about summary refs log tree commit diff
path: root/modules/services (follow)
Commit message (Collapse)AuthorAgeFilesLines
* fix(modules/gitea): what a messFranck Cuny2023-01-101-3/+6
|
* fix(services/unifi): remove prometheus.exporters.unpollerFranck Cuny2023-01-101-12/+0
| | | | | This does not exist in 22.11, only 23.05. Will figure out the proper way to monitor it later.
* fix(modules/gitea): restore settings for nix 22.11Franck Cuny2023-01-101-7/+3
|
* fix(modules/unifi): pin the package for mongodbFranck Cuny2023-01-091-0/+1
| | | | Similar to 6c0211b.
* fix(modules/unifi): proper monitoring and latest versionFranck Cuny2023-01-081-2/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | They've recently removed from nixpkgs the version of mongodb that was used by unifi. I updated to the latest version (7) and did the migration of the DB manually (see https://github.com/NixOS/nixpkgs/pull/207382): ``` nix-shell -p mongodb-3_4 mongodb-tools mongod --dbpath /var/lib/unifi/data/db --logpath /var/log/unifi/repair.log --repair mongod --dbpath /var/lib/unifi/data/db --logpath /var/log/unifi/repair.log --journal --fork mongodump --out=/root/mongodump pkill mongod exit nix-shell -p mongodb-4_2 mongodb-tools mv /var/lib/unifi/data/db /var/lib/unifi/data/db_bak mkdir /var/lib/unifi/data/db mongod --dbpath /var/lib/unifi/data/db --logpath /var/log/unifi/repair.log --journal --fork mongorestore /root/mongodump pkill mongod ``` Once this was done, the exporter was also broken, has it has been renamed. There are two different services for it in nixpkgs: `services.unpoller` and `services.prometheus.exporters.unpoller`. Only the last one works. From what I can tell, everything is working now.
* fix(modules/gitea): the linter corrupted the file ...Franck Cuny2023-01-071-15/+0
|
* fix(modules/sendsms): run it as root for nowFranck Cuny2023-01-071-2/+0
| | | | | | I need to figure a way to make it run as a dynamic user, while still having access to the credentials for twilio, while not changing the permissions to the file.
* fix(modules/unifi): remove the pollerFranck Cuny2023-01-071-32/+0
| | | | | | | | The poller refuses to start, as the name of the binary has been updated, and the upstream module is not reflecting that change. The service has also been renamed from `unifi-poller` to `unpoller`, but this is not working for now. Let's get rid of it as a temporary fix while looking at the correct solution.
* fix(modules/grafana): a number of options have been renamedFranck Cuny2023-01-072-8/+11
|
* fix(modules/gitea): a number of options have been renamedFranck Cuny2023-01-071-8/+35
|
* feat(modules/sensdms): a module to send an SMSFranck Cuny2022-11-302-0/+64
| | | | | | A new module `sendsms` is added to send SMS when the host reboots. It's triggered by systemd when the host boots and once the network is available.
* fix(modules/gitea): next time I'll learn to read the documentationFranck Cuny2022-11-151-2/+1
|
* fix(modules/gitea): add a few more settingsFranck Cuny2022-11-151-0/+4
|
* fix(services/gitea): disable registration correctlyFranck Cuny2022-11-071-1/+1
|
* fix(services/gitea): disable heatmap and registrationsFranck Cuny2022-11-071-0/+2
|
* ref(gerrit): delete modules/docs/configs for gerrit/buildkiteFranck Cuny2022-11-074-348/+0
|
* feat(services/gitea): add robots.txtFranck Cuny2022-11-071-1/+7
| | | | Configure the policy for the crawlers.
* ref(services/unifi): reduce the poller's verbosityFranck Cuny2022-11-071-0/+3
|
* fix(services/drone): enable droneFranck Cuny2022-11-062-8/+6
| | | | | The URL for drone changed to https://ci.fcuny.net. The secrets also changed (and we remove the unencrypted file with secrets).
