about summary refs log tree commit diff
path: root/hosts/aptos/hardware-configuration.nix (unfollow)
Commit message (Collapse)AuthorFilesLines
2022-03-12desktop: element and themeFranck Cuny1-0/+4
2022-03-12terminal: nixfmtFranck Cuny1-10/+4
2022-03-12wofi: color + nixfmtFranck Cuny1-4/+2
2022-03-12notification: fix timeout and documentFranck Cuny1-8/+8
2022-03-12devel: add more packagesFranck Cuny1-1/+1
2022-03-12users: add another ssh keyFranck Cuny1-2/+8
2022-03-12containers: enable dockerd and containerd on aptosFranck Cuny1-0/+11
2022-03-11rclone: add users backupFranck Cuny1-11/+12
2022-03-11nas: enable rclone configurationFranck Cuny1-0/+1
2022-03-11prometheus: scrap more endpointsFranck Cuny1-0/+30
2022-03-11rclone: synchronize restic repo to GCSFranck Cuny4-0/+32
Add a couple of secrets to store the configuration and the service account, and add a timer to synchronize the restic repository to a GCS bucket once a day.
2022-03-10wm: ensure element is assigned to space #4Franck Cuny1-0/+1
2022-03-09sway: formatting, colors, wlogoutFranck Cuny1-44/+75
2022-03-09traefik: typoFranck Cuny1-1/+1
2022-03-09traefik: make the rules as specific as possibleFranck Cuny1-2/+4
Otherwise, `git` will conflict, since it exists on both domains.
2022-03-09traefik: typoFranck Cuny1-5/+5
2022-03-09gitea: typoFranck Cuny1-1/+1
2022-03-09traefik: handle fcuny.net and fcuny.xyzFranck Cuny1-7/+15
fcuny.net is for public facing domains, while fcuny.xyz are for domains on the tailscale network. I need to support configuration in traefik for both. The main difference, for traefik, is the domain name and which let's encrypt challenge to use (DNS for TS, HTTP for public). Refactor the function `mkServiceConfig` to accept the domain and LE challenge as argument, and add new entries for git.fcuny.net and git.fcuny.xyz.
2022-03-09gitea: do a backup with resticFranck Cuny1-0/+12
2022-03-09gitea: we need to specify the user for the DBFranck Cuny1-1/+4
2022-03-09go: ensure GOBIN is in PATHFranck Cuny1-1/+3
2022-03-09system: install sqliteFranck Cuny1-3/+3
It's always useful to have it around.
2022-03-08gitea: initial configurationFranck Cuny2-0/+28
2022-03-08nas: backup photos and musicFranck Cuny2-0/+118
Instead of rsync-ing these folders to a GCS bucket, I should instead do a backup. If I screw up something, the content will be sync-ed, and I won't be able to restore it. It's better (maybe more expensive, but that's OK) to keep snapshots and be able to restore.
2022-03-07backups: spread them so they don't clashFranck Cuny3-0/+3
If they start running at the same time, they won't be able to succeed since there's a global lock on the repository.
2022-03-07grafana: backup the data directoryFranck Cuny1-0/+14
2022-03-07prometheus: backup the data directoryFranck Cuny1-0/+14
2022-03-07unifi: backup the data to the local reoFranck Cuny1-0/+14
2022-03-07restic: add the secret for the repo 'systems'Franck Cuny2-0/+14
2022-03-06prometheus: scrap unifi poller on the correct IPFranck Cuny1-1/+1
2022-03-06prometheus: scrape from unifi-pollerFranck Cuny1-31/+40
2022-03-06unifi: set the correct name for the poller's unitFranck Cuny1-2/+2
2022-03-06traefik: proper configuration for unifiFranck Cuny1-0/+14
2022-03-06unifi: configure the pollerFranck Cuny3-5/+33
2022-03-06unifi: add unifi on the NASFranck Cuny2-0/+54
2022-03-06transmission: disable the rpc allowlistFranck Cuny1-2/+1
This is not working as I think, will follow up later.
2022-03-06traefik: add transmission (bt.fcuny.xyz)Franck Cuny1-2/+4
2022-03-06nas: install transmissionFranck Cuny2-0/+36
Create a user and group 'nas' so we can run tranmission in it. This will also help us to enable some specific permissions on some directories.
2022-03-06grafana: rename the instance for the routerFranck Cuny1-16/+16
2022-03-06grafana: add a few more dashboardsFranck Cuny3-0/+10539
2022-03-06tahoe: enable tailscaleFranck Cuny1-0/+1
2022-03-06traefik: getting a working configurationFranck Cuny1-22/+21
2022-03-06traefik: second attempt, simpleFranck Cuny2-52/+35
2022-03-06traefik: initial configurationFranck Cuny4-0/+90
I want to run traefik on the NAS, so I can reach grafana and other future services running on that host. To manage TLS, we use let's encrypt with a DNS challenge. For this to work we need a service account configuration, that is encrypted with age.
2022-03-05backups: unit to run maintenance on my backupsFranck Cuny2-0/+26
This will be run via a timer once a day, to perform maintenance on my backups on the nas.
2022-03-05prometheus: scrape nodeexporter for the rtrFranck Cuny1-15/+24
2022-03-05backups: do the backup over sshFranck Cuny1-7/+7
We're using ssh instead of the rest server, we're also pushing them to a different repo, where I don't need to be root.
