nixos-config

Author	SHA1	Message	Date
Christoph Heiss	dcc68f513f	services: forgejo: disable rsa and dsa ssh keys Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-09-19 15:24:18 +02:00
Christoph Heiss	850c8a0cc1	lib: add `trimNewlines` Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-25 23:05:35 +02:00
Christoph Heiss	d63c2335a8	services: web: c8h4-io: move acme definitions here Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-24 20:26:49 +02:00
Christoph Heiss	be9bb3843c	services: forgejo: simplify sshd setup All checks were successful flake / build (push) Successful in 2m59s Details Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-24 17:47:58 +02:00
Christoph Heiss	dfeffdf041	services: openssh: disable sftp subsystem for real All checks were successful flake / build (push) Successful in 3m9s Details Apparently, the default value is `true`, not `false` as I erroneously assumed. :/ Fixes: `389f345` ("services: openssh: disable sftp subsystem") Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-24 17:39:21 +02:00
Christoph Heiss	4bd87669df	services: forgejo: enable `twoqueue` cache All checks were successful flake / build (push) Successful in 3m6s Details Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-24 17:12:15 +02:00
Christoph Heiss	3f29ed7dfb	services: forgejo: enable old actions and repo archive cleanup tasks Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-24 17:09:56 +02:00
Christoph Heiss	54b41e8933	services: forgejo: disable user account deletion Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-24 17:07:13 +02:00
Christoph Heiss	35dcf3d3ba	services: forgejo: pin secret key All checks were successful flake / build (push) Successful in 3m18s Details Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-24 14:12:16 +02:00
Christoph Heiss	30d55d5792	services: forgejo: move to other host with dedicated data directory Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-24 14:12:16 +02:00
Christoph Heiss	7abca790ca	services: forgejo: simplify nginx setup Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-24 14:02:26 +02:00
Christoph Heiss	981fe69bf5	services: forgejo: simplify ssh setup by renaming user Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-24 14:02:23 +02:00
Christoph Heiss	738a05aec0	services: forgejo: switch database to sqlite3 Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-24 13:03:32 +02:00
Christoph Heiss	ede4400e9e	services: nginx: add fail2ban filter for (more) crawlers All checks were successful flake / build (push) Successful in 2m57s Details Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-22 23:11:20 +02:00
Christoph Heiss	b4c458e11a	services: vaultwarden: add fail2ban jail All checks were successful flake / build (push) Successful in 3m7s Details Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-19 10:39:58 +02:00
Christoph Heiss	e373b1aa98	services: nginx: enable fail2ban 'apache-badbots' filter Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-19 10:36:10 +02:00
Christoph Heiss	9250581753	services: fail2ban: increase default bantime to 1 week Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-19 10:31:37 +02:00
Christoph Heiss	31076d3f8f	services: add new yarr service for RSS reading All checks were successful flake / build (push) Successful in 3m57s Details Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-18 22:03:19 +02:00
Christoph Heiss	4f7694fec5	services: vaultwarden: move to fort All checks were successful flake / build (push) Successful in 3m30s Details Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-17 18:22:02 +02:00
Christoph Heiss	bd16916a99	services: vaultwarden: migrate from postgresql to sqlite Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-17 17:53:52 +02:00
Christoph Heiss	ccbfff0b13	services: vaultwarden: factor out fqdn construction Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-17 17:50:56 +02:00
Christoph Heiss	2875ee182b	services: vikunja: move to fort All checks were successful flake / build (push) Successful in 3m31s Details Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-17 16:52:44 +02:00
Christoph Heiss	14632d40a7	services: vikunja: centralize fqdn construction Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-17 14:58:33 +02:00
Christoph Heiss	5099e0fbb7	services: forgejo: increase reverse proxy max body size All checks were successful flake / build (push) Successful in 3m21s Details Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-17 11:04:55 +02:00
