Bruno BELANYI
e97f295470
home: firefox: use upstream 'ff2mpv-go'
2023-12-14 14:26:18 +00:00
Bruno BELANYI
373545ee38
nixos: system: printing: migrate deprecated option
...
It's recommended to only enable the IPv4 option, as most mDNS responders
only register IPv4 addresses (therefore enabling IPv6 would lead to long
timeouts when checking for those addresses first).
2023-12-14 14:26:18 +00:00
Bruno BELANYI
3a2f02f001
home: wm: i3bar: add VPN blocks
2023-12-14 14:25:48 +00:00
Bruno BELANYI
33b94a7f9d
home: wm: i3bar: add 'flatten' call
...
This makes it easier to declare multiple blocks at once, as will be done
in the next commit.
2023-12-14 11:41:27 +00:00
Bruno BELANYI
1faa8d9acf
nixos: services: wireguard: add 'simpleManagement'
...
ci/woodpecker/push/check Pipeline was successful
This makes it easier to manage the VPN services, as they don't require a
password prompt to be brought up/down.
2023-12-14 11:23:28 +00:00
Bruno BELANYI
9ddd59eac8
nixos: system: add polkit
...
One nice thing is that it enables the prompts when using `systemctl`,
instead of requiring `sudo`.
2023-12-14 11:23:28 +00:00
Bruno BELANYI
f23e6251ce
nixos: services: wireguard: add VPN conflicts
...
It's now easier to do the right thing when starting a VPN service,
whether the other one is running or not.
2023-12-14 11:23:28 +00:00
Bruno BELANYI
16fade92b4
home: packages: add 'allowAliases', 'allowUnfree'
...
ci/woodpecker/push/check Pipeline was successful
With [1], this should now be taken into account properly.
[1]: https://github.com/nix-community/home-manager/pull/4304
2023-12-08 11:50:44 +00:00
Bruno BELANYI
22fa05ca0c
home: packages: refactor config format
2023-12-08 11:49:52 +00:00
Bruno BELANYI
afda437f49
home: git: allow overriding default package
2023-12-07 14:39:38 +00:00
Bruno BELANYI
0164d12087
home: ssh: move 'mosh' configuration
2023-12-07 14:39:38 +00:00
Bruno BELANYI
0b9c2309da
home: ssh: use 'mkMerge'
...
This will make it easier to add new options (e.g: for `mosh`).
2023-12-07 14:39:38 +00:00
Bruno BELANYI
e41bacc2fc
home: wm: i3: make 'rofi-bluetooth' ignore case
...
ci/woodpecker/push/check Pipeline was successful
The options given to the script are piped straight to `rofi -dmenu`,
which apparently needs the `-i` switch to be case insensitive.
2023-12-04 13:44:06 +00:00
Bruno BELANYI
55362b1db8
home: vim: add remove deprecated option
...
ci/woodpecker/push/check Pipeline was successful
The plug-in now configures itself automatically.
I could also set `vim.g.skip_ts_context_commentstring_module = true`,
but that should be removed soon enough anyway, and I would forget to
remove it...
2023-12-01 19:20:52 +00:00
Bruno BELANYI
15ca07bc64
home: wm: i3bar: remove redundant buttons
...
Turns out they're not needed, or at least not anymore?
2023-12-01 19:20:52 +00:00
Bruno BELANYI
f4cc63c711
home: direnv: remove 'ANDROID_SDK_HOME'
...
ci/woodpecker/push/check Pipeline was successful
Turns out this is supposed to be used for configuration, and it makes
some tools error out due to a sanity check...
I'm not pleased about this, but whatever.
2023-11-29 10:56:16 +00:00
Bruno BELANYI
ec79be2a45
home: xdg: set 'ANDROID_USER_HOME'
2023-11-29 10:56:16 +00:00
Bruno BELANYI
302cb907ef
home: wm: i3: make blueman device manager floating
ci/woodpecker/push/check Pipeline was successful
2023-11-28 20:28:12 +00:00
Bruno BELANYI
3fb8734c56
home: direnv: fix 'use_android'
...
ci/woodpecker/push/check Pipeline was successful
Don't rely on `ANDROID_SDK_HOME` if it hasn't yet been defined.
2023-11-27 11:18:29 +00:00
Bruno BELANYI
b48d81451d
nixos: services: migrate to 'ensureDBOwnership'
...
ci/woodpecker/push/check Pipeline was successful
`ensurePermissions` is deprecated, and doesn't work on PostgreSQL 15.
2023-11-21 00:22:44 +01:00
Bruno BELANYI
60d941b40b
flake: bump inputs
...
My tandoor-recipes fix was merged upstream, so remove the overlay.
And because of the recent postgres bump for 23.11, `ensureDBOwnership`
is the new way of dealing with DB permissions [1]. This means I had to
fix manually migrate my `gitea` DB and make it match the DB user.