* Revert "ref(drone): remove all modules and configurations"Franck Cuny2022-11-055-0/+188
| | | | This reverts commit 614fc2fcce0e9ae0bcfdc6e08d3c4bac846d02a8.
* Revert "ref(gitea): remove all modules for gitea"Franck Cuny2022-11-053-0/+1241
| | | | | | This reverts commit f4f83c7e83272234571d9580f5a897676de3d0dc. I'm planning to switch back to gitea to host my projects.
* fix(home/wm): unlock gnome-keyring when loggingFranck Cuny2022-09-241-6/+0
|
* ref(modules/backup): only keep 4 weeks worth of backupsFranck Cuny2022-08-151-1/+1
| | | | | | | Change-Id: I9aa813d57c80f431468d97dfc945d9a0439723f1 Reviewed-on: https://cl.fcuny.net/c/world/+/719 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* ref(modules/sourcegraph): stop backing upFranck Cuny2022-08-151-15/+0
| | | | | | | | | | There's no need to make a backup for sourcegraph, all the things I might care about (at this stage at least) can be easily regenerated. Change-Id: I4b592c9007ce57b56b04a94b43ad2ab8759ce891 Reviewed-on: https://cl.fcuny.net/c/world/+/718 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(modules/buildkite): rename a shell scriptFranck Cuny2022-08-061-1/+1
| | | | | | | Change-Id: I2b495c55191f3192b871cfb9d06445817c16e0de Reviewed-on: https://cl.fcuny.net/c/world/+/704 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(modules/gerrit): manage secure configuration with nixFranck Cuny2022-07-181-0/+1
| | | | | | | | | | | | Currently the secure configuration for gerrit is not managed by nix. This is likely going to break in the future and I'll hate myself for that. Let's move it into nix and encrypt it with age, like we do for other secrets. Change-Id: Ia7a006748a3ad64fa4b97ca9e8cbd98c99433982 Reviewed-on: https://cl.fcuny.net/c/world/+/622 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(modules/backup): reduce verbosity for resticFranck Cuny2022-07-081-1/+1
| | | | | | | | | It's spamming journald, and I don't need that level of details. Change-Id: If6bd8338cf3ed5d7981500e0f3001a3dc4c14870 Reviewed-on: https://cl.fcuny.net/c/world/+/621 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(new-lines): add or remove new lines where neededFranck Cuny2022-07-021-1/+1
| | | | | | | | | | | The pre-commit hook for new lines reported and correct a number of issues, so let's commit them now and after that we ca enable the hook for the repository. Change-Id: I5bb882d3c2cca870ef94301303f029acfb308740 Reviewed-on: https://cl.fcuny.net/c/world/+/592 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(modules/cgit): don't log blackbox exporter requestsFranck Cuny2022-06-261-0/+3
| | | | | | | Change-Id: I60d1d552d028a4b2db2e0c62c1d2d580a4e58e1a Reviewed-on: https://cl.fcuny.net/c/world/+/562 Reviewed-by: Franck Cuny <franck@fcuny.net> Tested-by: CI
* fix(modules/cgit): correct alias configuration for robots.txtFranck Cuny2022-06-231-1/+3
| | | | | | | | | | | | | | | As noted in https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md > if you want to map a single file make sure the location starts with a > =, e.g =/i.gif instead of /i.gif Without a leading `=`, the configuration refuses to build. Change-Id: Ib49f68fbe26441ff6c3ee91efa1d12c3778a0248 Reviewed-on: https://cl.fcuny.net/c/world/+/489 Reviewed-by: Franck Cuny <franck@fcuny.net> Tested-by: CI
* fix(modules/cgit): exclude all web crawlersFranck Cuny2022-06-231-0/+6
| | | | | | | Change-Id: I96db1763dcc85d43ca5913a95d702cf96830c7b0 Reviewed-on: https://cl.fcuny.net/c/world/+/488 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(modules/grafana): configure nginx to bind to tailscale IPFranck Cuny2022-06-231-0/+12
