about summary refs log tree commit diff
path: root/modules (follow)
Commit message (Collapse)AuthorAgeFilesLines
* feat(buildkite): configure the buildkite agentFranck Cuny2022-05-302-0/+47
| | | | | | Change-Id: Icee60f2372e17f6477a91e7f562c04507788c713 Reviewed-on: https://cl.fcuny.net/c/world/+/168 Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(cgit): write the test correctlyFranck Cuny2022-05-291-1/+1
| | | | | | Change-Id: I1c57da26d315c847fc5cef134e75a34395764ac9 Reviewed-on: https://cl.fcuny.net/c/world/+/161 Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(gerrit): remove git suffix from project URLFranck Cuny2022-05-291-1/+1
| | | | | | | | This has been dropped in cgit. Change-Id: I255ea20b4f81d080207ac8eac6f6727cac2d54f5 Reviewed-on: https://cl.fcuny.net/c/world/+/126 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(cgit): update cgit configurationFranck Cuny2022-05-291-0/+9
| | | | | | | | | | - enable git configuration to read the section out of it - don't display the owner (it's git by default) - sort branches and repositories by age Change-Id: I3f21ec6eb25747d21c23a68b6f24f7cb8345fb02 Reviewed-on: https://cl.fcuny.net/c/world/+/125 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(cgit): exclude some repositoriesFranck Cuny2022-05-291-1/+8
| | | | | | | | | There are a few repositories that I want to have active in gerrit but I don't want to list in cgit. Change-Id: I341801cddba0909d5c32d2653c8cc5eb8aae94ed Reviewed-on: https://cl.fcuny.net/c/world/+/124 Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(cgit): ensure permissions are set correctlyFranck Cuny2022-05-281-0/+2
| | | | | | Change-Id: I65efa49a904ab1885bd72566e450b6678be6aa21 Reviewed-on: https://cl.fcuny.net/c/world/+/123 Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(cgit): define the list of repos prior to scan pathFranck Cuny2022-05-281-2/+2
| | | | | | | | | | | | From the documentation for `project-list`: A list of subdirectories inside of scan-path, relative to it, that should loaded as git repositories. This must be defined prior to scan-path Change-Id: Iab176a800e8ff0abd515a525d89ef524ba6ab097 Reviewed-on: https://cl.fcuny.net/c/world/+/122 Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(cgit): generate a proper list of repositoriesFranck Cuny2022-05-281-1/+3
| | | | | | | | | | | The logic was previously incorrect. If a repository becomes hidden in gerrit, it will not be removed from the list. Instead, we create a temporary file which we use to dump the new list and then move it over the current list. Change-Id: I990588ac98ad4024ba144c4c76ad7e4ae27202bc Reviewed-on: https://cl.fcuny.net/c/world/+/121 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(gerrit): link to cgitFranck Cuny2022-05-281-0/+14
| | | | | | | | Configure gitweb to link to our cgit instance Change-Id: I55cb96e7199bf2636a30689b277978008d6605eb Reviewed-on: https://cl.fcuny.net/c/world/+/88 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(cgit): generate the list of projects from gerritFranck Cuny2022-05-281-4/+35
| | | | | | | | | | Query the gerrit API to get the list of active projects, and generate the list of repositories from it. This run every 10 minutes as a systemd timer. Change-Id: I016a6d748597ff4d03af893e0a95b96830bdb3f7 Reviewed-on: https://cl.fcuny.net/c/world/+/87 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(cgit): set the clone URL to gerritFranck Cuny2022-05-281-0/+1
| | | | | | Change-Id: I2328abdbd369358e59747a220fe1e57edd8c5126 Reviewed-on: https://cl.fcuny.net/c/world/+/86 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(cgit): support org mode files for READMEFranck Cuny2022-05-281-0/+2