Christoph Heiss	e1c83122ca	services: forgejo: drop attribute which gets overwritten anyway All checks were successful flake / build (push) Successful in 4m0s Details Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-17 01:05:35 +02:00
Christoph Heiss	6333d7d38d	services: drop tt-rss completely All checks were successful flake / build (push) Successful in 3m21s Details Instead I'll be switching to yarr [0], which is a lot simpler and supports using a sqlite database. [0] https://github.com/nkanaev/yarr Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-16 23:21:47 +02:00
Christoph Heiss	2cb5597d77	services: postgresql: upgrade to 16 All checks were successful flake / build (push) Successful in 3m26s Details Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-16 23:06:30 +02:00
Christoph Heiss	07968bc383	services: forgejo: enable periodic repositories garbage collection All checks were successful flake / build (push) Successful in 3m28s Details Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-06 00:46:23 +02:00
Christoph Heiss	57f2ea8e5b	services: grafana: fix server listen address Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-08-06 00:44:03 +02:00
Christoph Heiss	893ceb1687	services: prometheus: switch over to dedicated subdomain instead of subpath All checks were successful ci/woodpecker/push/woodpecker Pipeline was successful Details Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-07-07 17:04:03 +02:00
Christoph Heiss	0daabd8768	services: forgejo: re-enable actions Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-07-07 16:49:27 +02:00
Christoph Heiss	06fd80f486	services: grafana: switch over to dedicated subdomain instead of subpath Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-29 12:50:54 +02:00
Christoph Heiss	30e6c7ab70	services: forgejo: explicitly set dump file name Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-29 12:48:47 +02:00
Christoph Heiss	a81e33f7bb	services: forgejo: disable actions Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-26 16:12:03 +02:00
Christoph Heiss	537325a85a	services: forgejo: increase repo health check timeout to 10min Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-26 16:10:30 +02:00
Christoph Heiss	b13318b89f	services: sourcehut: drop completely Switched to Forgejo .. it's just so _much_ simpler than sourcehut with all its small microservices, essentially. Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-24 23:37:09 +02:00
Christoph Heiss	8ee22e9e5c	services: home-assistant: use batch mode for ssh invocations Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-24 23:37:09 +02:00
Christoph Heiss	417ff5defa	services: forgejo: enable backups using restic Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-24 23:37:09 +02:00
Christoph Heiss	d94687c812	services: git-ingress: add dmz'd git-over-ssh ingress for forgejo Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-24 23:37:08 +02:00
Christoph Heiss	599a4db693	services: forgejo: add initial deployment Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-18 22:10:52 +02:00
Christoph Heiss	249cf3f640	services: vikunja: add initial deployment Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-06 17:56:34 +02:00
Christoph Heiss	6aac3e5cfc	services: nginx: make `clientMaxBodySize` default overridable Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-05 22:51:55 +02:00
Christoph Heiss	5d0b66df29	services: tt-rss: scale down default settings a bit Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-04 17:24:37 +02:00
Christoph Heiss	e7b0f7a938	services: nginx: optimize overall configuration Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-04 17:23:57 +02:00
Christoph Heiss	c69bb88f8b	services: vaultwarden: lower number of workers Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-01 23:08:34 +02:00
Christoph Heiss	058efe7f4d	services: prometheus: clean up a bit Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-06-01 00:59:06 +02:00
Christoph Heiss	e088f045de	system: deploy-target: generify a bit Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-05-28 13:35:04 +02:00
Christoph Heiss	ca6861b25c	services: matrix-hookshot: switch bridge bind address to ipv6 Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-05-20 21:12:25 +02:00
Christoph Heiss	e1163ab15b	services: home-assistant: move reverse proxy definition to service file Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-05-20 15:58:47 +02:00
Christoph Heiss	5f1d34452a	services: sourcehut: set up redirect for additional subdomain Signed-off-by: Christoph Heiss <christoph@c8h4.io>	2024-05-20 15:51:16 +02:00

1 2 3

139 commits