2022-03-05samba: fix path for music, add videosFranck Cuny1-1/+7
2022-03-05tahoe: remove creation of some directoriesFranck Cuny1-29/+9
2022-03-05tahoe: new hardware configuratioFranck Cuny1-21/+13
2022-03-05aptos: remove mem_sleep_defaultFranck Cuny1-1/+0
The laptop was rebooting when I'd open the lid.
2022-03-05tailscale: add tailscale to the laptop (aptos)Franck Cuny2-0/+7
2022-03-05git: sign with GPG only when one desktopFranck Cuny3-10/+30
Move the configuration for git that requires the signing to pass, and use the `pass-git-helper` to manage the secrets.
2022-03-05git: nixfmtFranck Cuny1-3/+1
2022-03-05agenix: rekey secretsFranck Cuny3-7/+13
Reinstalled tahoe, new ssh key for the host.
2022-03-04aptos: nixfmtFranck Cuny1-17/+10
2022-03-04scan-print: tools for scanning and printingFranck Cuny2-0/+6
2022-03-04home: switch to emacsclient for EDITORFranck Cuny1-1/+2
2022-03-04devel: install nixfmtFranck Cuny1-1/+1
Useful to format modules consistently.
2022-03-04nix: format the moduleFranck Cuny1-10/+3
2022-03-04ssh: new module, and load it for my userFranck Cuny2-1/+19
2022-03-04nix: format the bufferFranck Cuny1-14/+3
2022-03-02zsh: move the configuration inlineFranck Cuny2-31/+30
I don't have a lot of things I care about for zsh, I can inline everything.
2022-03-02tahoe: enable wireguardFranck Cuny1-0/+1
2022-03-02grafana: disable analytics correctlyFranck Cuny1-1/+2
2022-03-02wireguard: set the externalIPFranck Cuny1-0/+3
2022-03-02wireguard: drop configuration for aptosFranck Cuny1-7/+0
This is done in the module itself.
2022-03-02wireguard: revert to previous portFranck Cuny1-1/+1
2022-03-02prometheus: relabel some machinesFranck Cuny1-12/+20
Don't use the IP from wireguard as the name of the host, let's map to the actual hostname.
2022-03-02wireguard: use agenix from the moduleFranck Cuny1-2/+8
This is the correct way to set up the private key, let's see if this works consistently across hosts and reboots.
2022-03-02users: remove rsa keyFranck Cuny1-1/+0
2022-03-02grafana: disable analyticsFranck Cuny1-0/+1
2022-03-01secrets: add a new key and rekey existing keysFranck Cuny3-20/+22
2022-02-28grafana: provision dashboardsFranck Cuny2-0/+14120
Start with node-exporter-full dashboard.
2022-02-28grafana: setup provisioning correctlyFranck Cuny1-6/+9
2022-02-28grafana: fixFranck Cuny1-1/+1
2022-02-28grafana: configure admin user and data sourcesFranck Cuny1-1/+9
2022-02-28grafana: initial configurationFranck Cuny2-0/+10
2022-02-28prometheus: initial configuration for the serverFranck Cuny2-0/+30
Run prometheus via systemd, and configure to pull node-exporter's metrics from two hosts. The retention is set for 3 years.
2022-02-27users: change my ssh key for the laptopFranck Cuny1-1/+2
2022-02-27hosts: ensure we have bash and zshFranck Cuny1-0/+3
2022-02-27nas: consume everything from the server profileFranck Cuny1-0/+1
2022-02-27server: create a new profileFranck Cuny2-0/+19
This is a profile for servers related stuff. We start with monitoring for now.
2022-02-27firefox: a few more settingsFranck Cuny1-4/+11
2022-02-27tahoe: create some directoriesFranck Cuny1-0/+15
Ensure at least /data/media/music is created with the proper ownership.
2022-02-27samba: fix configurationFranck Cuny1-3/+3
Some settings were missing, others incorrect, and the name of the share was also incorrect.
2022-02-27tahoe: include NAS profileFranck Cuny1-0/+1
2022-02-27NAS: initial configurationFranck Cuny2-0/+34
For now we only want samba on it.
2022-02-27hardware: enable btrfs scrubber and fstrimmerFranck Cuny1-0/+3
2022-02-27i3status: clean up formattingFranck Cuny1-2/+2
2022-02-27firefox: add plugins and configurationsFranck Cuny1-0/+29
2022-02-27flake: add new overlay: NURFranck Cuny3-1/+22
NUR is the nux user repository, which provides additional packages.
2022-02-27docs: add partition setup for the NASFranck Cuny1-2/+43
2022-02-27xdg: let's drop the mime configurationFranck Cuny1-13/+0
Let's rely on the default for now.
2022-02-27software: drop nautilus, add a few more thingsFranck Cuny2-5/+13
Replace nautilus with pcmanfm, which is more than enough for my needs (I still can't open correctly images / PDF with nautilus, I don't care why). Add a few more packages (seahorse, easyeffects) to improve usability of the desktop.
2022-02-27pam: drop GDM configurationFranck Cuny1-2/+0
I don't use GDM anymore.
2022-02-27aptos: use the hardware module for xps9300Franck Cuny2-1/+1
2022-02-27hardware: start capturing hardware related stuffFranck Cuny2-0/+10
Create a new module for hardware related things, in order to configure correctly the various machines.
2022-02-27sway: import systemd environments on startupFranck Cuny1-0/+3
2022-02-27sway: assign applications to workspacesFranck Cuny1-0/+5
2022-02-27