Find a file
Antoine Martin e7219ae988 services: matrix: enable SSL traffic only
This is a requirement anyway for homeservers, and the `forceSSL` option
tried to create a redirect for non-SSL traffic, except the `listen`
option only provided SSL endpoints anyway, so this resulted in
additional rules in the nginx config looking like this:

server {
        server_name matrix.alarsyo.net ;
        location /.well-known/acme-challenge {
                root /var/lib/acme/acme-challenge;
                auth_basic off;
        }
        location / {
                return 301 https://$host$request_uri;
        }
}

Which led to nginx listening on port 8000 (the default port in this
situation, I imagine)
2021-07-13 13:54:18 +02:00
.git-crypt Add 1 git-crypt collaborator 2021-02-13 20:03:13 +01:00
base poseidon: enable docker and docker-compose 2021-07-12 22:11:38 +02:00
home home: i3: remove NVIDIA firefox perf workaround 2021-07-05 11:58:50 +02:00
hosts services: use wildcard certificate 2021-07-13 01:08:01 +02:00
modules boreal: setup sddm theme module 2021-04-22 14:22:55 +02:00
pkgs pkgs: kaleidoscope-udev-rules: please ambroisie 2021-06-17 12:24:51 +02:00
secrets services: use wildcard certificate 2021-07-13 01:08:01 +02:00
services services: matrix: enable SSL traffic only 2021-07-13 13:54:18 +02:00
.gitattributes services: matrix: add smtp server 2021-06-09 14:53:11 +02:00
.gitignore secrets: switch to git-crypt 2021-02-13 20:10:51 +01:00
.lohr repo: setup lohr file 2021-03-30 15:24:07 +02:00
boreal.nix boreal: setup sddm theme module 2021-04-22 14:22:55 +02:00
flake.lock flake.lock: Update 2021-07-12 11:10:10 +02:00
flake.nix flake: switch to 21.05 release on all hosts 2021-06-01 14:28:20 +02:00
poseidon.nix re-organize configuration 2021-02-14 14:21:47 +01:00
README.org README: list more services 2021-04-09 19:31:51 +02:00

NixOS deployment configuration

Services

Bitwarden

Password manager, Rust lightweight version.

Borg backup

Creating daily backups to borgbase

fail2ban

Keeping the bad guys away

Gitea

Hosting for all my personal projects

Jellyfin

Netflix but just for me

Lohr

Setup

Needs manual SSH key and known hosts setup.

Matrix

My Matrix homeserver at alarsyo.net. Also hosting an Element web client at chat.alarsyo.net.

Miniflux

RSS reader

Monitoring

Grafana and Prometheus are currently used as a glorified htop.

Nextcloud

Wireguard VPN