about summary refs log tree commit diff
path: root/hosts (follow)
Commit message (Collapse)AuthorAgeFilesLines
* transmission: disable the rpc allowlistFranck Cuny2022-03-061-2/+1
| | | | This is not working as I think, will follow up later.
* traefik: add transmission (bt.fcuny.xyz)Franck Cuny2022-03-061-2/+4
|
* nas: install transmissionFranck Cuny2022-03-062-0/+36
| | | | | Create a user and group 'nas' so we can run tranmission in it. This will also help us to enable some specific permissions on some directories.
* grafana: rename the instance for the routerFranck Cuny2022-03-061-16/+16
|
* grafana: add a few more dashboardsFranck Cuny2022-03-063-0/+10539
|
* tahoe: enable tailscaleFranck Cuny2022-03-061-0/+1
|
* traefik: getting a working configurationFranck Cuny2022-03-061-22/+21
|
* traefik: second attempt, simpleFranck Cuny2022-03-062-52/+35
|
* traefik: initial configurationFranck Cuny2022-03-062-0/+87
| | | | | | | | | I want to run traefik on the NAS, so I can reach grafana and other future services running on that host. To manage TLS, we use let's encrypt with a DNS challenge. For this to work we need a service account configuration, that is encrypted with age.
* backups: unit to run maintenance on my backupsFranck Cuny2022-03-052-0/+26
| | | | | This will be run via a timer once a day, to perform maintenance on my backups on the nas.
* prometheus: scrape nodeexporter for the rtrFranck Cuny2022-03-051-15/+24
|
* samba: fix path for music, add videosFranck Cuny2022-03-051-1/+7
|
* tahoe: remove creation of some directoriesFranck Cuny2022-03-051-29/+9
|
* tahoe: new hardware configuratioFranck Cuny2022-03-051-21/+13
|
* aptos: remove mem_sleep_defaultFranck Cuny2022-03-051-1/+0
| | | | The laptop was rebooting when I'd open the lid.
* tailscale: add tailscale to the laptop (aptos)Franck Cuny2022-03-052-0/+7
|
* aptos: nixfmtFranck Cuny2022-03-041-17/+10
|
* tahoe: enable wireguardFranck Cuny2022-03-021-0/+1
|
* grafana: disable analytics correctlyFranck Cuny2022-03-021-1/+2
|
* wireguard: drop configuration for aptosFranck Cuny2022-03-021-7/+0
| | | | This is done in the module itself.
* prometheus: relabel some machinesFranck Cuny2022-03-021-12/+20
| | | | | Don't use the IP from wireguard as the name of the host, let's map to the actual hostname.
* users: remove rsa keyFranck Cuny2022-03-021-1/+0
|
* grafana: disable analyticsFranck Cuny2022-03-021-0/+1
|
* grafana: provision dashboardsFranck Cuny2022-02-282-0/+14120
| | | | Start with node-exporter-full dashboard.
* grafana: setup provisioning correctlyFranck Cuny2022-02-281-6/+9
|
* grafana: fixFranck Cuny2022-02-281-1/+1
|
* grafana: configure admin user and data sourcesFranck Cuny2022-02-281-1/+9
|
* grafana: initial configurationFranck Cuny2022-02-282-0/+10
|
* prometheus: initial configuration for the serverFranck Cuny2022-02-282-0/+30
| | | | | | | Run prometheus via systemd, and configure to pull node-exporter's metrics from two hosts. The retention is set for 3 years.
* users: change my ssh key for the laptopFranck Cuny2022-02-271-1/+2
|
* hosts: ensure we have bash and zshFranck Cuny2022-02-271-0/+3
|
* nas: consume everything from the server profileFranck Cuny2022-02-271-0/+1
|
* server: create a new profileFranck Cuny2022-02-272-0/+19
| | | | | This is a profile for servers related stuff. We start with monitoring for now.
* tahoe: create some directoriesFranck Cuny2022-02-271-0/+15
| | | | Ensure at least /data/media/music is created with the proper ownership.
* samba: fix configurationFranck Cuny2022-02-271-3/+3
| | | | | Some settings were missing, others incorrect, and the name of the share was also incorrect.
* tahoe: include NAS profileFranck Cuny2022-02-271-0/+1
|
* NAS: initial configurationFranck Cuny2022-02-272-0/+34
| | | | For now we only want samba on it.