| | | | | | | | | | | | Only serve a response if the request is coming from tailscale. To ensure this is the case, let's configure nginx to only listen on the tailscale IP of the host for that server. Note: the IP for tailscale is hard coded, there has to be a better way. Change-Id: I83952484f60206df215e8c03017cfe7722d32697 Reviewed-on: https://cl.fcuny.net/c/world/+/487 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(modules/sourcegraph): configure nginx to bind to tailscale IPFranck Cuny2022-06-231-0/+12
| | | | | | | | | | | | Only serve a response if the request is coming from tailscale. To ensure this is the case, let's configure nginx to only listen on the tailscale IP of the host for that server. Note: the IP for tailscale is hard coded, there has to be a better way. Change-Id: I684f2da60a128652fac2f7004bec22ce4bf959d0 Reviewed-on: https://cl.fcuny.net/c/world/+/486 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(modules/unifi): configure nginx to bind to tailscale IPFranck Cuny2022-06-231-0/+12
| | | | | | | | | | | | Only serve a response if the request is coming from tailscale. To ensure this is the case, let's configure nginx to only listen on the tailscale IP of the host for that server. Note: the IP for tailscale is hard coded, there has to be a better way. Change-Id: I75978866eb978439df76cede5bf993762f7cd5ab Reviewed-on: https://cl.fcuny.net/c/world/+/485 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(modules/navidrome): configure nginx to bind to tailscale IPFranck Cuny2022-06-231-0/+12
| | | | | | | | | | | | Only serve a response if the request is coming from tailscale. To ensure this is the case, let's configure nginx to only listen on the tailscale IP of the host for that server. Note: the IP for tailscale is hard coded, there has to be a better way. Change-Id: I8b497507b2c8548d824c2e2bb693b38768b355b9 Reviewed-on: https://cl.fcuny.net/c/world/+/484 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(modules/transmission): configure nginx to bind on tailscale IPFranck Cuny2022-06-231-0/+12
| | | | | | | | | | | | Only serve a response if the request is coming from tailscale. To ensure this is the case, let's configure nginx to only listen on the tailscale IP of the host for that server. Note: the IP is currently hard coded, there has to be a better way. Change-Id: I21b6db5e94070024c1ff8d6cea852aafd6952b55 Reviewed-on: https://cl.fcuny.net/c/world/+/483 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(modules/cgit): make cgit the default server for nginxFranck Cuny2022-06-231-0/+4
| | | | | | | | | | | | | | If a request goes through nginx without a Host header set, the default site we serve is cgit. Without this option, nginx will pick the first site defined in the configuration, which is not what I want. I want to be specific about what is the default. Change-Id: If131b80c1488510e79d60ef6de5bb9db4fa18d58 Reviewed-on: https://cl.fcuny.net/c/world/+/482 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(modules/unifi): only backup the backup directoryFranck Cuny2022-06-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | `/var/lib/unifi` is almost 1GB. The data directory contains a lot of files that are changing constantly, which creates a significant amount of data to backup everyday. Overall if I need to restore a backup for unifi, I don't care about metrics and other application data, I only need to restore a backup, which contains the network configuration. `/var/lib/unifi/data/backup` is smaller: ``` fcuny@tahoe ~> sudo du -sh /var/lib/unifi/data/backup 332M /var/lib/unifi/data/backup ``` and each backup is about 12MB: ``` fcuny@tahoe ~> sudo ls -ltrh /var/lib/unifi/data/backup/autobackup|tail -2 -rw------- 1 unifi unifi 12M Jun 22 18:15 autobackup_6.5.55_20220623_0115_1655946900001.unf -rw------- 1 unifi unifi 5.0K Jun 22 18:15 autobackup_meta.json ``` This will reduce the churn in our daily backup significantly. Change-Id: Ie39ffa9055605298a82ba6731acc34fd4e29309c Reviewed-on: https://cl.fcuny.net/c/world/+/471 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* ref(gerrit): add the plugin to delete projectsFranck Cuny2022-06-181-0/+2