| | | | | | Change-Id: Ia0b3c7e5c2b1f399f7eaf5db2e926dc3a0859790 Reviewed-on: https://cl.fcuny.net/c/world/+/85 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(gerrit): backup all relevant directoriesFranck Cuny2022-05-281-0/+2
| | | | | | Change-Id: I7d70a25f95cddedaba5e5186b6e7f83ddf9e7eb9 Reviewed-on: https://cl.fcuny.net/c/world/+/84 Reviewed-by: Franck Cuny <franck@fcuny.net>
* feat(gerrit): enable sending emailsFranck Cuny2022-05-271-1/+10
| | | | | | | | Configure gerrit to send emails using fastmail's SMTP servers. Change-Id: I658373a2c1e9b3c5dcbe214a02ebe8ca1be69580 Reviewed-on: https://cl.fcuny.net/c/world/+/81 Reviewed-by: Franck Cuny <franck@fcuny.net>
* fix(gerrit): set the OAUTH client IDFranck Cuny2022-05-271-0/+5
| | | | | | Change-Id: I2a5b554be29af9184ad504bcb8beca30c605e6c4 Reviewed-on: https://cl.fcuny.net/c/world/+/63 Reviewed-by: Franck Cuny <franck.cuny@gmail.com>
* fix(gerrit): set the home directory for gitFranck Cuny2022-05-271-1/+1
| | | | | | Change-Id: Idba41215b58e8cd77d8d4efa354a3acf52c6bc6d Reviewed-on: https://cl.fcuny.net/c/world/+/61 Reviewed-by: Franck Cuny <franck.cuny@gmail.com>
* feat(cgit): add a module for cgitFranck Cuny2022-05-272-0/+52
| | | | | | | | | cgit is a git web viewer, it will be hosted at git.fcuny.net to replace gitea. Change-Id: I16561776fa90a3561d6a13f8545bd2e8f67f409a Reviewed-on: https://cl.fcuny.net/c/world/+/46 Reviewed-by: Franck Cuny <franck.cuny@gmail.com>
* ref(gerrit): ensure the git user is presentFranck Cuny2022-05-261-0/+9
| | | | Change-Id: Ie217a14a20474b626a2c66116663b785193978c2
* fix(gerrit): use a compatible JDKFranck Cuny2022-05-261-0/+3
| | | | Change-Id: I3fadf8a3a9a81c7966b4c048ace1ae259f0e3668
* fix(gerrit): install the plugin for oauthFranck Cuny2022-05-261-2/+8
| | | | Change-Id: I3e4a215b47a5a368210b268fa170aa2dddab721f
* fix(gerrit): settings where in wrong placeFranck Cuny2022-05-261-8/+8
| | | | Change-Id: I449f9032e32911fa33c26ec41faadb4f8acc8b1f
* feat(gerrit): use OAUTH for authenticationFranck Cuny2022-05-261-0/+10
|
* fix(gerrit): force gerrit to run as the git userFranck Cuny2022-05-261-0/+11
| | | | | | | The default configuration wants to run gerrit with a DynamicUser. However, this prevent the server to generate the ssh keys needed by gerrit. Instead, we can force the server to run with the 'git' user, which already exists.
* fix(gerrit): use localhost for the proxyFranck Cuny2022-05-261-1/+1
|
* fix(gerrit): remove extra '}' from stringFranck Cuny2022-05-261-1/+1
|
* fix(sourcegraph): remove extra '}' from stringFranck Cuny2022-05-261-1/+1
|
* fix(gerrit): apply a serverIdFranck Cuny2022-05-261-0/+1
| | | | | This identify the server (see https://github.com/NixOS/nixpkgs/blob/634141959076a8ab69ca2cca0f266852256d79ee/nixos/modules/services/web-apps/gerrit.nix#L141).
* feat(gerrit): add the gerrit serverFranck Cuny2022-05-262-0/+51
| | | | | | Gerrit is a tool for doing code review for git. It will be running at cl.fcuny.net and will be the main way to interact with my git repositories.
* feat(modules): create a module for sourcegraphFranck Cuny2022-05-222-0/+47
| | | | | | | Run sourcegraph ([0]) in a docker container. It's exposed as cs.fcuny.xyz, and we backup some of the directories. [0] https://docs.sourcegraph.com
* zsh: switch to zsh as the default shellFranck Cuny2022-05-151-1/+1
| | | | | | | | | | `zsh' is available everywhere and is compatible with bash. When using `fish' I need to remember how to do things. While the completion style is nicer, I don't care about the rest. I prefer to have a consistent experience in the shell, no matter where am I. This is an initial configuration, I might need to make a few changes as I go.
