nixos-config

Author	SHA1	Message	Date
Antoine Martin	b6f712b817	services: nginx: enable prometheus exporter	2021-07-13 17:25:34 +02:00
Antoine Martin	2b59116b8d	services: monitoring: only listen on localhost	2021-07-13 17:25:34 +02:00
Antoine Martin	e7219ae988	services: matrix: enable SSL traffic only This is a requirement anyway for homeservers, and the `forceSSL` option tried to create a redirect for non-SSL traffic, except the `listen` option only provided SSL endpoints anyway, so this resulted in additional rules in the nginx config looking like this: server { server_name matrix.alarsyo.net ; location /.well-known/acme-challenge { root /var/lib/acme/acme-challenge; auth_basic off; } location / { return 301 https://$host$request_uri; } } Which led to nginx listening on port 8000 (the default port in this situation, I imagine)	2021-07-13 13:54:18 +02:00
Antoine Martin	c75458d8c9	services: bitwarden: only listen on local host This was never a problem because the firewall did its job, but better safe than sorry.	2021-07-13 13:34:26 +02:00
Antoine Martin	d2835ceb77	services: paperless: drop external traffic to docker	2021-07-13 13:22:21 +02:00
Antoine Martin	8eb1fe5001	services: paperless: restrict to Tailscale	2021-07-13 01:31:55 +02:00
Antoine Martin	f0e5e90c10	services: use wildcard certificate Should have done this a long time ago	2021-07-13 01:08:01 +02:00
Antoine Martin	64d479e2ce	services: prometheus: keep metrics for 2 years	2021-07-12 22:12:03 +02:00
Antoine Martin	95733f9e05	services: paperless: setup reverse proxy	2021-07-12 22:11:41 +02:00
Antoine Martin	7c8017af03	services: init nuage	2021-07-06 18:22:57 +02:00
Antoine Martin	568cd2ccd4	services: matrix: add SMS verification support	2021-06-09 15:37:35 +02:00
Antoine Martin	6c17c2d82c	services: matrix: move smtp port note out of secret	2021-06-09 14:57:51 +02:00
Antoine Martin	1b6258e363	services: matrix: add smtp server	2021-06-09 14:53:11 +02:00
Antoine Martin	4ddee48800	services: lohr: latest commit	2021-06-04 17:40:56 +02:00
Antoine Martin	46df5d0642	services: transmission: use openFirewall setting	2021-06-03 00:33:52 +02:00
Antoine Martin	2dc8502fb8	services: nginx: don't enable everywhere	2021-06-01 14:28:42 +02:00
Antoine Martin	393c803167	services: pipewire: fix broken 20.09 config	2021-05-27 23:01:52 +02:00
Antoine Martin	b1dc709e3f	services: pipewire: ship pactl with pipewire	2021-05-26 01:13:10 +02:00
Antoine Martin	4d091d5aa6	services: add pipewire service	2021-05-26 00:33:15 +02:00
Antoine Martin	2f794cfe3a	matrix: disable presence	2021-05-21 11:45:27 +02:00
Antoine Martin	6e9e4388ae	matrix: log level warn	2021-05-21 10:10:15 +02:00
Antoine Martin	09059273c2	matrix: enable spaces beta	2021-05-21 10:05:20 +02:00
Antoine Martin	e2c77ed4e2	services: gitea: update home template to SVG v1.14 switched from a PNG to a SVG logo	2021-05-13 18:20:21 +02:00
Antoine Martin	af0388b907	borg-backup: save space when pruning	2021-05-04 01:46:19 +02:00
Antoine Martin	71c4871af0	boreal: prune backups older than a month	2021-05-04 01:32:37 +02:00
Antoine Martin	2fdc188973	gitea: use main as default branch	2021-04-09 20:31:58 +02:00
Antoine Martin	b2ab13242c	gitea: enable push to create	2021-04-09 19:43:51 +02:00
Antoine Martin	64d28f9436	gitea: remove useless conditional on backup	2021-04-09 18:14:08 +02:00
Antoine Martin	d2fc16978c	gitea: silence logging	2021-04-09 18:01:01 +02:00
Antoine Martin	798a496709	gitea: use custom home template	2021-04-09 17:30:00 +02:00
Antoine Martin	df463c02fb	lohr: mention systemd specific issue	2021-04-08 03:44:52 +02:00
Antoine Martin	ba0e0e993e	lohr: setup real service	2021-04-08 03:20:58 +02:00
Antoine Martin	9d2073011b	lohr: setup dev service	2021-03-28 22:18:18 +02:00
