Oystein Kristoffer Tveit
1f5832074b
tsuki/taskserver: (unfinished) start setting up taskserver and taskwarrior
2023-07-12 23:42:07 +02:00
Oystein Kristoffer Tveit
6c2bd3f2d5
tsuki/invidious: remove redundant code, add comments
2023-07-12 23:38:41 +02:00
Oystein Kristoffer Tveit
394a932988
tsuki/nginx: misc:
...
- Move temporary website into its own file
- Collect all http uris into upstreams
- Convert some upstreams to UNIX sockets, as changed in the last few
commits
2023-07-12 23:36:57 +02:00
Oystein Kristoffer Tveit
24a02d386c
tsuki/hedgedoc: misc:
...
- Experiment with reducing the number of options in the module
- Use UNIX socket behind nginx
- "Upstream" systemd hardening to module
2023-07-12 23:34:23 +02:00
Oystein Kristoffer Tveit
5ea58f1b98
tsuki/gitea: use UNIX socket behind gitea
2023-07-12 23:30:39 +02:00
Oystein Kristoffer Tveit
fd052eea5a
tsuki/grafana: use UNIX socket behind nginx
2023-07-12 23:27:10 +02:00
Oystein Kristoffer Tveit
1f3b5addd3
tsuki/hedgedoc: misc:
...
- configure oauth2 (this requires a custom module for now,
will be resolved in 23.11)
- harden systemd service
- add systemd requires list
- use socket postgres uri
2023-07-12 02:30:00 +02:00
Oystein Kristoffer Tveit
5250d40457
grub: remove version, attr for 23.05
2023-07-12 02:06:41 +02:00
Oystein Kristoffer Tveit
cf42debf37
tsuki/invidious: misc:
...
- bind to 127.0.0.1
- depend on postgresql systemd unit
2023-07-12 02:06:41 +02:00
Oystein Kristoffer Tveit
c8db83b925
tsuki/plex: harden systemd unit
2023-07-12 02:06:41 +02:00
Oystein Kristoffer Tveit
20de3c260f
tsuki/postgres: misc:
...
- add postgresql backup service
- harden systemd unit
- increase max_connections
2023-07-12 02:06:40 +02:00
Oystein Kristoffer Tveit
82ea6e9f5a
tsuki: add timed nhk easy news scraper
2023-07-12 02:06:40 +02:00
Oystein Kristoffer Tveit
dddc92877c
tsuki/matrix/matrix-appservice-irc: enable lainchan irc bouncer
2023-07-12 02:06:40 +02:00
Oystein Kristoffer Tveit
68b181fc05
tsuki/matrix/mx-puppet-discord: disable temporarily
...
This still uses an old version of node that is disabled
in nixpkgs 23.05, disabling for now
2023-07-12 02:06:39 +02:00
Oystein Kristoffer Tveit
98745298c7
tsuki/matrix/mautrix-facebook: disable
...
Got banned one too many times, disabling for now.
2023-07-12 02:06:39 +02:00
Oystein Kristoffer Tveit
8a42e97014
tsuki/monitoring: misc:
...
- Secure grafana better, it had secrets in the nix store
- Set up prometheus exporters for nginx and php-fpm
- Add urls for dashboards
- Disable automatic updates
2023-07-12 02:06:39 +02:00
Oystein Kristoffer Tveit
25b6f0f3e9
tsuki/vaultwarden: add vaultwarden, password manager
2023-07-12 02:06:38 +02:00
Oystein Kristoffer Tveit
40e95ce030
tsuki/borg: set up borgbackup
2023-07-12 02:06:37 +02:00
Oystein Kristoffer Tveit
0e3a4c35d2
tsuki/atuin: set up atuin server
2023-07-12 02:06:16 +02:00
Oystein Kristoffer Tveit
fc0e4f6c52
tsuki/nginx/www: real website dead, add temporary website
2023-07-12 02:04:57 +02:00
Oystein Kristoffer Tveit
949f228c97
tsuki/hydra: put all services below `system-hydra.slice`
2023-07-12 02:04:56 +02:00
Oystein Kristoffer Tveit
7f8d60057d
tsuki/headscale: fix oauth2, and set up tailscale
2023-07-12 02:04:53 +02:00
Oystein Kristoffer Tveit
dc14eaa086
sops: add kasei to sops
2023-05-08 02:50:47 +02:00
Oystein Kristoffer Tveit
3267e5f687
tsuki/headscale: start working on oidc login
2023-05-08 02:36:17 +02:00
Oystein Kristoffer Tveit
cc03b64376
common: use machinevars to determine whether to use x11
2023-05-08 02:36:15 +02:00
Oystein Kristoffer Tveit
58061df4ab
tsuki: set up nextcloud, without enabling it
2023-05-08 02:36:14 +02:00
Oystein Kristoffer Tveit
32885239c3
tsuki/pgadmin: misc
...
