about summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* add a CI configuration for this repoFranck Cuny2023-12-041-0/+28
|
* additional cleanup for flakesFranck Cuny2023-12-043-43/+57
| | | | | Move the host configuration to `flake/hosts.nix` to follow what we did with `devshell`.
* add nixd as a LSP for nix.Franck Cuny2023-12-041-0/+1
|
* update to 23.11 and break down flakesFranck Cuny2023-12-044-140/+264
| | | | | | | | Update to 23.11 for both nix and home-manager. Break down the flake in multiple parts (hosts, devshell) so that they are easier to maintain. The main reason to start this is because `nix flake check` was failing, the flake was not correct.
* formatting a few files with treefmtFranck Cuny2023-12-035-16/+14
|
* flake.lock: UpdateFranck Cuny2023-12-031-13/+13
| | | | | | | | | | | | | | Flake lock file updates: • Updated input 'darwin': 'github:lnl7/nix-darwin/afe83cbc2e673b1f08d32dd0f70df599678ff1e7' (2023-10-27) → 'github:lnl7/nix-darwin/4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d' (2023-11-24) • Updated input 'home-manager': 'github:nix-community/home-manager/07682fff75d41f18327a871088d20af2710d4744' (2023-09-19) → 'github:nix-community/home-manager/28535c3a34d79071f2ccb68671971ce0c0984d7e' (2023-11-19) • Updated input 'pre-commit-hooks': 'github:cachix/pre-commit-hooks.nix/ea758da1a6dcde6dc36db348ed690d09b9864128' (2023-11-06) → 'github:cachix/pre-commit-hooks.nix/e5ee5c5f3844550c01d2131096c7271cec5e9b78' (2023-11-25)
* install github's monaspace [1] fontsFranck Cuny2023-11-201-0/+2
| | | | [1] https://monaspace.githubnext.com
* don't need to install emacs' pGTK variantFranck Cuny2023-11-061-1/+0
|
* flake.lock: UpdateFranck Cuny2023-11-061-12/+12
| | | | | | | | | | | | | | | | | Flake lock file updates: • Updated input 'darwin': 'github:lnl7/nix-darwin/4496ab26628c5f43d2a5c577a06683c753e32fe2' (2023-09-12) → 'github:lnl7/nix-darwin/afe83cbc2e673b1f08d32dd0f70df599678ff1e7' (2023-10-27) • Updated input 'home-manager': 'github:nix-community/home-manager/9787dffff5d315c9593d3f9fb0f9bf2097e1b57b' (2023-09-11) → 'github:nix-community/home-manager/07682fff75d41f18327a871088d20af2710d4744' (2023-09-19) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/e5f018cf150e29aac26c61dac0790ea023c46b24' (2023-09-12) → 'github:NixOS/nixpkgs/aeefe2054617cae501809b82b44a8e8f7be7cc4b' (2023-11-05) • Updated input 'pre-commit-hooks': 'github:cachix/pre-commit-hooks.nix/4f883a76282bc28eb952570afc3d8a1bf6f481d7' (2023-09-10) → 'github:cachix/pre-commit-hooks.nix/ea758da1a6dcde6dc36db348ed690d09b9864128' (2023-11-06)
* clean up flake.nix by removing unused configurationsFranck Cuny2023-11-062-130/+7
| | | | I only have one host (the macbook air) to configure.
* install a few more toolsFranck Cuny2023-11-061-0/+3
|
* use 1password ssh agentFranck Cuny2023-11-062-6/+4
| | | | Enable ssh configuration on darwin.
* add a script to update local machineFranck Cuny2023-11-061-0/+24
|
* install a few more CLIFranck Cuny2023-11-061-2/+4
|
* add a couple of aliases for gitFranck Cuny2023-11-061-0/+5
|
* add 1password key and format some filesFranck Cuny2023-11-062-7/+4
|
* build(deps): bump actions/checkout from 3 to 4 (#1)dependabot[bot]2023-09-181-1/+1
| | | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* add ssh key from 1passowrd and sign commitsFranck Cuny2023-09-143-5/+14
|
* flake.lock: UpdateFranck Cuny2023-09-141-193/+3
| | | | | | | | | | | | | | | | | Flake lock file updates: • Removed input 'emacs-overlay' • Removed input 'emacs-overlay/flake-utils' • Removed input 'emacs-overlay/flake-utils/systems' • Removed input 'emacs-overlay/nixpkgs' • Removed input 'emacs-overlay/nixpkgs-stable' • Removed input 'naersk' • Removed input 'naersk/nixpkgs' • Removed input 'nur' • Removed input 'rust' • Removed input 'rust/flake-utils' • Removed input 'rust/flake-utils/systems' • Removed input 'rust/nixpkgs'
* flake.lock: UpdateFranck Cuny2023-09-141-33/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/d8c973fd228949736dedf61b7f8cc1ece3236792' (2023-07-24) → 'github:ryantm/agenix/20deb735cc405831ba04a0088fecb3887aa255c0' (2023-09-14) • Updated input 'darwin': 'github:lnl7/nix-darwin/511177ffe8226c78c9cf6a92a7b5f2df3684956b' (2023-08-17) → 'github:lnl7/nix-darwin/4496ab26628c5f43d2a5c577a06683c753e32fe2' (2023-09-12) • Updated input 'emacs-overlay': 'github:nix-community/emacs-overlay/d532507e854bbfb3f311a9f30dcbffaeceeff83f' (2023-09-11) → 'github:nix-community/emacs-overlay/918199aeaa2c9b9d0f73e304a187a05b99fd9050' (2023-09-14) • Updated input 'emacs-overlay/flake-utils': 'github:numtide/flake-utils/f9e7cf818399d17d347f847525c5a5a8032e4e44' (2023-08-23) → 'github:numtide/flake-utils/ff7b65b44d01cf9ba6a71320833626af21126384' (2023-09-12) • Updated input 'emacs-overlay/nixpkgs': 'github:NixOS/nixpkgs/db9208ab987cdeeedf78ad9b4cf3c55f5ebd269b' (2023-09-08) → 'github:NixOS/nixpkgs/3a2786eea085f040a66ecde1bc3ddc7099f6dbeb' (2023-09-11) • Updated input 'emacs-overlay/nixpkgs-stable': 'github:NixOS/nixpkgs/4c8cf44c5b9481a4f093f1df3b8b7ba997a7c760' (2023-09-10) → 'github:NixOS/nixpkgs/e5f018cf150e29aac26c61dac0790ea023c46b24' (2023-09-12) • Updated input 'futils': 'github:numtide/flake-utils/f9e7cf818399d17d347f847525c5a5a8032e4e44' (2023-08-23) → 'github:numtide/flake-utils/ff7b65b44d01cf9ba6a71320833626af21126384' (2023-09-12) • Updated input 'naersk/nixpkgs': 'github:NixOS/nixpkgs/78058d810644f5ed276804ce7ea9e82d92bee293' (2023-09-10) → 'github:NixOS/nixpkgs/1697b7d480449b01111e352021f46e5879e47643' (2023-09-13) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/4c8cf44c5b9481a4f093f1df3b8b7ba997a7c760' (2023-09-10) → 'github:NixOS/nixpkgs/e5f018cf150e29aac26c61dac0790ea023c46b24' (2023-09-12) • Updated input 'nur': 'github:nix-community/NUR/edcd2fecb43eb52963423348caa1301e443eb392' (2023-09-12) → 'github:nix-community/NUR/cb2b66a5b85eef0465c7202aaed38773a8c7e4c8' (2023-09-14) • Updated input 'rust': 'github:oxalica/rust-overlay/f77e108350b821d62b7c2ee43fe411a9f4738099' (2023-09-11) → 'github:oxalica/rust-overlay/7c4f46f0b3597e3c4663285e6794194e55574879' (2023-09-14)
* more configuration for darwinFranck Cuny2023-09-147-60/+93
|
* build(deps): bump cachix/install-nix-action from 22 to 23 (#2)dependabot[bot]2023-09-141-1/+1
| | | | | | | | | | | | | | | Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 22 to 23. - [Release notes](https://github.com/cachix/install-nix-action/releases) - [Commits](https://github.com/cachix/install-nix-action/compare/v22...v23) --- updated-dependencies: - dependency-name: cachix/install-nix-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* add configuration for the M2 macbook airFranck Cuny2023-09-113-1/+57
|
* some changes to GitHub actionFranck Cuny2023-08-272-24/+4
|
* remove custom toolsFranck Cuny2023-08-218-459/+2
|
* add a couple of github actionsFranck Cuny2023-08-202-0/+53
|
* disable unifi and promtail/loki on tahoeFranck Cuny2023-08-201-3/+9
| | | | Add a new network interface on the host (10Gb).