| | | | | | | | | | I need to remove some repositories I created by mistake, this will make it easier than messing up with the database. Change-Id: Ia9357226532fe943d15eaec43413502849e39d3d Reviewed-on: https://cl.fcuny.net/c/world/+/444 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* ref(sourcegraph): exclude more directories from backupFranck Cuny2022-06-131-2/+6
| | | | | | | | | | | | | | I don't need to backup the observability data for sourcegraph. I also don't need to backup the cache. These files change a lot and are about ~300M of data every day, which creates a lot of churn for our backup. All I need if I restore a backup is the content of the database and the indexes. Change-Id: Ifaddda7626ecae32162503bc14aa8d1ffa716622 Reviewed-on: https://cl.fcuny.net/c/world/+/416 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* ref(nginx): delete unused moduleFranck Cuny2022-06-121-81/+0
| | | | | | | Change-Id: Ie69e250c7a63e2f5bea360b5ac62fcd748f48735 Reviewed-on: https://cl.fcuny.net/c/world/+/415 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(cgit): update title and descriptionFranck Cuny2022-06-111-1/+2
| | | | | | | Change-Id: I0a8bbe976687a8408e1a931ecf2a90cbaa4926e2 Reviewed-on: https://cl.fcuny.net/c/world/+/414 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* ref(drone): remove all modules and configurationsFranck Cuny2022-06-115-188/+0
| | | | | | | | | I do not use drone anymore, no need to keep this around. Change-Id: I8f9564747939a6d1a2b95bcfe8e2c70e46d8bc1e Reviewed-on: https://cl.fcuny.net/c/world/+/411 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* ref(gitea): remove all modules for giteaFranck Cuny2022-06-113-1241/+0
| | | | | | | | | I do not use it anymore, I don't need to keep this around. Change-Id: I42af32eec4ee8ab4c2a8c60b5a8306a4eb418f51 Reviewed-on: https://cl.fcuny.net/c/world/+/410 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(fmt): correct formatting for all nix filesFranck Cuny2022-06-1025-61/+92
| | | | | | | | | This was done by running `nixpkgs-fmt .'. Change-Id: I4ea6c1e759bf468d08074be2111cbc7af72df295 Reviewed-on: https://cl.fcuny.net/c/world/+/404 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(backups): exclude more files from the backupsFranck Cuny2022-06-102-1/+11
| | | | | | | | | We don't need to backup log files for grafana and sourcegraph. Change-Id: I8ed6f6ce1270a12233cad268bcd12e28ac2785cf Reviewed-on: https://cl.fcuny.net/c/world/+/383 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(unifi): configure correctly services.unifi for nixos 22.05Franck Cuny2022-06-101-1/+1
| | | | | | | Change-Id: Ide8e479bc88689e052a372825bc90b23b426a89a Reviewed-on: https://cl.fcuny.net/c/world/+/382 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(nginx): configure correctly security.acme for nixos 22.05Franck Cuny2022-06-101-1/+1
| | | | | | | Change-Id: I94cb29510cbb85c769947dc26c33f9d767e2f0c8 Reviewed-on: https://cl.fcuny.net/c/world/+/381 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(cgit): adjust configurationFranck Cuny2022-06-091-0/+9
| | | | | | | | | | | - list up to 150 repositories per page - limit stats to a year - snapshots are in tar.gz format Change-Id: Ifc52d47893737862d89d24b797ec28f32e5076e9 Reviewed-on: https://cl.fcuny.net/c/world/+/366 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(nix): update nix to version 22.05Franck Cuny2022-06-092-1/+2
| | | | | | | | | | | | | NixOS 22.05 was released last month. Bump the versions for both nixos and home-manager. I also need to make a few changes for this update work (packages were renamed, options were addded to tailscale, ...) Change-Id: I84ed9f21915b769c9f7b8e21988b2b021715c982 Reviewed-on: https://cl.fcuny.net/c/world/+/365 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(navidrome): don't backup the cache directoryFranck Cuny2022-06-091-1/+4
