Antoine Martin
c7c87fcdb4
pkgs: fix grafanaDashboards access in flake
...
The `packages` output from the flake needs flake-utils' `flattenTree` to
be valid (because it doesn't support nested sets), but that only works
if I use `recurseIntoAttrs`.
2021-07-14 21:13:38 +02:00
Antoine Martin
27ae0552eb
services: paperless: fix backup paths
2021-07-14 03:00:36 +02:00
Antoine Martin
829632e360
services: tailscale: make exit node optional
2021-07-14 00:08:40 +02:00
Antoine Martin
c16d8513d2
services: wireguard: removed unused module
...
replaced by tailscale
2021-07-13 23:51:17 +02:00
Antoine Martin
1d8750efed
services: tailscale: move to service
2021-07-13 23:49:45 +02:00
Antoine Martin
39477a85e7
services: paperless: backups
2021-07-13 22:20:21 +02:00
Antoine Martin
786d884e3a
services: monitoring: package grafana dashboards
2021-07-13 17:34:36 +02:00
Antoine Martin
0f8175519b
services: monitoring: update node exporter dash
2021-07-13 17:25:34 +02:00
Antoine Martin
0b983d1358
services: monitoring: add nginx dashboard
2021-07-13 17:25:34 +02:00
Antoine Martin
b6f712b817
services: nginx: enable prometheus exporter
2021-07-13 17:25:34 +02:00
Antoine Martin
2b59116b8d
services: monitoring: only listen on localhost
2021-07-13 17:25:34 +02:00
Antoine Martin
e7219ae988
services: matrix: enable SSL traffic only
...
This is a requirement anyway for homeservers, and the `forceSSL` option
tried to create a redirect for non-SSL traffic, except the `listen`
option only provided SSL endpoints anyway, so this resulted in
additional rules in the nginx config looking like this:
server {
server_name matrix.alarsyo.net ;
location /.well-known/acme-challenge {
root /var/lib/acme/acme-challenge;
auth_basic off;
}
location / {
return 301 https://$host$request_uri ;
}
}
Which led to nginx listening on port 8000 (the default port in this
situation, I imagine)
2021-07-13 13:54:18 +02:00
Antoine Martin
c75458d8c9
services: bitwarden: only listen on local host
...
This was never a problem because the firewall did its job, but better
safe than sorry.
2021-07-13 13:34:26 +02:00
Antoine Martin
d2835ceb77
services: paperless: drop external traffic to docker
2021-07-13 13:22:21 +02:00
Antoine Martin
8eb1fe5001
services: paperless: restrict to Tailscale
2021-07-13 01:31:55 +02:00
Antoine Martin
f0e5e90c10
services: use wildcard certificate
...
Should have done this a long time ago
2021-07-13 01:08:01 +02:00
Antoine Martin
64d479e2ce
services: prometheus: keep metrics for 2 years
2021-07-12 22:12:03 +02:00
Antoine Martin
95733f9e05
services: paperless: setup reverse proxy
2021-07-12 22:11:41 +02:00
Antoine Martin
7c8017af03
services: init nuage
2021-07-06 18:22:57 +02:00
Antoine Martin
568cd2ccd4
services: matrix: add SMS verification support
2021-06-09 15:37:35 +02:00
Antoine Martin
6c17c2d82c
services: matrix: move smtp port note out of secret
2021-06-09 14:57:51 +02:00
Antoine Martin
1b6258e363
services: matrix: add smtp server
2021-06-09 14:53:11 +02:00
Antoine Martin
4ddee48800
services: lohr: latest commit
2021-06-04 17:40:56 +02:00
Antoine Martin
46df5d0642
services: transmission: use openFirewall setting
2021-06-03 00:33:52 +02:00
Antoine Martin
2dc8502fb8
services: nginx: don't enable everywhere
2021-06-01 14:28:42 +02:00
Antoine Martin
393c803167
services: pipewire: fix broken 20.09 config
2021-05-27 23:01:52 +02:00
Antoine Martin
b1dc709e3f
services: pipewire: ship pactl with pipewire
2021-05-26 01:13:10 +02:00
Antoine Martin
4d091d5aa6
services: add pipewire service
2021-05-26 00:33:15 +02:00
Antoine Martin
2f794cfe3a
matrix: disable presence
2021-05-21 11:45:27 +02:00
Antoine Martin
6e9e4388ae
matrix: log level warn
2021-05-21 10:10:15 +02:00
Antoine Martin
09059273c2
matrix: enable spaces beta
2021-05-21 10:05:20 +02:00
Antoine Martin
e2c77ed4e2
services: gitea: update home template to SVG
...
