c008fd2b18
zfs: don't specify zfs arc cache
...
Turns out, zfs is smart!
ZFS already has sane defaults, no sense in limiting the size of the cache.
2026-03-06 14:11:14 -05:00
3ccce88040
zfs: remove unneeded options
2026-03-06 13:47:06 -05:00
ad4d2d41fb
zfs: tweak arc settings
2026-03-06 13:44:55 -05:00
f784f26848
monero: changes
2026-03-04 18:56:55 -05:00
b5be21ff8c
secrets: cleanup activation scripts
2026-03-04 17:35:49 -05:00
d4b679d1a5
cleanup
2026-03-03 19:39:10 -05:00
cdccab855d
zfs: zfs_txg_timeout 30 -> 120
2026-03-03 15:06:13 -05:00
ce4d1c0ef2
zfs: tuning
2026-03-03 14:31:42 -05:00
b977b578e0
arr-init: extract to standalone flake repo
2026-03-03 14:31:39 -05:00
dc9d58a543
ntfy-alerts: suppress notifications for sanoid
2026-03-03 14:31:38 -05:00
39a76a3265
zfs: fix sanoid dataset name for jellyfin cache
2026-03-03 14:31:37 -05:00
294cb6453e
ntfy-alerts: init
2026-03-03 14:31:36 -05:00
745d0ea4c2
arr-init: add module for API-based configuration
2026-03-03 14:31:28 -05:00
fb305cc9f4
fmt
2026-03-03 14:31:20 -05:00
a9e8ce09d1
fix(no-rgb): handle transient hardware unavailability during deploy
2026-03-03 14:31:19 -05:00
0d1205210d
feat(tmpfiles): defer per-service file permissions to reduce boot time
2026-03-03 14:31:18 -05:00
1db214aee5
impermanence: fix /etc permissions after re-deploy
2026-03-03 14:31:17 -05:00
12b681c8f2
cleanup
2026-03-03 14:31:05 -05:00
bd0c7cde6d
tests: fix all fail2ban NixOS VM tests
...
- Add explicit iptables banaction in security.nix for test compatibility
- Force IPv4 in all curl requests to prevent IPv4/IPv6 mismatch issues
- Fix caddy test: use basic_auth directive (not basicauth)
- Override service ports in tests to match direct connections (not via Caddy)
- Vaultwarden: override ROCKET_ADDRESS and ROCKET_LOG for external access
- Immich: increase VM memory to 4GB for stability
- Jellyfin: create placeholder log file and reload fail2ban after startup
- Add tests.nix entries for all 6 fail2ban tests
All tests now pass: ssh, caddy, gitea, vaultwarden, immich, jellyfin
2026-03-03 14:30:59 -05:00
0e1aa6fe0e
nit: move fail2ban to security module
2026-03-03 14:30:56 -05:00
3db2728dbe
security things
2026-03-03 14:30:54 -05:00
5fe233e05e
impermanence: fix /etc/zfs cache
2026-03-03 14:30:51 -05:00
65b49488d1
impermanence: fix persistant ssh host keys
2026-03-03 14:30:51 -05:00
165532bae3
nit: cleanup imports
2026-03-03 14:30:47 -05:00
d7a8e25811
impermanence: fix home directory declaration
2026-03-03 14:30:46 -05:00
7159e90186
organize
2026-03-03 14:30:43 -05:00
