Bruno BELANYI
c1eab0edee
nixos: services: jellyfin: add fail2ban jail
...
ci/woodpecker/push/check Pipeline was successful
The upstream documentation adds quotes around the IP, but I don't see
them in my logs. Let's split the difference by making them optional.
2024-09-20 14:39:53 +00:00
Bruno BELANYI
a713913eef
nixos: services: add pdf-edit
2024-09-05 18:10:00 +02:00
Bruno BELANYI
0d2b9c9699
nixos: services: rename 'servarr'
ci/woodpecker/push/check Pipeline was successful
2024-09-05 10:39:01 +00:00
Bruno BELANYI
52197a4f96
nixos: services: pirate: add readarr
2024-09-05 10:36:31 +00:00
Bruno BELANYI
fb4047b2b3
nixos: services: nginx: sso: align with upstream
...
This aligns with the PR I opened on nixpkgs [1].
[1]: https://github.com/NixOS/nixpkgs/pull/325838
2024-09-05 10:36:31 +00:00
Bruno BELANYI
445cb43cb4
nixos: services: nix-cache: fix deprecated config
ci/woodpecker/push/check Pipeline was successful
2024-09-04 10:35:10 +00:00
Bruno BELANYI
b73f6af5e0
nixos: services: flood: use upstream module
ci/woodpecker/push/check Pipeline was successful
2024-06-21 15:40:34 +00:00
Bruno BELANYI
d37c767a2f
nixos: services: forgejo: fix deprecated config
ci/woodpecker/push/check Pipeline was successful
2024-06-12 21:29:19 +02:00
Bruno BELANYI
10a7111f1c
nixos: services: mealie: fix DB auth
...
Turns out the package update [1] was because someone couldn't make it
work on the previous version, and added a new setting to configure it
more easily :-).
[1]: https://github.com/NixOS/nixpkgs/pull/314294
2024-06-12 21:28:41 +02:00
Bruno BELANYI
f6c476a07f
nixos: services: postgres: add post-upgrade advice
ci/woodpecker/push/check Pipeline was successful
2024-05-07 11:40:11 +00:00
Bruno BELANYI
0745e450b9
nixos: services: postgres: remove unused container
2024-05-07 11:40:11 +00:00
Bruno BELANYI
48beb9f1fe
nixos: services: postgres: simplify update script
2024-05-07 11:21:28 +00:00
Bruno BELANYI
6162f4f4d5
modules: services: nextcloud: bump to 29
ci/woodpecker/push/check Pipeline was successful
2024-05-04 22:51:11 +02:00
Bruno BELANYI
2dedb41a47
nixos: services: add audiobookshelf
2024-04-22 21:00:00 +02:00
Bruno BELANYI
5df0574f41
nixos: services: podgrab: add 'dataDir'
2024-04-22 21:00:00 +02:00
Bruno BELANYI
c18054cad7
nixos: services: podgrab: use 'media' group
2024-04-22 20:59:09 +02:00
Bruno BELANYI
6efe2c12ba
nixos: services: woodpecker: exec: fix NodeJS
...
ci/woodpecker/push/check Pipeline was successful
I need it for Tree Sitter support...
2024-04-08 21:19:54 +02:00
Bruno BELANYI
6b51b4e2ab
nixos: services: rss-bridge: fix deprecated option
ci/woodpecker/push/check Pipeline was successful
2024-04-07 13:30:40 +02:00
Bruno BELANYI
8f120e2129
nixos: services: lohr: fix SSH key creation
...
ci/woodpecker/push/check Pipeline was successful
In the migration to `tmpfiles.d(5)`, I used the wrong type of file.
Using `f` would write the path to the file as its content, rather than
copy it. Unfortunately `C` and `C+` do not overwrite an existing file,
so using a symlink it the correct solution here.
This means the SSH key file must have `lohr` as an owner... Perhaps I
should make it so the service can read the file itself, rather than
rely on the filesystem location, so that I don't have to contort myself
quite so much to make it work.
2024-04-02 12:25:34 +02:00
Bruno BELANYI
607aa5351c
nixos: services: tandoor-recipes: fix bulk upload
ci/woodpecker/push/check Pipeline was successful
2024-03-22 22:03:53 +01:00
Bruno BELANYI
61fa35093c
nixos: services: mealie: fix bulk upload
2024-03-22 22:03:53 +01:00
Bruno BELANYI
b2dc051e6a
flake: bump inputs
...
And fix the breaking changes in Vikunja (which actually make my
configuration simpler).
2024-03-11 17:32:54 +01:00
Bruno BELANYI
6140e1c8f9
nixos: services: lohr: migrate to tmpfiles
...
This is better than a custom script.
2024-03-11 17:32:54 +01:00
Bruno BELANYI
5d3160fb0d
hosts: nixos: porthos: migrate to new host
...
OVH/Kimsufi are deprecating my current server by the end of the year. So
let's migrate to a new host.
This was more painful than initially planned, OVH introduced a change to
their rescue system which messes with the NixOS installation [1].
In the end I used a kexec image [2] to run the installation.
[1]: https://github.com/NixOS/nix/issues/7790
[2]: https://github.com/nix-community/nixos-images
2024-03-11 17:32:54 +01:00
Bruno BELANYI
0f33dbd5c2
hosts: nixos: porthos: switch to forgejo
...
This required a quick rename to migrate from one to the other.
2024-03-11 17:32:54 +01:00
Bruno BELANYI
f3207468f9
nixos: services: woodpecker: configurable forge
2024-03-11 17:32:54 +01:00
Bruno BELANYI
c1ffe09631
nixos: services: add forgejo
2024-03-11 17:32:54 +01:00
Bruno BELANYI
a4e742bf55
nixos: services: blog: fix catch-all redirection
...
