Bruno BELANYI
4bb1387376
modules: services: add tandoor-recipes
ci/woodpecker/push/check Pipeline was successful
2023-07-15 15:46:04 +02:00
Bruno BELANYI
5741421604
modules: services: nextcloud: enable 'notify_push'
2023-07-15 15:46:04 +02:00
Bruno BELANYI
c037d3844a
modules: services: nextcloud: configure redis
...
ci/woodpecker/push/check Pipeline was successful
I keep having some file-locking issues, and heard that using redis might
help alleviate those errant locks.
It's also necessary to use the `notify_push` app.
2023-07-15 14:01:14 +01:00
Bruno BELANYI
3e5fbfeb7a
modules: services: nextcloud: bump to 27
ci/woodpecker/push/check Pipeline was successful
2023-06-23 12:03:13 +02:00
Bruno BELANYI
2f03d92dd9
modules: services: woodpecker: use docker module
ci/woodpecker/push/check Pipeline was successful
2023-06-11 16:25:23 +01:00
Bruno BELANYI
e44dd4c6ea
modules: services: drone: use docker module
2023-06-11 16:25:23 +01:00
Bruno BELANYI
df9b060947
modules: system: podman: check for docker conflict
2023-06-11 16:23:31 +01:00
Bruno BELANYI
73fdd4622b
modules: system: add docker
2023-06-11 16:17:42 +01:00
Bruno BELANYI
5aa136f796
modules: system: podman: fix removed option
ci/woodpecker/push/check Pipeline was successful
2023-06-08 15:43:46 +00:00
Bruno BELANYI
18c9458cfa
modules: system: users: add 'docker' group
2023-06-08 15:43:46 +00:00
Bruno BELANYI
c0995929c4
modules: system: podman: add weekly purge
2023-06-08 15:43:46 +00:00
Bruno BELANYI
5d570dbf1e
modules: programs: steam: use writeShellScriptBin
ci/woodpecker/push/check Pipeline was successful
2023-06-03 13:40:44 +01:00
Bruno BELANYI
4f6f483851
modules: programs: steam: simplify wrapper
2023-06-03 13:40:44 +01:00
Bruno BELANYI
175a8acde2
modules: services: add vikunja
2023-05-13 21:18:57 +02:00
Bruno BELANYI
685c571018
modules: services: nginx: add 'socket' option
2023-05-13 21:18:57 +02:00
Bruno BELANYI
574634b64e
modules: services: blog: use 302 redirection
...
ci/woodpecker/push/check Pipeline was successful
That way the browser doesn't cache it, in case I do end up using that
domain after all.
2023-05-07 15:20:14 +01:00
Bruno BELANYI
a1dd0bb792
modules: services: matrix: remove 'with lib'
ci/woodpecker/push/check Pipeline was successful
2023-05-04 12:19:31 +00:00
Bruno BELANYI
c19baeb19d
modules: system: podman: remove unused 'options'
2023-05-04 09:27:19 +00:00
Bruno BELANYI
62d9359eb7
modules: services: matrix: clean-up formatting
2023-05-04 09:27:19 +00:00
Bruno BELANYI
2f3989bba1
modules: services: wireguard: simplify
2023-05-03 15:15:31 +00:00
Bruno BELANYI
49b2cb9781
modules: secrets: remove unused 'options'
2023-05-03 15:15:31 +00:00
Bruno BELANYI
fadb8e96fc
modules: system: nix: add 'cache.selfHosted'
2023-05-03 15:02:44 +00:00
Bruno BELANYI
20d19ed128
modules: system: nix: rename 'inputs' options
2023-05-03 15:02:44 +00:00
Bruno BELANYI
455a4e5431
modules: services: add nix-serve
2023-05-03 15:02:44 +00:00
Bruno BELANYI
d9e115a876
modules: services: woodpecker: adapt gitea URL
2023-05-03 15:02:44 +00:00
Bruno BELANYI
d8c841333b
modules: services: gitea: migrate settings
...
Most of the settings are now RFC-42 compliant.
2023-05-03 15:02:44 +00:00
Bruno BELANYI
638f4a7774
modules: system: boot: rename 'tmp' options
ci/woodpecker/push/check Pipeline was successful
2023-04-17 21:25:15 +02:00
Bruno BELANYI
7cebaa3751
modules: secrets: move wireguard keys
...