* remove `sendsms` from tahoeFranck Cuny2023-08-201-2/+0
|
* flake updateFranck Cuny2023-07-281-36/+36
|
* switching back to alacritty + tmuxFranck Cuny2023-07-283-16/+23
| | | | kitty is not clicking for me. I still prefer tmux.
* add fonts specificallyFranck Cuny2023-07-081-1/+5
| | | | | | For some reasons, while google-fonts install noto, emacs was unable to find it (but was able to find source code pro). List the fonts explicitly to make emacs happy.
* add pantalaimon, a proxy for matrixFranck Cuny2023-07-082-0/+19
| | | | This is so I can use emacs as a client for matrix.
* update settings for nixos 23.05Franck Cuny2023-07-061-2/+4
| | | | | | | | Fix the following error: ``` trace: warning: The option `services.openssh.permitRootLogin' defined in `/nix/store/l0n3297c7znfapx32a6av1c26yj042j4-source/profiles/server.nix' has been renamed to `services.openssh.settings.PermitRootLogin'. trace: warning: The option `services.openssh.passwordAuthentication' defined in `/nix/store/l0n3297c7znfapx32a6av1c26yj042j4-source/profiles/server.nix' has been renamed to `services.openssh.settings.PasswordAuthentication'. ```
* enable zsh for all profilesFranck Cuny2023-07-062-2/+1
|
* add x509-info back to the list of toolsFranck Cuny2023-07-054-5/+196
|
* update nixos and home-manager to 23.05Franck Cuny2023-07-055-52/+145
|
* various updates related to music collectionFranck Cuny2023-07-053-15/+87
|
* change monospace font back to source code proFranck Cuny2023-06-083-4/+3
|
* profiles/git: ignore python bytecodeFranck Cuny2023-06-021-0/+1
|
* profiles/dev: set MYPY_CACHE_DIRFranck Cuny2023-06-021-0/+1
|
* profiles/dev: install virtualenvFranck Cuny2023-06-021-0/+1
|
* profiles/waybar: highlight text when one or more unit has failedFranck Cuny2023-06-021-0/+1
|
* workstation: more tweaks for the UI and fontsFranck Cuny2023-05-296-14/+12
|
* profiles/default: fix the GC configurationFranck Cuny2023-05-281-1/+1
| | | | | | I got the settings wrong. The `weekly` applies to `nix.gc.dates`, which is for how often the GC should run. While `nix.gc.options` is to delete content in the store older than 14 days (in my case).
* profiles/zsh: change prezto's themeFranck Cuny2023-05-281-1/+1
|
* tools/waybar-systemd-units: get a list of failed systemd unitsFranck Cuny2023-05-285-1/+114
| | | | | | | | Get a list of failed systemd units (both user and systems), and generate an output compatible to what waybar expects. Refer to https://github.com/Alexays/Waybar/wiki/Module:-Custom for more details about the format.
* font: switch to Roboto for system font and JetBrain for monospaceFranck Cuny2023-05-285-66/+30
|
* home/waybar: change the style to be a bit more readableFranck Cuny2023-05-231-33/+19
|
* profiles/workstation: stop using dark mode + preztoFranck Cuny2023-05-1611-170/+28
|
* home/ssh: add rsync.net to the match blockFranck Cuny2023-05-121-0/+6
|
* profiles/monitoring: a bunch of fixesFranck Cuny2023-05-124-4/+4
|
* profiles/nginx: set the default port to 8080Franck Cuny2023-05-121-1/+8
| | | | | | If we don't set a default port, with `statusPage` enabled, we can't start nginx on the router, since we also need to bind to port 80 for the stream.
* profiles/loki: fix a few configuration errorsFranck Cuny2023-05-123-6/+5
|
* profiles/monitoring: move loki to a profileFranck Cuny2023-05-126-118/+105
| | | | | Add a nginx virtualhost for loki too, so that we can use a valid SSL certificate.
* profiles/monitoring: move promtail to a profileFranck Cuny2023-05-127-73/+56
|
* profiles/monitoring: move node exporter to a profileFranck Cuny2023-05-127-22/+9
|
* hosts/carmel: fix proxy_pass configurationFranck Cuny2023-05-121-2/+2
|
* home/carmel: move router's configuration to a profileFranck Cuny2023-05-124-87/+90
|
* profiles/default: list installed packages in /etc/installed-packagesFranck Cuny2023-05-121-1/+10
|
* hosts/tahoe: move network configuration to default.nixFranck Cuny2023-05-122-32/+20
|
* hosts/aptos: move network configuration to default.nixFranck Cuny2023-05-122-31/+19
|
* hosts: move around backup configurationFranck Cuny2023-05-124-50/+49
|
* profiles/backup: fix path to the ssh keysFranck Cuny2023-05-121-2/+2
|
* profiles/backup: configure the backup serverFranck Cuny2023-05-125-90/+50
| | | | | It creates the user, ensure sftp is configured correctly, and rsync the backups to rsync.net once a day.
* ops: remove everything under opsFranck Cuny2023-05-127-312/+0
| | | | | I don't use terraform anymore and GCP services, so I can get rid of everything there.