| | | | | | | Change-Id: I45a42543d7fb5071022a77382e925b55568e2c2d Reviewed-on: https://cl.fcuny.net/c/world/+/363 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(restic): actually exclude files from the backupFranck Cuny2022-06-091-2/+8
| | | | | | | | | | | The option `exclude' was defined but unused. Add a function to generate a text file containing all the paths that we want to exclude, and provide that file as an option when we call `restic'. Change-Id: I647db892a8a77c589cec1fc975808c5c9ad0b757 Reviewed-on: https://cl.fcuny.net/c/world/+/362 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(gerrit): don't backup tmp,logs,cache directoriesFranck Cuny2022-06-091-1/+8
| | | | | | | Change-Id: I73087942ed86fd2ad3575a4776dba97fac693468 Reviewed-on: https://cl.fcuny.net/c/world/+/361 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(buildkite): configure the post-command hookFranck Cuny2022-06-091-0/+12
| | | | | | Change-Id: I7b00987382ef05e032d88cf00e916cdc27511eb1 Reviewed-on: https://cl.fcuny.net/c/world/+/306 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(gerrit): add plugin 'reviewnotes'Franck Cuny2022-06-091-1/+9
| | | | | | | | | This plugin stores review information for Gerrit changes in the `refs/notes/review' branch. Change-Id: I51c7fe1f8764617e0bff5455d3fe713b0e2f446e Reviewed-on: https://cl.fcuny.net/c/world/+/300 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(gerrit): install the gerrit hookFranck Cuny2022-06-041-0/+12
| | | | | | | | | Create a few scripts that are used to trigger the hook when a patchset is created. Change-Id: Ibcfdb76b3e0ca29b9adc4c2719a8f81170818788 Reviewed-on: https://cl.fcuny.net/c/world/+/172 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(buildkite): configure the buildkite agentFranck Cuny2022-05-302-0/+47
| | | | | | Change-Id: Icee60f2372e17f6477a91e7f562c04507788c713 Reviewed-on: https://cl.fcuny.net/c/world/+/168 Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(cgit): write the test correctlyFranck Cuny2022-05-291-1/+1
| | | | | | Change-Id: I1c57da26d315c847fc5cef134e75a34395764ac9 Reviewed-on: https://cl.fcuny.net/c/world/+/161 Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(gerrit): remove git suffix from project URLFranck Cuny2022-05-291-1/+1
| | | | | | | | This has been dropped in cgit. Change-Id: I255ea20b4f81d080207ac8eac6f6727cac2d54f5 Reviewed-on: https://cl.fcuny.net/c/world/+/126 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(cgit): update cgit configurationFranck Cuny2022-05-291-0/+9
| | | | | | | | | | - enable git configuration to read the section out of it - don't display the owner (it's git by default) - sort branches and repositories by age Change-Id: I3f21ec6eb25747d21c23a68b6f24f7cb8345fb02 Reviewed-on: https://cl.fcuny.net/c/world/+/125 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(cgit): exclude some repositoriesFranck Cuny2022-05-291-1/+8
| | | | | | | | | There are a few repositories that I want to have active in gerrit but I don't want to list in cgit. Change-Id: I341801cddba0909d5c32d2653c8cc5eb8aae94ed Reviewed-on: https://cl.fcuny.net/c/world/+/124 Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(cgit): ensure permissions are set correctlyFranck Cuny2022-05-281-0/+2
| | | | | | Change-Id: I65efa49a904ab1885bd72566e450b6678be6aa21 Reviewed-on: https://cl.fcuny.net/c/world/+/123 Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(cgit): define the list of repos prior to scan pathFranck Cuny2022-05-281-2/+2
| | | | | | | | | | | | From the documentation for `project-list`: A list of subdirectories inside of scan-path, relative to it, that should loaded as git repositories. This must be defined prior to scan-path Change-Id: Iab176a800e8ff0abd515a525d89ef524ba6ab097 Reviewed-on: https://cl.fcuny.net/c/world/+/122 Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(cgit): generate a proper list of repositoriesFranck Cuny2022-05-281-1/+3