Don't use a hard-coded address...
2024-03-11 16:03:53 +00:00
Bruno BELANYI
d423a03663
nixos: services: gitea: fix mail 'FROM' address
ci/woodpecker/push/check Pipeline was successful
2024-03-05 14:20:57 +00:00
Bruno BELANYI
40d1b39837
nixos: services: gitea: update mail configuration
ci/woodpecker/push/check Pipeline failed
2024-03-05 14:17:30 +00:00
Bruno BELANYI
ed15e62e1d
nixos: services: gitea: use 'git' group
ci/woodpecker/push/check Pipeline was successful
2024-03-05 12:53:32 +00:00
Bruno BELANYI
a3afafd9e0
nixos: services: add mealie
2024-03-05 12:43:22 +00:00
Bruno BELANYI
b9b47fffd6
flake: bump inputs
...
ci/woodpecker/push/check Pipeline was successful
Fix the pyLoad user/group option that I added upstream [1].
Fix an evaluation error due to Pipewire changes [2].
[1]: https://github.com/NixOS/nixpkgs/pull/287304
[2]: https://github.com/NixOS/nixpkgs/pull/282377
2024-02-29 12:20:53 +00:00
Bruno BELANYI
c9969775da
nixos: services: backup: add essential files
ci/woodpecker/push/check Pipeline was successful
2024-02-12 14:21:17 +00:00
Bruno BELANYI
03dac604e9
nixos: services: add pyload
2024-02-04 14:56:59 +01:00
Bruno BELANYI
cc029f7933
nixos: services: add aria
2024-01-30 15:51:48 +01:00
Bruno BELANYI
02412f2578
nixos: services: nextcloud: fix renamed option
2024-01-30 15:51:48 +01:00
Bruno BELANYI
e2ec4d3032
nixos: services: paperless: fix classifier hangs
...
This is an experimental fix to try and get around an issue with the
default BLAS/LAPACK implementation. See [1] for more details.
[1]: https://github.com/NixOS/nixpkgs/issues/240591
2024-01-30 15:51:48 +01:00
Bruno BELANYI
e2091e9e2e
nixos: services: nextcloud: use HTTPS
...
ci/woodpecker/push/check Pipeline was successful
This should fix my issue with the sliding sync server.
2024-01-26 23:36:05 +01:00
Bruno BELANYI
b33938e825
nixos: services: paperless: rename settings option
ci/woodpecker/push/check Pipeline was successful
2024-01-22 16:57:18 +00:00
Bruno BELANYI
629ec539c9
nixos: services: nextcloud: fix typo
2024-01-22 16:55:57 +00:00
Bruno BELANYI
136bd342ff
nixos: services: matrix: fix deprecated option
2024-01-22 16:55:57 +00:00
Bruno BELANYI
10a3055136
nixos: services: nextcloud: fix deprecated option
2024-01-05 19:19:00 +01:00
Bruno BELANYI
e4f8214cb2
modules: services: nextcloud: bump to 28
2024-01-05 19:19:00 +01:00
Bruno BELANYI
932717b754
nixos: services: jellyfin: loosen umask
...
ci/woodpecker/push/check Pipeline was successful
I just noticed that all the metadata files Jellyfin stores have very
restrictive ACLs.
The whole point of the `media` group is to make my HTPC eco-system work
together. In particular this should allow Sonarr and friends to delete
folders without manual intervention.
2023-12-26 15:17:05 +01:00
Bruno BELANYI
71ee178510
nixos: services: nginx: fix SSO subdomain
ci/woodpecker/push/check Pipeline was successful
2023-12-25 20:23:55 +01:00
Bruno BELANYI
6948424b81
nixos: services: remove redundant subdomains
...
See previous commit for the defaults.
2023-12-25 20:23:55 +01:00
Bruno BELANYI
b7a4bc063f
nixos: services: nginx: add default subdomain
...
In almost all cases, the subdomain should be the same as the attribute
name...
2023-12-25 20:23:55 +01:00
Bruno BELANYI
faa87743e5
nixos: services: nginx: use attrset for vhosts
...
Attribute sets compose better than lists, it was a mistake to use a list
in the first place...
2023-12-25 20:23:55 +01:00
Bruno BELANYI
1faa8d9acf
nixos: services: wireguard: add 'simpleManagement'
...
ci/woodpecker/push/check Pipeline was successful
This makes it easier to manage the VPN services, as they don't require a
password prompt to be brought up/down.
2023-12-14 11:23:28 +00:00
Bruno BELANYI
f23e6251ce
nixos: services: wireguard: add VPN conflicts
...
It's now easier to do the right thing when starting a VPN service,
whether the other one is running or not.
2023-12-14 11:23:28 +00:00
Bruno BELANYI
b48d81451d
nixos: services: migrate to 'ensureDBOwnership'
...
ci/woodpecker/push/check Pipeline was successful
`ensurePermissions` is deprecated, and doesn't work on PostgreSQL 15.
2023-11-21 00:22:44 +01:00
Bruno BELANYI
60d941b40b
flake: bump inputs
...
My tandoor-recipes fix was merged upstream, so remove the overlay.
And because of the recent postgres bump for 23.11, `ensureDBOwnership`
is the new way of dealing with DB permissions [1]. This means I had to
fix manually migrate my `gitea` DB and make it match the DB user.
[1]: https://github.com/NixOS/nixpkgs/pull/266270
2023-11-21 00:20:28 +01:00
Bruno BELANYI
c856933803
nixos: create 'modules/nixos' folder
...
Let's consolidate all modules under one path, so that NixOS,
home-manager, and nix-darwin (if I ever end up using it down the line)
would go under the same folder.
2023-11-11 18:11:52 +00:00