Antoine Martin
7ce48f7164
services: add navidrome
2021-08-22 16:43:27 +02:00
Antoine Martin
d8c3f5c987
services: nextcloud: upgrade to nextcloud 22
2021-08-20 01:52:45 +02:00
Antoine Martin
2c7abf829a
services: adapt bitwarden to vaultwarden rename
2021-08-20 01:44:44 +02:00
Antoine Martin
bdd0748620
flake: switch back entire config to unstable
...
Mixing stable and unstable brought me weird problems, so I'm switching
back to unstable entirely until it breaks hard enough to convince me to
go back to stable. :)
2021-08-19 23:34:41 +02:00
Antoine Martin
12c60e9d2e
services: postgresql: upgraded to v13
2021-08-19 21:30:09 +02:00
Antoine Martin
1b7c4d40c6
services: nextcloud: ignore heavy files
2021-08-10 00:33:19 +02:00
Antoine Martin
e8ea4c8b5f
services: nextcloud: regex don't work with restic
2021-08-09 21:13:55 +02:00
Antoine Martin
b00faf77bb
services: move to restic for everything
2021-08-09 20:19:27 +02:00
Antoine Martin
e9c0d157f1
services: restic: make it verbose
2021-08-09 20:14:09 +02:00
Antoine Martin
0c538fbf86
services: backup postgres to restic
2021-08-09 20:11:00 +02:00
Antoine Martin
a763e0549f
services: setup restic backups service
2021-08-09 20:11:00 +02:00
Antoine Martin
bd5aa2cef5
services: setup fava service
2021-08-07 15:40:01 +02:00
Antoine Martin
611308f120
services: paperless: backup correctly
2021-07-19 14:59:15 +02:00
Antoine Martin
0f4ae45828
services: monitoring: set prometheus scrape interval
2021-07-15 10:27:10 +02:00
Antoine Martin
c7c87fcdb4
pkgs: fix grafanaDashboards access in flake
...
The `packages` output from the flake needs flake-utils' `flattenTree` to
be valid (because it doesn't support nested sets), but that only works
if I use `recurseIntoAttrs`.
2021-07-14 21:13:38 +02:00
Antoine Martin
27ae0552eb
services: paperless: fix backup paths
2021-07-14 03:00:36 +02:00
Antoine Martin
829632e360
services: tailscale: make exit node optional
2021-07-14 00:08:40 +02:00
Antoine Martin
c16d8513d2
services: wireguard: removed unused module
...
replaced by tailscale
2021-07-13 23:51:17 +02:00
Antoine Martin
1d8750efed
services: tailscale: move to service
2021-07-13 23:49:45 +02:00
Antoine Martin
39477a85e7
services: paperless: backups
2021-07-13 22:20:21 +02:00
Antoine Martin
786d884e3a
services: monitoring: package grafana dashboards
2021-07-13 17:34:36 +02:00
Antoine Martin
0f8175519b
services: monitoring: update node exporter dash
2021-07-13 17:25:34 +02:00
Antoine Martin
0b983d1358
services: monitoring: add nginx dashboard
2021-07-13 17:25:34 +02:00
Antoine Martin
b6f712b817
services: nginx: enable prometheus exporter
2021-07-13 17:25:34 +02:00
Antoine Martin
2b59116b8d
services: monitoring: only listen on localhost
2021-07-13 17:25:34 +02:00
Antoine Martin
e7219ae988
services: matrix: enable SSL traffic only
...
This is a requirement anyway for homeservers, and the `forceSSL` option
tried to create a redirect for non-SSL traffic, except the `listen`
option only provided SSL endpoints anyway, so this resulted in
additional rules in the nginx config looking like this:
server {
server_name matrix.alarsyo.net ;
location /.well-known/acme-challenge {
root /var/lib/acme/acme-challenge;
auth_basic off;
}
location / {
return 301 https://$host$request_uri ;
}
}
Which led to nginx listening on port 8000 (the default port in this
situation, I imagine)
2021-07-13 13:54:18 +02:00
Antoine Martin
c75458d8c9
services: bitwarden: only listen on local host
...
This was never a problem because the firewall did its job, but better
safe than sorry.