| | | | | | | | | | | The logic was previously incorrect. If a repository becomes hidden in gerrit, it will not be removed from the list. Instead, we create a temporary file which we use to dump the new list and then move it over the current list. Change-Id: I990588ac98ad4024ba144c4c76ad7e4ae27202bc Reviewed-on: https://cl.fcuny.net/c/world/+/121 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(gerrit): link to cgitFranck Cuny2022-05-281-0/+14
| | | | | | | | Configure gitweb to link to our cgit instance Change-Id: I55cb96e7199bf2636a30689b277978008d6605eb Reviewed-on: https://cl.fcuny.net/c/world/+/88 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(cgit): generate the list of projects from gerritFranck Cuny2022-05-281-4/+35
| | | | | | | | | | Query the gerrit API to get the list of active projects, and generate the list of repositories from it. This run every 10 minutes as a systemd timer. Change-Id: I016a6d748597ff4d03af893e0a95b96830bdb3f7 Reviewed-on: https://cl.fcuny.net/c/world/+/87 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(cgit): set the clone URL to gerritFranck Cuny2022-05-281-0/+1
| | | | | | Change-Id: I2328abdbd369358e59747a220fe1e57edd8c5126 Reviewed-on: https://cl.fcuny.net/c/world/+/86 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(cgit): support org mode files for READMEFranck Cuny2022-05-281-0/+2
| | | | | | Change-Id: Ia0b3c7e5c2b1f399f7eaf5db2e926dc3a0859790 Reviewed-on: https://cl.fcuny.net/c/world/+/85 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(gerrit): backup all relevant directoriesFranck Cuny2022-05-281-0/+2
| | | | | | Change-Id: I7d70a25f95cddedaba5e5186b6e7f83ddf9e7eb9 Reviewed-on: https://cl.fcuny.net/c/world/+/84 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(gerrit): enable sending emailsFranck Cuny2022-05-271-1/+10
| | | | | | | | Configure gerrit to send emails using fastmail's SMTP servers. Change-Id: I658373a2c1e9b3c5dcbe214a02ebe8ca1be69580 Reviewed-on: https://cl.fcuny.net/c/world/+/81 Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(gerrit): set the OAUTH client IDFranck Cuny2022-05-271-0/+5
| | | | | | Change-Id: I2a5b554be29af9184ad504bcb8beca30c605e6c4 Reviewed-on: https://cl.fcuny.net/c/world/+/63 Reviewed-by: Franck Cuny <franck.cuny@gmail.com>
* fix(gerrit): set the home directory for gitFranck Cuny2022-05-271-1/+1
| | | | | | Change-Id: Idba41215b58e8cd77d8d4efa354a3acf52c6bc6d Reviewed-on: https://cl.fcuny.net/c/world/+/61 Reviewed-by: Franck Cuny <franck.cuny@gmail.com>
* feat(cgit): add a module for cgitFranck Cuny2022-05-272-0/+52
| | | | | | | | | cgit is a git web viewer, it will be hosted at git.fcuny.net to replace gitea. Change-Id: I16561776fa90a3561d6a13f8545bd2e8f67f409a Reviewed-on: https://cl.fcuny.net/c/world/+/46 Reviewed-by: Franck Cuny <franck.cuny@gmail.com>
* ref(gerrit): ensure the git user is presentFranck Cuny2022-05-261-0/+9
| | | | Change-Id: Ie217a14a20474b626a2c66116663b785193978c2
* fix(gerrit): use a compatible JDKFranck Cuny2022-05-261-0/+3
| | | | Change-Id: I3fadf8a3a9a81c7966b4c048ace1ae259f0e3668
* fix(gerrit): install the plugin for oauthFranck Cuny2022-05-261-2/+8
| | | | Change-Id: I3e4a215b47a5a368210b268fa170aa2dddab721f
* fix(gerrit): settings where in wrong placeFranck Cuny2022-05-261-8/+8
| | | | Change-Id: I449f9032e32911fa33c26ec41faadb4f8acc8b1f
* feat(gerrit): use OAUTH for authenticationFranck Cuny2022-05-261-0/+10
|
* fix(gerrit): force gerrit to run as the git userFranck Cuny2022-05-261-0/+11
| | | | | | | The default configuration wants to run gerrit with a DynamicUser. However, this prevent the server to generate the ssh keys needed by gerrit. Instead, we can force the server to run with the 'git' user, which already exists.
