flakes

Author	SHA1	Message	Date
Chinmay D. Pai	bc05090f5b	feat: add support for grub bootloader We require this for setting up a VPS on Hetzner Cloud, since Hetzner uses legacy BIOS boot for its instances. Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>	2024-10-08 19:53:02 +05:30
Chinmay D. Pai	12cf2f3701	chore: harden ssh security * KbdInteractiveAuthentication: disable keyboard interactive-auth, since we solely rely on the SSH key for connection. * PermitEmptyPasswords: disable empty passwords for SSH connection, again, since we use SSH keys. * Protocol: Explicitly set the SSH protocol to 2, even though it is the default value. * MaxAuthTries: Set auth tries to 3. This is to allow up to 3 keys to try connection. * ChallengeResponseAuthentication: We do not require a challenge-response setup. * AllowTcpForwarding: Allows access to locally-running ports without having to expose them. Since all auth methods are disabled, we can enable this. Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>	2024-10-05 20:53:47 +05:30
Chinmay D. Pai	74310f5e34	feat: replace perl activation script with rust-based implementation Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>	2024-10-05 20:51:00 +05:30
Chinmay D. Pai	965aa6ecaf	chore: reduce boot configuration limit to 5 Setting it to 10 does not play well with srvos, since it uses lib.mkDefault to set it to 10 as well. And anyways, we don't need 10 generations to show up during the boot menu. Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>	2024-09-29 23:26:04 +05:30
Chinmay D. Pai	3e7c636902	chore: add hyprland cachix substituters It's 2024, who wants to build software on their own systems? Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>	2024-09-23 11:42:22 +05:30
Chinmay D. Pai	b65a4dbfcb	chore: remove pcie_aspm policy Umm, this is a hard one as to why it was added in the first place. I think someone had told me about it, but it seems like it's not really required, and not recommended to be run on systems that do not support it by default. Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>	2024-09-23 11:41:01 +05:30
Chinmay D. Pai	a6fc984ceb	fix: use ter-u28 as the tty font on initial boot At least until this gets merged: https://github.com/NixOS/nixpkgs/pull/299456 Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>	2024-09-22 15:03:02 +05:30
Chinmay D. Pai	25ecb1c367	chore: pin nix to 2.23 A security issue currently plagues nix_git package, along with some other issues cropping up in the newer versions. So we'll stick to the last stable, bug-free nix version for a while. Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>	2024-09-22 14:56:53 +05:30
Chinmay D. Pai	711c1f9821	chore: use terminus for console font and remove kernel param * Lat2-Terminus16 looks nice, not sure why I replaced it. * Remove `udev.log_level=3` from the kernel param cmdline. This option was added to test out plymouth on boot, which surprisingly seems to not be working right now. Will revisit this later. Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>	2024-09-02 19:09:28 +05:30
Chinmay D. Pai	3ee3a05d61	chore: allow docker to use iptables Had been removed to debug issues with netbird connectivity after suspend. Can be added back since the issue is unrelated. Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>	2024-09-02 19:05:15 +05:30
Chinmay D. Pai	3a3a8afe30	feat: add nixos configuration based on snowfall-lib Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>	2024-09-02 18:31:19 +05:30

11 Commits