2021-07-13 13:34:26 +02:00
Antoine Martin
d2835ceb77
services: paperless: drop external traffic to docker
2021-07-13 13:22:21 +02:00
Antoine Martin
8eb1fe5001
services: paperless: restrict to Tailscale
2021-07-13 01:31:55 +02:00
Antoine Martin
f0e5e90c10
services: use wildcard certificate
...
Should have done this a long time ago
2021-07-13 01:08:01 +02:00
Antoine Martin
64d479e2ce
services: prometheus: keep metrics for 2 years
2021-07-12 22:12:03 +02:00
Antoine Martin
95733f9e05
services: paperless: setup reverse proxy
2021-07-12 22:11:41 +02:00
Antoine Martin
7c8017af03
services: init nuage
2021-07-06 18:22:57 +02:00
Antoine Martin
568cd2ccd4
services: matrix: add SMS verification support
2021-06-09 15:37:35 +02:00
Antoine Martin
6c17c2d82c
services: matrix: move smtp port note out of secret
2021-06-09 14:57:51 +02:00
Antoine Martin
1b6258e363
services: matrix: add smtp server
2021-06-09 14:53:11 +02:00
Antoine Martin
4ddee48800
services: lohr: latest commit
2021-06-04 17:40:56 +02:00
Antoine Martin
46df5d0642
services: transmission: use openFirewall setting
2021-06-03 00:33:52 +02:00
Antoine Martin
2dc8502fb8
services: nginx: don't enable everywhere
2021-06-01 14:28:42 +02:00
Antoine Martin
393c803167
services: pipewire: fix broken 20.09 config
2021-05-27 23:01:52 +02:00
Antoine Martin
b1dc709e3f
services: pipewire: ship pactl with pipewire
2021-05-26 01:13:10 +02:00
Antoine Martin
4d091d5aa6
services: add pipewire service
2021-05-26 00:33:15 +02:00
Antoine Martin
2f794cfe3a
matrix: disable presence
2021-05-21 11:45:27 +02:00
Antoine Martin
6e9e4388ae
matrix: log level warn
2021-05-21 10:10:15 +02:00
Antoine Martin
09059273c2
matrix: enable spaces beta
2021-05-21 10:05:20 +02:00
Antoine Martin
e2c77ed4e2
services: gitea: update home template to SVG
...
v1.14 switched from a PNG to a SVG logo
2021-05-13 18:20:21 +02:00
Antoine Martin
af0388b907
borg-backup: save space when pruning
2021-05-04 01:46:19 +02:00
Antoine Martin
71c4871af0
boreal: prune backups older than a month
2021-05-04 01:32:37 +02:00
Antoine Martin
2fdc188973
gitea: use main as default branch
2021-04-09 20:31:58 +02:00
Antoine Martin
b2ab13242c
gitea: enable push to create
2021-04-09 19:43:51 +02:00
Antoine Martin
64d28f9436
gitea: remove useless conditional on backup
2021-04-09 18:14:08 +02:00
Antoine Martin
d2fc16978c
gitea: silence logging
2021-04-09 18:01:01 +02:00
Antoine Martin
798a496709
gitea: use custom home template
2021-04-09 17:30:00 +02:00
Antoine Martin
df463c02fb
lohr: mention systemd specific issue
2021-04-08 03:44:52 +02:00
Antoine Martin
ba0e0e993e
lohr: setup real service
2021-04-08 03:20:58 +02:00
Antoine Martin
9d2073011b
lohr: setup dev service
2021-03-28 22:18:18 +02:00
Antoine Martin
8629db70e6
borg-backup: init repo if doesn't exist
2021-03-24 20:50:47 +01:00
Antoine Martin
4115c3d8d7
nextcloud: don't backup image previews
2021-03-24 19:42:15 +01:00
Antoine Martin
c47d72a376
matrix: don't backup cached media
2021-03-24 19:06:03 +01:00
Antoine Martin
8b5e107aea
matrix: add FIXME
2021-03-24 01:26:25 +01:00
Antoine Martin
0a4fb2e7f7
borg-backup: display info during pruning
2021-03-24 00:55:08 +01:00
Antoine Martin
844b940493
