e87dab1f34
fix(no-rgb): handle transient hardware unavailability during deploy
2026-02-12 18:46:30 -05:00
9e706b5731
fix(postgresql): correct tmpfiles user from 'postgresql' to 'postgres'
2026-02-12 14:13:27 -05:00
ed22169aa9
fix(tests): add serviceFilePerms stub to fail2ban tests
2026-02-12 14:06:19 -05:00
fa01077856
refactor(tmpfiles): migrate 12 services to deferred serviceFilePerms
2026-02-12 13:51:05 -05:00
9e346a8406
feat(tmpfiles): implement serviceFilePerms lib function (GREEN phase)
2026-02-12 13:33:50 -05:00
2cb83f85c9
test(tmpfiles): add VM test for serviceFilePerms (RED phase)
2026-02-12 13:31:05 -05:00
84cbe82cb0
update
2026-02-12 12:45:28 -05:00
4e9e3f627b
matrix: setup livekit
...
Needed for element X calls.
2026-02-11 22:14:12 -05:00
9cc63fcfb8
impermanence: fix /etc permissions after re-deploy
2026-02-11 15:41:30 -05:00
35f0c08ee2
ntfy: fix directory
2026-02-10 18:47:17 -05:00
0f1e249127
ntfy
2026-02-10 17:39:01 -05:00
f3e972b3a4
matrix: fix registration
2026-02-10 14:49:58 -05:00
e28f8a70df
matrix: add coturn
2026-02-10 14:49:50 -05:00
f27068a974
matrix: fix private folder
2026-02-10 14:22:53 -05:00
795c5b3d41
Revert "matrix: disable"
...
This reverts commit a887edf510
2026-02-10 14:08:43 -05:00
a887edf510
matrix: disable
2026-02-10 13:55:45 -05:00
4f71f61c4b
matrix: fix continuwuity module
2026-02-10 13:54:22 -05:00
3187130cd3
update
2026-02-10 12:56:12 -05:00
11ab6de305
re-add matrix
2026-02-10 12:49:56 -05:00
b67416a74b
syncthing: add grayjay backups
2026-02-06 14:43:08 -05:00
954e124b49
potentially fix fail2ban
2026-02-05 15:11:17 -05:00
a7d6018592
update
2026-02-05 01:33:55 -05:00
37fdf13a3f
update
2026-02-03 12:25:24 -05:00
8176376f48
update
2026-02-01 21:30:50 -05:00
58c804ea41
update
2026-01-30 00:43:28 -05:00
a61fedb015
fail2ban: ignoreip from local network
2026-01-27 18:51:08 -05:00
2183ea8363
update
2026-01-26 23:09:22 -05:00
27ffe38ed3
xmrig: 12 threads
2026-01-26 17:51:16 -05:00
a0e6b8428e
xmrig: 1gb pages
2026-01-26 14:25:25 -05:00
0b01fc3f28
xmrig
2026-01-26 14:15:27 -05:00
016520c579
update
2026-01-23 12:56:54 -05:00
47cc12f4ed
cleanup
2026-01-23 00:29:24 -05:00
a766e67fec
cleanup minecraft test
2026-01-22 22:40:40 -05:00
fdb1b559bc
wg: don't hardcode namespaceAddress
2026-01-22 14:56:36 -05:00
3026897113
Revert "minecraft: fail2ban"
...
This reverts commit a23b3d8c5f
2026-01-22 14:25:52 -05:00
a23b3d8c5f
minecraft: fail2ban
2026-01-21 20:21:23 -05:00
4bf05f8b51
hostPlatform -> targetPlatform
2026-01-21 15:25:25 -05:00
d15ec9fe0b
fix squaremap
2026-01-21 14:26:39 -05:00
89627e1299
update
2026-01-20 23:08:55 -05:00
897f9b2642
flake: impermanence nixpkgs follow nixpkgs
2026-01-20 23:08:41 -05:00
f87e395225
jellyfin-qbittorrent-monitor: don't use mock qbittorrent
2026-01-20 23:05:15 -05:00
9770e6d667
jellyfin-qbittorrent-monitor: fix mock qbittorrent
2026-01-20 22:38:18 -05:00
8ed67464d0
fmt
2026-01-20 19:48:20 -05:00
da6b4d1915
tests: fix all fail2ban NixOS VM tests
...
- Add explicit iptables banaction in security.nix for test compatibility
- Force IPv4 in all curl requests to prevent IPv4/IPv6 mismatch issues
- Fix caddy test: use basic_auth directive (not basicauth)
- Override service ports in tests to match direct connections (not via Caddy)
- Vaultwarden: override ROCKET_ADDRESS and ROCKET_LOG for external access
- Immich: increase VM memory to 4GB for stability
- Jellyfin: create placeholder log file and reload fail2ban after startup
- Add tests.nix entries for all 6 fail2ban tests
All tests now pass: ssh, caddy, gitea, vaultwarden, immich, jellyfin
2026-01-20 18:41:01 -05:00
f2ef562724
fail2ban: implement for jellyfin
2026-01-20 14:46:49 -05:00
d9236152aa
fail2ban: implement for immich
2026-01-20 14:39:38 -05:00
ba45743ea0
fail2ban: implement for gitea
2026-01-20 14:39:29 -05:00
0214621a58
fail2ban: implement for bitwarden
2026-01-20 14:39:23 -05:00
aa2c61dcd3
fail2ban: implement for caddy basic auth
2026-01-20 14:35:20 -05:00
b550e495c8
nit: move fail2ban to security module
2026-01-20 14:11:15 -05:00