* profiles/syncthing: move the old moduleFranck Cuny2023-05-106-54/+45
|
* profiles/seedbox: move transmission to itFranck Cuny2023-05-103-63/+49
| | | | | Note that this is not used by anything yet, as a password needs to be set first.
* profiles/samba: fix variableFranck Cuny2023-05-101-1/+1
|
* profiles/samba: convert the old module as a profileFranck Cuny2023-05-105-57/+34
|
* hosts/tahoe: move avahi configuration hereFranck Cuny2023-05-104-31/+10
|
* profiles/git-server: fix path for the backupFranck Cuny2023-05-101-1/+1
|
* profiles/git-server: move gitolite and cgitFranck Cuny2023-05-106-159/+130
|
* profiles/music-server: fix backup configurationFranck Cuny2023-05-101-2/+2
|
* profiles/music-server: moved navidromeFranck Cuny2023-05-105-61/+41
|
* profiles/unifi: fix variableFranck Cuny2023-05-101-1/+1
|
* modules/services: remove unifi properlyFranck Cuny2023-05-101-1/+0
|
* profiles/unifi: move the module to a profileFranck Cuny2023-05-104-72/+39
| | | | | Get rid of configuration that was duplicated (a lot of things are already handled by the upstream module).
* modules/unifi: fix the configurationFranck Cuny2023-05-091-8/+3
| | | | The wrong certificate was served.
* hosts/tahoe: don't load transmissionFranck Cuny2023-05-091-4/+0
| | | | I need to set a password.
* hosts/tahoe: fix boot configurationFranck Cuny2023-05-091-1/+1
|
* profiles/nginx: move common configuration to a profileFranck Cuny2023-05-098-47/+36
| | | | | | Both tahoe and carmel are using nginx, and we can simplify the configuration by moving common parts to the profile and have these hosts import it.
* tahoe: move the initrd codeFranck Cuny2023-05-083-36/+14
| | | | It's the only host that uses this code.
* profiles: clean up the importsFranck Cuny2023-05-084-3/+3
| | | | The hosts should be explicit about what to import.
* modules/tahoe: remove duplicated declaration for user 'nas'Franck Cuny2023-05-081-7/+0
|
* modules/wireguard: move the module to the right locationFranck Cuny2023-05-082-4/+4
|
* profile/acme: default DNS provider is gandiFranck Cuny2023-05-0811-36/+64
| | | | | | | | | | Add the API key for gandi to the secrest, create a profile for acme with my defaults. The profile is loaded by tahoe since that's where our services are running on. Update all the servers in nginx to listen on their wireguard interface.
* module for homelabFranck Cuny2023-05-084-0/+23
|
* home: get rid of mail / gpg modulesFranck Cuny2023-05-077-172/+0
| | | | I don't use GPG anymore and I don't read mail in Emacs anymore.
* profiles/workstation: move element (matrix client)Franck Cuny2023-05-074-13/+2
|
* profiles/laptop: more tweaksFranck Cuny2023-05-071-1/+2
|
* profiles/xps9300: add more settingsFranck Cuny2023-05-063-2/+29
| | | | Coming from https://github.com/NixOS/nixos-hardware/blob/51559e691f1493a26f94f1df1aaf516bb507e78b/dell/xps/13-9300/default.nix
* profiles/workstation: move sway to the workstation profileFranck Cuny2023-05-066-36/+24
|
* profiles/gtk: configure dark mode properlyFranck Cuny2023-05-061-6/+2
| | | | | | | | | | | | | Without this I was seeing the following error: ``` Unknown key Settings in /home/fcuny/.config/gtk-3.0/settings.ini ``` And the configuration contained: ``` [Settings] Settings=gtk-application-prefer-dark-theme=1 ```
* profiles/laptop: set correct governor for tlpFranck Cuny2023-05-061-2/+3
| | | | | | | | | I was getting: ``` Error in configuration at CPU_SCALING_GOVERNOR_ON_AC="schedutil": governor not available. Skipped. ``` Restore to the previous configuration.
* profiles/default: larger font on the console for all hostsFranck Cuny2023-05-062-10/+10
| | | | Easier on my eyes.
* home/profiles: move (almost) all modules to profilesFranck Cuny2023-05-0581-1530/+973
| | | | | This is a major refactor, similar to what was done for the hosts, but in a single commit.
* profiles/default: users are immutableFranck Cuny2023-05-022-3/+3
|
* profiles/server: move boot loader configurationFranck Cuny2023-05-023-18/+9
|
* profiles: consolidates common networking bitsFranck Cuny2023-05-0212-57/+26
| | | | This remove ssh on workstations. I also drop mosh since I don't use it.
* profiles/default: move stuff related to bootFranck Cuny2023-05-026-16/+16
|
* profiles: move things around for btrfsFranck Cuny2023-05-0212-27/+26
|
* profiles/hardware: create a few profiles related to hardwareFranck Cuny2023-05-0218-125/+29
|
* profiles/default: move default packages thereFranck Cuny2023-05-023-55/+45
|
* profiles/default: more consolidationFranck Cuny2023-05-0210-89/+76
|
* profiles/workstation: add font configurationsFranck Cuny2023-05-024-46/+31
|
* profiles: create default and serverFranck Cuny2023-05-026-8/+28
| | | | | | | | | | The NAS and the router are "servers", and we create a base profile for them. We add a default profile that will set things that are common to all my hosts, and we start with the locales. Update tahoe/carmel to use the server profile.
* profiles/workstation: consolidate sound related configurationsFranck Cuny2023-05-025-40/+25
|
* profiles/workstation: moved more things aroundFranck Cuny2023-05-017-51/+18
|
* profiles/laptop: consolidate services related to laptopFranck Cuny2023-05-016-44/+14
|
* profiles/workstation: reduce the number of moving partsFranck Cuny2023-05-012-13/+14
| | | | | | | | There's too many moving parts and layers of abstractions, for no benefits: I only have to manage 3-4 machines. Going to create profiles, move things there, and stop with the `enable` pattern.
* home/packages: rewrite scripts to use writeShellApplicationFranck Cuny2023-04-302-19/+25
| | | | | This function produces a shell script with dependencies, set the PATH, set some SHELLOPTS, and check the script with shellcheck.
* home/packages: add a wrapper for restic on the nasFranck Cuny2023-04-301-0/+16
| | | | | This is to call restic on the nas from a remote machine. It sets variables and run everything via sudo.
* modules/rclone: delete the module and cleanupFranck Cuny2023-04-306-55/+1
| | | | | I'm not using rclone anymore and I'm not storing the backups to GCS buckets either.
* modules/security: move ssh configuration to a dedicated moduleFranck Cuny2023-04-302-14/+19
|
* hosts/tahoe: enable rsync-ing backups to rsync.netFranck Cuny2023-04-303-0/+9
|
* modules/backup: add a module for rsyncFranck Cuny2023-04-302-0/+59
| | | | | The NAS will rsync all the backups to rsync.net. This new module creates a systemd unit and timer to do this task.
