Simon Bruder
79636d081f
vueko/mail: Add alias
2021-09-08 11:49:43 +02:00
Simon Bruder
1730681386
fuuko/torrent: Switch wireguard endpoints
2021-09-05 13:35:45 +02:00
Simon Bruder
0ca3062e69
dnsmasq: Add quad9 DNS servers
...
Thanks Sony Music for bringing this to my attention.
2021-08-31 09:55:51 +02:00
Simon Bruder
2c3e65cf5c
vueko/mail: Add alias
2021-08-30 12:53:17 +02:00
Simon Bruder
37bc221e0c
fuuko/dnsmasq: Increase cache size
2021-08-29 18:56:00 +02:00
Simon Bruder
9f4ffa5932
fuuko: Add hcloud_exporter
2021-08-28 13:53:38 +02:00
Simon Bruder
a0e52ea7b6
{nunotaba,sayuri}: Use qemu_kvm for libvirt
...
I don’t emulate any architectures besides x86_64 anyway.
2021-08-28 11:23:57 +02:00
Simon Bruder
1aa325b1ec
fuuko/torrent: Use nixpkgs unstable’s aria2
...
It has a new release of aria2 that includes the patch that was
previously manually applied.
2021-08-24 22:06:30 +02:00
Simon Bruder
d76c299f6d
vueko/mail: Add alias
2021-08-22 13:04:56 +02:00
Simon Bruder
95b65c5d15
sayuri: Add samba sharing files with windows VM
...
This requires enabling guest access in Windows [1].
[1] https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/guest-access-in-smb2-is-disabled-by-default
2021-08-11 10:54:31 +02:00
Simon Bruder
3acc1eb0ce
vueko/mail: Remove alias
2021-08-06 12:37:11 +02:00
Simon Bruder
a1facf530f
fuuko: Use plain DNS again
...
DNS over HTTPS often is unreliable in practice (did not empirically test
this).
2021-08-01 19:05:20 +02:00
Simon Bruder
971fda90c4
vueko/mail: Add alias
2021-08-01 11:37:46 +02:00
Simon Bruder
d20afbfe4c
vueko/mail: Add alias
2021-08-01 11:36:43 +02:00
Simon Bruder
8b9eb54806
games: Conditionally add emulators
...
This uses a crude arbitrary number to only install them onto machines
that can actually run them.
2021-07-26 20:44:46 +02:00
Simon Bruder
11ec0ab428
vueko/mail: Add alias
2021-07-22 19:12:08 +02:00
Simon Bruder
376dfa37de
vueko/mail: Add alias
2021-07-22 09:52:02 +02:00
Simon Bruder
8442afae5c
vueko/mail: Add alias
2021-06-26 10:45:15 +02:00
Simon Bruder
0ab3260240
sayuri: Drop amdvlk in favour of radv
...
DXVK segfaults/exhibits weird errors when using amdvlk since upgrading
to 21.05. Mesa’s radv does work and I did not notice a perofmance drop.
2021-06-20 11:22:34 +02:00
Simon Bruder
71a5ea7a0d
Revert "fuuko/mautrix-whatsapp: Use unstable version from PR"
...
This reverts commit e1b59d57ff
.
2021-06-19 16:02:04 +02:00
Simon Bruder
e1b59d57ff
fuuko/mautrix-whatsapp: Use unstable version from PR
...
nixpkgs PR: https://github.com/NixOS/nixpkgs/pull/126966
2021-06-15 19:20:25 +02:00
Simon Bruder
621d209680
sayuri: Add specialisation that disables mitigations
...
x264 encodes over 2 times faster in one example with mitigations
disabled.
2021-06-09 15:22:17 +02:00
Simon Bruder
80f33f9095
Add contact page
2021-06-02 13:24:36 +02:00
Simon Bruder
e0efa77520
fuuko/nar-serve: Use NixOS module
...
Since it does not provide a `package` option, it has to be overriden
with an overlay.
2021-06-01 10:16:15 +02:00
Simon Bruder
56b9c6c37f
Add module for on-demand usage of mullvad
...
