Commit graph

39 commits

Author SHA1 Message Date
Bruno BELANYI 6140e1c8f9 nixos: services: lohr: migrate to tmpfiles
This is better than a custom script.
2024-03-11 17:32:54 +01:00
Bruno BELANYI 5d3160fb0d hosts: nixos: porthos: migrate to new host
OVH/Kimsufi are deprecating my current server by the end of the year. So
let's migrate to a new host.

This was more painful than initially planned, OVH introduced a change to
their rescue system which messes with the NixOS installation [1].

In the end I used a kexec image [2] to run the installation.

[1]: https://github.com/NixOS/nix/issues/7790
[2]: https://github.com/nix-community/nixos-images
2024-03-11 17:32:54 +01:00
Bruno BELANYI 0f33dbd5c2 hosts: nixos: porthos: switch to forgejo
This required a quick rename to migrate from one to the other.
2024-03-11 17:32:54 +01:00
Bruno BELANYI f3207468f9 nixos: services: woodpecker: configurable forge 2024-03-11 17:32:54 +01:00
Bruno BELANYI c1ffe09631 nixos: services: add forgejo 2024-03-11 17:32:54 +01:00
Bruno BELANYI a4e742bf55 nixos: services: blog: fix catch-all redirection
Don't use a hard-coded address...
2024-03-11 16:03:53 +00:00
Bruno BELANYI d423a03663 nixos: services: gitea: fix mail 'FROM' address
All checks were successful
ci/woodpecker/push/check Pipeline was successful
2024-03-05 14:20:57 +00:00
Bruno BELANYI 40d1b39837 nixos: services: gitea: update mail configuration
Some checks failed
ci/woodpecker/push/check Pipeline failed
2024-03-05 14:17:30 +00:00
Bruno BELANYI ed15e62e1d nixos: services: gitea: use 'git' group
All checks were successful
ci/woodpecker/push/check Pipeline was successful
2024-03-05 12:53:32 +00:00
Bruno BELANYI a3afafd9e0 nixos: services: add mealie 2024-03-05 12:43:22 +00:00
Bruno BELANYI 4d25609b26 nixos: system: nix: expand trusted users 2024-03-05 12:43:22 +00:00
Bruno BELANYI b9b47fffd6 flake: bump inputs
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Fix the pyLoad user/group option that I added upstream [1].

Fix an evaluation error due to Pipewire changes [2].

[1]: https://github.com/NixOS/nixpkgs/pull/287304
[2]: https://github.com/NixOS/nixpkgs/pull/282377
2024-02-29 12:20:53 +00:00
Bruno BELANYI c9969775da nixos: services: backup: add essential files
All checks were successful
ci/woodpecker/push/check Pipeline was successful
2024-02-12 14:21:17 +00:00
Bruno BELANYI 7948dc284b nixos: hardware: rename 'trackball'
All checks were successful
ci/woodpecker/push/check Pipeline was successful
Since I do intend on configuring every trackball I own to use this
scheme, not just the MX Ergo.
2024-02-06 15:08:19 +00:00
Bruno BELANYI f54cee8f70 nixos: hardware: add graphics
I did not add an Nvidia knob to this module, as I do not foresee *ever*
using one of their graphics card.
2024-02-06 15:04:40 +00:00
Bruno BELANYI 03dac604e9 nixos: services: add pyload 2024-02-04 14:56:59 +01:00
Bruno BELANYI cc029f7933 nixos: services: add aria 2024-01-30 15:51:48 +01:00
Bruno BELANYI 02412f2578 nixos: services: nextcloud: fix renamed option 2024-01-30 15:51:48 +01:00
Bruno BELANYI e2ec4d3032 nixos: services: paperless: fix classifier hangs
This is an experimental fix to try and get around an issue with the
default BLAS/LAPACK implementation. See [1] for more details.

