Commit graph

50 commits

Author SHA1 Message Date
Bruno BELANYI 7c1f379d82 modules: services: lohr: declarative ssh key 2021-11-05 16:59:11 +01:00
Bruno BELANYI 79265008d2 modules: services: nginx: remove unused argument 2021-11-05 14:58:58 +01:00
Bruno BELANYI 74a5c50fbe modules: services: drone: remove unused arguments 2021-11-05 14:58:58 +01:00
Bruno BELANYI ddeeb974a4 modules: services: backup: remove deprecated name
All checks were successful
continuous-integration/drone/push Build is passing
2021-11-03 17:16:40 +01:00
Bruno BELANYI 927dd9e02a modules: services: indexers: add prowlarr 2021-10-18 19:48:50 +02:00
Bruno BELANYI df1bc0d0d5 modules: services: indexers: refactor
This is cleaner and more correct.
2021-10-18 19:48:50 +02:00
Bruno BELANYI 760e24a356 modules: services: indexers: fix typo 2021-10-18 19:48:50 +02:00
Bruno BELANYI ef07c9ff43 modules: services: nginx: use 'mkMailAccount' 2021-10-13 15:36:28 +02:00
Bruno BELANYI d918bf279d modules: services: wireguard: add 'milady'
All checks were successful
continuous-integration/drone/push Build is passing
2021-10-10 17:16:29 +02:00
Bruno BELANYI e962d4c574 modules: services: nginx: sso: use runtime secrets 2021-09-26 23:09:33 +02:00
Bruno BELANYI 3bf3980e45 modules: services: nginx: allow sso secret files
This is in preparation of the migration to agenix, which does not allow
access to the secrets at build time.
2021-09-26 23:09:32 +02:00
Bruno BELANYI fb6e2afe89 modules: services: drone: split into files
This is cleaner to read.
2021-09-26 23:09:32 +02:00
Bruno BELANYI 51067582e0 modules: services: put modules into folders 2021-09-26 23:09:32 +02:00
Bruno BELANYI b6af754199 modules: services: wireguard: use agenix secrets 2021-09-26 23:09:32 +02:00
Bruno BELANYI ca5e5a53cd modules: services: nginx: use 'credentialsFile'
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI ba10af0644 modules: services: matrix: use 'mailConfigFile'
In preparation of the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI 0f2c20e51d modules: services: paperless: use 'secretKeyFile'
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI ca218730ff modules: services: nextcloud: use 'credentialsfile'
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI ac5fd7f472 modules: services: miniflux: use 'credentialsFiles'
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI db37cea907 modules: services: transmission: secrets w/ file
In preparation for the migration to using agenix.
2021-09-26 23:09:31 +02:00
Bruno BELANYI 75312c747b modules: remove unused arguments 2021-09-24 01:21:57 +02:00
Bruno BELANYI 2d26b36e31 modules: services: nginx: use 'recursiveMerge'
All checks were successful
continuous-integration/drone/push Build is passing
2021-09-23 22:11:25 +02:00
Bruno BELANYI ed456c999d modules: system: remove 'media'
All checks were successful
continuous-integration/drone/push Build is passing
It was not the idiomatic way to do this.
2021-09-15 16:10:06 +02:00
Bruno BELANYI 808058d576 modules: services: paperless: proxy websockets 2021-08-31 13:52:11 +02:00
Bruno BELANYI 52706ab4c4 modules: services: paperless: add admin password
This is a fallback in case SSO stops working...
2021-08-31 13:52:11 +02:00
Bruno BELANYI 87613a9163 modules: services: add paperless 2021-08-31 13:52:11 +02:00
Bruno BELANYI 78064bb2a1 modules: services: nginx: nginx-sso verbose logs
All checks were successful
continuous-integration/drone/push Build is passing
For some reason it still doesn't appear in the systemd log...
2021-08-30 17:38:25 +02:00
Bruno BELANYI 70af0ba99a modules: services: nginx: add SSO 2021-08-30 17:36:39 +02:00
Bruno BELANYI dc2a3610a6 modules: services: nginx: enable explicitly 2021-08-30 17:36:39 +02:00
Bruno BELANYI 7032ddef37 modules: services: use new nginx wrapper
All checks were successful
continuous-integration/drone/push Build is passing
And when not possible, document why.

