Commit graph

142 commits

Author SHA1 Message Date
Bruno BELANYI ac5fd7f472 modules: services: miniflux: use 'credentialsFiles'
In preparation for the migration to agenix.
2021-09-26 23:09:32 +02:00
Bruno BELANYI db37cea907 modules: services: transmission: secrets w/ file
In preparation for the migration to using agenix.
2021-09-26 23:09:31 +02:00
Bruno BELANYI 75312c747b modules: remove unused arguments 2021-09-24 01:21:57 +02:00
Bruno BELANYI 2d26b36e31 modules: services: nginx: use 'recursiveMerge'
All checks were successful
continuous-integration/drone/push Build is passing
2021-09-23 22:11:25 +02:00
Bruno BELANYI bd1a2000fe modules: system: users: use 'initialHashedPassword'
This is the better option to use in case I want to have a stateless
system.
2021-09-23 21:30:24 +02:00
Bruno BELANYI 4a0c10b897 modules: system: users: use 'ambroisie' password
Do not rely on `my.user.name` which could be changed to a value not
available in the secrets.
2021-09-23 21:28:29 +02:00
Bruno BELANYI 9f3811ea3b modules: programs: steam: respect XDG conventions
All checks were successful
continuous-integration/drone/push Build is passing
Steam wants to pollute HOME with `.steam*` files and folders, which are
useless and annoying.

We want to make sure the wrappers are preferred when installing, so use
`lib.hiPrio` to ensure they get chosen.
2021-09-15 19:23:24 +02:00
Bruno BELANYI 37bb7fd625 modules: programs: add steam 2021-09-15 19:23:24 +02:00
Bruno BELANYI 45321072fc modules: add 'programs' directory 2021-09-15 16:48:10 +02:00
Bruno BELANYI ed456c999d modules: system: remove 'media'
All checks were successful
continuous-integration/drone/push Build is passing
It was not the idiomatic way to do this.
2021-09-15 16:10:06 +02:00
Bruno BELANYI 808058d576 modules: services: paperless: proxy websockets 2021-08-31 13:52:11 +02:00
Bruno BELANYI 52706ab4c4 modules: services: paperless: add admin password
This is a fallback in case SSO stops working...
2021-08-31 13:52:11 +02:00
Bruno BELANYI 87613a9163 modules: services: add paperless 2021-08-31 13:52:11 +02:00
Bruno BELANYI 78064bb2a1 modules: services: nginx: nginx-sso verbose logs
All checks were successful
continuous-integration/drone/push Build is passing
For some reason it still doesn't appear in the systemd log...
2021-08-30 17:38:25 +02:00
Bruno BELANYI 70af0ba99a modules: services: nginx: add SSO 2021-08-30 17:36:39 +02:00
Bruno BELANYI dc2a3610a6 modules: services: nginx: enable explicitly 2021-08-30 17:36:39 +02:00
Bruno BELANYI 7032ddef37 modules: services: use new nginx wrapper
All checks were successful
continuous-integration/drone/push Build is passing
And when not possible, document why.

Note for the future: there is some repetition in some modules to
configure the correct value of the subdomain, which I happen to know
will line up correctly thanks to the nginx wrapper. A good way to
refactor this in the future would involve avoiding this repetition,
allowing use to query the correct domain in some way...
2021-08-26 15:54:13 +02:00
Bruno BELANYI 81e12969eb modules: services: nginx: overhaul modularity
This should be all that's needed for almost all my services.
2021-08-26 15:54:13 +02:00
Bruno BELANYI 30fc01b5ae modules: services: nextcloud: exclude previews
All checks were successful
continuous-integration/drone/push Build is passing
2021-08-19 14:27:40 +02:00
Bruno BELANYI 13684ecdc4 modules: services: backup: make it verbose 2021-08-19 14:27:40 +02:00
Bruno BELANYI ec6b31f4a6 modules: services: add navidrome 2021-08-19 12:23:06 +02:00
Bruno BELANYI 2cc1925346 modules: services: backup: fix exclude files
All checks were successful
continuous-integration/drone/push Build is passing
I was using the wrong option... Somehow it didn't error out.
2021-08-09 20:08:43 +02:00
Bruno BELANYI 1783c2838b modules: services: tlp: add power scaling 2021-07-31 16:56:20 +02:00
Bruno BELANYI e215f7aa1d modules: services: nextcloud: upgrade version
All checks were successful
continuous-integration/drone/push Build is passing
2021-07-29 13:42:28 +02:00
Bruno BELANYI afb683f1cf flake: bump inputs
And update package names for grafana dashboards to avoid breaking the
config.
2021-07-29 13:42:28 +02:00
Bruno BELANYI c320387746 modules: services: postgres: upgrade version 2021-07-29 13:03:10 +02:00
Bruno BELANYI bbb1231ad3 modules: services: postgres: add migration script
The process to upgrade is:

* Make sure the version number of the script is one major version over
  the service version.

* Activate the script, rebuild configuration.

* Run `upgrade-pg-cluster` as `root`. One can give arguments like
  `--link` or `--jobs 4` to speedup the process. See documentation for
  some details.

