world.git - nix configuration for my machines

	Commit message (Collapse)	Author	Age	Files	Lines
*	profiles/monitoring: move loki to a profile	Franck Cuny	2023-05-12	2	-113/+0
\| \| \| \| \|	Add a nginx virtualhost for loki too, so that we can use a valid SSL certificate.
*	profiles/monitoring: move promtail to a profile	Franck Cuny	2023-05-12	2	-66/+0
\|
*	profiles/monitoring: move node exporter to a profile	Franck Cuny	2023-05-12	2	-20/+0
\|
*	profiles/nginx: move common configuration to a profile	Franck Cuny	2023-05-09	1	-0/+11
\| \| \| \| \| \|	Both tahoe and carmel are using nginx, and we can simplify the configuration by moving common parts to the profile and have these hosts import it.
*	profile/acme: default DNS provider is gandi	Franck Cuny	2023-05-08	1	-8/+3
\| \| \| \| \| \| \| \| \| \|	Add the API key for gandi to the secrest, create a profile for acme with my defaults. The profile is loaded by tahoe since that's where our services are running on. Update all the servers in nginx to listen on their wireguard interface.
*	modules/monitoring: set the host's name as a label for promtail	Franck Cuny	2023-04-23	1	-2/+2
\|
*	hosts/tahoe: loki and prometheus listen only on the wg0 interface	Franck Cuny	2023-04-23	3	-7/+33
\| \| \| \| \| \| \|	I don't want to have to deal with authentication and TLS certificates for these endpoints. If they are only listening on the wireguard interface I can trust that only authorized hosts are sending traffic to these endpoints. I trust what's running on these machines.
*	modules/monitoring: consolidate all monitoring services together	Franck Cuny	2023-04-23	7	-0/+14539
	This will help to organize and structure monitoring modules a bit better.