This is a bit special, as some of the keys do not belong to NixOS hosts,
so store those in the module itself, and into host-specific directories
for the keys that are NixOS hosts.
2023-04-17 08:18:27 +00:00
Bruno BELANYI
ed745602a1
modules: secrets: move non-existent key workaround
...
Since this configuration was only there to accommodate `aramis`, make it
be host-specific instead, and rely on the default value otherwise.
2023-04-16 19:44:02 +01:00
Bruno BELANYI
6079485b50
modules: secrets: move host-specific secrets
2023-04-16 19:44:02 +01:00
Bruno BELANYI
57008bcb7c
hosts: nixos: add host-specific secrets module
...
This is the same logic as the common module, but for secrets that don't
need to be shared to different hosts.
2023-04-16 19:44:02 +01:00
Bruno BELANYI
34a3f9a0d6
modules: secrets: centralize agenix keys
...
If I intend on splitting the keys depending on which host needs to have
access to it, I should have a singular spot to manage the keys.
2023-04-16 19:44:02 +01:00
Bruno BELANYI
68bf36c45c
modules: secrets: wireguard: remove unused file
...
The peer definitions have been inlined into the Wireguard module a long
time ago.
2023-04-13 17:05:52 +00:00
Bruno BELANYI
54e9303319
modules: secrets: use diff-friendly formatting
ci/woodpecker/push/check Pipeline was successful
2023-04-13 15:55:34 +00:00
Bruno BELANYI
04f23976ee
modules: services: woodpecker: remove unused env
ci/woodpecker/push/check Pipeline was successful
2023-04-13 15:24:34 +00:00
Bruno BELANYI
94141d53b8
modules: services: woodpecker: remove 'TODO'
2023-04-13 15:17:16 +00:00
Bruno BELANYI
f15b3aa23d
modules: services: woodpecker: allow setuid
...
ci/woodpecker/push/check Pipeline was successful
I need it to be able to use `ssh-agent`, for some of my workflows.
2023-04-01 21:06:50 +02:00
Bruno BELANYI
7a5842f03a
modules: services: matrix: remove obsolete comment
continuous-integration/drone/push Build is passing
2023-04-01 15:56:48 +01:00
Bruno BELANYI
d20e921e33
modules: secrets: fix 'matrix/secret'
2023-04-01 15:56:48 +01:00
Bruno BELANYI
7e06f75a5d
modules: secrets: add woodpecker
2023-04-01 15:56:48 +01:00
Bruno BELANYI
020a32b9e8
modules: services: add woodpecker
2023-04-01 15:56:48 +01:00
Bruno BELANYI
5d9524dbdf
modules: services: blog: better blog redirection
2023-04-01 13:05:47 +02:00
Bruno BELANYI
a22fe4e636
modules: services: nextcloud: bump to 26
2023-04-01 13:05:47 +02:00
Bruno BELANYI
b909f43269
modules: services: nginx: sort settings
continuous-integration/drone/push Build is passing
2023-03-28 15:31:05 +00:00
Bruno BELANYI
cae174b0f7
modules: services: nginx: all recommended settings
2023-03-28 15:31:05 +00:00
Bruno BELANYI
642e58fc22
modules: hardware: bluetooth: use 'wireplumber'
continuous-integration/drone/push Build is passing
2023-03-28 15:31:05 +00:00
Bruno BELANYI
ad0c99c6f0
modules: services: paperless: fix postgres order
continuous-integration/drone/push Build is passing
2023-03-23 12:16:40 +00:00
Bruno BELANYI
1751704ab3
modules: system: podman: remove unused arguments
continuous-integration/drone/push Build is passing
2023-03-22 10:46:10 +00:00
Bruno BELANYI
e799318a36
modules: hardware: firmware: remove unused 'pkgs'
2023-03-22 10:45:13 +00:00
Bruno BELANYI
70e235dfcc
modules: secrets: drone: modify gitea domain
...
Since I've changed the official subdomain for my forge, let's update it.
2023-03-16 21:40:06 +01:00
Bruno BELANYI
e50b259a70
modules: services: gitea: change domain to 'git.*'
...