* modules/security: add ssh key for rsync.net to known hostsFranck Cuny2023-04-291-0/+4
|
* modules/boot: always clean up /tmp on bootFranck Cuny2023-04-292-3/+1
|
* modules/system: add ssh keys for known hostsFranck Cuny2023-04-291-0/+10
| | | | These keys are stable, they can be set on every hosts.
* hosts/tahoe: disable rcloneFranck Cuny2023-04-291-1/+0
| | | | | Backups are not synchronized with rclone to gcloud, but instead with rsync to rsync.net.
* hosts/tahoe: update settings related to resticFranck Cuny2023-04-291-14/+5
| | | | | The path to the restic repository has changed, and we are a bit more specific about the paths we want to backup.
* hosts/aptos: configure backups properlyFranck Cuny2023-04-291-8/+16
| | | | | | | Configure correctly the systemd unit to run restic on aptos. Be more specific about the paths we want to backup, instead of backing up '/home' and maintaining a large exclusion list.
* modules/restic: handle extra options and remove unused settingsFranck Cuny2023-04-291-11/+9
| | | | | | | | | | | For a host to use a repository from a remote machine, we need to configure options for the CLI. For this we add a new setting `extraOptions` where we can define the sftp command. Remove the setting for the user that will run restic, since it's always 'root' in our situation. Clean some descriptions.
* hosts/tahoe: rename account for backup and enable sftp for itFranck Cuny2023-04-293-7/+21
| | | | | | | | | | | | | The dedicated account for backup should be named 'backup', as it's more generic. While it's a system account, I still need to be able to log in the host remotely with sftp, so we give it a UID (991). The account needs to be able to sftp to tahoe in order to store the backups from remote hosts. However we don't want this user to get a shell and be able to browse the host, so we configure sshd to chroot the user to where the backups are stored.
* hosts/aptos: do backups over sftp with a dedicated ssh keyFranck Cuny2023-04-233-1/+10
|
* modules/services: more cleanupFranck Cuny2023-04-231-2/+0
|
* modules/drone: clean this properlyFranck Cuny2023-04-233-14/+0
|
* hosts/tahoe: create a new user specifically for backupsFranck Cuny2023-04-231-0/+11
| | | | | | This is the user I'll be using to do my backups. This is a system user, and there's only one public key added to it. This key is only used for backups and will be managed in this repository.
* modules/services: delete unused servicesFranck Cuny2023-04-236-326/+0
| | | | I'm not using anymore sourcegraph drone and gitea.
* hosts/carmel: enable promtailFranck Cuny2023-04-231-1/+5
|
* modules/monitoring: set the host's name as a label for promtailFranck Cuny2023-04-231-2/+2
|
* hosts/tahoe: loki and prometheus listen only on the wg0 interfaceFranck Cuny2023-04-234-11/+40
| | | | | | | I don't want to have to deal with authentication and TLS certificates for these endpoints. If they are only listening on the wireguard interface I can trust that only authorized hosts are sending traffic to these endpoints. I trust what's running on these machines.
* modules/monitoring: consolidate all monitoring services togetherFranck Cuny2023-04-2312-6689/+37
| | | | | This will help to organize and structure monitoring modules a bit better.
* modules/grafana: add loki as a source to grafanaFranck Cuny2023-04-231-6/+13
|
* modules/services: add loki and promtailFranck Cuny2023-04-235-0/+178
|
* nginx: remove the grafana dashboard providerFranck Cuny2023-04-181-6/+0
| | | | | This is now handled by https://git.fcuny.net/monitoring/commit/?id=b4abbf2d86d06d243b639d06a576f542f3dd5824
* hosts/carmel: don't log dns queries in dnsmasqFranck Cuny2023-04-151-1/+0
| | | | This is way too verbose
* hosts/carmel: start dnsmasq once network interfaces are onlineFranck Cuny2023-04-151-0/+7
|
* hosts/carmel: don't release DHCP lease on wan interfaceFranck Cuny2023-04-151-0/+3
| | | | No need to release the lease if we are rebooting.
* home/alacritty: smaller fontFranck Cuny2023-04-131-1/+1
|
* home/shell: alias to show DHCP leasesFranck Cuny2023-04-131-0/+1
|
* modules/grafana: delete the dashboard for the routerFranck Cuny2023-04-131-3784/+0
| | | | It's now managed in https://git.fcuny.net/monitoring/
* hosts/carmel: serve the leases on port 8067Franck Cuny2023-04-061-4/+7
| | | | | Bind to the wireguard interface, and use the port 8067 (67 is the port used for DHCP requests).
* hosts/carmel: run dnsmasql-to-html when leases changeFranck Cuny2023-04-061-1/+4
| | | | | | The option `dhcp-script` can be used to run a script every time a new lease is added or deleted. We configure this option to run the script that generates a static HTML file with the leases.
* tools/dnsmasq-leases-html: create a HTML page with leases from dnsmasqFranck Cuny2023-04-066-1/+172
| | | | | | | Parse the file that contains all the leases assigned by dnsmasq, and create a static HTML page from it. This can be served by nginx to make it easy to see what IP is assigned to a machine, and which machines are currently on the network.
* monitoring: small fixesFranck Cuny2023-04-052-1177/+0
|
* hosts/carmel: the wireguard interface is trustedFranck Cuny2023-04-051-1/+1
|
* modules/prometheus: fix IP addressesFranck Cuny2023-04-051-29/+7
|
* wireguard: fix configuration of a few hostsFranck Cuny2023-04-051-7/+2
|
* hosts/carmel: add wireguard keyFranck Cuny2023-04-054-2/+25
|
* hosts/carmel: drop checkReversePathFranck Cuny2023-04-051-3/+0
| | | | This is managed in the tailscale module.
* hosts/carmel: enable tailscaleFranck Cuny2023-04-051-0/+2
|
* hosts/carmel: more options for dnsmasqFranck Cuny2023-04-031-0/+2
|
* hosts/carmel: add a few more options for dnsmasqFranck Cuny2023-04-031-0/+6
|
* hosts/carmel: enable prometheus exporter for DNSmasqFranck Cuny2023-04-031-0/+5
|
* hosts/carmel: reconfigure the host as a routerFranck Cuny2023-04-0314-118/+233
| | | | | | | | | | | | I'm not using it as a desktop, and the current router is getting old and will likely fail in the near future. It's also a debian machine configured manually, so let's reconfigure carmel as our new router. There are three NICs in the host: 2 are 10Gb and one is 1Gb. The 1Gb will be used as the upstream interface, and one of the 10Gb will be for the LAN. There are 2 VLANs to configure: one for IoT devices and one for guest.
* flake: fix URL for sendsmsFranck Cuny2023-04-022-7/+7
|
* home/wayland: tweaks for mako and wofiFranck Cuny2023-03-312-1/+7
|
* home/sway: start sway and ssh-agent properlyFranck Cuny2023-03-314-14/+20
| | | | | I only need to run sway and the ssh-agent on a workstation (desktop or laptop). Start these two processes when the window manager starts.