[1]: https://github.com/NixOS/nixpkgs/pull/266270
2023-11-21 00:20:28 +01:00
Bruno BELANYI
11c8d4623c
home: direnv: add 'android' library file
ci/woodpecker/push/check Pipeline was successful
2023-11-17 16:21:28 +00:00
Bruno BELANYI
570349e80f
nixos: profiles: move from top-level
...
ci/woodpecker/push/check Pipeline was successful
My profiles are actually just "special" NixOS modules in that they
orchestrate settings that usually span the NixOS/home-manager boundary,
or otherwise set up configurations from multiple modules at once.
2023-11-11 18:12:05 +00:00
Bruno BELANYI
65a8f7c481
home: create 'modules/home' folder
...
Consolidating all modules under the same path, to clear out the
top-level directory.
2023-11-11 18:12:05 +00:00
Bruno BELANYI
c856933803
nixos: create 'modules/nixos' folder
...
Let's consolidate all modules under one path, so that NixOS,
home-manager, and nix-darwin (if I ever end up using it down the line)
would go under the same folder.
2023-11-11 18:11:52 +00:00
Bruno BELANYI
b52e56ed08
modules: home: use 'self'-relative import
2023-11-11 18:07:31 +00:00
Bruno BELANYI
27564cad42
modules: system: printing: move from 'profiles'
...
ci/woodpecker/push/check Pipeline was successful
This isn't really a cross-cutting module, it should be a module rather
than a profile.
2023-11-11 17:59:49 +00:00
Bruno BELANYI
cc331b73c7
treewide: fix postgres service dependencies
...
ci/woodpecker/push/check Pipeline was successful
Some were missing a `requires` even though they had `after`, and
woodpecker was missing it entirely.
2023-11-06 20:55:53 +00:00
Bruno BELANYI
830e7bb865
modules: services: woodpecker: fix interpolation
2023-11-06 20:54:42 +00:00
Bruno BELANYI
6a8f93df1f
modules: services: nginx: fix obsolete doc
...
ci/woodpecker/push/check Pipeline was successful
It's annoying to keep it in sync when adding a new incompatible option.
2023-10-28 12:14:45 +01:00
Bruno BELANYI
0795a3d29b
flake: bump inputs
...
And fix a removed nextcloud option.
2023-10-26 13:44:43 +00:00
Bruno BELANYI
b4c2cc581b
modules: services: matrix: add sliding sync
2023-10-26 12:27:00 +00:00
Bruno BELANYI
b4b9b54f75
modules: services: matrix: register dummy vhosts
...
This is simply to make use of my infrastructure for port collision
detection.
2023-10-26 12:27:00 +00:00
Bruno BELANYI
1425c42489
modules: services: matrix: refactor vhost
2023-10-26 12:27:00 +00:00
Bruno BELANYI
fcdb5ba593
modules: services: woodpecker: remove DNS hack
...
ci/woodpecker/push/check Pipeline is running
I'm not sure what changed, but it looks like I don't need it anymore.
Initially I wanted to apply the same DNS fix as [1].
[1]: https://blog.kotatsu.dev/posts/2023-04-21-woodpecker-nix-caching/
2023-10-18 21:38:22 +02:00
Bruno BELANYI
3b3e7093be
modules: services: pirate: make more fine-grained
2023-10-18 21:38:22 +02:00
Bruno BELANYI
dae1a434d5
modules: services: transmission: bump to 4
...
Not sure why exactly this isn't the default, I'll have to watch out for
when upstream catches up.
2023-10-18 21:38:22 +02:00
Bruno BELANYI
24d41e829e
modules: system: users: fix deprecated option name
ci/woodpecker/push/check Pipeline was successful
2023-09-28 15:57:14 +00:00
Bruno BELANYI
7b56c342ad
modules: services: paperless: beef-up workers
...
ci/woodpecker/push/check Pipeline was successful
This should parallelize the number of documents ingested at once
(workers), as well as the speed of the ingestion per document (threads).
2023-09-18 13:43:37 +00:00
Bruno BELANYI
e979589174
modules: services: woodpecker: use 'path' option
...
ci/woodpecker/push/check Pipeline was successful
One less thing to modify in the systemd service.
2023-09-13 12:40:19 +00:00
Bruno BELANYI
6ba7a63b25
modules: services: fail2ban: fix comment
ci/woodpecker/push/check Pipeline was successful
2023-09-03 12:53:24 +02:00
Bruno BELANYI
fc8ccb8b99
modules: services: pirate: add fail2ban jails
ci/woodpecker/push/check Pipeline was successful
2023-09-03 12:43:46 +02:00
Bruno BELANYI
14bf03e5fd
modules: services: pirate: refactor
...
This will make adding fail2ban jails easier.
