treewide: initialize npins

treewide: refactor code
nixos/security: add acme through dns challenge
2026-05-03 18:42:06 -04:00 · 2026-05-03 18:42:06 -04:00 · 2026-05-03 18:25:42 -04:00 · 2026-05-03 18:25:42 -04:00 · 2026-05-03 18:25:42 -04:00 · 2026-05-03 18:25:42 -04:00
1 changed files with 11 additions and 15 deletions
@@ -82,21 +82,17 @@ in
      };
    };
-    environment.persistence."/persist".directories = [
+    environment.persistence."/persist" = {
      directories = [
        {
          directory = "/var/dns";
          group = "named";
          user = "named";
        }
      ];
    networking.firewall =
      let
        ports = [ config.services.bind.listenOnPort ];
      in
      {
        allowedTCPPorts = ports;
        allowedUDPPorts = ports;
    };
    networking.firewall.allowedTCPPorts = [ config.services.bind.listenOnPort ];
    networking.firewall.allowedUDPPorts = [ config.services.bind.listenOnPort ];
  };
 }
Author	SHA1	Message	Date
ErrorNoInternet	f517adc341	treewide: initialize npins Check / Nix flake (push) Failing after 9s Details Lint / Nix expressions (push) Failing after 11s Details	2026-05-03 18:42:06 -04:00
ErrorNoInternet	eec985f739	treewide: refactor code	2026-05-03 18:42:06 -04:00
javalsai	89a0e5cf44	nixos/security: add acme through dns challenge few side refactors of this: - no more `dns.domain`, it all must rely on `fqdn`, prevents inconsistencies. - also added an specific host `tuxcord-acmetest` that uses the key zone for `nix.tuxcord.net` to test certificate pulling.	2026-05-03 18:25:42 -04:00
javalsai	b00819c3c4	docs: document installation, secrets and setup steps Check / Nix flake (push) Failing after 9s Details Lint / Nix expressions (push) Failing after 10s Details	2026-05-03 18:25:42 -04:00
javalsai	62146d3c90	nixos/services: make dns configuration easier	2026-05-03 18:25:42 -04:00
javalsai	cc0f102d77	nixos/service: add dns (bind named server)	2026-05-03 18:25:42 -04:00