Christoph Heiss
981fe69bf5
services: forgejo: simplify ssh setup by renaming user
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-24 14:02:23 +02:00
Christoph Heiss
738a05aec0
services: forgejo: switch database to sqlite3
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-24 13:03:32 +02:00
Christoph Heiss
ede4400e9e
services: nginx: add fail2ban filter for (more) crawlers
...
flake / build (push) Successful in 2m57s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-22 23:11:20 +02:00
Christoph Heiss
b4c458e11a
services: vaultwarden: add fail2ban jail
...
flake / build (push) Successful in 3m7s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-19 10:39:58 +02:00
Christoph Heiss
e373b1aa98
services: nginx: enable fail2ban 'apache-badbots' filter
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-19 10:36:10 +02:00
Christoph Heiss
9250581753
services: fail2ban: increase default bantime to 1 week
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-19 10:31:37 +02:00
Christoph Heiss
31076d3f8f
services: add new yarr service for RSS reading
...
flake / build (push) Successful in 3m57s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-18 22:03:19 +02:00
Christoph Heiss
4f7694fec5
services: vaultwarden: move to fort
...
flake / build (push) Successful in 3m30s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 18:22:02 +02:00
Christoph Heiss
bd16916a99
services: vaultwarden: migrate from postgresql to sqlite
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 17:53:52 +02:00
Christoph Heiss
ccbfff0b13
services: vaultwarden: factor out fqdn construction
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 17:50:56 +02:00
Christoph Heiss
2875ee182b
services: vikunja: move to fort
...
flake / build (push) Successful in 3m31s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 16:52:44 +02:00
Christoph Heiss
14632d40a7
services: vikunja: centralize fqdn construction
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 14:58:33 +02:00
Christoph Heiss
5099e0fbb7
services: forgejo: increase reverse proxy max body size
...
flake / build (push) Successful in 3m21s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 11:04:55 +02:00
Christoph Heiss
e1c83122ca
services: forgejo: drop attribute which gets overwritten anyway
...
flake / build (push) Successful in 4m0s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-17 01:05:35 +02:00
Christoph Heiss
6333d7d38d
services: drop tt-rss completely
...
flake / build (push) Successful in 3m21s
Instead I'll be switching to yarr [0], which is a lot simpler and
supports using a sqlite database.
[0] https://github.com/nkanaev/yarr
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-16 23:21:47 +02:00
Christoph Heiss
2cb5597d77
services: postgresql: upgrade to 16
...
flake / build (push) Successful in 3m26s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-16 23:06:30 +02:00
Christoph Heiss
07968bc383
services: forgejo: enable periodic repositories garbage collection
...
flake / build (push) Successful in 3m28s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-06 00:46:23 +02:00
Christoph Heiss
57f2ea8e5b
services: grafana: fix server listen address
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-08-06 00:44:03 +02:00
Christoph Heiss
893ceb1687
services: prometheus: switch over to dedicated subdomain instead of subpath
...
ci/woodpecker/push/woodpecker Pipeline was successful
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-07-07 17:04:03 +02:00
Christoph Heiss
0daabd8768
services: forgejo: re-enable actions
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-07-07 16:49:27 +02:00
Christoph Heiss
06fd80f486
services: grafana: switch over to dedicated subdomain instead of subpath
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-29 12:50:54 +02:00
Christoph Heiss
30e6c7ab70
services: forgejo: explicitly set dump file name
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-29 12:48:47 +02:00
Christoph Heiss
a81e33f7bb
services: forgejo: disable actions
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-26 16:12:03 +02:00
Christoph Heiss
537325a85a
services: forgejo: increase repo health check timeout to 10min
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-26 16:10:30 +02:00
Christoph Heiss
b13318b89f
services: sourcehut: drop completely
...
Switched to Forgejo .. it's just so _much_ simpler than sourcehut with
all its small microservices, essentially.
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-24 23:37:09 +02:00
Christoph Heiss
8ee22e9e5c
services: home-assistant: use batch mode for ssh invocations
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-24 23:37:09 +02:00
Christoph Heiss
417ff5defa
services: forgejo: enable backups using restic
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-24 23:37:09 +02:00
Christoph Heiss
d94687c812
services: git-ingress: add dmz'd git-over-ssh ingress for forgejo
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-24 23:37:08 +02:00
Christoph Heiss
599a4db693
services: forgejo: add initial deployment
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-18 22:10:52 +02:00
Christoph Heiss
249cf3f640
services: vikunja: add initial deployment
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-06 17:56:34 +02:00
Christoph Heiss
6aac3e5cfc
services: nginx: make clientMaxBodySize
default overridable
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-05 22:51:55 +02:00
Christoph Heiss
5d0b66df29
services: tt-rss: scale down default settings a bit
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-04 17:24:37 +02:00
Christoph Heiss
e7b0f7a938
services: nginx: optimize overall configuration
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-04 17:23:57 +02:00
Christoph Heiss
c69bb88f8b
services: vaultwarden: lower number of workers
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-01 23:08:34 +02:00
Christoph Heiss
058efe7f4d
services: prometheus: clean up a bit
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-06-01 00:59:06 +02:00
Christoph Heiss
e088f045de
system: deploy-target: generify a bit
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-05-28 13:35:04 +02:00
Christoph Heiss
ca6861b25c
services: matrix-hookshot: switch bridge bind address to ipv6
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-05-20 21:12:25 +02:00
Christoph Heiss
e1163ab15b
services: home-assistant: move reverse proxy definition to service file
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-05-20 15:58:47 +02:00
Christoph Heiss
5f1d34452a
services: sourcehut: set up redirect for additional subdomain
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-05-20 15:51:16 +02:00
Christoph Heiss
0f678e07a2
services: paperless: move reverse proxy definition to service file
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-05-20 15:50:41 +02:00
Christoph Heiss
ad5fa64abb
services: paperless: ensure redis socket is available before starting
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-05-20 12:48:46 +02:00
Christoph Heiss
e9472ed01b
services: alertmanager: switch to local address for simplicity
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-05-20 12:48:15 +02:00
Christoph Heiss
389f3452bd
services: openssh: disable sftp subsystem
...
This was really only needed for morph to work anyway.
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-05-18 12:04:26 +02:00
Christoph Heiss
caae71508e
services: grafana: drop dashboard provisioning
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-05-14 12:01:07 +02:00
Christoph Heiss
fa30e23456
services: navidrome: switch to sqlite .backup
command for backups
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-05-13 18:43:38 +02:00
Christoph Heiss
28691f1999
services: navidrome: use headless ffmpeg
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-05-13 18:43:20 +02:00
Christoph Heiss
320b97d660
tree-wide: convert everything from morph to nixinate + sops-nix
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-05-10 01:20:50 +02:00
Christoph Heiss
83c7b415d1
services: alertmanager: add initial deployment
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-04-20 21:27:19 +02:00
Christoph Heiss
e91b3ce221
services: matrix-hookshot: allow js transformation funcs for webhooks
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-04-20 21:25:31 +02:00
Christoph Heiss
6b69dc4df0
services: sourcehut: streamline configuration a bit more
...
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-04-16 19:31:29 +02:00