2023-09-03 12:42:29 +02:00
Bruno BELANYI
adc4ce9d8a
modules: services: indexers: add prowlarr fail2ban
2023-09-03 12:21:35 +02:00
Bruno BELANYI
6d9d835e1c
modules: services: nix-cache: use harmonia
2023-08-19 14:41:10 +02:00
Bruno BELANYI
ab59054518
modules: services: rename 'nix-cache'
...
I'm about to modify the module to use a different cache implementation,
so this name is more appropriate.
2023-08-19 14:41:10 +02:00
Bruno BELANYI
424bb2e7b9
modules: services: woodpecker: simplify path
...
I'm not sure why it was written that way to begin with.
2023-08-06 20:13:08 +02:00
Bruno BELANYI
7b6779f2b5
modules: services: woodpecker: default packages
...
Now that v1.0.0 is on nixpkgs, no need for my custom packages.
2023-08-06 20:13:08 +02:00
Bruno BELANYI
45c3b82606
modules: services: nginx-sso: use writeShellScript
2023-08-06 20:13:08 +02:00
Bruno BELANYI
58a94bdf1b
pkgs: remove woodpecker-plugin-git
...
I have now upstreamed the package, so let's remove it.
2023-08-06 20:13:08 +02:00
Bruno BELANYI
9f7472222c
treewide: use 'lib.getExe' when possible
...
Don't use it in wireguard to keep it consistent, as only half the
commands could use it.
2023-08-06 20:13:08 +02:00
Bruno BELANYI
ae8d8d75fd
flake: bump inputs
...
Update `fail2ban` to accomodate for RFC-42 migration.
2023-08-06 20:13:08 +02:00
Bruno BELANYI
47533f119e
modules: services: monitoring: add 'secretKeyFile'
ci/woodpecker/push/check Pipeline was successful
2023-07-17 10:59:58 +00:00
Bruno BELANYI
4bb1387376
modules: services: add tandoor-recipes
ci/woodpecker/push/check Pipeline was successful
2023-07-15 15:46:04 +02:00
Bruno BELANYI
5741421604
modules: services: nextcloud: enable 'notify_push'
2023-07-15 15:46:04 +02:00
Bruno BELANYI
c037d3844a
modules: services: nextcloud: configure redis
...
ci/woodpecker/push/check Pipeline was successful
I keep having some file-locking issues, and heard that using redis might
help alleviate those errant locks.
It's also necessary to use the `notify_push` app.
2023-07-15 14:01:14 +01:00
Bruno BELANYI
3e5fbfeb7a
modules: services: nextcloud: bump to 27
ci/woodpecker/push/check Pipeline was successful
2023-06-23 12:03:13 +02:00
Bruno BELANYI
2f03d92dd9
modules: services: woodpecker: use docker module
ci/woodpecker/push/check Pipeline was successful
2023-06-11 16:25:23 +01:00
Bruno BELANYI
e44dd4c6ea
modules: services: drone: use docker module
2023-06-11 16:25:23 +01:00
Bruno BELANYI
df9b060947
modules: system: podman: check for docker conflict
2023-06-11 16:23:31 +01:00
Bruno BELANYI
73fdd4622b
modules: system: add docker
2023-06-11 16:17:42 +01:00
Bruno BELANYI
5aa136f796
modules: system: podman: fix removed option
ci/woodpecker/push/check Pipeline was successful
2023-06-08 15:43:46 +00:00
Bruno BELANYI
18c9458cfa
modules: system: users: add 'docker' group
2023-06-08 15:43:46 +00:00
Bruno BELANYI
c0995929c4
modules: system: podman: add weekly purge
2023-06-08 15:43:46 +00:00
Bruno BELANYI
5d570dbf1e
modules: programs: steam: use writeShellScriptBin
ci/woodpecker/push/check Pipeline was successful
2023-06-03 13:40:44 +01:00
Bruno BELANYI
4f6f483851
modules: programs: steam: simplify wrapper
2023-06-03 13:40:44 +01:00
Bruno BELANYI
175a8acde2
modules: services: add vikunja
2023-05-13 21:18:57 +02:00
Bruno BELANYI
685c571018
modules: services: nginx: add 'socket' option
2023-05-13 21:18:57 +02:00
Bruno BELANYI
574634b64e
modules: services: blog: use 302 redirection
...
ci/woodpecker/push/check Pipeline was successful
That way the browser doesn't cache it, in case I do end up using that
domain after all.