* hardware: enable btrfs scrubber and fstrimmerFranck Cuny2022-02-271-0/+3
|
* software: drop nautilus, add a few more thingsFranck Cuny2022-02-271-4/+0
| | | | | | | | | Replace nautilus with pcmanfm, which is more than enough for my needs (I still can't open correctly images / PDF with nautilus, I don't care why). Add a few more packages (seahorse, easyeffects) to improve usability of the desktop.
* pam: drop GDM configurationFranck Cuny2022-02-271-2/+0
| | | | I don't use GDM anymore.
* aptos: use the hardware module for xps9300Franck Cuny2022-02-272-1/+1
|
* hardware: start capturing hardware related stuffFranck Cuny2022-02-272-0/+10
| | | | | Create a new module for hardware related things, in order to configure correctly the various machines.
* hosts: add tahoe, the new NASFranck Cuny2022-02-272-0/+111
|
* agenix: store wireguard key in persistent storageFranck Cuny2022-02-241-0/+7
| | | | | | The key was created under /run/agenix, which is wiped out after a reboot. The key being absent prevents the wireguard interface to come up. Store the key somewhere persistent to prevent this to happen.
* gnome: add more gnome settingsFranck Cuny2022-02-241-1/+14
| | | | | | | Without these settings a few things are not working correctly (nautilus can't browse ssh servers for example). This module needs to be renamed too.
* xserver: drop it completelyFranck Cuny2022-02-241-14/+0
| | | | | | | | | | | | | Let's remove this, I was only using it to get GDM running, but that's causing a bunch of issues so far: - not all environment variables are loaded correctly - some units are not loaded in time When trying to use xorg and i3, I have way too many tears and I can't figure out a proper configuration. To make it easier, I'm going to keep sway and start `sway` from `tty1` directly.
* ssh: authenticate only using ssh keyFranck Cuny2022-02-211-0/+1
|
* wireguard: module and peers configurationsFranck Cuny2022-02-211-0/+1
| | | | | | | | | Add a new module to automatically configure the peers for wireguard. The module needs a configuration file (in `configs/wireguard.toml`) which lists all the peers, their IP and and their public keys. The secret keys is encrypted as a secret with agenix. There's some initial documentation on how to use this setup.
* system: install a few more packagesFranck Cuny2022-02-211-1/+10
|
* users: add ssh keys for aptos and carmelFranck Cuny2022-02-211-2/+2
|
* fonts: add font-awesome for i3statusFranck Cuny2022-02-211-0/+1
|
* aptos: switch to iwd and enable thermaldFranck Cuny2022-02-211-3/+5
| | | | | | | Replace wpa_supplicant with iwd (I prefer that daemon and the associated tool, iwctl). Enable thermald for managing power.
* hosts: add aptosFranck Cuny2022-02-212-0/+91
| | | | | aptos is my laptop (dell xps 13'). This adds the initial configuration for it.
* xserver: add at-spi2-core packageFranck Cuny2022-02-181-1/+5
| | | | | See https://github.com/NixOS/nixpkgs/issues/16327 for details (this removes warnings in some services)
* boot: fix the prefixFranck Cuny2022-02-181-1/+1
|
* xserver: natural scrolling is part of touchpad.Franck Cuny2022-02-181-1/+1
|
* fonts: rename some optionsFranck Cuny2022-02-181-2/+1
| | | | | `fontconfig.ultimate` does not exists anymore, and `enableFontDir` has been renamed to `fontDir.enable`.
* system: add locale and securityFranck Cuny2022-02-183-2/+19
|
* desktop: enable natural scrollingFranck Cuny2022-02-181-2/+4
|
* boot: reorganize and add commentsFranck Cuny2022-02-182-11/+16
| | | | Most of the options for booting are common to all hosts.
* fonts: add more fonts for the systemFranck Cuny2022-02-181-1/+8
|
* sway: configure correctly dbus / keyringFranck Cuny2022-02-171-8/+16
|
* sway: install all the required packagesFranck Cuny2022-02-161-1/+15
|
* home-manager: move activate logic in users' configFranck Cuny2022-02-161-4/+1
|
* hosts: remove btrfs subvolume 'media'Franck Cuny2022-02-161-6/+0
| | | | | The host would not boot successfully with that, I'm doing something wrong.