Since wg-quick does not require the configuration file to include a
private key and local addresses, they can be added after the execution
of wg-quick.
Fixes #32 .
2021-05-31 23:02:11 +02:00
Simon Bruder
6f31ded457
fuuko/wordclock: Use 15 character long password
...
```cpp
struct {
char domain[32];
char clientId[16];
char user[16];
char password[16];
} mqtt;
```
(f637c2f39e/PersistentStorage.h
)
This went unnoticed, because on NixOS, mosquitto does not validate
passwords by default.
2021-05-28 23:08:20 +02:00
Simon Bruder
c918486622
fuuko/mqtt: Make compatible with Mosquitto 2
...
This now requires authenticating with a valid password, which it
apparently didn’t do before?
2021-05-28 23:05:22 +02:00
Simon Bruder
de3f8f8909
restic: Make restic prune regularily on fuuko
...
Closes #41 .
2021-05-28 15:01:06 +02:00
Simon Bruder
d3d41da2bc
vueko/murmur: Explicitly set murmur as system user
2021-05-28 14:24:25 +02:00
Simon Bruder
e80a0b0c07
vueko/radicale: Use services.radicale.settings
2021-05-28 14:24:02 +02:00
Simon Bruder
7d7da189d0
nunotaba: Reinstall on btrfs filesystem
2021-05-28 14:05:14 +02:00
Simon Bruder
6cb59d0149
nunotaba: Use performance cpuFreqGovernor
...
With kernel 5.10 powersave is stuck at 798 MHz for some reason.
2021-05-28 14:05:13 +02:00
Simon Bruder
091f6b0e14
Update to 21.05
...
This still uses the relase-21.05 branch which should later be changed to
nixos-21.05.
2021-05-28 14:04:53 +02:00
Simon Bruder
36c0c67e36
sayuri: Update specs in readme
2021-05-27 18:06:34 +02:00
Simon Bruder
d64f4a8741
vueko/mail: Add alias
2021-05-25 09:48:25 +02:00
Simon Bruder
71209d0cc8
vueko/mail: Add alias
2021-05-21 12:30:36 +02:00
Simon Bruder
961b497609
vueko/mail: Add alias
2021-05-17 19:05:24 +02:00
Simon Bruder
2c8a291ae9
Make flake inputs available as module argument
...
This moves a bunch of stuff out of flake.nix into the modules they
belong to. This removes complexity from flake.nix and gives the project
a more organised structure.
Sadly, it is not possible to import modules from a flake outside of
flake.nix, since that leads to an infinite recursion (`config` has to be
evaluated before `config._modules.args.inputs` is available but `config`
depends on an import from `config._modules.args.inputs`). Therefore, the
`extraModules` argument in `machines/default.nix` has to be used for
that (it now has access to all flake inputs).
2021-05-15 10:04:44 +02:00
Simon Bruder
531060668a
fuuko/hydra: Show logs after build is completed
2021-05-15 00:01:04 +02:00
Simon Bruder
9f70024257
fuuko/hydra: Make serving build artifacts work
...
hydra-server.service does not have access to the signing key.
2021-05-13 14:23:10 +02:00
Simon Bruder
dc1698ffaa
fuuko: Add hydra
2021-05-13 13:07:17 +02:00
Simon Bruder
ca2136ef04
sayuri: Allow discards on data ssd
2021-05-07 14:37:53 +02:00
Simon Bruder
d3ec5f4ba1
sayuri: Reinstall on NVMe ssd
2021-05-04 23:15:05 +02:00
Simon Bruder
c3a3d8a12a
Adapt documentation to current configuration
2021-05-04 21:45:05 +02:00
Simon Bruder
2bf9577b61
vueko/mail: Add alias
2021-05-03 19:33:53 +02:00
Simon Bruder
10ced7f2bb
fuuko/torrent: Make socat work after forced stop
...
This should improve behavour after e.g. a power outage.