2023-05-07 15:20:14 +01:00
Bruno BELANYI
a1dd0bb792
modules: services: matrix: remove 'with lib'
ci/woodpecker/push/check Pipeline was successful
2023-05-04 12:19:31 +00:00
Bruno BELANYI
c19baeb19d
modules: system: podman: remove unused 'options'
2023-05-04 09:27:19 +00:00
Bruno BELANYI
62d9359eb7
modules: services: matrix: clean-up formatting
2023-05-04 09:27:19 +00:00
Bruno BELANYI
2f3989bba1
modules: services: wireguard: simplify
2023-05-03 15:15:31 +00:00
Bruno BELANYI
49b2cb9781
modules: secrets: remove unused 'options'
2023-05-03 15:15:31 +00:00
Bruno BELANYI
fadb8e96fc
modules: system: nix: add 'cache.selfHosted'
2023-05-03 15:02:44 +00:00
Bruno BELANYI
20d19ed128
modules: system: nix: rename 'inputs' options
2023-05-03 15:02:44 +00:00
Bruno BELANYI
455a4e5431
modules: services: add nix-serve
2023-05-03 15:02:44 +00:00
Bruno BELANYI
d9e115a876
modules: services: woodpecker: adapt gitea URL
2023-05-03 15:02:44 +00:00
Bruno BELANYI
d8c841333b
modules: services: gitea: migrate settings
...
Most of the settings are now RFC-42 compliant.
2023-05-03 15:02:44 +00:00
Bruno BELANYI
638f4a7774
modules: system: boot: rename 'tmp' options
ci/woodpecker/push/check Pipeline was successful
2023-04-17 21:25:15 +02:00
Bruno BELANYI
7cebaa3751
modules: secrets: move wireguard keys
...
This is a bit special, as some of the keys do not belong to NixOS hosts,
so store those in the module itself, and into host-specific directories
for the keys that are NixOS hosts.
2023-04-17 08:18:27 +00:00
Bruno BELANYI
ed745602a1
modules: secrets: move non-existent key workaround
...
Since this configuration was only there to accommodate `aramis`, make it
be host-specific instead, and rely on the default value otherwise.
2023-04-16 19:44:02 +01:00
Bruno BELANYI
6079485b50
modules: secrets: move host-specific secrets
2023-04-16 19:44:02 +01:00
Bruno BELANYI
57008bcb7c
hosts: nixos: add host-specific secrets module
...
This is the same logic as the common module, but for secrets that don't
need to be shared to different hosts.
2023-04-16 19:44:02 +01:00
Bruno BELANYI
34a3f9a0d6
modules: secrets: centralize agenix keys
...
If I intend on splitting the keys depending on which host needs to have
access to it, I should have a singular spot to manage the keys.
2023-04-16 19:44:02 +01:00
Bruno BELANYI
68bf36c45c
modules: secrets: wireguard: remove unused file
...
The peer definitions have been inlined into the Wireguard module a long
time ago.
2023-04-13 17:05:52 +00:00
Bruno BELANYI
54e9303319
modules: secrets: use diff-friendly formatting
ci/woodpecker/push/check Pipeline was successful
2023-04-13 15:55:34 +00:00
Bruno BELANYI
04f23976ee
modules: services: woodpecker: remove unused env
ci/woodpecker/push/check Pipeline was successful
2023-04-13 15:24:34 +00:00
Bruno BELANYI
94141d53b8
modules: services: woodpecker: remove 'TODO'
2023-04-13 15:17:16 +00:00
Bruno BELANYI
f15b3aa23d
modules: services: woodpecker: allow setuid
...
ci/woodpecker/push/check Pipeline was successful
I need it to be able to use `ssh-agent`, for some of my workflows.
2023-04-01 21:06:50 +02:00
Bruno BELANYI
7a5842f03a
modules: services: matrix: remove obsolete comment
continuous-integration/drone/push Build is passing
2023-04-01 15:56:48 +01:00
Bruno BELANYI
d20e921e33
modules: secrets: fix 'matrix/secret'
2023-04-01 15:56:48 +01:00
Bruno BELANYI
7e06f75a5d
modules: secrets: add woodpecker
2023-04-01 15:56:48 +01:00
Bruno BELANYI
020a32b9e8
modules: services: add woodpecker
2023-04-01 15:56:48 +01:00
Bruno BELANYI
5d9524dbdf
modules: services: blog: better blog redirection
2023-04-01 13:05:47 +02:00
Bruno BELANYI
a22fe4e636
modules: services: nextcloud: bump to 26
2023-04-01 13:05:47 +02:00
Bruno BELANYI
b909f43269
modules: services: nginx: sort settings
continuous-integration/drone/push Build is passing
2023-03-28 15:31:05 +00:00
Bruno BELANYI
cae174b0f7
modules: services: nginx: all recommended settings
2023-03-28 15:31:05 +00:00
Bruno BELANYI
642e58fc22
modules: hardware: bluetooth: use 'wireplumber'
continuous-integration/drone/push Build is passing
2023-03-28 15:31:05 +00:00
Bruno BELANYI
ad0c99c6f0
modules: services: paperless: fix postgres order
continuous-integration/drone/push Build is passing
2023-03-23 12:16:40 +00:00
Bruno BELANYI