* modules: fix configuration for syncthingFranck Cuny2022-05-131-2/+2
| | | | The `documents` folder was not being synced.
* grafana: there was already something on port 3030 ...Franck Cuny2022-05-121-1/+1
|
* grafana: run on port 3030Franck Cuny2022-05-121-0/+1
| | | | There's already something on port 3000.
* add modules to manage bluetoothFranck Cuny2022-05-122-1/+65
|
* modules: add a few packagesFranck Cuny2022-05-061-0/+2
|
* modules: fix configuration for drone-runner-execFranck Cuny2022-05-021-1/+1
|
* gitea: add a dashboard for grafanaFranck Cuny2022-04-241-0/+1176
|
* gitea: enable metric endpointFranck Cuny2022-04-242-7/+13
| | | | Move configuration for the scraper into the gitea module itself.
* backups: do backups for the laptopFranck Cuny2022-04-241-1/+10
| | | | | | | | | | | | | From the laptop I only backup /home/fcuny, as the rest should be straightforward to rebuild with nix. I run that backup as my own user, since I need my ssh key to use the remote repository (which is on the NAS). I also need a new secret for it (I might have been able to use `pass' for this, but well, that's easy enough). For the NAS, I update the list of directories to backup to include home, this will be on the systems backup.
* syncthing: add pixel (my phone) to known devicesFranck Cuny2022-04-211-1/+12
| | | | | Copy the pictures from the phone on all my machines. Don't sync the documents on the phone (at least for now).
* syncthing: configure devices and foldersFranck Cuny2022-04-211-0/+18
|
* syncthing: configure the keys for tahoeFranck Cuny2022-04-211-3/+7
|
* syncthing: enable on tahoeFranck Cuny2022-04-211-6/+12
|
* modules: add syncthing as a new moduleFranck Cuny2022-04-212-0/+12
|
* drone: backup the state directoryFranck Cuny2022-04-131-0/+2
|
* drone: configuration fixesFranck Cuny2022-04-132-2/+7
|
* drone: initial attempt at configuring itFranck Cuny2022-04-135-0/+178
|
* nginx: configure correctly the dashboardFranck Cuny2022-04-131-2/+2
|
* nginx: install the default dashboardFranck Cuny2022-04-131-0/+6
|
* traefik: remove the moduleFranck Cuny2022-04-134-1934/+0
|
* modules: make the vhost be configurableFranck Cuny2022-04-133-15/+25
|
* grafana: the vhost is configurableFranck Cuny2022-04-131-4/+11
|
* grafana: bind to localhostFranck Cuny2022-04-131-4/+0
|
* modules: set secretsFranck Cuny2022-04-132-2/+6
|
* unifi: use nginx for reverse proxyFranck Cuny2022-04-131-0/+14
|
* transmission: use nginx for reverse proxyFranck Cuny2022-04-131-0/+14
|
* navidrome: use nginx for reverse proxyFranck Cuny2022-04-131-0/+14
|
* grafana: set proper port for reverse proxyFranck Cuny2022-04-131-1/+1
|
* secrets: we can specify which user owns itFranck Cuny2022-04-131-2/+7
|
* grafana: use proper certFranck Cuny2022-04-131-1/+1
|
* grafana: try to configure the domain with acme+dnsFranck Cuny2022-04-131-1/+17
|
* nginx: get a simple solution to work firstFranck Cuny2022-04-132-291/+12
|
* nginx: add nginx as a reverse proxyFranck Cuny2022-04-134-0/+412
| | | | This will ultimately replace traefik.
* secrets: delete duplicated filesFranck Cuny2022-04-137-52/+0
|
* rclone: fix the order of the paramsFranck Cuny2022-04-131-2/+2
|
* secrets: move the actual secrets with hosts configFranck Cuny2022-04-132-11/+12
| | | | | | Having the secrets closer to the host is easier to manage. At the moment I don't have secrets that are shared across multiple hosts, so that's an OK approach.