nextcloud: ignore in-progress uploads in backups
2021-03-24 00:41:18 +01:00
Antoine Martin
40d4f07df3
borg-backup: display info during backup
2021-03-24 00:32:46 +01:00
Antoine Martin
e6b1f1381a
nextcloud: require postgresql for service setup
2021-03-24 00:14:43 +01:00
Antoine Martin
0cf16198a8
postgresql: set package version globally
2021-03-23 22:37:55 +01:00
Antoine Martin
6174bcd165
services: remove unneeded conditional
2021-03-23 22:24:12 +01:00
Antoine Martin
b04d9e51a1
nextcloud: create service
2021-03-23 20:03:23 +01:00
Antoine Martin
48c87a4d8a
borg-backup: switch to zstd compression
2021-03-23 12:14:14 +01:00
Antoine Martin
bb477b36a6
tgv: new service
2021-03-16 17:46:25 +01:00
Antoine Martin
968c334c1b
borg: prune files when backing up
2021-03-15 23:52:07 +01:00
Antoine Martin
80942f7eb3
wireguard: setup VPN
2021-02-22 19:42:11 +01:00
Antoine Martin
a1065eb8ab
fail2ban: increase default ban time
2021-02-22 16:18:14 +01:00
Antoine Martin
92e2e19bbf
bitwarden_rs: remove random config
2021-02-22 16:11:59 +01:00
Antoine Martin
80384b2afe
bitwarden_rs: setup fail2ban
2021-02-22 16:07:26 +01:00
Antoine Martin
25f45ec6f6
fail2ban: setup service
2021-02-22 15:07:29 +01:00
Antoine Martin
49a261e5ee
jellyfin: proxy websockets traffic
2021-02-22 11:58:54 +01:00
Antoine Martin
cdf8695794
transmission: setup service
2021-02-19 22:29:04 +01:00
Antoine Martin
2b5ef6b145
jellyfin: setup service
2021-02-19 21:28:12 +01:00
Antoine Martin
e3440b61ab
nginx: centralize configuration
2021-02-14 12:07:07 +01:00
Antoine Martin
bb3532eb8a
miniflux: don't remove old entries from feeds
2021-02-05 22:01:41 +01:00
Antoine Martin
3c0732cedd
s/types.int/types.port
2021-02-02 18:24:28 +01:00
Antoine Martin
fca8f6cb4c
gitea: use own backup solution
2021-02-02 18:09:10 +01:00
Antoine Martin
039fa5a930
gitea: specify backup time
2021-02-02 17:34:22 +01:00
Antoine Martin
5bd4a23909
gitea: setup service
2021-02-02 17:01:40 +01:00
Antoine Martin
288e89502a
matrix: proxy calls to /_synapse/client correctly
2021-02-02 02:13:33 +01:00
Antoine Martin
d5eb537b5e
matrix: use shared secret
2021-02-02 01:24:03 +01:00
Antoine Martin
48bb7a8841
borg-backup: fix exclude config
2021-01-31 13:11:31 +01:00
Antoine Martin
41769615f0
borg-backup: setup paths in respective services
2021-01-31 13:03:28 +01:00
Antoine Martin
8ed0f14f74
bitwarden: setup service
2021-01-31 03:50:10 +01:00
Antoine Martin
253530ea6f
postgresql-backup: move to own services
...
This way the `startAt` setting is only set once.
2021-01-30 22:32:12 +01:00
Antoine Martin
297eb0a6f9
miniflux: setup service
2021-01-30 21:53:05 +01:00
Antoine Martin
8b037b16a4
postgres: create daily backups
2021-01-30 19:35:21 +01:00
Antoine Martin
91eaa2f008
borg-backup: setup service
2021-01-30 19:35:21 +01:00
Antoine Martin
84fff7a6f2
matrix: add hosted Element web setup
2021-01-29 14:33:37 +01:00
Antoine Martin
79aa31f07f
matrix: improve configuration
2021-01-29 14:04:53 +01:00
Antoine Martin
4d89de4841
matrix: migrate server and setup federation
...
It works, but looks and feels hacky. Needs cleanups
2021-01-28 02:54:33 +01:00
Antoine Martin
13b3baa805
monitoring: refacto, extract from main config
2021-01-27 21:55:32 +01:00