- The pgadmin config has grown, and as a result, it has been split from
the postgres file.
- Setup OAuth
- Setup uWSGI and forward to nginx via socket
(This last part is still a little borked, and the service is not
functioning entirely just yet)
2023-05-08 02:36:13 +02:00
Oystein Kristoffer Tveit
53dbedef2b
tsuki/hedgedoc: small auth url improvement
2023-05-08 02:36:12 +02:00
Oystein Kristoffer Tveit
f8c06f985e
common: update openssh setting API
2023-05-08 02:36:12 +02:00
Oystein Kristoffer Tveit
7cdf122c58
tsuki: set up invidious
2023-05-08 02:36:10 +02:00
Oystein Kristoffer Tveit
df3aa7c10e
tsuki: setup oauth2 for pgadmin
...
This commit also changes the pgadmin package from `22.11` to `unstable`
2023-03-17 01:28:33 +01:00
Oystein Kristoffer Tveit
5e2a5a939b
tsuki: move gitea postgres password to sops
2023-03-08 15:59:50 +01:00
Oystein Kristoffer Tveit
a82a3f95c0
tsuki: move hardware config to configuration file
2023-03-08 15:26:07 +01:00
Oystein Kristoffer Tveit
7a0fcf7805
tsuki: configure wildcard certs for nginx
2023-03-08 14:54:43 +01:00
Oystein Kristoffer Tveit
ebd854a0ae
gitea: set up oauth2
2023-03-08 14:54:42 +01:00
Oystein Kristoffer Tveit
dd6c99226e
tsuki: set up hedgedoc
...
the dynmap subdomain was also renamed from "dyn" to "map" in this commit
2023-03-08 14:54:40 +01:00
Oystein Kristoffer Tveit
1d99bbfd46
Set up sops-nix
2023-03-07 23:15:21 +01:00
Oystein Kristoffer Tveit
2ad7b7b2c3
tsuki: remove keycloak
2023-03-07 23:15:20 +01:00
Oystein Kristoffer Tveit
0df70d6c72
tsuki: add well-known autoconfig for thunderbird mail
2023-03-07 23:15:19 +01:00
Oystein Kristoffer Tveit
d5ae85092c
tsuki: set up kanidm
2023-03-07 23:15:18 +01:00
Oystein Kristoffer Tveit
f41fcce8c6
common: add some more nix options
2023-02-26 04:36:21 +01:00
Oystein Kristoffer Tveit
7c3c830d6e
tsuki: add recommended minecraft jvm flags
2023-02-25 21:15:35 +01:00
Oystein Kristoffer Tveit
5b0dd71b4a
tsuki: add some systemd constraints
...
Add some systemd constraints to some fix boottime service failures
2023-02-25 21:12:38 +01:00
Oystein Kristoffer Tveit
a08f6ce28e
tsuki: add `.well-known/matrix/client`
2023-02-25 21:10:39 +01:00
Oystein Kristoffer Tveit
1eefc118bf
tsuki: add postgres to environment
2023-02-25 20:01:57 +01:00
Oystein Kristoffer Tveit
7f416ed5b8
common.nix: fix weird headless-var recursion issue
2023-02-25 18:05:57 +01:00
Oystein Kristoffer Tveit
42938295ac
kasei: misc changes
...
- new screen setup
- new network setup
- don't explicitly enable xserver and lightdm
- add nvidia video drivers to x11
2023-02-25 18:04:55 +01:00
Oystein Kristoffer Tveit
7ee4535963
kasei: enable docker and libvirtd
2023-02-25 18:01:22 +01:00
Oystein Kristoffer Tveit
c215f945e9
kasei: move hardware-configuration to main config
2023-02-25 18:01:06 +01:00
Oystein Kristoffer Tveit
6b037127e2
kasei: add temporary logid service
2023-02-25 18:00:02 +01:00