about summary refs log tree commit diff
path: root/hosts/tahoe/default.nix (follow)
Commit message (Collapse)AuthorAgeFilesLines
* profiles/monitoring: move loki to a profileFranck Cuny2023-05-121-0/+1
| | | | | Add a nginx virtualhost for loki too, so that we can use a valid SSL certificate.
* profiles/monitoring: move promtail to a profileFranck Cuny2023-05-121-0/+1
|
* profiles/monitoring: move node exporter to a profileFranck Cuny2023-05-121-0/+1
|
* hosts/tahoe: move network configuration to default.nixFranck Cuny2023-05-121-2/+20
|
* hosts: move around backup configurationFranck Cuny2023-05-121-0/+19
|
* profiles/backup: configure the backup serverFranck Cuny2023-05-121-15/+1
| | | | | It creates the user, ensure sftp is configured correctly, and rsync the backups to rsync.net once a day.
* profiles/samba: convert the old module as a profileFranck Cuny2023-05-101-0/+1
|
* profiles/git-server: move gitolite and cgitFranck Cuny2023-05-101-0/+1
|
* profiles/music-server: moved navidromeFranck Cuny2023-05-101-0/+1
|
* profiles/unifi: move the module to a profileFranck Cuny2023-05-101-0/+1
| | | | | Get rid of configuration that was duplicated (a lot of things are already handled by the upstream module).
* profiles/nginx: move common configuration to a profileFranck Cuny2023-05-091-0/+1
| | | | | | Both tahoe and carmel are using nginx, and we can simplify the configuration by moving common parts to the profile and have these hosts import it.
* profiles: clean up the importsFranck Cuny2023-05-081-0/+1
| | | | The hosts should be explicit about what to import.
* modules/tahoe: remove duplicated declaration for user 'nas'Franck Cuny2023-05-081-7/+0
|
* profile/acme: default DNS provider is gandiFranck Cuny2023-05-081-0/+1
| | | | | | | | | | Add the API key for gandi to the secrest, create a profile for acme with my defaults. The profile is loaded by tahoe since that's where our services are running on. Update all the servers in nginx to listen on their wireguard interface.
* profiles: move things around for btrfsFranck Cuny2023-05-021-1/+1
|
* profiles/hardware: create a few profiles related to hardwareFranck Cuny2023-05-021-0/+1
|
* profiles: create default and serverFranck Cuny2023-05-021-2/+8
| | | | | | | | | | The NAS and the router are "servers", and we create a base profile for them. We add a default profile that will set things that are common to all my hosts, and we start with the locales. Update tahoe/carmel to use the server profile.
* hosts/tahoe: rename account for backup and enable sftp for itFranck Cuny2023-04-291-7/+10
| | | | | | | | | | | | | The dedicated account for backup should be named 'backup', as it's more generic. While it's a system account, I still need to be able to log in the host remotely with sftp, so we give it a UID (991). The account needs to be able to sftp to tahoe in order to store the backups from remote hosts. However we don't want this user to get a shell and be able to browse the host, so we configure sshd to chroot the user to where the backups are stored.
* hosts/tahoe: create a new user specifically for backupsFranck Cuny2023-04-231-0/+11
| | | | | | This is the user I'll be using to do my backups. This is a system user, and there's only one public key added to it. This key is only used for backups and will be managed in this repository.
* modules/console: larger font for EVERYONEFranck Cuny2023-03-261-8/+0
|
* hosts/tahoe: set a larger font for the TTYsFranck Cuny2023-03-261-0/+8
|
* ref(home-manager): don't use home-manager when building the hostFranck Cuny2022-09-221-2/+1
| | | | | | | | | | | | | | | | | | | When rebuilding the host (through `nixos-rebuild switch --flake`) I don't want to rebuild also my home-manager configuration. I want these to be two different steps. I rebuild the home-manager configuration more frequently and it's a waste of time and CPU to rebuild the world every time. This is a pretty large refactoring: - move checks back into the flake: if I modify a check, the configuration for `pre-commits` is not regenerated, as the file with the checks is not monitored with `direnv` (I could probably configure it for it, but not now) - remove `home.nix` from the host level configuration - introduce a `mkHomeManagerConfiguration` function to manage the different user@host - fix a warning with the rust overlay
* fix(new-lines): add or remove new lines where neededFranck Cuny2022-07-021-1/+0
| | | | | | | | | | | The pre-commit hook for new lines reported and correct a number of issues, so let's commit them now and after that we ca enable the hook for the repository. Change-Id: I5bb882d3c2cca870ef94301303f029acfb308740 Reviewed-on: https://cl.fcuny.net/c/world/+/592 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* tahoe: enable network with early bootFranck Cuny2022-04-091-11/+2
| | | | So we can unlock the disks remotely.
* hosts: rename hardware-configuration to hardwareFranck Cuny2022-04-081-1/+1
|
* hosts: add services to tahoeFranck Cuny2022-04-081-1/+8
|
* initial attempt to reconfigure home-managerFranck Cuny2022-04-071-0/+1
| | | | | | | | | | All the modules that are needed for home-manager should be under `home/`, and each host will have a `host.nix` where the modules are enabled as needed. Later on we can create some profiles to make it easier to consume the configuration. I apply this only to tahoe for now, as the amount of packages needed for my user are pretty limited.
* refactor boot configuration to a moduleFranck Cuny2022-04-061-1/+4
| | | | | | | | | We don't need the previous `hosts/common/system` configs anymore, as everything has been moved out. We keep some boot configuration for carmel in the host configuration for now, but I need to check why I don't have similar settings for tahoe (since I also need to unlock the host remotely).
* network: move tailscale in modulesFranck Cuny2022-04-051-20/+1
| | | | Move the networking configuration for the hosts to its own file.
* Revert "create a new role for navidrome"Franck Cuny2022-04-031-4/+2
| | | | This reverts commit 814a495e9c74e3211c6b6640397111115832207b.
* create a new role for navidromeFranck Cuny2022-04-031-2/+4
| | | | Apply the role to tahoe.
* hosts: add profilesFranck Cuny2022-03-121-1/+1
| | | | Profiles contain a collection of modules.
* tahoe: enable tailscaleFranck Cuny2022-03-061-0/+1
|
* tahoe: remove creation of some directoriesFranck Cuny2022-03-051-29/+9
|
* tahoe: enable wireguardFranck Cuny2022-03-021-0/+1
|
* tahoe: create some directoriesFranck Cuny2022-02-271-0/+15
| | | | Ensure at least /data/media/music is created with the proper ownership.
* tahoe: include NAS profileFranck Cuny2022-02-271-0/+1
|
* hosts: add tahoe, the new NASFranck Cuny2022-02-271-0/+41