nixos-config

Author	SHA1	Message	Date
Felix Schröter	7bb4b02d52	fix: allow incoming traffic to web server to bypass tailscale	2024-01-25 02:15:35 +01:00
Felix Schröter	41a222bc8f	fix(vpn): generate certificate & configure nginx for tailnet	2024-01-21 21:41:21 +01:00
Felix Schröter	d0bccd67bd	fix(vpn): fix autoconnect issues	2024-01-21 21:40:27 +01:00
Felix Schröter	096f641fa5	fix(networking): disable IPv6 preference again By default the system will already prefer IPv6 if possible without causing issues e.g. with NAT. I did indeed experience some issues with IPv6 requrests having a huge delay using Tailscale. The following article contains a detailed explanation about this issue: https://www.ietf.org/archive/id/draft-buraglio-6man-rfc6724-update-03.html	2024-01-12 21:51:13 +01:00
Felix Schröter	dba8a2064b	fix(vpn): fix tailscale config	2024-01-12 20:46:13 +01:00
Felix Schröter	626709dfe6	fix(vpn): remove incorrect LAN access config	2024-01-06 04:14:46 +01:00
Felix Schröter	4c32137982	feat(vpn): fully replace Mullvad VPN with Tailscale	2024-01-06 03:22:52 +01:00
Felix Schröter	6ca1656297	feat(vpn): improve tailscale config	2023-12-27 18:03:57 +01:00
Felix Schröter	8679912bfb	fix(vpn): exclude tailscale from Mullvad VPN routing	2023-12-27 15:50:17 +01:00
Felix Schröter	f76a0f494e	feat(vpn): add tailscale	2023-12-27 04:32:40 +01:00
Felix Schröter	531a407c08	chore: upgrade to NixOS 23.11	2023-11-28 00:54:03 +01:00
Felix Schröter	fa83f78e5d	feat(vpn): disable all DNS blocking	2023-11-27 23:01:26 +01:00
Felix Schröter	a8c6987854	feat(networking): enable system-resolved This seems to be more robust than my previous resolv.conf setup that I've run into some issues with Mullvad VPN & dnscrypt-proxy with.	2023-11-19 00:51:54 +01:00
Felix Schröter	cc49a5c4e7	feat(networking): switch back to non-blocking DNS servers I already handle blocking in Mullvad VPN and in cases where I want to temporarily disable the VPN I usually also want to disable blocking.	2023-11-19 00:48:49 +01:00
Felix Schröter	be3bde5c33	feat(vpn): enable quantum-resistant wireguard tunnel	2023-09-30 17:43:36 +02:00
Felix Schröter	10c0834daa	refactor(flake): optimize structure - get rid of some `rec`s - move lib & overlays into flake modules	2023-09-30 16:40:05 +02:00
Felix Schröter	4f22b0857d	feat(flake): add nix-community cachix to nix substituters Also sets substituters on flake.nix's `nixConfig` in addition to `nixosConfiguration`s `nix.settings`.	2023-09-13 16:01:57 +02:00
Felix Schröter	f3c9ed76f5	fix(printing): switch from ipp everywhere to maintained brlaser fork	2023-08-12 19:29:58 +02:00
Felix Schröter	14c98ea552	feat(nix): change system.autoUpgrade.dates to 03:00	2023-08-12 19:01:56 +02:00
Felix Schröter	cf4c1973aa	feat(nix): add wurzelpfropf.cachix.org for ragenix	2023-08-12 19:01:23 +02:00
Felix Schröter	59d27f4367	feat: add rage to common system packages	2023-08-10 11:45:14 +02:00
Felix Schröter	b4a9a4023f	chore: remove unused nix sibstituters	2023-08-10 11:38:33 +02:00
Felix Schröter	f0d09a9d28	feat(gaming): restructure configuration	2023-07-22 15:08:17 +02:00
Felix Schröter	a637a93bc0	feat(vpn): switch to Berlin servers	2023-06-12 15:32:59 +02:00
Felix Schröter	06996377f6	feat(system): add home printer config	2023-06-07 12:54:56 +02:00
Felix Schröter	e77fc1fe1d	chore: upgrade to NixOS 23.05	2023-05-31 19:03:54 +02:00
Felix Schröter	c79c125e4c	refactor: update hardened.nix	2023-05-31 17:02:01 +02:00
Felix Schröter	386b3f6616	feat(hardware): improve firmware config	2023-05-03 12:11:23 +02:00
Felix Schröter	c90efc40f8	feat(system): enable Mullvad VPN for server Configure it to exclude incoming traffic for web server.	2023-04-29 21:32:24 +02:00
Felix Schröter	6c1963a647	feat(gaming): increase vm.max_map_count further It's now using the same default value as SteamOS. Fedora will likely use this by default in the future as well.	2023-04-25 15:18:01 +02:00
Felix Schröter	316dce6c59	feat(system): switch to wireplumber config	2023-04-19 13:33:38 +02:00
Felix Schröter	bc2c479485	feat(hardware): update hardened config	2023-04-17 12:42:15 +02:00
Felix Schröter	83acc14467	feat(system): improve hardened.nix Import from nixpkgs as basis and override settings that cause problems.	2023-04-15 00:47:18 +02:00
Felix Schröter	b8b6127367	feat(system): reset swappiness to default again	2023-04-11 18:00:32 +02:00
Felix Schröter	3bef9b9f4e	feat(system): make zram swap options overridable	2023-04-11 17:43:38 +02:00
Felix Schröter	730683518c	feat(system): add zram swap	2023-04-11 17:12:53 +02:00
Felix Schröter	080e04e716	feat(vpn): improve postStart script	2023-03-14 13:53:12 +01:00
Felix Schröter	01ed691523	feat: improve printing config Should now discover printers via IPP Everywhere automatically.	2023-03-06 16:46:25 +01:00
Felix Schröter	f484f6dbf4	feat(dnscrypt-proxy): extend server list	2022-11-13 14:42:55 +01:00
Felix Schröter	0e93133ee1	fix(dnscrypt-proxy): switch back to public resolvers To avoid issues when certificates change.	2022-11-01 10:50:42 +01:00
Felix Schröter	6d734f9f38	feat(fonts): switch to new Symbols Nerd Font	2022-10-30 15:24:04 +01:00
Felix Schröter	f6499392fe	fix(gaming): fix GameMode Add gamemode to system packages so libraries can be resolved. Also adds notification for starting/stopping GameMode.	2022-09-28 15:30:12 +02:00
Felix Schröter	05c0341e4c	feat(vpn): automatic login	2022-08-26 21:37:12 +02:00
Felix Schröter	ab95f0f47d	chore(vpn): simplify config	2022-08-25 22:28:20 +02:00
Felix Schröter	48f542c5a5	feat(gaming): enable xone & xpadneo	2022-08-25 22:24:43 +02:00
Felix Schröter	bf307d0979	feat(gaming): add system-wide steam config	2022-08-25 22:24:05 +02:00
Felix Schröter	b9c61b9182	feat(system): improve dnscrypt-proxy config	2022-08-14 13:54:17 +02:00
Felix Schröter	225d7b4660	fix: disable display manager on servers with xserver	2022-08-12 16:48:37 +02:00
Felix Schröter	046129b199	feat(vpn): add mullvad configuration service	2022-08-08 22:59:27 +02:00
Felix Schröter	55588b11e2	fix(networking): enable resolvconf again Required for dnscrypt-proxy2 & mullvad to work correctly.	2022-07-13 14:59:33 +02:00

1 2

87 commits