Commit Graph

140 Commits

Author SHA1 Message Date
Oystein Kristoffer Tveit 47c0ee8b68
flake.nix: create per host home-manager config files 2024-06-30 14:35:38 +02:00
Oystein Kristoffer Tveit 09d0bc29e0
{tsuki/dosei}: set up wstunnel 2024-06-29 13:48:40 +02:00
Oystein Kristoffer Tveit 6e4d125b63
common: specify stateVersion per machine 2024-06-26 20:31:15 +02:00
Oystein Kristoffer Tveit 7c3e6fcf42
tsuki: fix eval 2024-06-25 22:26:09 +02:00
Oystein Kristoffer Tveit 73f527559e
tsuki/nginx: add vhost for experimental mutable bluemap setup 2024-06-10 00:50:11 +02:00
Oystein Kristoffer Tveit a6c24b04a1
tsuki/nhk-easy-news-scraper: temporarily disable statedir + bindmount 2024-06-10 00:48:02 +02:00
Oystein Kristoffer Tveit e3cedee060
tsuki/matrix-synapse: add dependencies to systemd slice 2024-06-10 00:46:49 +02:00
Oystein Kristoffer Tveit 53c6c32fb8
tsuki/plex: remove security hardening, included in nixos 24.05 2024-06-10 00:45:19 +02:00
Oystein Kristoffer Tveit 3a81abb683
tsuki/matrix-stickers: update hash for stickerpack 2024-06-10 00:44:39 +02:00
Oystein Kristoffer Tveit 9d090da7cd
rebase: remove mx-puppet-discord 2024-06-10 00:43:55 +02:00
Oystein Kristoffer Tveit 9187a62d6f
tsuki: use `ensureDBOwnership` for postgres for nixos 24.05 migration 2024-06-10 00:43:04 +02:00
Oystein Kristoffer Tveit 68bf2cd1b0
inputs/maunium-stickerpicker-nix: pin to release 2024-06-09 16:18:42 +02:00
Oystein Kristoffer Tveit c7123f23ac
tsuki/invidious: remove 2024-06-09 16:13:32 +02:00
Oystein Kristoffer Tveit e943f2fe5f
tsuki/headscale: disable 2024-06-09 16:13:32 +02:00
Oystein Kristoffer Tveit 830e5477f3
tsuki/navidrome: remove 2024-06-09 16:13:31 +02:00
Oystein Kristoffer Tveit 7f36a1b8c8
tsuki/mx-puppet-discord: remove 2024-06-09 16:13:31 +02:00
Oystein Kristoffer Tveit 2a388e29a5
tsuki/mautrix-facebook: remove 2024-06-09 16:13:31 +02:00
Oystein Kristoffer Tveit 2b0968283d
tsuki/gitea: remove 2024-06-09 16:13:31 +02:00
Oystein Kristoffer Tveit a20bb288aa
tsuki/jupyter: remove 2024-06-09 15:40:57 +02:00
Oystein Kristoffer Tveit 3b736e4c61
tsuki/pgadmin: remove 2024-06-09 15:34:09 +02:00
Oystein Kristoffer Tveit 358a668aa7
tsuki/hydra: remove 2024-06-09 15:30:17 +02:00
Oystein Kristoffer Tveit 37a43a2bd9
tsuki/gitea-runners: init 2024-06-09 15:25:47 +02:00
Oystein Kristoffer Tveit dd800a3794
tsuki/nhk-scraper: WIP changes 2024-01-23 05:51:37 +01:00
Oystein Kristoffer Tveit 9f2e7f7ac1
tsuki/nginx: remove proxmox vhost 2024-01-23 05:49:17 +01:00
Oystein Kristoffer Tveit df5f0dc9c4
tsuki/matrix: use postgres through socket 2024-01-23 05:46:24 +01:00
Oystein Kristoffer Tveit 4f020f4cdd
tsuki/matrix: downscale workers 2024-01-23 05:46:06 +01:00
Oystein Kristoffer Tveit b8daea8fc1
tsuki/headscale: conditional config 2024-01-23 05:40:52 +01:00
Oystein Kristoffer Tveit 4d2875d168
tsuki/hedgedoc: use upstream module 2024-01-23 05:40:19 +01:00
Oystein Kristoffer Tveit 22f5345026
tsuki/hydra: harden server unit 2024-01-23 05:36:39 +01:00
Oystein Kristoffer Tveit ce5c3666b9
tsuki/jupyter: set up tmpdirs for notebooks 2024-01-23 05:35:58 +01:00
Oystein Kristoffer Tveit 1ea23dc42e
tsuki: set system.stateVersion 2024-01-23 05:35:20 +01:00
Oystein Kristoffer Tveit 56df2f5e10
tsuki: lowercase hostname 2024-01-23 05:33:48 +01:00
Oystein Kristoffer Tveit 8ce9100913
kanidm: explicitly bind to localhost 2024-01-23 05:32:34 +01:00
Oystein Kristoffer Tveit d629eedaaf
tsuki/navidrome: conditional config 2024-01-23 05:31:26 +01:00
Oystein Kristoffer Tveit 72e7626e9d
tsuki/postgres: tune for bare metal setup 2024-01-23 05:31:06 +01:00
Oystein Kristoffer Tveit f49d3665fc
tsuki/vaultwarden: disable invitations 2024-01-23 05:30:14 +01:00
Oystein Kristoffer Tveit fe50d92f8c
tsuki/vaultwarden: conditional config 2024-01-23 05:29:57 +01:00
Oystein Kristoffer Tveit 3d2825d1ec
tsuki/samba: init 2024-01-23 05:29:17 +01:00
Oystein Kristoffer Tveit 1efd3d4f0a
tsuki/kanidm: set up backups 2024-01-23 05:27:43 +01:00
Oystein Kristoffer Tveit 851d0c1fd0
tsuki/prometehus: set up slice for exporters 2024-01-23 05:26:22 +01:00
Oystein Kristoffer Tveit 0d3e805611
tsuki: move to bare metal, set up zfs 2024-01-23 05:24:47 +01:00
Oystein Kristoffer Tveit 3a52ba8901
treewide: update to nixos 23.11 2023-12-18 20:59:48 +01:00
Oystein Kristoffer Tveit 7193a12ac2
tsuki/services: remove some uses of secret ports 2023-10-06 18:27:21 +02:00
Oystein Kristoffer Tveit 3d613d1ac9
tsuki/invidious: use socket activation 2023-10-06 18:27:19 +02:00
Oystein Kristoffer Tveit 424fea0dc8
tsuki/jupyter: use socket activation 2023-10-06 18:27:18 +02:00
Oystein Kristoffer Tveit 5bb10df9e1
tsuki/borg: partial systemd hardening
There's still quite a bit to do, but the service fails on a weird option
that I've not been able to pin down. At least this is better than
nothing ¯\_(ツ)_/¯
2023-10-06 18:27:17 +02:00
Oystein Kristoffer Tveit 450d26cf4b
tsuki/atuin: use socket activation 2023-10-06 18:27:16 +02:00
Oystein Kristoffer Tveit aca2962eec
tsuki/vaultwarden: use socket activation 2023-10-06 18:27:15 +02:00
Oystein Kristoffer Tveit caedfe1810
tsuki/matrix/stickers: use new module and add lots of stickerpacks 2023-10-06 18:27:14 +02:00
Oystein Kristoffer Tveit 6663a8f280
tsuki/atuin: systemd harden 2023-07-28 22:25:50 +02:00