c8h4/nixos-config
1
0
Fork 0
Code Issues Actions Activity
725 commits 2 branches 0 tags 6.3 MiB
Commit graph

35 commits

Author SHA1 Message Date
Christoph Heiss 30d55d5792
services: forgejo: move to other host with dedicated data directory 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-08-24 14:12:16 +02:00
Christoph Heiss 981fe69bf5
services: forgejo: simplify ssh setup by renaming user 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-08-24 14:02:23 +02:00
Christoph Heiss 31076d3f8f
services: add new yarr service for RSS reading
All checks were successful
flake / build (push) Successful in 3m57s
Details 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-08-18 22:03:19 +02:00
Christoph Heiss 4f7694fec5
services: vaultwarden: move to fort
All checks were successful
flake / build (push) Successful in 3m30s
Details 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-08-17 18:22:02 +02:00
Christoph Heiss 2875ee182b
services: vikunja: move to fort
All checks were successful
flake / build (push) Successful in 3m31s
Details 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-08-17 16:52:44 +02:00
Christoph Heiss 5f133d017e
machines: fort: mount additional data volume
Some checks failed
flake / build (push) Has been cancelled
Details 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-08-17 00:58:01 +02:00
Christoph Heiss c44b3b0e77
machines: fort: add discard=async mount option to all filesystems 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-08-17 00:55:17 +02:00
Christoph Heiss d94687c812
services: git-ingress: add dmz'd git-over-ssh ingress for forgejo 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-24 23:37:08 +02:00
Christoph Heiss e7b0f7a938
services: nginx: optimize overall configuration 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-04 17:23:57 +02:00
Christoph Heiss 6fb9beb383
flake: bump nixpkgs, home-manager, nixos-hardware, nixgl and sops-nix 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-06-03 11:15:44 +02:00
Christoph Heiss e088f045de
system: deploy-target: generify a bit 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-05-28 13:35:04 +02:00
Christoph Heiss 9d4477ff82
machines: enable regular btrfs scrub on all machines 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-05-12 15:01:59 +02:00
Christoph Heiss 320b97d660
tree-wide: convert everything from morph to nixinate + sops-nix 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-05-10 01:20:50 +02:00
Christoph Heiss 83c7b415d1
services: alertmanager: add initial deployment 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-04-20 21:27:19 +02:00
Christoph Heiss 9219504c20
services: prometheus: restructure a bit, extract node-exporter 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-03-03 21:31:50 +01:00
Christoph Heiss b63c953cf0
services: gatus: drop completely 
Will be replaced by Grafana + Mimir + blackbox-exporter (probably) in
the future.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-02-10 20:41:24 +01:00
Christoph Heiss 3a8bcee21a
secrets: fort: unify files 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-01-29 20:28:40 +01:00
Christoph Heiss db6115965e
secrets: start cleaning up a bit 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-01-22 23:43:53 +01:00
Christoph Heiss 6055cefb76
machines: fort: simplify ACME setup 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-01-07 02:58:44 +01:00
Christoph Heiss 26e767fd61
tree-wide: switch to grub2 as default bootloader, instead of systemd-boot 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-01-06 18:41:52 +01:00
Christoph Heiss d422809bed
module: import modules in morph target definition 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2024-01-03 00:24:51 +01:00
Christoph Heiss 825ca21bf0
services: conduit: add restic backup job 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-12-14 18:43:44 +01:00
Christoph Heiss fab45bde9b
machines: fort: add gatus service deployment 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-12-06 16:10:26 +01:00
Christoph Heiss 4225a27fff
machines: fort: add matrix-hookshot service 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-12-04 20:38:33 +01:00
Christoph Heiss 968b0954f5
services: add conduit as Matrix homeserver 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-13 13:13:41 +01:00
Christoph Heiss 190d1f7852
machines: fort: Disable DHCP completely; not needed 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-11-04 00:25:01 +01:00
Christoph Heiss a1be5e8ae4
machines: fort: Add IPv6 address 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-10-21 10:28:43 +02:00
Christoph Heiss 243e668be0
machines: fort: Enable IPv4 forwarding 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-10-13 19:51:31 +02:00
Christoph Heiss c2ce92d633
machines: fort: Enable fail2ban service 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-10-11 22:07:23 +02:00
Christoph Heiss e1c4074083
machines: fort: Properly allow WireGuard ports w/o defining multiple times 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-10-11 21:43:53 +02:00
Christoph Heiss 4b5956d7c2
secrets: Add some deployment 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-08-03 22:57:41 +02:00
Christoph Heiss eca3464a55
services: web: Add c8h4.io deployment 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-07-31 20:08:24 +02:00
Christoph Heiss 8c42715461
machines: fort: Restructure network/wireguard configuration 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-07-29 19:36:52 +02:00
Christoph Heiss 95a966b279
machines: fort: Switch from ARM64 back to x86_64 machine 
While it /works/ and I'd love to use the Ampere machine, cross-arch
deployment (with morph, in particular) is still too big of a PITA to
actually be worth it.

Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-07-29 18:40:46 +02:00
Christoph Heiss 06e5d5ad61
machines: Add new fort 
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
 2023-07-28 23:24:47 +02:00