* secrets: fix the path to the ssh keyFranck Cuny2022-04-131-4/+3
|
* secrets: load ssh key only if it existsFranck Cuny2022-04-131-1/+1
|
* users: add myself to the group 'nas'Franck Cuny2022-04-131-0/+1
|
* backups: rename system to hostFranck Cuny2022-04-111-1/+1
| | | | Since this is a host level backup.
* grafana: backup the whole directoryFranck Cuny2022-04-111-1/+1
|
* secrets: move all the secrets under module/Franck Cuny2022-04-1014-27/+92
| | | | | Refactor a bit the configuration, which should simplify the management and usage of secrets from now on.
* add a module for backup with resticFranck Cuny2022-04-107-65/+89
| | | | Do a single backup for the host, instead of running multiple ones.
* install documentations (man)Franck Cuny2022-04-092-4/+19
|
* add pcmanfm and easyeffectsFranck Cuny2022-04-091-0/+1
|
* services: add avahiFranck Cuny2022-04-082-0/+15
|
* users: add myself to "cdrom" groupFranck Cuny2022-04-081-0/+1
| | | | Otherwise I can't run `abcde`.
* modules: add a few moreFranck Cuny2022-04-088-3/+100
|
* initial attempt to reconfigure home-managerFranck Cuny2022-04-072-1/+50
| | | | | | | | | | All the modules that are needed for home-manager should be under `home/`, and each host will have a `host.nix` where the modules are enabled as needed. Later on we can create some profiles to make it easier to consume the configuration. I apply this only to tahoe for now, as the amount of packages needed for my user are pretty limited.
* gitea: fix the moduleFranck Cuny2022-04-061-3/+3
| | | | | Quick fix for now, we will add these values as options to the module once we confirm everything is still working.
* modules: import packagesFranck Cuny2022-04-061-1/+2
|
* refactor transmission and metrics-exporterFranck Cuny2022-04-064-1/+54
|
* refactor traefikFranck Cuny2022-04-062-0/+104
|
* refactor rclone to a moduleFranck Cuny2022-04-062-0/+38
|
* refactor gitea as a moduleFranck Cuny2022-04-062-0/+54
|
* prometheus: proper name for the optionFranck Cuny2022-04-061-1/+1
|
* refactor grafana as a moduleFranck Cuny2022-04-066-0/+26438
|
* refactor prometheus as a moduleFranck Cuny2022-04-062-0/+189
|
* refactor unifi to a moduleFranck Cuny2022-04-062-2/+97
|
* import navidrome with other servicesFranck Cuny2022-04-061-1/+2
|
* refactor navidrome to a moduleFranck Cuny2022-04-061-0/+37
|
* refactor samba to a proper moduleFranck Cuny2022-04-062-1/+56
| | | | The list of public share is configurable too.
* refactor boot configuration to a moduleFranck Cuny2022-04-062-1/+49
| | | | | | | | | We don't need the previous `hosts/common/system` configs anymore, as everything has been moved out. We keep some boot configuration for carmel in the host configuration for now, but I need to check why I don't have similar settings for tahoe (since I also need to unlock the host remotely).
* refactor configuration for AMDFranck Cuny2022-04-062-1/+14
|
* refactor intel related configurationFranck Cuny2022-04-052-1/+14
|
* refactor modules for btrfs, ssd, and fwupdFranck Cuny2022-04-056-3/+18
|
* refactor network configurationFranck Cuny2022-04-052-1/+12
|
* refactor security to a moduleFranck Cuny2022-04-052-1/+6
|
* refactor users to a moduleFranck Cuny2022-04-052-1/+38
|
* refactor default packages to a moduleFranck Cuny2022-04-051-0/+49
|
* move locale configuration to a moduleFranck Cuny2022-04-052-1/+8
|
* console configuration is moved to a moduleFranck Cuny2022-04-052-1/+7
|
* create a profile for laptopFranck Cuny2022-04-053-1/+35
|
* network: move tailscale in modulesFranck Cuny2022-04-052-1/+14
| | | | Move the networking configuration for the hosts to its own file.