[1]: https://github.com/NixOS/nixpkgs/issues/240591
2024-01-30 15:51:48 +01:00
Bruno BELANYI e2091e9e2e nixos: services: nextcloud: use HTTPS
All checks were successful
ci/woodpecker/push/check Pipeline was successful
This should fix my issue with the sliding sync server.
2024-01-26 23:36:05 +01:00
Bruno BELANYI b33938e825 nixos: services: paperless: rename settings option
All checks were successful
ci/woodpecker/push/check Pipeline was successful
2024-01-22 16:57:18 +00:00
Bruno BELANYI 629ec539c9 nixos: services: nextcloud: fix typo 2024-01-22 16:55:57 +00:00
Bruno BELANYI 136bd342ff nixos: services: matrix: fix deprecated option 2024-01-22 16:55:57 +00:00
Bruno BELANYI 10a3055136 nixos: services: nextcloud: fix deprecated option 2024-01-05 19:19:00 +01:00
Bruno BELANYI e4f8214cb2 modules: services: nextcloud: bump to 28 2024-01-05 19:19:00 +01:00
Bruno BELANYI 932717b754 nixos: services: jellyfin: loosen umask
All checks were successful
ci/woodpecker/push/check Pipeline was successful
I just noticed that all the metadata files Jellyfin stores have very
restrictive ACLs.

The whole point of the `media` group is to make my HTPC eco-system work
together. In particular this should allow Sonarr and friends to delete
folders without manual intervention.
2023-12-26 15:17:05 +01:00
Bruno BELANYI 71ee178510 nixos: services: nginx: fix SSO subdomain
All checks were successful
ci/woodpecker/push/check Pipeline was successful
2023-12-25 20:23:55 +01:00
Bruno BELANYI 6948424b81 nixos: services: remove redundant subdomains
See previous commit for the defaults.
2023-12-25 20:23:55 +01:00
Bruno BELANYI b7a4bc063f nixos: services: nginx: add default subdomain
In almost all cases, the subdomain should be the same as the attribute
name...
2023-12-25 20:23:55 +01:00
Bruno BELANYI faa87743e5 nixos: services: nginx: use attrset for vhosts
Attribute sets compose better than lists, it was a mistake to use a list
in the first place...
2023-12-25 20:23:55 +01:00
Bruno BELANYI 373545ee38 nixos: system: printing: migrate deprecated option
It's recommended to only enable the IPv4 option, as most mDNS responders
only register IPv4 addresses (therefore enabling IPv6 would lead to long
timeouts when checking for those addresses first).
2023-12-14 14:26:18 +00:00
Bruno BELANYI 1faa8d9acf nixos: services: wireguard: add 'simpleManagement'
All checks were successful
ci/woodpecker/push/check Pipeline was successful
This makes it easier to manage the VPN services, as they don't require a
password prompt to be brought up/down.
2023-12-14 11:23:28 +00:00
Bruno BELANYI 9ddd59eac8 nixos: system: add polkit
One nice thing is that it enables the prompts when using `systemctl`,
instead of requiring `sudo`.
2023-12-14 11:23:28 +00:00
Bruno BELANYI f23e6251ce nixos: services: wireguard: add VPN conflicts
It's now easier to do the right thing when starting a VPN service,
whether the other one is running or not.
2023-12-14 11:23:28 +00:00
Bruno BELANYI b48d81451d nixos: services: migrate to 'ensureDBOwnership'
All checks were successful
ci/woodpecker/push/check Pipeline was successful
`ensurePermissions` is deprecated, and doesn't work on PostgreSQL 15.
2023-11-21 00:22:44 +01:00
Bruno BELANYI 60d941b40b flake: bump inputs
My tandoor-recipes fix was merged upstream, so remove the overlay.

And because of the recent postgres bump for 23.11, `ensureDBOwnership`
is the new way of dealing with DB permissions [1]. This means I had to
fix manually migrate my `gitea` DB and make it match the DB user.

[1]: https://github.com/NixOS/nixpkgs/pull/266270
2023-11-21 00:20:28 +01:00
Bruno BELANYI 570349e80f nixos: profiles: move from top-level
All checks were successful
ci/woodpecker/push/check Pipeline was successful
My profiles are actually just "special" NixOS modules in that they
orchestrate settings that usually span the NixOS/home-manager boundary,
or otherwise set up configurations from multiple modules at once.
2023-11-11 18:12:05 +00:00
Bruno BELANYI 65a8f7c481 home: create 'modules/home' folder
Consolidating all modules under the same path, to clear out the
top-level directory.
2023-11-11 18:12:05 +00:00
Bruno BELANYI c856933803 nixos: create 'modules/nixos' folder
Let's consolidate all modules under one path, so that NixOS,
home-manager, and nix-darwin (if I ever end up using it down the line)
would go under the same folder.
2023-11-11 18:11:52 +00:00