* Change package to new version once the upgrade is finished, rebuild
  configuration.

* Optionally, `ANALYZE` the new database.
2021-07-29 13:02:49 +02:00
Bruno BELANYI 9f00d8a38e modules: services: add postgresql
Enable the service itself in other modules when needed, but pin the
package in a single place.
2021-07-29 12:43:28 +02:00
Bruno BELANYI 820b52314f modules: services: monitoring: add scrape interval
All checks were successful
continuous-integration/drone/push Build is passing
2021-07-15 18:54:07 +02:00
Bruno BELANYI e060476f32 modules: services: add monitoring dashboard 2021-07-13 19:17:33 +02:00
Bruno BELANYI 2458ddf59d modules: services: add monitoring
This includes a dashboard to monitor system ressources, using
Prometheus.
2021-07-13 19:17:33 +02:00
Bruno BELANYI 971b610cd5 modules: services: matrix: SSL only for server
This is a requirement anyway for homeservers, and the `forceSSL` option
tried to create a redirect for non-SSL traffic, except the `listen`
option only provided SSL endpoints anyway, so this resulted in
additional rules in the nginx config looking like this:

```nginx
server {
        server_name matrix.belanyi.fr ;
        location /.well-known/acme-challenge {
                root /var/lib/acme/acme-challenge;
                auth_basic off;
        }
        location / {
                return 301 https://$host$request_uri;
        }
}
```
2021-07-13 17:43:31 +02:00
Bruno BELANYI 5abe4e929e modules: hardware: sound: refactor options
All checks were successful
continuous-integration/drone/push Build is passing
Do not enable ALSA when using pipewire. Ensure that both pulseaudio and
pipewire are not configured at the same time.
2021-06-27 01:59:07 +02:00
Bruno BELANYI 7a382368e8 modules: move home configuration from flake 2021-06-25 20:46:36 +02:00
Bruno BELANYI 0f17123d09 modules: change username configuration option
It makes more sense to have a `my.user` option.
2021-06-25 20:45:36 +02:00
Bruno BELANYI daa69a54fa modules: services: indexers: limit Jackett memory
All checks were successful
continuous-integration/drone/push Build is passing
2021-06-15 21:25:56 +02:00
Bruno BELANYI 8f266245ee modules: system: add boot
And enable mounting `/tmp` as tmpfs by default.
2021-06-14 16:41:28 +02:00
Bruno BELANYI e6ba569b36 modules: system: documentation: include POSIX man
All checks were successful
continuous-integration/drone/push Build is passing
2021-06-12 13:23:09 +02:00
Bruno BELANYI ee21de5b94 modules: services: matrix: add mail configuration
All checks were successful
continuous-integration/drone/push Build is passing
2021-06-09 19:14:09 +02:00
Bruno BELANYI 06c53620f8 modules: services: matrix: enable spaces 2021-06-09 18:33:54 +02:00
Bruno BELANYI d43045c6d6 modules: services: matrix: add SMS verification 2021-06-09 18:32:59 +02:00
Bruno BELANYI 1994ef2b1b modules: hardware: add mx-ergo
This adds the ability to scroll using the ball, which is way better.
2021-06-07 17:56:46 +02:00
Bruno BELANYI 2fe4f1faad modules: home: use 'username' config value 2021-05-30 01:31:05 +02:00
Bruno BELANYI ea4c699b81 modules: system: users: make it configurable
Notably, make use of my global 'username' option.
2021-05-30 00:46:09 +02:00
Bruno BELANYI 8efe75295d modules: add option to specify username
Given that I use it in plenty of places, it makes sense to place it
there for reference in other modules.
2021-05-30 00:46:09 +02:00
Bruno BELANYI 2d9b11406a modules: system: packages: make it configurable 2021-05-30 00:46:09 +02:00
Bruno BELANYI 003c08cb09 modules: system: nix: make it configurable 2021-05-30 00:46:09 +02:00
Bruno BELANYI 6728b50d3a modules: system: language: make it configurable 2021-05-30 00:46:09 +02:00
Bruno BELANYI 2eaf3bf2c7 modules: system: move 'packages' 2021-05-29 16:58:44 +02:00
Bruno BELANYI 0077ce1f94 modules: system: move 'nix' 2021-05-29 16:58:44 +02:00
Bruno BELANYI 14d9fc89f1 modules: system: move 'documentation' 2021-05-29 16:58:44 +02:00
Bruno BELANYI f660bf94e9 modules: system: move 'language' 2021-05-29 16:58:44 +02:00
Bruno BELANYI 3b9f01e780 modules: system: move 'users' 2021-05-29 16:58:44 +02:00
Bruno BELANYI 60f1e693d1 modules: system: move 'media' 2021-05-29 16:56:15 +02:00
Bruno BELANYI ce4b0b8c90 modules: add 'system' directory 2021-05-29 16:56:15 +02:00