* modules/sendsms: gate the unit with a fileFranck Cuny2023-03-276-6/+210
| | | | | | | | | | To prevent the unit to be triggered multiple times if the host has already rebooted, we create a gate file when we're done running, and before running, we check if the file exists. Enable the service on tahoe. Don't restart the unit when its definition has changed.
* modules/console: fix syntaxFranck Cuny2023-03-261-1/+1
|
* modules/console: larger font for EVERYONEFranck Cuny2023-03-262-9/+3
|
* hosts/tahoe: set a larger font for the TTYsFranck Cuny2023-03-261-0/+8
|
* modules/cgit: get rid of double quotesFranck Cuny2023-03-191-2/+2
|
* home/matrix: switch back to elementFranck Cuny2023-03-191-5/+1
| | | | fractal requires the gnome key chain but I got rid of it.
* home/fonts: be more consistent in my choicesFranck Cuny2023-03-184-9/+13
| | | | | | - source code pro for monospace - dejavu sans for sans serif - dejavu serif for serif
* hosts: it's time to switch to schedutilFranck Cuny2023-03-152-2/+4
|
* home/sway: a bunch of small tweaksFranck Cuny2023-03-143-16/+12
|
* modules/fonts: add more fontsFranck Cuny2023-03-141-3/+14
|
* home/mpv: more configuration tweaksFranck Cuny2023-03-141-0/+7
|
* home/shell: a few more tweaks to zshFranck Cuny2023-03-143-2/+5
|
* hosts/tahoe: set the consoleMode to "max"Franck Cuny2023-03-141-0/+3
|
* home/git: some cleanupFranck Cuny2023-03-133-17/+5
| | | | | | - add a comment for each ssh-key that is not stored on a yubikey - simplify the git commit template - remove some extra config that I don't need
* home/passage: delete all references to password-storeFranck Cuny2023-03-132-28/+5
| | | | | | I completely replaced the usage of `pass' with `passage'. There's no need to keep a mapping file at this point, since my interaction with the git server is through ssh.
* home/alacritty: better (to me) colorsFranck Cuny2023-03-121-0/+28
|
* home/shell: aliases and cleaner promptFranck Cuny2023-03-122-1/+2
|
* home/yubikey: install (and run) yubikey-touch-detectorFranck Cuny2023-03-121-1/+25
| | | | | | | | This is a useful tool to know when I'm supposed to touch my yubikey (sometimes I forget that some actions require that). Also configure a systemd unit to run it, and configure it to send a notification to the desktop (at the moment this is consumed by mako).
* home/secrets: delete the one for gcloudFranck Cuny2023-03-122-4/+1
| | | | Turns out I don't need this one!
* tools: delete dns-updaterFranck Cuny2023-03-127-882/+0
| | | | The code has moved to https://git.fcuny.net/dns-updater/
* home/gpg: disable the agentFranck Cuny2023-03-111-1/+1
| | | | | I do not need an agent anymore, since I don't need to decrypt anything in GPG at this point!
* home/yt-dlp: update configurationFranck Cuny2023-03-111-1/+3
|
* home/zsh: load ssh-agent before swayFranck Cuny2023-03-111-1/+2
| | | | We need to start the ssh agent (if needed) before we start sway.
* home/swaybar: add an indicator for systemd unitFranck Cuny2023-03-112-3/+38
| | | | | Reports the number of systemd units (user and systems) that are in failed state.
* home/shell: switch the default shell back to zshFranck Cuny2023-03-119-9/+49
| | | | | | | | I keep running into issues when using fish: I'm not familiar with the syntax and I don't use it enough that it sticks. I also need to google stuff regularly to figure out how things are supposed to work. This is annoying enough that the supposed benefits of fish are not worth it for me.
* secrets: move aptos' gcloud secrets to homeageFranck Cuny2023-03-114-8/+7
| | | | This secret is not needed system wide, I only need it to run some tools.
* secrets: use homeage to manage secrets for home-managerFranck Cuny2023-03-115-5/+47
| | | | | | | | | | | | | Instead of using agenix for all the secrets, I can use homeage for secrets that are related to my user sessions. Secrets by default will be store under `~/.secrets'. They are encrypted using `age' and to decrypt them, a key is expected to be located under `~/.age/key.txt'. The last place where I was using `pass' (and so GPG too) was for the secrets for `mbsync': this change adds a secret for fastmail to the repository and update `mbsync' configuration to use it.
* home/gnome: no more keyringFranck Cuny2023-03-106-31/+2
| | | | | | I used the keyring only to start the GPG agent and unlock the ssh keys. But since I'm storing the ssh keys on yubikeys and I don't use GPG, I can remove it.
* home/pass: configure passage properlyFranck Cuny2023-03-101-15/+2
| | | | | | | | | I need to be explicit about the path to the identity file. Since I'm switching from pass to passage, I also want to disable the automatic synchronization of the repository, and I don't need to have a wrapper for git to push the secrets (I push through ssh now instead of HTTPS).
* documentation: clean upFranck Cuny2023-03-103-68/+29
| | | | | | | | Delete gnome's keyring documentation, I will not be using it anymore, so no need to keep this around. Add documentation about how to manage secrets, and clean up wireguard's documentation.
* hosts/tahoe: delete unused secretsFranck Cuny2023-03-103-5/+0
|
* hosts/tahoe: re-key all the secrets with age identitiesFranck Cuny2023-03-1012-32/+41
| | | | | | | This is using the public keys from: - my user on my laptop - the root user on tahoe - the backup key stored on the USB drive
* hosts/aptos: re-key all the secrets with age identitiesFranck Cuny2023-03-106-18/+19
| | | | | | | This is now using the public keys from various age keys: - one for my user on the laptop - one for the root user on the laptop - one backup key stored on the USB drive
* modules/secrets: use age keys for agenix' identityFranck Cuny2023-03-101-2/+5
| | | | | | I'll re-key all my secrets with age keys instead of using ssh keys. This change is to specify the path for the identities when agenix decrypts the secrets.
