Commit graph

1528 commits

Author SHA1 Message Date
Bruno BELANYI bf6af94bec modules: services: paperless: proxy websockets 2021-08-31 13:52:11 +02:00
Bruno BELANYI 14d56a1337 machines: porthos: services: enable paperless 2021-08-31 13:52:11 +02:00
Bruno BELANYI 23484989a6 modules: services: paperless: add admin password
This is a fallback in case SSO stops working...
2021-08-31 13:52:11 +02:00
Bruno BELANYI 197f371ca9 secrets: add paperless password
To be used as a fallback.
2021-08-31 13:52:11 +02:00
Bruno BELANYI da4595cd39 modules: services: add paperless 2021-08-31 13:52:11 +02:00
Bruno BELANYI 2ea68f705d secrets: add paperless 2021-08-31 13:52:11 +02:00
Bruno BELANYI 2d12211d3e flake: bump inputs 2021-08-31 13:52:10 +02:00
Bruno BELANYI 187c35c448 home: pager: remove lesspipe
I don't use it anymore.
2021-08-30 21:23:13 +02:00
Bruno BELANYI 8319f0ea5c modules: services: nginx: nginx-sso verbose logs
For some reason it still doesn't appear in the systemd log...
2021-08-30 17:38:25 +02:00
Bruno BELANYI fd898df590 modules: services: nginx: add SSO 2021-08-30 17:36:39 +02:00
Bruno BELANYI 52079bf1e7 modules: services: nginx: enable explicitly 2021-08-30 17:36:39 +02:00
Bruno BELANYI 878759cb77 secrets: add sso 2021-08-30 17:36:39 +02:00
Bruno BELANYI fd526b674b secrets: allow lists in types 2021-08-30 15:35:00 +02:00
Bruno BELANYI 77cf3430ae modules: services: use new nginx wrapper
And when not possible, document why.

Note for the future: there is some repetition in some modules to
configure the correct value of the subdomain, which I happen to know
will line up correctly thanks to the nginx wrapper. A good way to
refactor this in the future would involve avoiding this repetition,
allowing use to query the correct domain in some way...
2021-08-26 15:54:13 +02:00
Bruno BELANYI a8514dcdf1 modules: services: nginx: overhaul modularity
This should be all that's needed for almost all my services.
2021-08-26 15:54:13 +02:00
Bruno BELANYI 906202b222 lib: lists: add countValues 2021-08-26 15:54:13 +02:00
Bruno BELANYI 7d2c43d157 lib: lists: add 'mapFilter' 2021-08-26 15:54:13 +02:00
Bruno BELANYI 3736e3a415 home: zsh: clean-up blank in history 2021-08-25 12:51:38 +02:00
Bruno BELANYI e2546bd958 home: zsh: append to history
Otherwise the file is replaced rather than appended to.
2021-08-25 12:44:42 +02:00
Bruno BELANYI 3d7420210a home: zsh: do not share history accross shells
It's more annoying than helpful...
2021-08-25 12:22:36 +02:00
Bruno BELANYI fcc3089e77 home: gdb: fix configuration path
Turns out the latest version of `gdb` does not yet look for its
configuration in `XDG_CONFIG_HOME`...
2021-08-22 15:02:57 +02:00
Bruno BELANYI b20ef7f809 home: gdb: add rr 2021-08-21 01:13:14 +02:00
Bruno BELANYI 5edffcd21d home: gdb: fix auto-load safe path 2021-08-20 21:22:27 +02:00
Bruno BELANYI bc6761bdc9 home: add gdb 2021-08-20 20:03:51 +02:00
Bruno BELANYI 087794433e modules: services: nextcloud: exclude previews 2021-08-19 14:27:40 +02:00
Bruno BELANYI 98c2f16eb2 modules: services: backup: make it verbose 2021-08-19 14:27:40 +02:00
Bruno BELANYI 0fe9a57458 machines: porthos: services: enable navidrome 2021-08-19 12:23:06 +02:00
Bruno BELANYI c228916072 modules: services: add navidrome 2021-08-19 12:23:06 +02:00
Bruno BELANYI 414e181a8b flake: bump inputs 2021-08-19 11:49:41 +02:00
Bruno BELANYI 7d09677792 modules: services: backup: fix exclude files
I was using the wrong option... Somehow it didn't error out.
2021-08-09 20:08:43 +02:00
Bruno BELANYI cf2747a98f pkgs: add drone-scp 2021-08-08 18:03:19 +02:00
Bruno BELANYI d679262c6f pkgs: unified-hosts-lists: 3.6.4 -> 3.8.5 2021-08-07 12:29:41 +02:00
Bruno BELANYI e1fddb0b1f pkgs: bw-pass: report errors to stderr
Useful in case the script can't prompt using `rofi`.
2021-07-31 20:17:37 +02:00
Bruno BELANYI 6c3662dbb3 modules: services: tlp: add power scaling 2021-07-31 16:56:20 +02:00
Bruno BELANYI 19c5cd0e13 modules: services: nextcloud: upgrade version 2021-07-29 13:42:28 +02:00
Bruno BELANYI 522d1f49df flake: bump inputs
And update package names for grafana dashboards to avoid breaking the
config.
2021-07-29 13:42:28 +02:00
Bruno BELANYI 3459067cd4 modules: services: postgres: upgrade version 2021-07-29 13:03:10 +02:00
Bruno BELANYI 5d21cecee7 modules: services: postgres: add migration script
The process to upgrade is:

* Make sure the version number of the script is one major version over
  the service version.

* Activate the script, rebuild configuration.

* Run `upgrade-pg-cluster` as `root`. One can give arguments like
  `--link` or `--jobs 4` to speedup the process. See documentation for
  some details.

* Change package to new version once the upgrade is finished, rebuild
  configuration.

* Optionally, `ANALYZE` the new database.
2021-07-29 13:02:49 +02:00
Bruno BELANYI 99c33cd7ad modules: services: add postgresql
Enable the service itself in other modules when needed, but pin the
package in a single place.
2021-07-29 12:43:28 +02:00
Bruno BELANYI eba977b582 modules: services: monitoring: add scrape interval 2021-07-15 18:54:07 +02:00
Bruno BELANYI 2bfbda9942 flake: flatten and filter packages w/ flake-utils
Instead of my home-grown solution, use one that has been upstreamed.
2021-07-14 21:49:31 +02:00
Bruno BELANYI 2291d6b6fa machines: porthos: services: enable monitoring 2021-07-13 19:17:33 +02:00
Bruno BELANYI e342934718 secrets: add monitoring password 2021-07-13 19:17:33 +02:00
Bruno BELANYI 24028669f4 modules: services: add monitoring dashboard 2021-07-13 19:17:33 +02:00
Bruno BELANYI c910b643da modules: services: add monitoring
This includes a dashboard to monitor system ressources, using
Prometheus.
2021-07-13 19:17:33 +02:00
Bruno BELANYI 9fa16a9b33 flake: bump inputs 2021-07-13 19:08:54 +02:00
Bruno BELANYI 7469fe0063 home: git: use topological order in log
It is the one that makes most sense, rather than some kind of date
order...
2021-07-13 17:50:44 +02:00
Bruno BELANYI 5fcc96ab77 modules: services: matrix: SSL only for server
This is a requirement anyway for homeservers, and the `forceSSL` option
tried to create a redirect for non-SSL traffic, except the `listen`
option only provided SSL endpoints anyway, so this resulted in
additional rules in the nginx config looking like this:

```nginx
server {
        server_name matrix.belanyi.fr ;
        location /.well-known/acme-challenge {
                root /var/lib/acme/acme-challenge;
                auth_basic off;
        }
        location / {
                return 301 https://$host$request_uri;
        }
}
```
2021-07-13 17:43:31 +02:00
Bruno BELANYI cdbd37b506 pkgs: bw-pass: change password prompt 2021-07-04 11:52:07 +02:00
Bruno BELANYI 222d9f789d overlays: transgui: correctly use previous patches 2021-07-04 11:52:07 +02:00