* ssh: refactor to a moduleFranck Cuny2022-04-053-1/+19
| | | | Also install mosh and ensure the firewall opens the correct ports.
* nix: refactor to a moduleFranck Cuny2022-04-053-1/+18
|
* sound: add a new moduleFranck Cuny2022-04-053-0/+41
| | | | | | | | | | This is the start of yet another refactoring of the configuration. Sound configuration is moving to a module, and we enable it as needed at the host level. It takes care of configuring pipewire and install the packages needed too. This module is applied to the laptop and the desktop.
* move configurations and modules aroundFranck Cuny2022-02-1210-190/+0
| | | | Sorry, this is a mess, hopefully the last one.
* nix: enable flakesFranck Cuny2022-02-101-9/+12
|
* systems: add a MoTDFranck Cuny2022-02-092-0/+13
|
* modules: swap capslock for controlFranck Cuny2022-02-091-1/+1
|
* modules: more softwareFranck Cuny2022-02-091-1/+2
|
* modules: set a few more options for nixFranck Cuny2022-02-091-0/+3
|
* users: move users configuration to systemsFranck Cuny2022-02-092-0/+26
|
* systems: typoFranck Cuny2022-02-091-0/+2
|
* systems: ensure latest kernel and tmp on tmpfsFranck Cuny2022-02-091-0/+3
|
* systems: more packagesFranck Cuny2022-02-091-1/+6
|
* hosts: remove / clean codeFranck Cuny2022-02-092-0/+16
| | | | | | There's a lot of commented stuff I don't need, and move things that are configured in the host into modules, which will improve re-usability and readability of this configuration.
* ssh: new module for managing sshFranck Cuny2022-02-091-0/+5
|
* Revert "desktop: new option to control desktop setup"Franck Cuny2022-02-092-30/+13
| | | | This reverts commit 343e89015a55b627400286a06937175facb1494d.
* Revert "desktop: install sound and xserver only when asked"Franck Cuny2022-02-092-44/+32
| | | | This reverts commit 3b1ac4f78d21802073c82df39ca7080ae70a67a9.
* desktop: install sound and xserver only when askedFranck Cuny2022-02-082-32/+44
|
* desktop: new option to control desktop setupFranck Cuny2022-02-082-13/+30
| | | | | We don't want to install a desktop on all hosts. We add a new option that we can set to true or false if we want a desktop to be installed.
* i3: remove extra packages and fix typoFranck Cuny2022-02-081-6/+0
|
* i3: separate configuration for xserver and i3Franck Cuny2022-02-082-0/+33
| | | | | Let's first configure the xserver in the desktop module, then we can have a configuration for i3 in the home-manager.
* i3: move configuration to home-managerFranck Cuny2022-02-083-39/+0
|
* desktop: configuration for i3Franck Cuny2022-02-082-4/+19
|
* systems: move some packages out of host configFranck Cuny2022-02-081-0/+1
|
* desktop: add soundFranck Cuny2022-02-082-0/+21
| | | | Let's use pipewire.
* systems: fix typoFranck Cuny2022-02-081-1/+1
|
* systems: install more packagesFranck Cuny2022-02-082-1/+24
|
* xserver: drop deprecated variableFranck Cuny2022-02-081-1/+0
| | | | | | | | | | ``` warning: The following options are deprecated: - services.xserver.windowManager.default Please use services.xserver.displayManager.defaultSession = "none+i3"; instead. ```
* desktop: import correct moduleFranck Cuny2022-02-081-1/+1
|
* xserver: initial configurationFranck Cuny2022-02-082-0/+25
| | | | Enable it for the desktop.
* systems: drop nix.settingsFranck Cuny2022-02-081-5/+0
| | | | This is not yet available with the current configuration.
* systems: default configuration for all systemsFranck Cuny2022-02-082-0/+22
|
* modules: start desktop configurationFranck Cuny2022-02-072-0/+24
We will create a module for desktop (which will also be used by the laptop). Start by configuring the fonts.