From 49c9cf1cfe52758b5412b22ef1f7402f9bac7feb Mon Sep 17 00:00:00 2001 From: SebastianStork Date: Tue, 10 Mar 2026 18:06:43 +0100 Subject: [PATCH 1/4] ci: Increase `await-deploy` polling interval --- .github/workflows/ci.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 81c2e78..4b94f62 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -130,12 +130,12 @@ jobs: deployed_sha=$(git ls-remote "$repo_url" "$branch" | cut -f1) if [[ "$deployed_sha" == "$expected_sha" ]]; then - echo "✅ ${{ matrix.server }} deployed $expected_sha" + echo "Deployed $expected_sha" exit 0 fi - - echo "⏳ ${{ matrix.server }}: deployed ${deployed_sha::7}, waiting for ${expected_sha::7}..." - sleep 5 + + echo "Deployed ${deployed_sha::7}, waiting for ${expected_sha::7}..." + sleep 10 done notify: if: always() From 0d261200ff6c416029bbfe8bdcd1e4b78a493c8c Mon Sep 17 00:00:00 2001 From: SebastianStork Date: Tue, 10 Mar 2026 18:10:35 +0100 Subject: [PATCH 2/4] networking: Move general configs to `default.nix` --- modules/nixos/networking/default.nix | 13 +++++++++++++ modules/nixos/networking/underlay.nix | 11 ----------- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/modules/nixos/networking/default.nix b/modules/nixos/networking/default.nix index 24f8ac3..25f3093 100644 --- a/modules/nixos/networking/default.nix +++ b/modules/nixos/networking/default.nix @@ -36,4 +36,17 @@ in readOnly = true; }; }; + + config = { + networking = { + useNetworkd = true; + useDHCP = false; + }; + + services.resolved = { + enable = true; + dnssec = "allow-downgrade"; + dnsovertls = "opportunistic"; + }; + }; } diff --git a/modules/nixos/networking/underlay.nix b/modules/nixos/networking/underlay.nix index 94f7401..480f0ee 100644 --- a/modules/nixos/networking/underlay.nix +++ b/modules/nixos/networking/underlay.nix @@ -40,11 +40,6 @@ in config = lib.mkMerge [ { - networking = { - useNetworkd = true; - useDHCP = false; - }; - systemd.network = { enable = true; networks."10-${cfg.interface}" = { @@ -59,12 +54,6 @@ in }; }; }; - - services.resolved = { - enable = true; - dnssec = "allow-downgrade"; - dnsovertls = "opportunistic"; - }; } (lib.mkIf cfg.wireless.enable { From 6c3a9ef924cc4057f5f1e6020a9a3378132a476d Mon Sep 17 00:00:00 2001 From: SebastianStork Date: Tue, 10 Mar 2026 18:11:13 +0100 Subject: [PATCH 3/4] networking: Completely disable dnssec and dnsovertls --- modules/nixos/networking/default.nix | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/modules/nixos/networking/default.nix b/modules/nixos/networking/default.nix index 25f3093..e6bb605 100644 --- a/modules/nixos/networking/default.nix +++ b/modules/nixos/networking/default.nix @@ -43,10 +43,6 @@ in useDHCP = false; }; - services.resolved = { - enable = true; - dnssec = "allow-downgrade"; - dnsovertls = "opportunistic"; - }; + services.resolved.enable = true; }; } From 33b2bed5a92148ffa6d11f51ab312d7668e6d421 Mon Sep 17 00:00:00 2001 From: SebastianStork Date: Tue, 10 Mar 2026 18:30:06 +0100 Subject: [PATCH 4/4] Add README with CI badge --- README.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..ff24898 --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +[![CI](https://github.com/SebastianStork/nixos-config/actions/workflows/ci.yml/badge.svg)](https://github.com/SebastianStork/nixos-config/actions/workflows/ci.yml)