2021-05-03 10:17:00 +02:00
Simon Bruder
440fc97f7f
AriaNg: Include as flake
2021-05-03 10:16:59 +02:00
Simon Bruder
51f814c70d
fuuko/go-neb: Use sops for secrets
2021-05-03 10:16:59 +02:00
Simon Bruder
84c72583fe
fuuko/drone-runner-exec: Use unstable nix
...
This also adds /etc/static as read-only path to the sandbox, since
otherwise /etc/nix/nix.conf can’t be read.
2021-05-01 18:31:05 +02:00
Simon Bruder
400b55a293
Convert to flake
...
Fixes #3 .
2021-05-01 17:36:58 +02:00
Simon Bruder
7d19c9b039
sayuri: Use radeontop from unstable
2021-04-25 09:54:49 +02:00
Simon Bruder
78f4579556
vueko/mail: Add alias
2021-04-23 10:21:11 +02:00
Simon Bruder
08b8fce2d4
fuuko/gitea: Store session on disk
2021-04-19 14:35:42 +02:00
Simon Bruder
4af55ba3e9
vueko/mail: Add alias
2021-04-17 12:15:43 +02:00
Simon Bruder
e070cb9107
vueko/mail: Add alias
2021-04-17 10:56:15 +02:00
Simon Bruder
438fad34fb
vueko/mail: Reorganise vim folds
2021-04-17 10:47:07 +02:00
Simon Bruder
cd30750fdc
fuuko/media-backup: Init
...
Fixes #49 .
2021-04-16 17:13:46 +02:00
Simon Bruder
b9abd825cb
vueko/mail: Add alias
2021-04-14 15:43:16 +02:00
Simon Bruder
ec09bbf6c6
fuuko/gitea: Remove version override
...
Version 1.14.0 has been released and is in nixpkgs.
2021-04-13 09:08:04 +02:00
Simon Bruder
602573cd34
fuuko/dnsmasq: Reliably work after reboot
2021-04-10 23:23:46 +02:00
Simon Bruder
bb8c54065a
fuuko/drone/runner-exec: Remove port collision with grafana
...
Drone docs [1] say “Overriding this value is not recommended”, however I
do not see why I should not be able to change it.
[1] https://docs.drone.io/runner/exec/configuration/reference/drone-http-bind/
2021-04-10 23:21:46 +02:00
Simon Bruder
746581ceba
fuuko/dnsmasq: Replace stubby/DoT with https-dns-proxy/DoH
2021-04-10 20:16:08 +02:00
Simon Bruder
bed82e297c
sayuri: Migrate to sops
...
Fixes #38 .
2021-04-10 11:58:50 +02:00
Simon Bruder
5dff1a426f
fuuko/binary-cache: Add nar-serve
2021-04-08 21:40:14 +02:00
Simon Bruder
8d9e3af211
Add binary cache hosted on fuuko
...
See machines/fuuko/services/binary-cache.nix for limitations.
2021-04-08 16:19:57 +02:00
Simon Bruder
68fbc9e185
fuuko/go-neb: Notify room if alert is firing
2021-04-08 10:04:30 +02:00
Simon Bruder
9dbd7f9c85
vueko/coturn: Manage shared secret with sops
...
This requires not using the NixOS module, since it does not support
loading it from a file.
2021-04-07 12:23:48 +02:00
Simon Bruder
4a8a7e0a4f
Use sops for secrets
...
Since I currently do not have access to sayuri, sayuri’s migration is
not done yet. The host keys and wg-home-private-key secret still have to
be added.
2021-04-06 14:05:48 +02:00
Simon Bruder
d253f74a06
sayuri: Fill in purpose section of readme
...
Also, next time try to spell FIXME the right way so I don’t notice this
months after setting the machine up.