Note for the future: there is some repetition in some modules to
configure the correct value of the subdomain, which I happen to know
will line up correctly thanks to the nginx wrapper. A good way to
refactor this in the future would involve avoiding this repetition,
allowing use to query the correct domain in some way...
2021-08-26 15:54:13 +02:00
Bruno BELANYI 81e12969eb modules: services: nginx: overhaul modularity
This should be all that's needed for almost all my services.
2021-08-26 15:54:13 +02:00
Bruno BELANYI 30fc01b5ae modules: services: nextcloud: exclude previews
All checks were successful
continuous-integration/drone/push Build is passing
2021-08-19 14:27:40 +02:00
Bruno BELANYI 13684ecdc4 modules: services: backup: make it verbose 2021-08-19 14:27:40 +02:00
Bruno BELANYI ec6b31f4a6 modules: services: add navidrome 2021-08-19 12:23:06 +02:00
Bruno BELANYI 2cc1925346 modules: services: backup: fix exclude files
All checks were successful
continuous-integration/drone/push Build is passing
I was using the wrong option... Somehow it didn't error out.
2021-08-09 20:08:43 +02:00
Bruno BELANYI 1783c2838b modules: services: tlp: add power scaling 2021-07-31 16:56:20 +02:00
Bruno BELANYI e215f7aa1d modules: services: nextcloud: upgrade version
All checks were successful
continuous-integration/drone/push Build is passing
2021-07-29 13:42:28 +02:00
Bruno BELANYI afb683f1cf flake: bump inputs
And update package names for grafana dashboards to avoid breaking the
config.
2021-07-29 13:42:28 +02:00
Bruno BELANYI c320387746 modules: services: postgres: upgrade version 2021-07-29 13:03:10 +02:00
Bruno BELANYI bbb1231ad3 modules: services: postgres: add migration script
The process to upgrade is:

* Make sure the version number of the script is one major version over
  the service version.

* Activate the script, rebuild configuration.

* Run `upgrade-pg-cluster` as `root`. One can give arguments like
  `--link` or `--jobs 4` to speedup the process. See documentation for
  some details.

* Change package to new version once the upgrade is finished, rebuild
  configuration.

* Optionally, `ANALYZE` the new database.
2021-07-29 13:02:49 +02:00
Bruno BELANYI 9f00d8a38e modules: services: add postgresql
Enable the service itself in other modules when needed, but pin the
package in a single place.
2021-07-29 12:43:28 +02:00
Bruno BELANYI 820b52314f modules: services: monitoring: add scrape interval
All checks were successful
continuous-integration/drone/push Build is passing
2021-07-15 18:54:07 +02:00
Bruno BELANYI e060476f32 modules: services: add monitoring dashboard 2021-07-13 19:17:33 +02:00
Bruno BELANYI 2458ddf59d modules: services: add monitoring
This includes a dashboard to monitor system ressources, using
Prometheus.
2021-07-13 19:17:33 +02:00
Bruno BELANYI 971b610cd5 modules: services: matrix: SSL only for server
This is a requirement anyway for homeservers, and the `forceSSL` option
tried to create a redirect for non-SSL traffic, except the `listen`
option only provided SSL endpoints anyway, so this resulted in
additional rules in the nginx config looking like this:

```nginx
server {
        server_name matrix.belanyi.fr ;
        location /.well-known/acme-challenge {
                root /var/lib/acme/acme-challenge;
                auth_basic off;
        }
        location / {
                return 301 https://$host$request_uri;
        }
}
```
2021-07-13 17:43:31 +02:00
Bruno BELANYI daa69a54fa modules: services: indexers: limit Jackett memory
All checks were successful
continuous-integration/drone/push Build is passing
2021-06-15 21:25:56 +02:00
Bruno BELANYI ee21de5b94 modules: services: matrix: add mail configuration
All checks were successful
continuous-integration/drone/push Build is passing
2021-06-09 19:14:09 +02:00
Bruno BELANYI 06c53620f8 modules: services: matrix: enable spaces 2021-06-09 18:33:54 +02:00
Bruno BELANYI d43045c6d6 modules: services: matrix: add SMS verification 2021-06-09 18:32:59 +02:00
Bruno BELANYI d2704b17fe modules: move 'services' into subfolder 2021-05-29 16:56:15 +02:00