* fix(gerrit): use localhost for the proxyFranck Cuny2022-05-261-1/+1
|
* fix(gerrit): remove extra '}' from stringFranck Cuny2022-05-261-1/+1
|
* fix(sourcegraph): remove extra '}' from stringFranck Cuny2022-05-261-1/+1
|
* fix(gerrit): apply a serverIdFranck Cuny2022-05-261-0/+1
| | | | | This identify the server (see https://github.com/NixOS/nixpkgs/blob/634141959076a8ab69ca2cca0f266852256d79ee/nixos/modules/services/web-apps/gerrit.nix#L141).
* feat(gerrit): add the gerrit serverFranck Cuny2022-05-262-0/+51
| | | | | | Gerrit is a tool for doing code review for git. It will be running at cl.fcuny.net and will be the main way to interact with my git repositories.
* feat(modules): create a module for sourcegraphFranck Cuny2022-05-222-0/+47
| | | | | | | Run sourcegraph ([0]) in a docker container. It's exposed as cs.fcuny.xyz, and we backup some of the directories. [0] https://docs.sourcegraph.com
* modules: fix configuration for syncthingFranck Cuny2022-05-131-2/+2
| | | | The `documents` folder was not being synced.
* grafana: there was already something on port 3030 ...Franck Cuny2022-05-121-1/+1
|
* grafana: run on port 3030Franck Cuny2022-05-121-0/+1
| | | | There's already something on port 3000.
* modules: fix configuration for drone-runner-execFranck Cuny2022-05-021-1/+1
|
* gitea: add a dashboard for grafanaFranck Cuny2022-04-241-0/+1176
|
* gitea: enable metric endpointFranck Cuny2022-04-242-7/+13
| | | | Move configuration for the scraper into the gitea module itself.
* backups: do backups for the laptopFranck Cuny2022-04-241-1/+10
| | | | | | | | | | | | | From the laptop I only backup /home/fcuny, as the rest should be straightforward to rebuild with nix. I run that backup as my own user, since I need my ssh key to use the remote repository (which is on the NAS). I also need a new secret for it (I might have been able to use `pass' for this, but well, that's easy enough). For the NAS, I update the list of directories to backup to include home, this will be on the systems backup.
* syncthing: add pixel (my phone) to known devicesFranck Cuny2022-04-211-1/+12
| | | | | Copy the pictures from the phone on all my machines. Don't sync the documents on the phone (at least for now).
