Bruno BELANYI
4f0a66c80e
porthos: boot: clean-up style
2021-02-08 10:49:59 +00:00
Bruno BELANYI
21747212dd
porthos: services: extract ssh-server
2021-02-08 10:49:59 +00:00
Bruno BELANYI
3b148ad684
porthos: split into modules
...
I have separated the modules into host-specific settings, and generic
settings that ought to be shared by every host.
I only have the 'porthos' host for now, but intend to also add my laptop
'aramis' at some point to this repository.
2021-02-08 10:49:59 +00:00
Bruno BELANYI
d1d33fd1d1
secrets: modularise
...
Instead of reading from the 'secrets' directory all over the place,
consolidate all secrets-handling inside the same module.
This means that finally, the 'acme' service does not need to come read
right into this repository, however this leads to a potentially unsecure
setup (because I am storing passwords in the Nix store)... I have
decided not to care about this relatively minor issue, but I could
revisit it by using `sops-nix` in the future.
2021-02-08 10:49:59 +00:00
Bruno BELANYI
0871f3e6b4
project: readme: add quassel to manual steps
2021-02-08 10:49:59 +00:00
Bruno BELANYI
47396fbab0
services: add Quassel
...
Unfortunately this service is stateful, you need to connect to it to set
up the first user.
2021-02-08 10:49:59 +00:00
Bruno BELANYI
41c777d2e2
services: add RSS-Bridge
2021-02-08 10:49:59 +00:00
Bruno BELANYI
04dd1bc671
project: add simple README
2021-02-08 10:49:59 +00:00
Bruno BELANYI
e29adcda03
services: add indexers
...
Includes both Jackett and NZBHydra2.
2021-02-08 10:49:59 +00:00
Bruno BELANYI
4d68a706a3
flake: add NUR overlay
2021-02-08 10:49:59 +00:00
Bruno BELANYI
49779cac21
flake: switch to unstable nixpkgs
2021-02-08 10:49:59 +00:00
Bruno BELANYI
34548c28ec
flake: init configuration
2021-02-08 10:49:59 +00:00
Bruno BELANYI
d79538e1ab
configuration: nix: enable nix flakes
2021-02-08 10:49:58 +00:00
Bruno BELANYI
bfba8c005c
services: add postgres-backup
2021-02-08 10:49:58 +00:00
Bruno BELANYI
f766d093e2
configuration: users: disallow mutable users
2021-02-08 10:49:58 +00:00
Bruno BELANYI
7ca077adf7
configuration: users: use hashedPassword
2021-02-08 10:49:58 +00:00
Bruno BELANYI
34ff469b6d
services: add nextcloud
...
The password is quoted using `"` instead of `'` in the setup script,
beware of `$` characters...
2021-02-08 10:49:58 +00:00
Bruno BELANYI
adfc2eb832
services: matrix: remove postgreSQL backup
...
This really deserves to be its own service instead.
2021-02-08 10:49:58 +00:00
Bruno BELANYI
442c691933
matrix: proxy calls to '/_synapse/client'
2021-02-08 10:49:58 +00:00
Bruno BELANYI
6bfa421112
services: matrix: use shared registration secret
2021-02-08 10:49:58 +00:00
Bruno BELANYI
6b1de02ea3
services: matrix: configure DB on launch
2021-02-08 10:49:58 +00:00
Bruno BELANYI
303da60e0b
services: gitea: clean up configuration
...
I want the ssh addresses to use 'git' as a user, so the service must be
set up with this user as well.
I also want the port to be configurable in case I need to change it.
2021-02-08 10:49:58 +00:00
Bruno BELANYI
6038d0df60
services: add sabnzbd
...
Its configuration isn't declarative :-(.
Notably, the port needs to be changed from '8080' to '9090' in its
configuration file (at '/var/lib/sabnzbd/').
2021-02-03 20:38:54 +01:00
Bruno BELANYI
89db21792c
configuration: use fileContents
...
Instead of emulating it with 'readFile'
2021-02-03 20:38:54 +01:00
Bruno BELANYI
81a08e7d98
configuration: allow unfree packages
2021-02-03 20:38:54 +01:00
Bruno BELANYI
27d089afaa
services: add transmission
...
This service makes use of the default webui. I really like combustion
more, but am willing to use that one instead given the few amount of
time I actually spend looking at it
2021-02-03 20:38:54 +01:00
Bruno BELANYI
680d82bc3b
services: add pirate
...
The whole suite of *-arr media managers.
2021-02-03 20:38:54 +01:00
Bruno BELANYI
9446651944
services: add jellyfin
...
This makes use of the 'media' group, to allow using the same group for
any software that would either read or write to my media collection.
2021-02-03 20:38:54 +01:00
Bruno BELANYI
c5fd1b4e63
configuration: store ssh keys in subfolder
2021-02-03 20:38:54 +01:00
Bruno BELANYI
b4b62b5bc6
services: add gitea
2021-02-03 20:38:54 +01:00
Bruno BELANYI
5d41f6206d
services: add matrix
2021-02-03 12:12:41 +01:00
Bruno BELANYI
c4e78b2f16
secrets: acme: add dns key
2021-02-03 11:55:33 +01:00
Bruno BELANYI
85e153ac2f
secrets: init git-crypt
2021-02-03 11:55:33 +01:00
Bruno BELANYI
32444fe8ae
services: add nginx and acme auto-configuration
...
This ensures that the recommened settings are turned on when using Nginx
in any service. It also provides for a SSL certificate using Let's
Encrypt.
2021-02-03 11:55:33 +01:00
Bruno BELANYI
f85f7ff0b8
porthos: initial configuration
2021-02-03 11:55:33 +01:00