* home/git: diff the content for age encrypted filesFranck Cuny2023-03-102-0/+5
|
* fix(home/wm): `programs.mako' has been renamed to `services.mako'Franck Cuny2023-03-041-1/+1
| | | | See https://github.com/nix-community/home-manager/pull/3265
* flake.lock: UpdateFranck Cuny2023-03-041-726/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/5f66c8aa774d8d488cba1cdc4f0c954d2a14e3a1' (2023-02-20) → 'github:ryantm/agenix/1abf0ade92bdf9dbcaa5155bb39e3ae19cb98aaa' (2023-03-04) • Updated input 'emacs-overlay': 'github:nix-community/emacs-overlay/d7eeebd439b52b77958eb3d8043f3262701ddee2' (2023-02-20) → 'github:nix-community/emacs-overlay/2efd7c8d60ce0750097bbd327ec083e3ce545b31' (2023-03-04) • Removed input 'gh-ssh-keys' • Removed input 'gh-ssh-keys/crane' • Removed input 'gh-ssh-keys/crane/flake-compat' • Removed input 'gh-ssh-keys/crane/flake-utils' • Removed input 'gh-ssh-keys/crane/nixpkgs' • Removed input 'gh-ssh-keys/crane/rust-overlay' • Removed input 'gh-ssh-keys/crane/rust-overlay/flake-utils' • Removed input 'gh-ssh-keys/crane/rust-overlay/nixpkgs' • Removed input 'gh-ssh-keys/flake-utils' • Removed input 'gh-ssh-keys/nixpkgs' • Removed input 'gh-ssh-keys/pre-commit-hooks' • Removed input 'gh-ssh-keys/pre-commit-hooks/flake-utils' • Removed input 'gh-ssh-keys/pre-commit-hooks/nixpkgs' • Removed input 'gh-ssh-keys/rust-overlay' • Removed input 'gh-ssh-keys/rust-overlay/flake-utils' • Removed input 'gh-ssh-keys/rust-overlay/nixpkgs' • Updated input 'home-manager': 'github:nix-community/home-manager/72ce74d3eae78a6b31538ea7ebe0c1fcf4a10f7a' (2023-02-20) → 'github:nix-community/home-manager/b9e3a29864798d55ec1d6579ab97876bb1ee9664' (2023-03-02) • Removed input 'masked-emails' • Removed input 'masked-emails/crane' • Removed input 'masked-emails/crane/flake-compat' • Removed input 'masked-emails/crane/flake-utils' • Removed input 'masked-emails/crane/nixpkgs' • Removed input 'masked-emails/crane/rust-overlay' • Removed input 'masked-emails/crane/rust-overlay/flake-utils' • Removed input 'masked-emails/crane/rust-overlay/nixpkgs' • Removed input 'masked-emails/flake-utils' • Removed input 'masked-emails/nixpkgs' • Removed input 'masked-emails/pre-commit-hooks' • Removed input 'masked-emails/pre-commit-hooks/flake-compat' • Removed input 'masked-emails/pre-commit-hooks/flake-utils' • Removed input 'masked-emails/pre-commit-hooks/gitignore' • Removed input 'masked-emails/pre-commit-hooks/gitignore/nixpkgs' • Removed input 'masked-emails/pre-commit-hooks/nixpkgs' • Removed input 'masked-emails/pre-commit-hooks/nixpkgs-stable' • Removed input 'masked-emails/rust-overlay' • Removed input 'masked-emails/rust-overlay/flake-utils' • Removed input 'masked-emails/rust-overlay/nixpkgs' • Updated input 'naersk/nixpkgs': 'github:NixOS/nixpkgs/a1291d0d020a200c7ce3c48e96090bfa4890a475' (2023-02-19) → 'github:NixOS/nixpkgs/f5ffd5787786dde3a8bf648c7a1b5f78c4e01abb' (2023-03-03) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/0cf4274b5d06325bd16dbf879a30981bc283e58a' (2023-02-19) → 'github:NixOS/nixpkgs/96e18717904dfedcd884541e5a92bf9ff632cf39' (2023-03-02) • Updated input 'nur': 'github:nix-community/NUR/3c39aebcd09c9d6c257140e07f3d2beac4a83043' (2023-02-20) → 'github:nix-community/NUR/2860ab344d033a877e6a03f1c33cb4b7b5e05ddf' (2023-03-04) • Updated input 'pre-commit-hooks': 'github:cachix/pre-commit-hooks.nix/c9495f017f67a11e9c9909b032dc7762dfc853cf' (2023-02-20) → 'github:cachix/pre-commit-hooks.nix/382bee738397ca005206eefa36922cc10df8a21c' (2023-03-03) • Updated input 'rust': 'github:oxalica/rust-overlay/98f11700e398cf2ae6da905df56badc17e265021' (2023-02-20) → 'github:oxalica/rust-overlay/c25d3e1951863ac0061d47a3fabf9aa7c91db5e5' (2023-03-04) • Removed input 'sendsms' • Removed input 'sendsms/crane' • Removed input 'sendsms/crane/flake-compat' • Removed input 'sendsms/crane/flake-utils' • Removed input 'sendsms/crane/nixpkgs' • Removed input 'sendsms/crane/rust-overlay' • Removed input 'sendsms/crane/rust-overlay/flake-utils' • Removed input 'sendsms/crane/rust-overlay/nixpkgs' • Removed input 'sendsms/flake-utils' • Removed input 'sendsms/nixpkgs' • Removed input 'sendsms/pre-commit-hooks' • Removed input 'sendsms/pre-commit-hooks/flake-utils' • Removed input 'sendsms/pre-commit-hooks/nixpkgs' • Removed input 'sendsms/rust-overlay' • Removed input 'sendsms/rust-overlay/flake-utils' • Removed input 'sendsms/rust-overlay/nixpkgs' • Removed input 'x509-tools' • Removed input 'x509-tools/crane' • Removed input 'x509-tools/crane/flake-compat' • Removed input 'x509-tools/crane/flake-utils' • Removed input 'x509-tools/crane/nixpkgs' • Removed input 'x509-tools/crane/rust-overlay' • Removed input 'x509-tools/crane/rust-overlay/flake-utils' • Removed input 'x509-tools/crane/rust-overlay/nixpkgs' • Removed input 'x509-tools/flake-utils' • Removed input 'x509-tools/nixpkgs' • Removed input 'x509-tools/pre-commit-hooks' • Removed input 'x509-tools/pre-commit-hooks/flake-utils' • Removed input 'x509-tools/pre-commit-hooks/nixpkgs' • Removed input 'x509-tools/rust-overlay' • Removed input 'x509-tools/rust-overlay/flake-utils' • Removed input 'x509-tools/rust-overlay/nixpkgs'
* ref: don't use my custom tools for nowFranck Cuny2023-03-044-39/+3
| | | | I'm rewriting them in go and they are not ready to be used yet.
* ref(templates): drop drone/GHA supportFranck Cuny2023-03-034-113/+0
|
* meta: convert README from org-mode to markdownFranck Cuny2023-03-032-29/+40
|
* ref(hosts/tahoe): don't install sendsmsFranck Cuny2023-03-021-1/+0
| | | | | It's not working as I want, let's fix it first then we can enable it again later.
* ref(home/drone): remove droneFranck Cuny2023-03-021-1/+0
| | | | It's not running anymore.
* ci: remove drone's configurationFranck Cuny2023-03-021-14/+0
| | | | drone is not running anymore
* feat(hosts/tahoe): install gitolite and cgitFranck Cuny2023-03-024-9/+145
| | | | | | | | Replace gitea with gitolite + cgit. I don't need a whole git forge for myself, especially since I don't use most of the features. The main thing I'm losing with this change is CI (via drone), but this is not really a big loss for now.
* fix(home/age): use `rage' for `passage'Franck Cuny2023-02-211-0/+4
| | | | | The current version of age shipped by nixos does not support the keys generated by `age-plugin-yubikey'.
