Commit graph

35 commits

Author SHA1 Message Date
Bruno BELANYI 3bf3980e45 modules: services: nginx: allow sso secret files
This is in preparation of the migration to agenix, which does not allow
access to the secrets at build time.
2021-09-26 23:09:32 +02:00
Bruno BELANYI 875a3d8587 machines: porthos: users: use clear-text ssh key 2021-09-26 23:09:32 +02:00
Bruno BELANYI ca5e5a53cd modules: services: nginx: use 'credentialsFile'
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI ba10af0644 modules: services: matrix: use 'mailConfigFile'
In preparation of the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI 0f2c20e51d modules: services: paperless: use 'secretKeyFile'
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI ca218730ff modules: services: nextcloud: use 'credentialsfile'
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI ac5fd7f472 modules: services: miniflux: use 'credentialsFiles'
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI db37cea907 modules: services: transmission: secrets w/ file
In preparation for the migration to using agenix.
2021-09-26 23:09:31 +02:00
Bruno BELANYI 8ffad5d41b machines: porthos: services: enable paperless 2021-08-31 13:52:11 +02:00
Bruno BELANYI dc2a3610a6 modules: services: nginx: enable explicitly 2021-08-30 17:36:39 +02:00
Bruno BELANYI 7032ddef37 modules: services: use new nginx wrapper
All checks were successful
continuous-integration/drone/push Build is passing
And when not possible, document why.

Note for the future: there is some repetition in some modules to
configure the correct value of the subdomain, which I happen to know
will line up correctly thanks to the nginx wrapper. A good way to
refactor this in the future would involve avoiding this repetition,
allowing use to query the correct domain in some way...
2021-08-26 15:54:13 +02:00
Bruno BELANYI 81e12969eb modules: services: nginx: overhaul modularity
This should be all that's needed for almost all my services.
2021-08-26 15:54:13 +02:00
Bruno BELANYI fe720b2de3 machines: porthos: services: enable navidrome
All checks were successful
continuous-integration/drone/push Build is passing
2021-08-19 12:23:06 +02:00
Bruno BELANYI 2ecd417a68 machines: porthos: services: enable monitoring
All checks were successful
continuous-integration/drone/push Build is passing
2021-07-13 19:17:33 +02:00
Bruno BELANYI ee21de5b94 modules: services: matrix: add mail configuration
All checks were successful
continuous-integration/drone/push Build is passing
2021-06-09 19:14:09 +02:00
Bruno BELANYI f9bcf79430 modules: hardware: move 'networking' 2021-05-29 16:56:15 +02:00
Bruno BELANYI 78d77890de machines: porthos: services: enable flood
Some checks failed
continuous-integration/drone/push Build is failing
2021-05-22 23:59:27 +02:00
Bruno BELANYI 76148d75b8 machines: aramis: services: remove gnupg-agent
The one configured by home-manager is more appropriate.
2021-05-16 00:03:59 +02:00
Bruno BELANYI f04368a71e machines: porthos: set timezone 2021-05-16 00:03:59 +02:00
Bruno BELANYI f634f1b2ed flake: refactor handling of shared modules 2021-05-08 17:14:13 +02:00
Bruno BELANYI 84b61b25b3 services: wireguard: allow disabling service
Only the server *needs* to have wireguard up at all times. However a
laptop or desktop probably doesn't need it up at all times.
2021-04-25 12:39:17 +00:00
Bruno BELANYI a551ace6a6 machines: porthos: services: enable adblock 2021-04-25 12:39:17 +00:00
Bruno BELANYI 471fe4e21f machines: porthos: services: enable podgrab 2021-04-15 16:24:41 +00:00
Bruno BELANYI ff975b8c7d machines: porthos: services: enable lohr 2021-04-01 22:48:38 +00:00
Bruno BELANYI 56212a0c9e machines: porthos: users: remove unused attribute 2021-03-08 19:00:01 +00:00
Bruno BELANYI 5b63b70958 modules: users: add to groups in single place 2021-03-07 18:39:42 +00:00
Bruno BELANYI 28394efc2c machines: porthos: add installation script
This is mostly to reference the installation process when looking back,
rather than explicitly be able re-install this exect configuration.
2021-03-03 17:02:48 +00:00
Bruno BELANYI b135646c28 machine: porthos: hardware: use disks by label 2021-03-03 17:02:48 +00:00
Bruno BELANYI 4e073b8d02 machines: porthos: services: enable Calibre-web 2021-03-03 17:02:48 +00:00
Bruno BELANYI e74e46a0e6 machines: porthos: networking: set externalInterface 2021-02-25 15:29:06 +00:00
Bruno BELANYI a4da864981 machines: porthos: enable Wireguard 2021-02-25 15:29:06 +00:00
Bruno BELANYI b972c0bef3 porthos: services: enable 'exec' Drone runner 2021-02-25 15:29:06 +00:00
Bruno BELANYI 91be5ad978 porthos: services: enable Miniflux 2021-02-25 15:29:06 +00:00
Bruno BELANYI 340906d6b2 porthos: users: add 'ambroisie' to 'media'
This only done when the groups exists.
2021-02-25 15:29:06 +00:00
Bruno BELANYI 866225393b porthos: move files into 'machines' directory
But keep 'porthos.nix' at the root of the repository. I feel like it is
cleaner to keep device specific files at the root.
2021-02-25 15:29:06 +00:00