alarsyo/nixos-config
alarsyo/nixos-config
1
1
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
334 commits 4 branches 0 tags 1.8 MiB
Commit graph

334 commits

This branch
This branch
All branches
Author SHA1 Message Date
Antoine Martin cc825d1e53 pkgs: kaleidoscope: remove unneeded meta.platform 2021-07-14 19:44:28 +02:00
Antoine Martin 61a57d8a96 flake: expose packages 2021-07-14 19:40:35 +02:00
Antoine Martin 5ac71e96cd flake: factorize home-manager config 2021-07-14 18:51:01 +02:00
Antoine Martin ff673a0890 flake: merge shared overlay config 2021-07-14 18:21:01 +02:00
Antoine Martin a79d27ff22 flake: group up nixosConfigurations 2021-07-14 18:05:36 +02:00
Antoine Martin 573a6ea0bc flake: cleanup inputs 2021-07-14 17:53:31 +02:00
Antoine Martin c5185394cc boreal: install chrysalis in home 2021-07-14 17:41:52 +02:00
Antoine Martin b4b30cba64 pkgs: package spot and install on boreal 2021-07-14 17:08:44 +02:00
Antoine Martin 27ae0552eb services: paperless: fix backup paths 2021-07-14 03:00:36 +02:00
Antoine Martin 29a98d0c0d flake: use fast python for synapse in poseidon overlay 2021-07-14 01:05:21 +02:00
Antoine Martin 829632e360 services: tailscale: make exit node optional 2021-07-14 00:08:40 +02:00
Antoine Martin c16d8513d2 services: wireguard: removed unused module 
replaced by tailscale
 2021-07-13 23:51:17 +02:00
Antoine Martin 1d8750efed services: tailscale: move to service 2021-07-13 23:49:45 +02:00
Antoine Martin 3862992b76 poseidon: trust tailscale0 interface in firewall 2021-07-13 23:40:42 +02:00
Antoine Martin bd02870e9f poseidon: enable ip forwarding in sysctl 2021-07-13 23:18:40 +02:00
Antoine Martin 880d44e570 poseidon: add procps to tailscale path 2021-07-13 23:13:13 +02:00
Antoine Martin 39477a85e7 services: paperless: backups 2021-07-13 22:20:21 +02:00
Antoine Martin 7d8b8c4cae ci: only trigger on main 2021-07-13 18:15:25 +02:00
Antoine Martin ff33a50911 pkgs: sddm-sugar-candy: space out file 2021-07-13 18:08:26 +02:00
Antoine Martin 2e15fbecb9 ci: add NUR update workflow 2021-07-13 18:06:22 +02:00
Antoine Martin 6cf2b5893e pkgs: remove unused kaleidoscope file 2021-07-13 17:34:45 +02:00
Antoine Martin 786d884e3a services: monitoring: package grafana dashboards 2021-07-13 17:34:36 +02:00
Antoine Martin 971dcbbc71 flake: use packages overlay for poseidon 2021-07-13 17:25:34 +02:00
Antoine Martin 0f8175519b services: monitoring: update node exporter dash 2021-07-13 17:25:34 +02:00
Antoine Martin 0b983d1358 services: monitoring: add nginx dashboard 2021-07-13 17:25:34 +02:00
Antoine Martin b6f712b817 services: nginx: enable prometheus exporter 2021-07-13 17:25:34 +02:00
Antoine Martin 2b59116b8d services: monitoring: only listen on localhost 2021-07-13 17:25:34 +02:00
Antoine Martin e7219ae988 services: matrix: enable SSL traffic only 
This is a requirement anyway for homeservers, and the `forceSSL` option
tried to create a redirect for non-SSL traffic, except the `listen`
option only provided SSL endpoints anyway, so this resulted in
additional rules in the nginx config looking like this:

server {
        server_name matrix.alarsyo.net ;
        location /.well-known/acme-challenge {
                root /var/lib/acme/acme-challenge;
                auth_basic off;
        }
        location / {
                return 301 https://$host$request_uri;
        }
}

Which led to nginx listening on port 8000 (the default port in this
situation, I imagine)
 2021-07-13 13:54:18 +02:00
Antoine Martin c75458d8c9 services: bitwarden: only listen on local host 
This was never a problem because the firewall did its job, but better
safe than sorry.
 2021-07-13 13:34:26 +02:00
Antoine Martin d2835ceb77 services: paperless: drop external traffic to docker 2021-07-13 13:22:21 +02:00
Antoine Martin 8eb1fe5001 services: paperless: restrict to Tailscale 2021-07-13 01:31:55 +02:00
Antoine Martin f0e5e90c10 services: use wildcard certificate 
Should have done this a long time ago
 2021-07-13 01:08:01 +02:00
Antoine Martin 64d479e2ce services: prometheus: keep metrics for 2 years 2021-07-12 22:12:03 +02:00
Antoine Martin 95733f9e05 services: paperless: setup reverse proxy 2021-07-12 22:11:41 +02:00
Antoine Martin df3cffadaf poseidon: enable docker and docker-compose 2021-07-12 22:11:38 +02:00
Antoine Martin 72f52cd06a base: disable garbage collection 
Some heavy flake shells with texlive were getting wiped, I can do this
by hand from time to time
 2021-07-12 14:41:57 +02:00
Antoine Martin 16297d492c flake.lock: Update 
Flake input changes:

* Updated 'emacs-overlay': 'github:nix-community/emacs-overlay/c98b3a644b09550bf5e38cc796c4fdec190f0582' -> 'github:nix-community/emacs-overlay/c015a0e27baebe1e28ef3b030901adf564959611'
* Updated 'nixpkgs': 'github:NixOS/nixpkgs/9d1350d9d56411b685ff3de5839ed6728b1bf808' -> 'github:NixOS/nixpkgs/cf59fbd539681f5ec2f4a82cf77aae7ab827a03f'
* Updated 'nixpkgs-unstable': 'github:NixOS/nixpkgs/899ecadfc94809fec3374d4e4dafaae1399cfb7e' -> 'github:NixOS/nixpkgs/635a1954044fb0dfbcfd857e3289ab12feb41530'
 2021-07-12 11:10:10 +02:00
Antoine Martin 049bb7d5d2 poseidon: enable tailscale 2021-07-10 16:48:53 +02:00
Antoine Martin 721a7cefa2 boreal: enable tailscale 2021-07-10 16:47:48 +02:00
Antoine Martin e7d18c63c3 flake.lock: Update 
Flake input changes:

* Updated 'emacs-overlay': 'github:nix-community/emacs-overlay/9fbb5e43ed6ea3b5b704f13b2169f5404c24113b' -> 'github:nix-community/emacs-overlay/c98b3a644b09550bf5e38cc796c4fdec190f0582'
* Updated 'nixpkgs': 'github:NixOS/nixpkgs/21b696caf392ad6fa513caf3327d0aa0430ffb72' -> 'github:NixOS/nixpkgs/9d1350d9d56411b685ff3de5839ed6728b1bf808'
* Updated 'nixpkgs-unstable': 'github:NixOS/nixpkgs/a6c2f5e6e7a0c5e99b841cf4c38be3b027bc9883' -> 'github:NixOS/nixpkgs/899ecadfc94809fec3374d4e4dafaae1399cfb7e'
 2021-07-07 14:18:41 +02:00
Antoine Martin 7c8017af03 services: init nuage 2021-07-06 18:22:57 +02:00
Antoine Martin 26ea717eaa boreal: don't power on bluetooth on boot 
No longer needed now that I found my Logitech dongle
 2021-07-05 12:30:19 +02:00
Antoine Martin bb17432079 home: i3: remove NVIDIA firefox perf workaround 
Not needed anymore since switching to a recent RTX card
 2021-07-05 11:58:50 +02:00
Antoine Martin af04fc4626 flake.lock: Update 
Flake input changes:

* Updated 'emacs-overlay': 'github:nix-community/emacs-overlay/ab500b1977b48c2524d56fe1efcb5c7102319bf0' -> 'github:nix-community/emacs-overlay/9fbb5e43ed6ea3b5b704f13b2169f5404c24113b'
* Updated 'nixpkgs': 'github:NixOS/nixpkgs/f77036342e2b690c61c97202bf48f2ce13acc022' -> 'github:NixOS/nixpkgs/21b696caf392ad6fa513caf3327d0aa0430ffb72'
* Updated 'nixpkgs-unstable': 'github:NixOS/nixpkgs/920113a6e5e34e317c910b8477dd6cde88fcd202' -> 'github:NixOS/nixpkgs/a6c2f5e6e7a0c5e99b841cf4c38be3b027bc9883'
 2021-07-05 11:29:01 +02:00
Antoine Martin 60b65f5037 boreal: switch network interface names 2021-07-01 22:19:51 +02:00
Antoine Martin ed8048c194 flake.lock: Update 
Flake input changes:

* Updated 'emacs-overlay': 'github:nix-community/emacs-overlay/4690423c87e4a106639aaf9358f2951f11bb615e' -> 'github:nix-community/emacs-overlay/ab500b1977b48c2524d56fe1efcb5c7102319bf0'
* Updated 'nixpkgs': 'github:NixOS/nixpkgs/0ccd0d91361dc42dd32ffcfafed1a4fc23d1c8b4' -> 'github:NixOS/nixpkgs/f77036342e2b690c61c97202bf48f2ce13acc022'
 2021-06-29 01:11:49 +02:00
Antoine Martin 3084fa24b1 flake.lock: Update 
Flake input changes:

* Updated 'emacs-overlay': 'github:nix-community/emacs-overlay/d8bf1e0a7aa41f8eb058760cb7ade8923bf683aa' -> 'github:nix-community/emacs-overlay/4690423c87e4a106639aaf9358f2951f11bb615e'
* Updated 'nixpkgs': 'github:NixOS/nixpkgs/6613a30c5e3ee59753181512b4bedd4121569925' -> 'github:NixOS/nixpkgs/0ccd0d91361dc42dd32ffcfafed1a4fc23d1c8b4'
* Updated 'nixpkgs-unstable': 'github:NixOS/nixpkgs/7c2d15627a3012c5e5af1d1664a53599687cf1d1' -> 'github:NixOS/nixpkgs/920113a6e5e34e317c910b8477dd6cde88fcd202'
 2021-06-24 10:06:38 +02:00
Antoine Martin a00a9fab73 home: tmux: display CPU in status bar 2021-06-21 18:42:56 +02:00
Antoine Martin 63db8cce42 home: tmux: use cpu plugin 2021-06-21 17:44:19 +02:00
Antoine Martin 86d9a119cf home: tmux: use solarized plugin 2021-06-21 17:30:42 +02:00