Christoph Heiss
|
c2ce92d633
|
machines: fort: Enable fail2ban service
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-10-11 22:07:23 +02:00 |
|
Christoph Heiss
|
8a7984be6a
|
sources: Update nixpkgs and home-manager to 30-09-2023
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-10-11 00:14:42 +02:00 |
|
Christoph Heiss
|
916a621be4
|
services: blocky: Adapt deprecated options, add another blocklist
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-10-10 17:54:08 +02:00 |
|
Christoph Heiss
|
8c8096417b
|
services: Update sourcehut; drop use of removed services array
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-08-08 21:07:39 +02:00 |
|
Christoph Heiss
|
6eb1b62d4e
|
services: web: Enable HSTS everywhere
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-08-04 20:19:00 +02:00 |
|
Christoph Heiss
|
4ef626f26c
|
services: web: Fix ACME setup; use the correct ACME host
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-08-03 20:56:41 +02:00 |
|
Christoph Heiss
|
36ba7d4d0a
|
services: web: Simplify and add server aliases
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-08-01 18:08:11 +02:00 |
|
Christoph Heiss
|
9968e829ee
|
services: web: Always redirect to index on invalid request paths
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-08-01 18:07:40 +02:00 |
|
Christoph Heiss
|
36a3143483
|
services: nginx: Enable some more optimizations
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-08-01 18:06:40 +02:00 |
|
Christoph Heiss
|
eca3464a55
|
services: web: Add c8h4.io deployment
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-07-31 20:08:24 +02:00 |
|
Christoph Heiss
|
d52bbe93b0
|
services: paperless: Fix wrong secrets path
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-06-01 23:08:03 +02:00 |
|
Christoph Heiss
|
fd5a4f6443
|
secrets: Consolidate into one file; pass on using module args
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-06-01 18:27:21 +02:00 |
|
Christoph Heiss
|
fdfcd536ab
|
machines: serv: Add paperless-ngx service
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-05-10 21:40:32 +02:00 |
|
Christoph Heiss
|
9f757e1a0b
|
services: Move custom homer service definition to modules
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-05-10 21:38:19 +02:00 |
|
Christoph Heiss
|
3ab77b338a
|
pkgs: Add homer and dashboard-icons
homer: https://github.com/bastienwirtz/homer
dashboard-icons: https://github.com/bastienwirtz/homer
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-05-09 17:11:05 +02:00 |
|
Christoph Heiss
|
b40084c2b4
|
services: sourcehut: Bind secrets path into metasrht-daily service too
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-05-09 17:11:02 +02:00 |
|
Christoph Heiss
|
47ced6eab5
|
services: Add PostgreSQL 15 configuration
Fixes: 3c60832 ("machines: Rename 'srht' -> 'serv'")
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-05-04 16:31:31 +02:00 |
|
Christoph Heiss
|
550d2e8097
|
services: sourcehut: Clean up a bit
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-05-02 23:02:04 +02:00 |
|
Christoph Heiss
|
14b2ae4b06
|
services: nginx: Reload instead of restart on configuration changes
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-05-02 23:02:04 +02:00 |
|
Christoph Heiss
|
74d82de153
|
machines: Add srht
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-04-22 15:00:19 +02:00 |
|
Christoph Heiss
|
982142ae78
|
services: unbound: Fix prometheus exporter setup
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-04-13 21:05:05 +02:00 |
|
Christoph Heiss
|
376ccbbff0
|
services: openssh: Do not allow empty passwords
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-04-07 23:46:14 +02:00 |
|
Christoph Heiss
|
df9b15996d
|
machines: Add 'name'
Runs blocky + unbound for custom DNS.
Also adds all the common nix infrastructure needed.
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
|
2023-04-01 22:20:34 +02:00 |
|