* hosts: add a new subvolumes to carmelFranck Cuny2022-02-141-0/+6
| | | | | Create a subvolume named 'media' that we will mount under /home/fcuny/media so we can snapshots /home/fcuny without the medias.
* hosts: enable rtkit with audio moduleFranck Cuny2022-02-141-0/+2
|
* hosts: load igb kernel module for initrdFranck Cuny2022-02-131-0/+1
| | | | We need to load the driver for the NIC.
* hosts: unlock disks remotely on bootFranck Cuny2022-02-133-19/+28
| | | | | Enable a SSH daemon in initrd, with our keys, so we can unlock remotely the disk on reboot.
* desktop: ensure we're installing swayFranck Cuny2022-02-131-1/+7
|
* hosts: remove configuration for ssh keys in initrdFranck Cuny2022-02-131-1/+0
| | | | This is not working yet, we will figure this out later.
* motd: drop, there's no need for thatFranck Cuny2022-02-132-13/+0
|
* sway: first attempt at configuring swayFranck Cuny2022-02-131-11/+3
| | | | | Let's switch right away to sway instead, now that there's an emacs package to support wayland.
* hosts: install linux perf tools for the hostFranck Cuny2022-02-131-1/+8
|
* hosts: decrypt root disk via ssh on bootFranck Cuny2022-02-133-0/+27
|
* desktop: gnome related thingsFranck Cuny2022-02-131-1/+10
|
* hosts: enable avahi on desktopFranck Cuny2022-02-131-0/+5
| | | | This is going to be needed to print (for example).
* hosts: load services at the host levelFranck Cuny2022-02-121-0/+15
| | | | | | These services are not configured at the user level, but at the host level. We might need a better separation in the future, in case I don't use xserver for example.
* hosts: rename commons to commonFranck Cuny2022-02-1213-0/+0
|
* hosts: import common modulesFranck Cuny2022-02-121-2/+1
| | | | | | Update the `mkSystem` function to include the proper common module, and fix the path to import the common configuration for a desktop into `carmel`.
* move configurations and modules aroundFranck Cuny2022-02-1213-10/+187
| | | | Sorry, this is a mess, hopefully the last one.
* hosts: more typoFranck Cuny2022-02-121-1/+1
|
* hosts: typoFranck Cuny2022-02-121-1/+2
|
* hosts: centralize network configurationFranck Cuny2022-02-123-10/+37
|
* hosts: set hostname from configurationFranck Cuny2022-02-101-6/+2
|
* fix a few errorsFranck Cuny2022-02-101-0/+1
|
* hosts: common configuration across all hostsFranck Cuny2022-02-101-0/+12
|
* nix: fix a bunch of stuffFranck Cuny2022-02-101-1/+0
|
* hosts: use systemd-resolved on carmelFranck Cuny2022-02-091-0/+6
|
* hosts: remove usersFranck Cuny2022-02-091-1/+0
|
* hosts: remove / clean codeFranck Cuny2022-02-091-44/+5
| | | | | | There's a lot of commented stuff I don't need, and move things that are configured in the host into modules, which will improve re-usability and readability of this configuration.
* home-manager: simplify the configurationFranck Cuny2022-02-091-0/+3
| | | | | | | | | | | | | I'm still struggling with documentation, and I'd rather have something simple that works rather than smart and does not work. The configuration for the host imports the modules that are relevant to that host (in the case of carmel, desktop and systems). For the home-manager, I create a profile "desktop" that contains stuff related to a desktop (i3, etc), and it includes the module "common" that contains stuff that I want on any machines (so that in the future, for a machine that is a server, the home manager will only import "common").
* hosts: remove unneeded commentsFranck Cuny2022-02-081-6/+0
|
* systems: move some packages out of host configFranck Cuny2022-02-081-5/+0
|
* carmel: use DHCP on the wireless interfaceFranck Cuny2022-02-081-1/+2
|
* xserver: initial configurationFranck Cuny2022-02-081-8/+0
| | | | Enable it for the desktop.
* systems: default configuration for all systemsFranck Cuny2022-02-081-3/+0
|
* carmel: initial host configurationFranck Cuny2022-02-072-0/+144
Initial configuration for the desktop (carmel).
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-10-17 12:25:47 +0000