7d3f467586
fix(system): ignore seven-modules in nixos-upgrade's flake updates
...
Prevents nixos-upgrade from failing due to interactive git authorization.
2025-06-08 22:58:13 +02:00
4ebc3d6664
feat(vpn): exclude LANs from tailscale subnet routing
2025-06-07 00:24:09 +02:00
9b9e8d5ee6
feat(vpn): improve compatibility with other wireguard networks
2025-06-06 20:01:39 +02:00
7ac80d78f1
feat(vpn): improve tailscale routing
2025-06-06 18:05:31 +02:00
a1675da8bf
feat(nix): switch to lix
2025-06-06 15:58:30 +02:00
a63e02af0f
fix(networking): fix IPv4 CIDR
2025-06-06 15:58:30 +02:00
5953733aeb
feat(networking): add tools
2025-06-06 15:58:30 +02:00
080d9bb1d2
feat(networking): explicitly disable avahi
2025-05-20 19:23:35 +02:00
ffaf3226f5
feat(networking): enable networking.useNetworkd
2025-05-20 19:23:08 +02:00
f25ca7a488
fix: share pkgs & overlays with home-manager
2025-05-18 19:32:31 +02:00
418fc173e6
chore: upgrade to NixOS 25.05
2025-05-18 17:10:31 +02:00
2d1925d0c5
fix(system): remove nix-alien again
...
Does not work with custom nixpkgs, and I do not want to add another
nixpkgs input just for nix-alien.
2025-05-18 15:53:10 +02:00
460a9970cd
fix(system): fix nix-alien package reference
2025-05-18 15:41:16 +02:00
a933d00a95
feat(system): add nix-ld and nix-alien
2025-05-18 15:04:24 +02:00
b616a73e66
feat(networking): improve networkd & resolved configuration
2025-05-11 02:22:34 +02:00
ab086bc49b
feat(networking): enable IPv6 RA
2025-05-10 21:26:33 +02:00
8c58b35813
feat(networking): disable networking.useDHCP
...
This option conflicts with `systemd.network`.
2025-05-10 21:08:02 +02:00
b6e2e0433e
feat(networking): add search domains
2025-05-10 21:02:50 +02:00
a5a4be6f94
feat(networking): configure lan via systemd.network
2025-05-10 20:53:04 +02:00
c684cebb45
feat(networking): enable DHCP by default
2025-05-10 19:03:55 +02:00
f1a8c4e174
fix(networking): do not enable NetworkManager by default
2025-05-10 19:02:53 +02:00
3fbf1a4436
feat(networking): replace nextdns with self-hosted adguardhome
2025-05-10 17:37:55 +02:00
09554029fe
feat(services): add adguardhome
2025-05-10 17:37:55 +02:00
43cb9890c9
feat(networking): enable systemd-networkd
2025-05-10 17:37:01 +02:00
3e52c2b922
fix(vpn): disable IPv6 for nginx
...
Tailscale Mullvad exit nodes currently don't support IPv6 and this is
causing issues with nginx (proxy pass) requests timing out and high CPU load.
Until Mullvad exit nodes support IPv6, we'll just disable IPv6 for nginx.
2025-02-14 00:21:30 +01:00
3d537fcde0
chore(vpn): switch default exit node
2025-02-13 23:27:34 +01:00
66cdd164ac
fix(sound): restrict bluetooth codecs for better performance with Sonos Ace
2025-02-13 23:27:07 +01:00
00dbb637e7
fix: fix git permissions for system.autoUpgrade
2025-01-19 12:36:37 +01:00
933d7b6994
feat(home-server): add forgejo admin user
2025-01-17 15:25:05 +01:00
fdc8002a0d
fix: make autoUpgrade update flake inputs again
2025-01-16 14:09:55 +01:00
29b693c1c7
fix: fix system.autoUpgrade
2024-12-14 23:19:59 +01:00
1043b12ec9
fix(vpn): disable --accept-routes on home-server
...
This caused some issues for me when trying to access home-server
services from other devices in my LAN that aren't in the Tailnet.
2024-12-08 21:32:57 +01:00
3764a85757
chore: upgrade to NixOS 24.11
2024-12-08 16:09:48 +01:00
1c5d83d81e
style: reformat with nixfmt-rfc-style
2024-05-26 17:37:08 +02:00
f5d872329b
refactor: remove with lib in some places
2024-05-26 13:04:30 +02:00
a377290326
chore: upgrade to NixOS 24.05
2024-05-26 13:04:30 +02:00
0da0f61068
fix(vpn): fix nginx chown
2024-04-30 23:15:04 +02:00
f1cfbee8e7
chore(vpn): switch exit node
2024-04-30 23:13:50 +02:00
b19dc7ac7a
feat: switch to tailscale from nixpkgs-unstable
2024-03-07 20:07:03 +01:00
fe49304110
feat: switch from dnscrypt-proxy to nextdns
2024-03-07 20:05:56 +01:00
e29a9da526
fix(vpn): fix autoconnect service
2024-01-25 02:18:09 +01:00
7bb4b02d52
fix: allow incoming traffic to web server to bypass tailscale
2024-01-25 02:15:35 +01:00
41a222bc8f
fix(vpn): generate certificate & configure nginx for tailnet
2024-01-21 21:41:21 +01:00
d0bccd67bd
fix(vpn): fix autoconnect issues
2024-01-21 21:40:27 +01:00
096f641fa5
fix(networking): disable IPv6 preference again
...
By default the system will already prefer IPv6 if possible without
causing issues e.g. with NAT.
I did indeed experience some issues with IPv6 requrests having a huge
delay using Tailscale.
The following article contains a detailed explanation about this issue:
https://www.ietf.org/archive/id/draft-buraglio-6man-rfc6724-update-03.html
2024-01-12 21:51:13 +01:00
dba8a2064b
fix(vpn): fix tailscale config
2024-01-12 20:46:13 +01:00
626709dfe6
fix(vpn): remove incorrect LAN access config
2024-01-06 04:14:46 +01:00
4c32137982
feat(vpn): fully replace Mullvad VPN with Tailscale
2024-01-06 03:22:52 +01:00
6ca1656297
feat(vpn): improve tailscale config
2023-12-27 18:03:57 +01:00
8679912bfb
fix(vpn): exclude tailscale from Mullvad VPN routing
2023-12-27 15:50:17 +01:00
