Bruno BELANYI
3bf3980e45
modules: services: nginx: allow sso secret files
...
This is in preparation of the migration to agenix, which does not allow
access to the secrets at build time.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
875a3d8587
machines: porthos: users: use clear-text ssh key
2021-09-26 23:09:32 +02:00
Bruno BELANYI
ca5e5a53cd
modules: services: nginx: use 'credentialsFile'
...
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
ba10af0644
modules: services: matrix: use 'mailConfigFile'
...
In preparation of the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
0f2c20e51d
modules: services: paperless: use 'secretKeyFile'
...
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
ca218730ff
modules: services: nextcloud: use 'credentialsfile'
...
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
ac5fd7f472
modules: services: miniflux: use 'credentialsFiles'
...
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI
db37cea907
modules: services: transmission: secrets w/ file
...
In preparation for the migration to using agenix.
2021-09-26 23:09:31 +02:00
Bruno BELANYI
8ffad5d41b
machines: porthos: services: enable paperless
2021-08-31 13:52:11 +02:00
Bruno BELANYI
dc2a3610a6
modules: services: nginx: enable explicitly
2021-08-30 17:36:39 +02:00
Bruno BELANYI
7032ddef37
modules: services: use new nginx wrapper
...
continuous-integration/drone/push Build is passing
And when not possible, document why.
Note for the future: there is some repetition in some modules to
configure the correct value of the subdomain, which I happen to know
will line up correctly thanks to the nginx wrapper. A good way to
refactor this in the future would involve avoiding this repetition,
allowing use to query the correct domain in some way...
2021-08-26 15:54:13 +02:00
Bruno BELANYI
81e12969eb
modules: services: nginx: overhaul modularity
...
This should be all that's needed for almost all my services.
2021-08-26 15:54:13 +02:00
Bruno BELANYI
fe720b2de3
machines: porthos: services: enable navidrome
continuous-integration/drone/push Build is passing
2021-08-19 12:23:06 +02:00
Bruno BELANYI
2ecd417a68
machines: porthos: services: enable monitoring
continuous-integration/drone/push Build is passing
2021-07-13 19:17:33 +02:00
Bruno BELANYI
ee21de5b94
modules: services: matrix: add mail configuration
continuous-integration/drone/push Build is passing
2021-06-09 19:14:09 +02:00
Bruno BELANYI
f9bcf79430
modules: hardware: move 'networking'
2021-05-29 16:56:15 +02:00
Bruno BELANYI
78d77890de
machines: porthos: services: enable flood
continuous-integration/drone/push Build is failing
2021-05-22 23:59:27 +02:00
Bruno BELANYI
76148d75b8
machines: aramis: services: remove gnupg-agent
...
The one configured by home-manager is more appropriate.
2021-05-16 00:03:59 +02:00
Bruno BELANYI
f04368a71e
machines: porthos: set timezone
2021-05-16 00:03:59 +02:00
Bruno BELANYI
f634f1b2ed
flake: refactor handling of shared modules
2021-05-08 17:14:13 +02:00
Bruno BELANYI
84b61b25b3
services: wireguard: allow disabling service
...
Only the server *needs* to have wireguard up at all times. However a
laptop or desktop probably doesn't need it up at all times.
2021-04-25 12:39:17 +00:00
Bruno BELANYI
a551ace6a6
machines: porthos: services: enable adblock
2021-04-25 12:39:17 +00:00
Bruno BELANYI
471fe4e21f
machines: porthos: services: enable podgrab
2021-04-15 16:24:41 +00:00
Bruno BELANYI
ff975b8c7d
machines: porthos: services: enable lohr
2021-04-01 22:48:38 +00:00
Bruno BELANYI
56212a0c9e
machines: porthos: users: remove unused attribute
2021-03-08 19:00:01 +00:00
Bruno BELANYI
5b63b70958
modules: users: add to groups in single place
2021-03-07 18:39:42 +00:00
Bruno BELANYI
28394efc2c
machines: porthos: add installation script
...
This is mostly to reference the installation process when looking back,
rather than explicitly be able re-install this exect configuration.
2021-03-03 17:02:48 +00:00
Bruno BELANYI
b135646c28
machine: porthos: hardware: use disks by label
2021-03-03 17:02:48 +00:00
Bruno BELANYI
4e073b8d02
machines: porthos: services: enable Calibre-web
2021-03-03 17:02:48 +00:00
Bruno BELANYI
e74e46a0e6
machines: porthos: networking: set externalInterface
2021-02-25 15:29:06 +00:00
Bruno BELANYI
a4da864981
machines: porthos: enable Wireguard
2021-02-25 15:29:06 +00:00
Bruno BELANYI
b972c0bef3
porthos: services: enable 'exec' Drone runner
2021-02-25 15:29:06 +00:00
Bruno BELANYI
91be5ad978
porthos: services: enable Miniflux
2021-02-25 15:29:06 +00:00
Bruno BELANYI
340906d6b2
porthos: users: add 'ambroisie' to 'media'
...
This only done when the groups exists.
2021-02-25 15:29:06 +00:00
Bruno BELANYI
866225393b
porthos: move files into 'machines' directory
...
But keep 'porthos.nix' at the root of the repository. I feel like it is
cleaner to keep device specific files at the root.
2021-02-25 15:29:06 +00:00