Because cool URLs don't change [1], setup a re-directed for it.
[1]: https://www.w3.org/Provider/Style/URI.html
2023-03-16 21:33:22 +01:00
Bruno BELANYI
b3d90be8b1
modules: services: nginx: add 'redirect' option
2023-03-16 21:33:22 +01:00
Bruno BELANYI
20341a3129
refactor: 'with lib.my' -> 'with lib'
2023-03-16 16:42:55 +00:00
Bruno BELANYI
fafbb93ea9
modules: home: use named 'nixosModules'
continuous-integration/drone/push Build is passing
2023-03-11 20:44:04 +00:00
Bruno BELANYI
8b9a01a0ef
modules: system: nix: DRY inputs handling
2023-02-25 01:43:07 +00:00
Bruno BELANYI
54a6be70c8
modules: system: nix: simplify 'NIX_PATH'
...
Since we now have an explicit 'pkgs' link, we can just add the folder
with all linked inputs directly instead of adding them all manually.
2023-02-25 01:43:07 +00:00
Bruno BELANYI
a99954b12a
modules: system: nix: add explicit 'pkgs' link
2023-02-25 01:43:07 +00:00
Bruno BELANYI
6eb87c21b7
modules: system: nix: use stable 'NIX_PATH'
...
continuous-integration/drone/push Build is passing
Since the links are updated on system switch, NIX_PATH will
automatically point to the actual system version of the inputs at all
times
2023-02-23 21:03:22 +00:00
Bruno BELANYI
c1214547da
modules: system: nix: add '/etc/nix/inputs' links
2023-02-23 20:58:05 +00:00
Bruno BELANYI
3505b4d7f0
modules: services: sabnzbd: add fail2ban jail
continuous-integration/drone/push Build is passing
2023-02-20 23:01:50 +01:00
Bruno BELANYI
2485a60d62
modules: services: calibre-web: add fail2ban jail
continuous-integration/drone/push Build is passing
2023-02-20 09:04:50 +00:00
Bruno BELANYI
b9f6c5d534
modules: services: gitea: add fail2ban jail
2023-02-20 09:04:50 +00:00
Bruno BELANYI
d647830911
modules: services: order imports
2023-02-20 09:04:50 +00:00
Bruno BELANYI
13aa8abfaf
modules: services: add fail2ban
2023-02-20 09:04:50 +00:00
Bruno BELANYI
5bce2fafde
modules: system: nix: override '<nixpkgs>'
continuous-integration/drone/push Build is passing
2023-02-11 11:04:10 +00:00
Bruno BELANYI
26bf4e3631
modules: system: nix: preprend to 'NIX_PATH'
...
Instead of appending to the default value.
This makes overriding some values that are defined as the default value easier.
2023-02-11 11:04:10 +00:00
Bruno BELANYI
6b4c01a242
modules: services: ssh-server: use 'settings'
2023-01-28 22:51:18 +01:00
Bruno BELANYI
aeb3245327
modules: services: blog: GNU T.P.
2022-12-18 12:59:42 +01:00
Bruno BELANYI
c961bdbfc4
modules: services: transmission: remove MemoryHigh
...
The service does not actively try to reduce its memory usage, so to make
sure we do reach `MemoryMax` let's remove the `MemoryHigh`
configuration.
2022-12-16 21:43:49 +01:00
Bruno BELANYI
1e10c6630b
modules: services: nginx: fix SSL renewal
...
See this issue [1].
[1]: https://github.com/go-acme/lego/issues/1772 .
2022-11-29 17:19:24 +01:00
Bruno BELANYI
b85a98c377
modules: services: nextcloud: disable broken SSE
...
I don't use server-side encryption anyway.
2022-11-28 10:18:50 +01:00
Bruno BELANYI
1967c8ef79
modules: services: transmission: limit memory use
2022-11-20 13:15:58 +01:00
Bruno BELANYI
f6a00ec838
modules: services: paperless: require postgres
2022-11-03 18:06:36 +01:00
Bruno BELANYI
05be340b7e
modules: services: nextcloud: bump to 25
2022-11-03 16:59:19 +01:00
Bruno BELANYI
30ce88f42f
flake: bump inputs
...
And migrate to the new RFC42 grafana options.
