reNixos

Author	SHA1	Message	Date
s0me1newithhand7s	ceb94d7cb1	kyra(hardening): journalctl audit settings Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 19:05:41 +03:00
s0me1newithhand7s	d5d41960f4	kyra(hardening): security defaults init Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 19:05:21 +03:00
s0me1newithhand7s	ff98be13a3	kyra(hardening): audit & auditd init Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 19:04:59 +03:00
s0me1newithhand7s	a65cbaee81	kyra(hardening): removing useless groups Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	76ef25bb08	kyra(hardening): "locking" root Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	a04279affe	kyra(hardening): step-ca service secrets managment Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	8894fdb401	kyra(hardening): networkd fixes Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	4d6c618cbc	kyra(hardening): resolved is now using hickory selfhosted Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	d5917b3304	kyra(hardening): qemuGuest turned off Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	2dedd6fbc5	kyra(hardening): openssh ??? Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	26237ba6ef	kyra(NOT hardening): alloy -> opentelemetry collector Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	6046ff3995	kyra(hardening): ntps-rs init Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	614e2c804a	kyra(hardening): hickory-dns init Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	e81f4f0829	kyra(hardening): firewalld masquerading Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	4b768f6a11	kyra(hardening): step-ca init Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	dd7b0cf681	kyra(hardening): sign-box -> mihomo Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	af900ab6c0	kyra(hardening): traefik is now using consul catalog as provider Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	fb737422c1	kyra(hardening): consul catalog init Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	ab2a010175	kyra(hardening): crowdsec init Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	5ff4f78974	kyra(hardening): f2b -> crowdsec Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	02bdb89a62	kyra(NOT hardening): alloy is going to hell. Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	8c03fdb04a	kyra(hardening): sudo -> sudo-rs Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	59647629a8	kyra(hardening): polkit init Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	a8c7b87791	kyra(hardening): per-service acme setup Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	c563897f02	kyra(hardening): nh gc timer init Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	f89c5bf96e	kyra(hardening): fuse init Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	434e973355	kyra(hardening): no plain "dns" options Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	3577ca0a6e	kyra(hardening): persistance in fileSystems Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:55 +03:00
s0me1newithhand7s	90a01233ee	kyra(hardening): making nix less bloated with substituters Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:06:51 +03:00
s0me1newithhand7s	0ae9f9d2f7	kyra(hardening): getting rid of home-manager Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:05:49 +03:00
s0me1newithhand7s	84c42d92f8	kyra(hardening): getting rid of packages in systemPackages Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:05:49 +03:00
s0me1newithhand7s	78a98e891e	kyra(hardening): Impermanence in "/persist" Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:05:49 +03:00
s0me1newithhand7s	df80d3a16a	kyra(hardening): hardened malloc init Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:05:49 +03:00
s0me1newithhand7s	0998e016cd	kyra(hardening): using nixos-containers for mihomo core Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:05:49 +03:00
s0me1newithhand7s	d10e04e07c	kyra(hardening): tmpfs rootfs init Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:05:49 +03:00
s0me1newithhand7s	fbe9a78856	kyra(hardening): disko LVM subvolume prepare for Impermanence Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:05:49 +03:00
s0me1newithhand7s	72def65f54	kyra(hardening): ESP 1G->128M, LUKS2 volume and options hadrening Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:05:49 +03:00
s0me1newithhand7s	14eea58fbb	kyra(hardening): tmp hardening Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:05:49 +03:00
s0me1newithhand7s	6bcb4f2778	kyra(hardening): initrd re-init; systemd, ssh, luks, networkd in initrd Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:05:49 +03:00
s0me1newithhand7s	99f0086358	kyra(hadrdening): kernel hardening (kernel, params, modules, sysctls) Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:05:49 +03:00
s0me1newithhand7s	ff6458ec57	kyra(hardening): now using liminie as boot loader Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:05:49 +03:00
s0me1newithhand7s	92809fec65	kyra(hardening): initrd/ deleted Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-05-03 16:05:49 +03:00
ArisoN	68c878a29e	Add yandex mirror nixpkgs	2026-03-31 17:21:00 +03:00
s0me1newithhand7s	ce59b6ed9c	kyra: upstream Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-03-25 18:50:44 +03:00
s0me1newithhand7s	c5f949506a	staging(no atomic commits thank to git-hooks) Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-03-25 17:56:18 +03:00
s0me1newithhand7s	91d145fc9b	s0mev1rtn0de-nix -> kyra + {hazel, lynn, ivy, mel}: rename + modularity Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>	2026-02-08 22:53:20 +03:00

46 commits