2021-04-05 13:38:33 +02:00
Simon Bruder
5c4284d68c
fuuko: Add dnsmasq prometheus exporter
2021-04-05 13:18:43 +02:00
Simon Bruder
c26539e607
fuuko/prometheus: Actually show node name in alerts
2021-04-04 14:34:44 +02:00
Simon Bruder
1b08afd515
fuuko/gitea: Also use ed25519 ssh key
2021-04-04 11:18:34 +02:00
Simon Bruder
0212f2adbd
fuuko/drone: Init
2021-04-03 18:47:01 +02:00
Simon Bruder
ac7e1c1123
fuuko/dnsmasq: Use DNS over TLS via stubby
2021-04-03 13:11:09 +02:00
Simon Bruder
ce7425d8c4
Remove issei from vpn and prometheus
2021-04-02 18:13:09 +02:00
Simon Bruder
94b2746018
fuuko/go-neb: Add alertmanager matrix receiver
2021-04-02 17:46:07 +02:00
Simon Bruder
2897451a65
fuuko/prometheus: Set external URLs
2021-04-02 16:44:17 +02:00
Simon Bruder
8b1b969aa9
fuuko: Set target to production hostname
2021-04-02 15:10:14 +02:00
Simon Bruder
98a4f345eb
fuuko/matrix/mautrix-whatsapp: Init
2021-04-02 15:09:57 +02:00
Simon Bruder
0ae96653a5
fuuko/matrix/synapse: Init
2021-04-02 14:59:14 +02:00
Simon Bruder
b6297d0153
vueko/coturn: Init
2021-03-31 12:08:35 +02:00
Simon Bruder
15075a818d
installation: Remove FIXME from comments
...
Otherwise grepping for FIXME shows this, even though it’s not what you
expect.
2021-03-30 23:49:08 +02:00
Simon Bruder
2d74dac8c0
fuuko/hedgedoc: Start after postgresql
2021-03-30 16:13:20 +02:00
Simon Bruder
50f0968738
fuuko: Add gitea
2021-03-29 14:08:53 +02:00
Simon Bruder
5491ef4817
vueko/mailserver: Add gitea user
2021-03-29 13:48:10 +02:00
Simon Bruder
cb8a8f3c8d
fuuko/prometheus: Enable admin API
2021-03-28 11:04:48 +02:00
Simon Bruder
55099f1884
fuuko/prometheus: Raise retention time to 90d
2021-03-28 11:04:25 +02:00
Simon Bruder
9f8c80029d
vueko/mailserver: Add aliases
2021-03-26 19:40:20 +01:00
Simon Bruder
5e8fb02b78
vueko/mail: Add alias
2021-03-21 11:53:47 +01:00
Simon Bruder
58c72c3200
Allow build on machines that are missing secrets
2021-03-21 11:36:14 +01:00
Simon Bruder
7cb3142526
nunotaba: Disable docker
...
Fixes #15 .
2021-03-13 10:59:43 +01:00
Simon Bruder
57652d8a79
fuuko: Add hedgedoc
2021-03-10 15:42:21 +01:00
Simon Bruder
966667b87f
fuuko: Exclude scans from system backup
2021-03-10 11:27:56 +01:00
Simon Bruder
db54dfaed1
fuuko/dnsmasq: Allow DNS queries over TCP
...
Sharepoint manages to return enormous responses when querying for an
AAAA record.
$ dig sitename.sharepoint.com AAAA
;; Truncated, retrying in TCP mode.
2021-03-10 09:13:37 +01:00
Simon Bruder
d6bddf40c0
fuuko: Add ankisyncd
2021-03-09 21:22:19 +01:00
Simon Bruder
3a5568a136
fuuko: Enable full postgresql backup
2021-03-09 11:50:32 +01:00
Simon Bruder
515939677b
fuuko/torrent: Add resolv.conf to aria2 netns
...
Even though aria2 doesn’t respect it, it is useful for for debugging.
2021-03-08 19:38:26 +01:00
Simon Bruder
3da67f7576
fuuko: Enable system backups
2021-03-08 17:33:30 +01:00
Simon Bruder
e8626ba27a
fuuko: Add wordclock-dimmer
2021-03-08 17:03:30 +01:00
Simon Bruder
0c081d9805
fuuko: Add dnsmasq
2021-03-08 16:19:49 +01:00