* fix(home/git): simplify gitignore configurationFranck Cuny2023-02-212-21/+13
|
* feat(home/fish): new function to run home-managerFranck Cuny2023-02-211-0/+4
|
* feat(home/fish): function to create go projectsFranck Cuny2023-02-211-0/+27
| | | | | | A function to create a go project: it creates the git repository, setup the project using a flake template, create an initial commit, push it and ensure we can run drone on it.
* feat(templates/go): add flake template for go projectsFranck Cuny2023-02-218-0/+151
|
* feat(home/fish): move fish's code to external filesFranck Cuny2023-02-215-20/+43
| | | | | | | It's easier to edit / debug / test the code that way. This also add a new function (`find-ssh-agent') to find or start a new ssh agent when a shell is started.
* feat(home/pass): add passageFranck Cuny2023-02-201-0/+10
| | | | Port of `pass' to use `age' instead of `gpg'.
* ref(home/gpg): don't use the gpg-agent as an ssh-agentFranck Cuny2023-02-201-1/+1
|
* ref(home/git): sign commits and tags properlyFranck Cuny2023-02-202-11/+16
| | | | | | The configuration can be simplified by using the `signing' directive. For some reason it was also set in the configuration for `pass' which, while it was correct, was in the wrong location.
* ref(modules/users): move ssh keys to a separate fileFranck Cuny2023-02-203-6/+17
| | | | | Each key is associated to a variable, which let me be more specific about which key to use depending on the context.
* feat(modules/pcscd): install the pcscd daemonFranck Cuny2023-02-203-0/+15
| | | | This is to use the yubikeys correctly
* feat(home/age): install tooling related to age and yubikeysFranck Cuny2023-02-204-0/+32
|
* fix(home/firefox): move plugins to the profileFranck Cuny2023-02-201-7/+7
|
* meta: bump flake dependenciesFranck Cuny2023-02-201-35/+60
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | • Updated input 'agenix': 'github:ryantm/agenix/42d371d861a227149dc9a7e03350c9ab8b8ddd68' (2023-01-09) → 'github:ryantm/agenix/5f66c8aa774d8d488cba1cdc4f0c954d2a14e3a1' (2023-02-20) • Added input 'agenix/darwin': 'github:lnl7/nix-darwin/87b9d090ad39b25b2400029c64825fc2a8868943' (2023-01-09) • Added input 'agenix/darwin/nixpkgs': follows 'agenix/nixpkgs' • Updated input 'emacs-overlay': 'github:nix-community/emacs-overlay/b537e3cba7307729bf80cdc8ef2b176727cbb645' (2023-01-10) → 'github:nix-community/emacs-overlay/d7eeebd439b52b77958eb3d8043f3262701ddee2' (2023-02-20) • Updated input 'emacs-overlay/nixpkgs': 'github:NixOS/nixpkgs/35f1f865c03671a4f75a6996000f03ac3dc3e472' (2023-01-09) → 'github:NixOS/nixpkgs/0f213d0fee84280d8c3a97f7469b988d6fe5fcdf' (2023-01-12) • Updated input 'futils': 'github:numtide/flake-utils/5aed5285a952e0b949eb3ba02c12fa4fcfef535f' (2022-11-02) → 'github:numtide/flake-utils/3db36a8b464d0c4532ba1c7dda728f4576d6d073' (2023-02-13) • Updated input 'home-manager': 'github:nix-community/home-manager/176e455371a8371586e8a3ff0d56ee9f3ca2324e' (2023-01-10) → 'github:nix-community/home-manager/72ce74d3eae78a6b31538ea7ebe0c1fcf4a10f7a' (2023-02-20) • Updated input 'naersk/nixpkgs': 'github:NixOS/nixpkgs/35f1f865c03671a4f75a6996000f03ac3dc3e472' (2023-01-09) → 'github:NixOS/nixpkgs/a1291d0d020a200c7ce3c48e96090bfa4890a475' (2023-02-19) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/54644f409ab471e87014bb305eac8c50190bcf48' (2023-01-10) → 'github:NixOS/nixpkgs/0cf4274b5d06325bd16dbf879a30981bc283e58a' (2023-02-19) • Updated input 'nur': 'github:nix-community/NUR/2c47b2a0053cdb36cc08353f79eebf7a055fa18f' (2023-01-10) → 'github:nix-community/NUR/3c39aebcd09c9d6c257140e07f3d2beac4a83043' (2023-02-20) • Updated input 'pre-commit-hooks': 'github:cachix/pre-commit-hooks.nix/f8992fb404c7e79638192a10905b7ea985818050' (2023-01-09) → 'github:cachix/pre-commit-hooks.nix/c9495f017f67a11e9c9909b032dc7762dfc853cf' (2023-02-20) • Updated input 'pre-commit-hooks/flake-compat': 'github:edolstra/flake-compat/009399224d5e398d03b22badca40a37ac85412a1' (2022-11-17) → 'github:edolstra/flake-compat/35bb57c0c8d8b62bbfd284272c928ceb64ddbde9' (2023-01-17) • Updated input 'rust': 'github:oxalica/rust-overlay/9724998ea2caf23214674bf0c2cdf6ec0b1719af' (2023-01-10) → 'github:oxalica/rust-overlay/98f11700e398cf2ae6da905df56badc17e265021' (2023-02-20)
* ref(home/gpg): install ykman and more configurations for GPGFranck Cuny2023-02-091-2/+11
| | | | | | Installing the yubikey manager (ykman) to help managing the keys. Add more configurations for GPG related to keys.
* ref(home/swaylock): different background colorFranck Cuny2023-01-221-1/+1
|
* ref(aptos/services): don't use autologinFranck Cuny2023-01-221-1/+0
| | | | | | This is not working as I thought it would: I was expecting this to only work with the first login, but any time I log out of my account it logs in right away again.
* ref(hosts/tahoe): exclude more paths from backupsFranck Cuny2023-01-192-1/+11
|
* feat(home/packages): install resticFranck Cuny2023-01-161-0/+1
|
* ref(tahoe/backups): backup fewer thingsFranck Cuny2023-01-162-5/+12
| | | | | I don't need to backup videos, and the cache of my home directory. I also don't need to keep that many snapshots around.
* ref(home/matrix): replace element by fractalFranck Cuny2023-01-155-14/+19
| | | | | | | | | | | fractal(-next) is a client for matrix. It's GTK4 native and uses rust. While not much nicer looking than element, it's not an electron app, which I prefer (electron is slow, and element would freeze/crash from time to time). I renamed the module from element to matrix-client, in case I switch to something else in the future (or if there are additional configurations).