Bruno BELANYI d2704b17fe modules: move 'services' into subfolder 2021-05-29 16:56:15 +02:00
Bruno BELANYI 31f8ec6e98 modules: hardware: move 'upower' 2021-05-29 16:56:15 +02:00
Bruno BELANYI af67d04992 modules: hardware: move 'sound' 2021-05-29 16:56:15 +02:00
Bruno BELANYI f9bcf79430 modules: hardware: move 'networking' 2021-05-29 16:56:15 +02:00
Bruno BELANYI b0cc830467 modules: hardware: move 'ergodox' 2021-05-29 16:56:15 +02:00
Bruno BELANYI 9b054d10c7 modules: hardware: move 'bluetooth' 2021-05-29 16:56:15 +02:00
Bruno BELANYI e81aaa8ebc modules: add 'hardware' directory 2021-05-29 16:56:15 +02:00
Bruno BELANYI 737b5e797b modules: ergodox: remove useless group clause
The `zsa` module already add the group itself.
2021-05-29 16:15:20 +02:00
Bruno BELANYI 414606b58e modules: bluetooth: add pipewire codecs 2021-05-25 23:13:35 +02:00
Bruno BELANYI 931b67fdb2 modules: sound: add pipewire configuration 2021-05-25 18:19:52 +02:00
Bruno BELANYI a508db48c9 modules: add sound
I will probably want to share this configuration between multiple
machines in the future.
2021-05-25 18:19:52 +02:00
Bruno BELANYI f2b20c65a8 modules: nix: expose pinned nixpkgs as 'pkgs'
That way if I do want to use that latest version, I can still use
`nixpkgs#<whatever>`.
2021-05-22 23:49:57 +02:00
Bruno BELANYI d086af7e00 modules: nix: pin flake registry to common inputs 2021-05-22 23:47:27 +02:00
Bruno BELANYI d23ad8f5e1 modules: add upower 2021-05-16 00:03:59 +02:00
Bruno BELANYI fab93a5f2f modules: users: simplify 'groupsIfExist' 2021-05-16 00:03:59 +02:00
Bruno BELANYI 12b3397a20 modules: bluetooth: fix documentation 2021-05-16 00:03:59 +02:00
Bruno BELANYI 3a07cffa14 modules: documentation: add linux man pages option
I want to be able to read about syscalls or the C library.
2021-05-10 00:31:01 +02:00
Bruno BELANYI 06f9f423e9 modules: documentation: use 'mkDisableOption'
The documentation module already gates behind 'documentation.enable' for
the other options.
2021-05-10 00:31:01 +02:00
Bruno BELANYI b115d94cd6 modules: add bluetooth 2021-05-10 00:31:01 +02:00
Bruno BELANYI 376e60d71e modules: networking: add 'wireless' option 2021-05-10 00:31:01 +02:00
Bruno BELANYI b61aca7def modules: users: add myself to 'networkmanager' 2021-05-08 17:14:13 +02:00
Bruno BELANYI 05e0cd4e1f modules: users: reformat 2021-05-08 17:14:13 +02:00
Bruno BELANYI 6612d0226a modules: packages: prefer user compinit to global
This should make the shell startup faster.
2021-05-08 17:14:13 +02:00
Bruno BELANYI c175964630 modules: users: add myself to 'video' and 'audio' 2021-05-08 17:14:13 +02:00
Bruno BELANYI b6fb77fc34 modules: add home
This makes setting and referring to my home-manager options easier.
2021-05-08 17:14:13 +02:00
Bruno BELANYI e51ab70d5b modules: add documentation 2021-04-25 12:39:17 +00:00
Bruno BELANYI 3a4098a6c4 modules: users: sort groups 2021-03-31 17:56:36 +00:00
Bruno BELANYI af1332fa89 modules: users: eta reduction of 'groupsIfExist' 2021-03-08 19:02:28 +00:00
Bruno BELANYI e09da8505e services: move 'media' to 'modules' instead
Its not actually a service, but more of a configuration needed by some
services. Therefore it belongs in modules.
2021-03-07 18:39:42 +00:00
Bruno BELANYI 012163eb44 modules: add ergodox
This enables usage of ZSA tools, such as `wally` or their online
training tool for any users that are part of `plugdev`.
2021-03-07 18:39:42 +00:00
Bruno BELANYI 5b63b70958 modules: users: add to groups in single place 2021-03-07 18:39:42 +00:00
Bruno BELANYI 71dcd216f0 modules: users: use zsh as shell 2021-03-03 17:02:48 +00:00
Bruno BELANYI 01b6947cde modules: packages: enable zsh 2021-03-03 17:02:48 +00:00
Bruno BELANYI 9e9ef7b598 modules: add 'networking.externalInterface' option 2021-02-25 15:29:06 +00:00
Bruno BELANYI b0d3cb0e8e modules: move ssh keys into subdirectory 2021-02-25 15:29:06 +00:00
Bruno BELANYI 0732b3a0bd modules: packages: make 'vim' default editor 2021-02-25 15:29:06 +00:00
Bruno BELANYI 3b148ad684 porthos: split into modules
I have separated the modules into host-specific settings, and generic
settings that ought to be shared by every host.

I only have the 'porthos' host for now, but intend to also add my laptop
'aramis' at some point to this repository.
2021-02-08 10:49:59 +00:00