Antoine Martin	8629db70e6	borg-backup: init repo if doesn't exist	2021-03-24 20:50:47 +01:00
Antoine Martin	4115c3d8d7	nextcloud: don't backup image previews	2021-03-24 19:42:15 +01:00
Antoine Martin	c47d72a376	matrix: don't backup cached media	2021-03-24 19:06:03 +01:00
Antoine Martin	8b5e107aea	matrix: add FIXME	2021-03-24 01:26:25 +01:00
Antoine Martin	0a4fb2e7f7	borg-backup: display info during pruning	2021-03-24 00:55:08 +01:00
Antoine Martin	844b940493	nextcloud: ignore in-progress uploads in backups	2021-03-24 00:41:18 +01:00
Antoine Martin	40d4f07df3	borg-backup: display info during backup	2021-03-24 00:32:46 +01:00
Antoine Martin	e6b1f1381a	nextcloud: require postgresql for service setup	2021-03-24 00:14:43 +01:00
Antoine Martin	0cf16198a8	postgresql: set package version globally	2021-03-23 22:37:55 +01:00
Antoine Martin	6174bcd165	services: remove unneeded conditional	2021-03-23 22:24:12 +01:00
Antoine Martin	b04d9e51a1	nextcloud: create service	2021-03-23 20:03:23 +01:00
Antoine Martin	48c87a4d8a	borg-backup: switch to zstd compression	2021-03-23 12:14:14 +01:00
Antoine Martin	bb477b36a6	tgv: new service	2021-03-16 17:46:25 +01:00
Antoine Martin	968c334c1b	borg: prune files when backing up	2021-03-15 23:52:07 +01:00
Antoine Martin	80942f7eb3	wireguard: setup VPN	2021-02-22 19:42:11 +01:00
Antoine Martin	a1065eb8ab	fail2ban: increase default ban time	2021-02-22 16:18:14 +01:00
Antoine Martin	92e2e19bbf	bitwarden_rs: remove random config	2021-02-22 16:11:59 +01:00
Antoine Martin	80384b2afe	bitwarden_rs: setup fail2ban	2021-02-22 16:07:26 +01:00
Antoine Martin	25f45ec6f6	fail2ban: setup service	2021-02-22 15:07:29 +01:00
Antoine Martin	49a261e5ee	jellyfin: proxy websockets traffic	2021-02-22 11:58:54 +01:00
Antoine Martin	cdf8695794	transmission: setup service	2021-02-19 22:29:04 +01:00
Antoine Martin	2b5ef6b145	jellyfin: setup service	2021-02-19 21:28:12 +01:00
Antoine Martin	e3440b61ab	nginx: centralize configuration	2021-02-14 12:07:07 +01:00
Antoine Martin	bb3532eb8a	miniflux: don't remove old entries from feeds	2021-02-05 22:01:41 +01:00
Antoine Martin	3c0732cedd	s/types.int/types.port	2021-02-02 18:24:28 +01:00
Antoine Martin	fca8f6cb4c	gitea: use own backup solution	2021-02-02 18:09:10 +01:00
Antoine Martin	039fa5a930	gitea: specify backup time	2021-02-02 17:34:22 +01:00
Antoine Martin	5bd4a23909	gitea: setup service	2021-02-02 17:01:40 +01:00
Antoine Martin	288e89502a	matrix: proxy calls to /_synapse/client correctly	2021-02-02 02:13:33 +01:00
Antoine Martin	d5eb537b5e	matrix: use shared secret	2021-02-02 01:24:03 +01:00
Antoine Martin	48bb7a8841	borg-backup: fix exclude config	2021-01-31 13:11:31 +01:00
Antoine Martin	41769615f0	borg-backup: setup paths in respective services	2021-01-31 13:03:28 +01:00
Antoine Martin	8ed0f14f74	bitwarden: setup service	2021-01-31 03:50:10 +01:00
Antoine Martin	253530ea6f	postgresql-backup: move to own services This way the `startAt` setting is only set once.	2021-01-30 22:32:12 +01:00
Antoine Martin	297eb0a6f9	miniflux: setup service	2021-01-30 21:53:05 +01:00
Antoine Martin	8b037b16a4	postgres: create daily backups	2021-01-30 19:35:21 +01:00
Antoine Martin	91eaa2f008	borg-backup: setup service	2021-01-30 19:35:21 +01:00
Antoine Martin	84fff7a6f2	matrix: add hosted Element web setup	2021-01-29 14:33:37 +01:00
Antoine Martin	79aa31f07f	matrix: improve configuration	2021-01-29 14:04:53 +01:00
Antoine Martin	4d89de4841	matrix: migrate server and setup federation It works, but looks and feels hacky. Needs cleanups	2021-01-28 02:54:33 +01:00
Antoine Martin	13b3baa805	monitoring: refacto, extract from main config	2021-01-27 21:55:32 +01:00

1 2 3 4

174 commits