* ref(home/python): use the default versionFranck Cuny2023-01-151-2/+2
| | | | | | | | | | | | Use the default version of python for the nixos version I'm using. Remove an unused environment variable (PYTHON_HISTFILE) since it's not used (I don't remember where I got this one from, but it's not used to set the history for the python interpreter, see [1]). Add an environment variable for ipython. [1] https://github.com/python/cpython/blob/main/Lib/site.py#L468
* ref(home/gpg): set homedir for GPG configurationsFranck Cuny2023-01-151-0/+1
|
* ref(home/xdg): configure a few more environment variablesFranck Cuny2023-01-151-0/+3
|
* ref(home/sway): auto login and enable systemd integrationFranck Cuny2023-01-152-4/+8
| | | | | | | | | When the laptop boots, I already have to enter a passphrase to unlock the disks, I can trust that it's me and can automatically log into the system. Enable systemd integration for sway so that the correct session is started and environment variables are imported properly.
* ref(modules/prometheus): don't backup the dataFranck Cuny2023-01-151-2/+0
| | | | | I don't care if I lose this data, and it's creating a lot of churn in the backups and consuming a lot of space.
* feat(modules/backup): enable max compressionFranck Cuny2023-01-151-1/+1
|
* fix(modules/gitea): correctly set the variable for log levelFranck Cuny2023-01-121-1/+1
|
* ref(home/swayidle): configure it using upstream moduleFranck Cuny2023-01-111-18/+24
|
* bump flakesFranck Cuny2023-01-101-21/+21
| | | | | | | | | | | | | | | | | | | | | | | | • Updated input 'emacs-overlay': 'github:nix-community/emacs-overlay/dca61513fcd032f348aa2e3fe4606d52e848e7ce' (2023-01-09) → 'github:nix-community/emacs-overlay/b537e3cba7307729bf80cdc8ef2b176727cbb645' (2023-01-10) • Updated input 'emacs-overlay/nixpkgs': 'github:NixOS/nixpkgs/0c9aadc8eff6daaa5149d2df9e6c49baaf44161c' (2023-01-08) → 'github:NixOS/nixpkgs/35f1f865c03671a4f75a6996000f03ac3dc3e472' (2023-01-09) • Updated input 'home-manager': 'github:nix-community/home-manager/b0a3689878d4c2e8a1b02cecf8319ba8c53da519' (2023-01-09) → 'github:nix-community/home-manager/176e455371a8371586e8a3ff0d56ee9f3ca2324e' (2023-01-10) • Updated input 'naersk/nixpkgs': 'github:NixOS/nixpkgs/0c9aadc8eff6daaa5149d2df9e6c49baaf44161c' (2023-01-08) → 'github:NixOS/nixpkgs/35f1f865c03671a4f75a6996000f03ac3dc3e472' (2023-01-09) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/8c54d842d9544361aac5f5b212ba04e4089e8efe' (2023-01-08) → 'github:NixOS/nixpkgs/54644f409ab471e87014bb305eac8c50190bcf48' (2023-01-10) • Updated input 'nur': 'github:nix-community/NUR/7d6f34170b42fe49740fb9b7e4b4a7fdf530b581' (2023-01-09) → 'github:nix-community/NUR/2c47b2a0053cdb36cc08353f79eebf7a055fa18f' (2023-01-10) • Updated input 'rust': 'github:oxalica/rust-overlay/3488cec01351c2f1086b02a3a61808be7a25103e' (2023-01-09) → 'github:oxalica/rust-overlay/9724998ea2caf23214674bf0c2cdf6ec0b1719af' (2023-01-10)
* fix(modules/gitea): what a messFranck Cuny2023-01-101-3/+6
|
* ref(modules/nix): update a number of settings for nixFranck Cuny2023-01-101-4/+15
| | | | Inspired by https://jackson.dev/post/nix-reasonable-defaults/
* feat(hosts/tahoe): rotate the screen 90 degreeFranck Cuny2023-01-101-2/+6
| | | | The machine is connected to a rotated screen.
* fix(services/unifi): remove prometheus.exporters.unpollerFranck Cuny2023-01-101-12/+0
| | | | | This does not exist in 22.11, only 23.05. Will figure out the proper way to monitor it later.
* fix(modules/gitea): restore settings for nix 22.11Franck Cuny2023-01-101-7/+3
|
* fix(hosts/tahoe): workaround md raid boot uuid issue in 22.11Franck Cuny2023-01-101-2/+2
| | | | | | | Due to md device uuid availability issue in initrd. Refs: - https://github.com/NixOS/nixpkgs/issues/196800 - https://github.com/NixOS/nixpkgs/issues/199551
* fix(modules/unifi): pin the package for mongodbFranck Cuny2023-01-091-0/+1
| | | | Similar to 6c0211b.
* fix(hosts/tahoe): mask mdmonitorFranck Cuny2023-01-091-0/+5
| | | | | This is a broken unit and I don't need it (see https://github.com/nixos/nixpkgs/issues/72394).
* ref(flake): let's stay on stableFranck Cuny2023-01-092-33/+33
| | | | | There's no need to be on unstable, I prefer break things only twice a year instead of every time I run an update ...
* fix(modules/unifi): proper monitoring and latest versionFranck Cuny2023-01-082-3/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | They've recently removed from nixpkgs the version of mongodb that was used by unifi. I updated to the latest version (7) and did the migration of the DB manually (see https://github.com/NixOS/nixpkgs/pull/207382): ``` nix-shell -p mongodb-3_4 mongodb-tools mongod --dbpath /var/lib/unifi/data/db --logpath /var/log/unifi/repair.log --repair mongod --dbpath /var/lib/unifi/data/db --logpath /var/log/unifi/repair.log --journal --fork mongodump --out=/root/mongodump pkill mongod exit nix-shell -p mongodb-4_2 mongodb-tools mv /var/lib/unifi/data/db /var/lib/unifi/data/db_bak mkdir /var/lib/unifi/data/db mongod --dbpath /var/lib/unifi/data/db --logpath /var/log/unifi/repair.log --journal --fork mongorestore /root/mongodump pkill mongod ``` Once this was done, the exporter was also broken, has it has been renamed. There are two different services for it in nixpkgs: `services.unpoller` and `services.prometheus.exporters.unpoller`. Only the last one works. From what I can tell, everything is working now.
* ref(flake): use latest version for nixosFranck Cuny2023-01-072-47/+31
| | | | Don't pin, just use latest.
* fix(home/emacs): don't install nixpkgs-fmt hereFranck Cuny2023-01-071-1/+0
|
* fix(home/mail): set the full path to notmuch config for afewFranck Cuny2023-01-071-2/+2
| | | | | | It's expecting the configuration in a different place. I think some environment variable are not propagated correctly, might look into this later.
* fix(home/python): don't specify the versionFranck Cuny2023-01-071-2/+1
| | | | | Use what ever is the latest version set by nix, and don't install poetry (it seems to be broken at the moment).
* fix(home/sway): set the environment variable correctlyFranck Cuny2023-01-071-1/+1
|
* fix(modules/gitea): the linter corrupted the file ...Franck Cuny2023-01-071-15/+0
|
* fix(modules/sendsms): run it as root for nowFranck Cuny2023-01-071-2/+0
| | | | | | I need to figure a way to make it run as a dynamic user, while still having access to the credentials for twilio, while not changing the permissions to the file.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-12-26 17:00:55 +0000