2022-11-03 16:58:47 +01:00
Bruno BELANYI
4c0c6a75b2
modules: system: packages: configure aliases
...
Disallow them by default, but make it configurable.
2022-09-30 08:59:27 +02:00
Bruno BELANYI
5e021e6436
all: remove package aliases
2022-09-30 08:59:27 +02:00
Bruno BELANYI
c05fafefe8
modules: services: gitea: migrate to 'settings'
2022-08-31 17:19:58 +02:00
Bruno BELANYI
48495851ba
modules: services: grocy: fix SSL configuration
2022-07-28 18:29:10 +02:00
Bruno BELANYI
2ba9c63f2e
modules: services: add grocy
2022-07-28 18:29:10 +02:00
Bruno BELANYI
914b064f72
modules: services: paperless: fix DB dependency
2022-07-28 17:54:02 +02:00
Bruno BELANYI
37d272fcfb
modules: services: lohr: add 'openssh'
...
The git binary is not wrapped to add it in PATH anymore.
2022-05-31 13:54:34 +02:00
Bruno BELANYI
052d5a3df7
modules: services: nextcloud: bump to 24
2022-05-23 15:49:22 +02:00
Bruno BELANYI
46affd5057
modules: hardware: bluetooth: remove wireplumber
...
This configuration file completely breaks my sound setup.
Will investigate more at a later time, in the mean time, since this is
basically the default options, I will just remove the configuration
file.
This reverts commit c987206bc5
.
2022-05-02 11:18:23 +02:00
Bruno BELANYI
43cb3ae582
modules: hardware: add firmware
2022-04-27 14:03:18 +02:00
Bruno BELANYI
cb84b49438
modules: hardware: bluetooth: add wireplumber conf
...
Now that `media-session` is deprecated, I should at least replicate this
configuration for `wireplumber`.
2022-04-27 14:03:10 +02:00
Bruno BELANYI
0caa78af10
flake: bump inputs
...
And ensure that the renamed `paperless` services are configured
correctly.
2022-04-27 14:02:17 +02:00
Bruno BELANYI
a9e004f7c1
modules: secrets: gitea: add 'mail-password'
2022-04-08 21:34:44 +02:00
Bruno BELANYI
94143f9d33
modules: services: gitea: add 'mail' configuration
2022-04-08 21:34:44 +02:00
Bruno BELANYI
0db2c0a13c
modules: services: matrix: use 'settings'
...
The unstructured attributes are hard-deprecated.
2022-03-08 11:56:32 +01:00
Bruno BELANYI
cc91b88b28
flake: bump inputs
...
And do not use 'pipewire-media-session' which is deprecated.
2022-03-02 12:13:13 +01:00
Bruno BELANYI
39431c2656
modules: system: nix: use structural 'settings'
...
Instead of a stringly-typed `extraOptions`.
2022-02-08 14:32:00 +01:00
Bruno BELANYI
ba5782e748
modules: system: packages: remove some packages
...
They either belong in a nix shell or are taken care of by other
configurations.
2022-01-14 15:06:55 +01:00
Bruno BELANYI
8151b28527
modules: services: nginx: use 'acme.default.email'
...
The option `security.acme.email` has been deprecated.
2022-01-14 13:30:22 +01:00
Bruno BELANYI
e6fe5e57c9
modules: system: add podman
2022-01-14 13:24:09 +01:00
Bruno BELANYI
5c7ef3232e
modules: system: nix: add inputs to NIX_PATH
2022-01-07 08:55:58 +01:00
Bruno BELANYI
4d5d662913
modules: services: nextcloud: upgrade version
2021-12-07 19:11:32 +01:00
Bruno BELANYI
070a929f88
flake: bump inputs
...
And use renamed option for agenix identities.
2021-12-07 19:11:32 +01:00
Bruno BELANYI
d86ff6192c
modules: system: nix: don't change daemon niceness
...
This option doesn't really work the way it should anyway [1].
This reverts commit cbf6ea9ac9
.
[1]: https://github.com/NixOS/nixpkgs/pull/138741
2021-11-23 18:53:11 +01:00
Bruno BELANYI
d490a7de78
modules: services: nginx-sso: always rewrite conf
2021-11-06 15:43:00 +01:00