Commit graph

46 commits

Author SHA1 Message Date
Bruno BELANYI b2ce0530dc machines: porthos: services: enable fail2ban 2023-02-20 09:04:50 +00:00
Bruno BELANYI 5e021e6436 all: remove package aliases 2022-09-30 08:59:27 +02:00
Bruno BELANYI 58971246e7 machines: porthos: services: enable grocy 2022-07-28 18:29:10 +02:00
Bruno BELANYI 676281d18b machines: porthos: services: set-up gitea mail 2022-04-08 21:34:44 +02:00
Bruno BELANYI 36728068bd machines: porthos: services: disable nzbhydra
Same deal as jackett: prowlarr has been working perfectly adequately for
a while now.
2022-01-14 13:24:09 +01:00
Bruno BELANYI 5b130951fb machines: porthos: services: disable jackett
Prowlarr has been humming along just fine, and works even better than
jackett.
2022-01-14 13:24:09 +01:00
Bruno BELANYI 8759039187 machines: porthos: services: use 'lohr.sshKeyFile' 2021-11-05 16:59:11 +01:00
Bruno BELANYI eb9fffd7b4 machines: porthos: users: remove unused let block 2021-11-05 14:58:58 +01:00
Bruno BELANYI d0ad9982ce machines: porthos: services: enable prowlarr 2021-10-18 19:48:50 +02:00
Bruno BELANYI 5fd82472bf modules: secrets: add 'owner' logic 2021-09-26 23:09:33 +02:00
Bruno BELANYI 7257f3156e machines: porthos: services: switch to agenix
The prep-work should be done now, time to hit the switch.
2021-09-26 23:09:32 +02:00
Bruno BELANYI c7766afe90 modules: services: nginx: allow sso secret files
This is in preparation of the migration to agenix, which does not allow
access to the secrets at build time.
2021-09-26 23:09:32 +02:00
Bruno BELANYI f09ba6b5be machines: porthos: users: use clear-text ssh key 2021-09-26 23:09:32 +02:00
Bruno BELANYI 16d3cd9f81 modules: services: nginx: use 'credentialsFile'
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI 7d37701811 modules: services: matrix: use 'mailConfigFile'
In preparation of the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI 4643690b43 modules: services: paperless: use 'secretKeyFile'
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI 5579baecfb modules: services: nextcloud: use 'credentialsfile'
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI 9d8da4d2b2 modules: services: miniflux: use 'credentialsFiles'
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI da63787874 modules: services: transmission: secrets w/ file
In preparation for the migration to using agenix.
2021-09-26 23:09:31 +02:00
Bruno BELANYI 14d56a1337 machines: porthos: services: enable paperless 2021-08-31 13:52:11 +02:00
Bruno BELANYI 52079bf1e7 modules: services: nginx: enable explicitly 2021-08-30 17:36:39 +02:00
Bruno BELANYI 77cf3430ae modules: services: use new nginx wrapper
And when not possible, document why.

Note for the future: there is some repetition in some modules to
configure the correct value of the subdomain, which I happen to know
will line up correctly thanks to the nginx wrapper. A good way to
refactor this in the future would involve avoiding this repetition,
allowing use to query the correct domain in some way...
2021-08-26 15:54:13 +02:00
Bruno BELANYI a8514dcdf1 modules: services: nginx: overhaul modularity
This should be all that's needed for almost all my services.
2021-08-26 15:54:13 +02:00
Bruno BELANYI 0fe9a57458 machines: porthos: services: enable navidrome 2021-08-19 12:23:06 +02:00
Bruno BELANYI 2291d6b6fa machines: porthos: services: enable monitoring 2021-07-13 19:17:33 +02:00
Bruno BELANYI 23e5ddd7f3 modules: services: matrix: add mail configuration 2021-06-09 19:14:09 +02:00
Bruno BELANYI 5f0c1f6a79 modules: hardware: move 'networking' 2021-05-29 16:56:15 +02:00
Bruno BELANYI d18fc252a4 machines: porthos: services: enable flood 2021-05-22 23:59:27 +02:00
Bruno BELANYI 797387f571 machines: aramis: services: remove gnupg-agent
The one configured by home-manager is more appropriate.
2021-05-16 00:03:59 +02:00
Bruno BELANYI 62cee0be61 machines: porthos: set timezone 2021-05-16 00:03:59 +02:00
Bruno BELANYI 825e09f59e flake: refactor handling of shared modules 2021-05-08 17:14:13 +02:00
Bruno BELANYI 84b61b25b3 services: wireguard: allow disabling service
Only the server *needs* to have wireguard up at all times. However a
laptop or desktop probably doesn't need it up at all times.
2021-04-25 12:39:17 +00:00
Bruno BELANYI a551ace6a6 machines: porthos: services: enable adblock 2021-04-25 12:39:17 +00:00
Bruno BELANYI 471fe4e21f machines: porthos: services: enable podgrab 2021-04-15 16:24:41 +00:00
Bruno BELANYI ff975b8c7d machines: porthos: services: enable lohr 2021-04-01 22:48:38 +00:00
Bruno BELANYI 56212a0c9e machines: porthos: users: remove unused attribute 2021-03-08 19:00:01 +00:00
Bruno BELANYI 5b63b70958 modules: users: add to groups in single place 2021-03-07 18:39:42 +00:00
Bruno BELANYI 28394efc2c machines: porthos: add installation script
This is mostly to reference the installation process when looking back,
rather than explicitly be able re-install this exect configuration.
2021-03-03 17:02:48 +00:00
Bruno BELANYI b135646c28 machine: porthos: hardware: use disks by label 2021-03-03 17:02:48 +00:00
Bruno BELANYI 4e073b8d02 machines: porthos: services: enable Calibre-web 2021-03-03 17:02:48 +00:00
Bruno BELANYI e74e46a0e6 machines: porthos: networking: set externalInterface 2021-02-25 15:29:06 +00:00
Bruno BELANYI a4da864981 machines: porthos: enable Wireguard 2021-02-25 15:29:06 +00:00
Bruno BELANYI b972c0bef3 porthos: services: enable 'exec' Drone runner 2021-02-25 15:29:06 +00:00
Bruno BELANYI 91be5ad978 porthos: services: enable Miniflux 2021-02-25 15:29:06 +00:00
Bruno BELANYI 340906d6b2 porthos: users: add 'ambroisie' to 'media'
This only done when the groups exists.
2021-02-25 15:29:06 +00:00
Bruno BELANYI 866225393b porthos: move files into 'machines' directory
But keep 'porthos.nix' at the root of the repository. I feel like it is
cleaner to keep device specific files at the root.
2021-02-25 15:29:06 +00:00