* syncthing: configure devices and foldersFranck Cuny2022-04-211-0/+18
|
* syncthing: configure the keys for tahoeFranck Cuny2022-04-211-3/+7
|
* syncthing: enable on tahoeFranck Cuny2022-04-211-6/+12
|
* modules: add syncthing as a new moduleFranck Cuny2022-04-212-0/+12
|
* drone: backup the state directoryFranck Cuny2022-04-131-0/+2
|
* drone: configuration fixesFranck Cuny2022-04-132-2/+7
|
* drone: initial attempt at configuring itFranck Cuny2022-04-135-0/+178
|
* nginx: configure correctly the dashboardFranck Cuny2022-04-131-2/+2
|
* nginx: install the default dashboardFranck Cuny2022-04-131-0/+6
|
* traefik: remove the moduleFranck Cuny2022-04-134-1934/+0
|
* modules: make the vhost be configurableFranck Cuny2022-04-133-15/+25
|
* grafana: the vhost is configurableFranck Cuny2022-04-131-4/+11
|
* grafana: bind to localhostFranck Cuny2022-04-131-4/+0
|
* modules: set secretsFranck Cuny2022-04-132-2/+6
|
* unifi: use nginx for reverse proxyFranck Cuny2022-04-131-0/+14
|
* transmission: use nginx for reverse proxyFranck Cuny2022-04-131-0/+14
|
* navidrome: use nginx for reverse proxyFranck Cuny2022-04-131-0/+14
|
* grafana: set proper port for reverse proxyFranck Cuny2022-04-131-1/+1
|
* grafana: use proper certFranck Cuny2022-04-131-1/+1
|
* grafana: try to configure the domain with acme+dnsFranck Cuny2022-04-131-1/+17
|
* nginx: get a simple solution to work firstFranck Cuny2022-04-132-291/+12
|
* nginx: add nginx as a reverse proxyFranck Cuny2022-04-134-0/+412
| | | | This will ultimately replace traefik.
* rclone: fix the order of the paramsFranck Cuny2022-04-131-2/+2
|
* backups: rename system to hostFranck Cuny2022-04-111-1/+1
| | | | Since this is a host level backup.
* grafana: backup the whole directoryFranck Cuny2022-04-111-1/+1
|
* secrets: move all the secrets under module/Franck Cuny2022-04-104-26/+15
| | | | | Refactor a bit the configuration, which should simplify the management and usage of secrets from now on.
* add a module for backup with resticFranck Cuny2022-04-107-65/+89
| | | | Do a single backup for the host, instead of running multiple ones.
* services: add avahiFranck Cuny2022-04-082-0/+15
|
* modules: add a few moreFranck Cuny2022-04-082-0/+28
|
* gitea: fix the moduleFranck Cuny2022-04-061-3/+3
| | | | | Quick fix for now, we will add these values as options to the module once we confirm everything is still working.
* refactor transmission and metrics-exporterFranck Cuny2022-04-064-1/+54
|
* refactor traefikFranck Cuny2022-04-062-0/+104
|
* refactor rclone to a moduleFranck Cuny2022-04-062-0/+38
|
* refactor gitea as a moduleFranck Cuny2022-04-062-0/+54
|
* prometheus: proper name for the optionFranck Cuny2022-04-061-1/+1
|
* refactor grafana as a moduleFranck Cuny2022-04-066-0/+26438
|
* refactor prometheus as a moduleFranck Cuny2022-04-062-0/+189
|
* refactor unifi to a moduleFranck Cuny2022-04-062-2/+97
|
* import navidrome with other servicesFranck Cuny2022-04-061-1/+2
|
* refactor navidrome to a moduleFranck Cuny2022-04-061-0/+37
|
* refactor samba to a proper moduleFranck Cuny2022-04-062-1/+56
| | | | The list of public share is configurable too.
* refactor modules for btrfs, ssd, and fwupdFranck Cuny2022-04-052-1/+6
|
* create a profile for laptopFranck Cuny2022-04-053-1/+35
|
* network: move tailscale in modulesFranck Cuny2022-04-052-1/+14
| | | | Move the networking configuration for the hosts to its own file.
* ssh: refactor to a moduleFranck Cuny2022-04-052-0/+18
Also install mosh and ensure the firewall opens the correct ports.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-10-16 23:32:32 +0000