
feat(hosts/luna): install laurel as an auditd plugin
|
2024-03-16 03:11:25 -05:00 |
|
|
|
a6cdb184ab
|
style: format with nixfmt
|
2024-03-14 03:51:03 -05:00 |
|
|
|
0912b6357e
|
feat(hosts/luna): add basic auditd setup
|
2024-03-14 00:45:34 -05:00 |
|
|
|
165bb032a9
|
refactor(hosts/luna): improve hardening of openssh
|
2024-03-13 23:57:09 -05:00 |
|
|
|
7f2966176c
|
style(hosts/luna): remove unused bindings
|
2024-03-13 21:09:29 -05:00 |
|
|
|
65c2b9872b
|
refactor(hosts/luna): improve disk layout
|
2024-03-08 01:53:24 -06:00 |
|
|
|
908a9365a7
|
chore(hosts/luna): rekey secrets
|
2024-03-08 01:52:35 -06:00 |
|
|
|
df08db6950
|
refactor(hosts/luna): remove gitlab
|
2024-03-08 01:50:59 -06:00 |
|
|
|
384c5eb3c6
|
refactor(hosts/luna)!: remove gitlab runner
|
2024-03-01 12:25:49 -06:00 |
|
|
|
98a20e2829
|
feat: initial implementation of orion host
|
2024-02-17 14:10:39 -06:00 |
|
|
|
9dd12bee68
|
refactor(hosts/luna): update price's ssh key
|
2024-02-13 03:48:30 -06:00 |
|
|
|
1a2dacd753
|
feat(hosts/luna): persist bash_history of users root & price
|
2024-02-07 21:30:53 -06:00 |
|
|
|
e376c058d6
|
refactor(hosts/luna): use gitlab server alias for gitlab, not gitea
|
2024-02-07 21:30:34 -06:00 |
|
|
|
25837dfd62
|
feat(hosts/luna): add nixos base image for default runner
|
2024-02-01 01:29:20 -06:00 |
|
|
|
0c7bd4fc22
|
refactor(hosts/luna): use default docker package
|
2024-02-01 00:32:54 -06:00 |
|
|
|
d89b75d438
|
feat(hosts/luna): implement basic monitoring
TODO: make grafana ingest data from prometheus
|
2024-01-31 23:37:28 -06:00 |
|
|
|
bef123dfcf
|
feat(luna): migrate fully to gitea
|
2024-01-31 20:04:15 -06:00 |
|
|
|
1f615e4632
|
feat(luna): massively overhaul config, add gitea
|
2024-01-30 22:07:52 -06:00 |
|
|
|
41c10d1606
|
fix: make delay-gitlab-start depend on network-online.target
|
2024-01-25 22:05:16 -06:00 |
|
|
|
0a7a6154d2
|
fix(luna): correctly trust wheel groups for Nix
|
2023-12-15 22:26:13 -06:00 |
|
|
|
d6c7a522ef
|
refactor(luna): delay gitlab-docker start in systemd
|
2023-12-08 11:02:19 -06:00 |
|
|
|
34c78f67b0
|
chore: update flake.lock
|
2023-12-07 16:37:17 -06:00 |
|
|
|
a3a933cb1d
|
feat(luna): enable fstrim service
|
2023-12-07 09:17:22 -06:00 |
|
|
|
7a64899cee
|
refactor(luna): massively overhaul luna to better handle opt-in state
Now uses BTRFS rollbacks instead of tmpfs
|
2023-12-07 09:05:24 -06:00 |
|
|
|
4bc05714e5
|
feat(luna): set timezone
|
2023-12-03 02:32:12 -06:00 |
|
|
|
270c24e9f5
|
feat(luna): enable system auto upgrades at 5AM
|
2023-12-03 02:30:39 -06:00 |
|
|
|
ab0ae86a24
|
refactor(luna): use blog as flake input
|
2023-12-03 02:17:44 -06:00 |
|
|
|
6bd8593220
|
feat(luna): add blog
TODO: Use the blog as a flake input to auto update it with the new
articles
|
2023-10-30 08:50:46 -05:00 |
|
|
|
f10ecf6526
|
feat(luna): working gitlab runner
|
2023-10-29 22:39:08 -05:00 |
|
|
|
9794f09357
|
feat: add agenix for secrets management
|
2023-10-29 22:38:56 -05:00 |
|
|
|
38f10ee48b
|
refactor(luna): make fail2ban only monitor default ssh port
|
2023-10-28 03:22:37 -05:00 |
|
|
|
fd24ea629f
|
feat(luna): working gitlab config
🚀🚀🚀🚀🚀🚀🚀🚀
|
2023-10-28 03:05:37 -05:00 |
|
|
|
004b79c667
|
fix(luna): ensure systemd networkd works
|
2023-10-28 00:34:48 -05:00 |
|
|
|
6cb32faa8c
|
refactor(luna): only permit secure KexAlgos in ssh
|
2023-10-28 00:34:31 -05:00 |
|
|
|
1d500bac80
|
fix(luna): remove duplicate setting
|
2023-10-27 23:29:05 -05:00 |
|
|
|
2d08a50d8d
|
feat(luna): enable intel update microcode
|
2023-10-27 23:29:05 -05:00 |
|
|
|
ad5bb6d5d0
|
feat(luna): set correct boot kernel modules
|
2023-10-27 23:23:41 -05:00 |
|
|
|
14a152799f
|
refactor(luna): remove qemu guest import
|
2023-10-27 23:03:26 -05:00 |
|
|
|
e2cd2b02aa
|
feat(luna): additional configuration
|
2023-10-27 23:02:52 -05:00 |
|
|
|
e9bfb11137
|
fix(luna): properly configure systemd-resolved
|
2023-10-27 02:24:36 -05:00 |
|
|
|
4e0f171a2e
|
feat(luna): initial luna configuration
|
2023-10-27 01:46:14 -05:00 |
|
|
|
1588ab30f5
|
fix(orion): properly configure systemd-resolved
|
2023-10-27 01:45:32 -05:00 |
|
|
|
96f35ee16c
|
refactor: use zram as swap
|
2023-10-27 01:45:07 -05:00 |
|