v1.14 switched from a PNG to a SVG logo
2021-05-13 18:20:21 +02:00
Antoine Martin
af0388b907
borg-backup: save space when pruning
2021-05-04 01:46:19 +02:00
Antoine Martin
71c4871af0
boreal: prune backups older than a month
2021-05-04 01:32:37 +02:00
Antoine Martin
2fdc188973
gitea: use main as default branch
2021-04-09 20:31:58 +02:00
Antoine Martin
b2ab13242c
gitea: enable push to create
2021-04-09 19:43:51 +02:00
Antoine Martin
64d28f9436
gitea: remove useless conditional on backup
2021-04-09 18:14:08 +02:00
Antoine Martin
d2fc16978c
gitea: silence logging
2021-04-09 18:01:01 +02:00
Antoine Martin
798a496709
gitea: use custom home template
2021-04-09 17:30:00 +02:00
Antoine Martin
df463c02fb
lohr: mention systemd specific issue
2021-04-08 03:44:52 +02:00
Antoine Martin
ba0e0e993e
lohr: setup real service
2021-04-08 03:20:58 +02:00
Antoine Martin
9d2073011b
lohr: setup dev service
2021-03-28 22:18:18 +02:00
Antoine Martin
8629db70e6
borg-backup: init repo if doesn't exist
2021-03-24 20:50:47 +01:00
Antoine Martin
4115c3d8d7
nextcloud: don't backup image previews
2021-03-24 19:42:15 +01:00
Antoine Martin
c47d72a376
matrix: don't backup cached media
2021-03-24 19:06:03 +01:00
Antoine Martin
8b5e107aea
matrix: add FIXME
2021-03-24 01:26:25 +01:00
Antoine Martin
0a4fb2e7f7
borg-backup: display info during pruning
2021-03-24 00:55:08 +01:00
Antoine Martin
844b940493
nextcloud: ignore in-progress uploads in backups
2021-03-24 00:41:18 +01:00
Antoine Martin
40d4f07df3
borg-backup: display info during backup
2021-03-24 00:32:46 +01:00
Antoine Martin
e6b1f1381a
nextcloud: require postgresql for service setup
2021-03-24 00:14:43 +01:00
Antoine Martin
0cf16198a8
postgresql: set package version globally
2021-03-23 22:37:55 +01:00
Antoine Martin
6174bcd165
services: remove unneeded conditional
2021-03-23 22:24:12 +01:00
Antoine Martin
b04d9e51a1
nextcloud: create service
2021-03-23 20:03:23 +01:00
Antoine Martin
48c87a4d8a
borg-backup: switch to zstd compression
2021-03-23 12:14:14 +01:00
Antoine Martin
bb477b36a6
tgv: new service
2021-03-16 17:46:25 +01:00
Antoine Martin
968c334c1b
borg: prune files when backing up
2021-03-15 23:52:07 +01:00
Antoine Martin
80942f7eb3
wireguard: setup VPN
2021-02-22 19:42:11 +01:00
Antoine Martin
a1065eb8ab
fail2ban: increase default ban time
2021-02-22 16:18:14 +01:00
Antoine Martin
92e2e19bbf
bitwarden_rs: remove random config
2021-02-22 16:11:59 +01:00
Antoine Martin
80384b2afe
bitwarden_rs: setup fail2ban
2021-02-22 16:07:26 +01:00
Antoine Martin
25f45ec6f6
fail2ban: setup service
2021-02-22 15:07:29 +01:00
Antoine Martin
49a261e5ee
jellyfin: proxy websockets traffic
2021-02-22 11:58:54 +01:00
Antoine Martin
cdf8695794
transmission: setup service
2021-02-19 22:29:04 +01:00
Antoine Martin
2b5ef6b145
jellyfin: setup service
2021-02-19 21:28:12 +01:00
Antoine Martin
e3440b61ab
nginx: centralize configuration
2021-02-14 12:07:07 +01:00
Antoine Martin
bb3532eb8a
miniflux: don't remove old entries from feeds
2021-02-05 22:01:41 +01:00
Antoine Martin
3c0732cedd
s/types.int/types.port
2021-02-02 18:24:28 +01:00
Antoine Martin
fca8f6cb4c
gitea: use own backup solution
2021-02-02 18:09:10 +01:00
Antoine Martin
039fa5a930
gitea: specify backup time
2021-02-02 17:34:22 +01:00
Antoine Martin
5bd4a23909
gitea: setup service
2021-02-02 17:01:40 +01:00
Antoine Martin
288e89502a
matrix: proxy calls to /_synapse/client correctly
2021-02-02 02:13:33 +01:00
Antoine Martin
d5eb537b5e
matrix: use shared secret
2021-02-02 01:24:03 +01:00
Antoine Martin
48bb7a8841
borg-backup: fix exclude config
2021-01-31 13:11:31 +01:00
Antoine Martin
41769615f0
borg-backup: setup paths in respective services
2021-01-31 13:03:28 +01:00
Antoine Martin
8ed0f14f74
bitwarden: setup service
2021-01-31 03:50:10 +01:00
Antoine Martin
253530ea6f
postgresql-backup: move to own services
...
This way the `startAt` setting is only set once.
2021-01-30 22:32:12 +01:00
Antoine Martin
297eb0a6f9
miniflux: setup service
2021-01-30 21:53:05 +01:00
Antoine Martin
8b037b16a4
postgres: create daily backups
2021-01-30 19:35:21 +01:00
Antoine Martin
91eaa2f008
borg-backup: setup service
2021-01-30 19:35:21 +01:00
Antoine Martin
84fff7a6f2
matrix: add hosted Element web setup
2021-01-29 14:33:37 +01:00
Antoine Martin
79aa31f07f
matrix: improve configuration
2021-01-29 14:04:53 +01:00
Antoine Martin
4d89de4841
matrix: migrate server and setup federation
...
It works, but looks and feels hacky. Needs cleanups
2021-01-28 02:54:33 +01:00
Antoine Martin
13b3baa805
monitoring: refacto, extract from main config
2021-01-27 21:55:32 +01:00