Simon Bruder
19d69ce682
fuuko: Bind exporters to vpn address
2022-03-25 22:11:28 +01:00
Simon Bruder
a3784e51de
fuuko/secrets: Remove unused restic credentials
...
They are specified in the global secrets file.
2022-03-25 21:52:56 +01:00
Simon Bruder
ebfa0ec16a
fuuko: Migrate matrix and monitoring to renge
...
Sadly, they are so interconnected, that it is not easily possible to
migrate it in smaller steps. It should be refactored to make them more
modularised and independent of each other.
2022-03-25 21:49:08 +01:00
Simon Bruder
68dadcf56c
fuuko/hedgedoc: Migrate to renge
2022-03-23 17:34:56 +01:00
Simon Bruder
954849f763
renge: Init
2022-03-23 17:34:56 +01:00
Simon Bruder
76fee5875a
Revert "fuuko/hedgedoc: Migrate to okarin"
...
This reverts commit bb6952cc09
.
The performance on okarin is unbearably slow which makes hedgedoc time
out on most requests.
2022-03-22 19:02:45 +01:00
Simon Bruder
b0a87e8c9e
fuuko/hydra: Drop
...
I don’t really use it and never got around to make it actually work.
2022-03-21 15:33:40 +01:00
Simon Bruder
ea88259856
okarin/qbittorrent: Init
2022-03-19 10:35:09 +01:00
Simon Bruder
a9b6a17818
fuuko/aria2: Replace with qbittorrent
2022-03-18 23:25:05 +01:00
Simon Bruder
a0946951e8
fuuko/gitea: Migrate to okarin
2022-03-18 16:22:23 +01:00
Simon Bruder
aa347b62a7
fuuko/ankisyncd: Migrate to okarin
2022-03-18 14:36:02 +01:00
Simon Bruder
bb6952cc09
fuuko/hedgedoc: Migrate to okarin
2022-03-17 15:59:53 +01:00
Simon Bruder
b46d3ba1ae
fuuko/factorio: Drop
2022-03-16 14:29:11 +01:00
Simon Bruder
7ed13269a7
okarin: Init
2022-03-03 10:51:19 +01:00
Simon Bruder
20b861a994
fuuko/torrent: Use AriaNg’s nixpkgs version
...
Otherwise node 10 will have to be built from source since it no longer
gets built by Hydra.
2022-01-23 11:58:37 +01:00
Simon Bruder
0de6be12f4
fuuko/gitea: Allow larger HTTP uploads
...
This is required to include larger files in Git LFS, which uses HTTP for
uploading the files.
2022-01-21 18:17:31 +01:00
Simon Bruder
8748cfdf11
fuuko: Remove drone
...
I don’t actually use it and it is somewhat of a risk to run
code-execution-as-a-service. Also, the confinement does not work
currently (tries to write to /var/empty), which prompted the removal,
because the low usage does not justify that amount of maintainance.
2022-01-14 17:20:52 +01:00
Simon Bruder
ac22d1bc39
fuuko/go-neb: Use persistent system user
...
Using a dynamic user is unreliable as the pre-start script often starts
before the user and group are created.
2022-01-14 17:16:27 +01:00
Simon Bruder
cc9fbf8d37
fuuko: Reinstall on different SSD
...
The old one is quite small and does not have a cache, which makes it
quite slow. The new SSD also has a much higher endurance rating.
2022-01-14 17:05:40 +01:00
Simon Bruder
76479d0b37
fuuko/torrent: Increase the open file limit of aria2
...
The previous attempt in 427361df65
did
increase the open file limit, but for the wrong service.
2021-12-21 18:28:02 +01:00
Simon Bruder
8d789fbba3
Rework mautrix-whatsapp config for 0.2
...
Many of the options are the default and some of them got renamed.
2021-12-01 19:15:32 +01:00
Simon Bruder
2c160661ec
Apply fixes for breaking module changes in 21.11
2021-12-01 19:15:31 +01:00
Simon Bruder
cc8727fa80
Use nixFlakes instead of nixUnstable
2021-12-01 18:32:51 +01:00
Simon Bruder
a9817baee9
Remove unneeded packages from unstable
2021-12-01 18:32:51 +01:00
Simon Bruder
427361df65
fuuko/torrent: Increase open file descriptor limit
2021-11-21 13:11:19 +01:00
Simon Bruder
f4bf1ced57
yuzuru: Init
2021-11-01 10:10:40 +01:00
Simon Bruder
f92ae65467
fuuko/factorio: 1.1.41 -> 1.1.42
2021-10-31 09:09:50 +01:00
Simon Bruder
718e44402f
fuuko: Add factorio
2021-10-15 15:54:48 +02:00
Simon Bruder
d52084a79b
nunotaba: Remove
2021-10-10 11:40:20 +02:00
Simon Bruder
8bf63db6e5
mayushii: Init
2021-10-05 21:26:39 +02:00
Simon Bruder
59655fd1b0
vueko/coturn: Enable plain connections
...
(D)TLS connections are obviously better, but they stopped working some
time ago and I can’t figure out why.
2021-09-26 22:22:31 +02:00
Simon Bruder
2a4cbe6ffb
fuuko/matrix: Raise upload limit to 50M
2021-09-25 17:18:23 +02:00
Simon Bruder
1730681386
fuuko/torrent: Switch wireguard endpoints
2021-09-05 13:35:45 +02:00
Simon Bruder
0ca3062e69
dnsmasq: Add quad9 DNS servers
...
Thanks Sony Music for bringing this to my attention.
2021-08-31 09:55:51 +02:00
Simon Bruder
37bc221e0c
fuuko/dnsmasq: Increase cache size
2021-08-29 18:56:00 +02:00
Simon Bruder
9f4ffa5932
fuuko: Add hcloud_exporter
2021-08-28 13:53:38 +02:00
Simon Bruder
1aa325b1ec
fuuko/torrent: Use nixpkgs unstable’s aria2
...
It has a new release of aria2 that includes the patch that was
previously manually applied.
2021-08-24 22:06:30 +02:00
Simon Bruder
a1facf530f
fuuko: Use plain DNS again
...
DNS over HTTPS often is unreliable in practice (did not empirically test
this).
2021-08-01 19:05:20 +02:00
Simon Bruder
71a5ea7a0d
Revert "fuuko/mautrix-whatsapp: Use unstable version from PR"
...
This reverts commit e1b59d57ff
.
2021-06-19 16:02:04 +02:00
Simon Bruder
e1b59d57ff
fuuko/mautrix-whatsapp: Use unstable version from PR
...
nixpkgs PR: https://github.com/NixOS/nixpkgs/pull/126966
2021-06-15 19:20:25 +02:00
Simon Bruder
80f33f9095
Add contact page
2021-06-02 13:24:36 +02:00
Simon Bruder
e0efa77520
fuuko/nar-serve: Use NixOS module
...
Since it does not provide a `package` option, it has to be overriden
with an overlay.
2021-06-01 10:16:15 +02:00
Simon Bruder
6f31ded457
fuuko/wordclock: Use 15 character long password
...
```cpp
struct {
char domain[32];
char clientId[16];
char user[16];
char password[16];
} mqtt;
```
(f637c2f39e/PersistentStorage.h
)
This went unnoticed, because on NixOS, mosquitto does not validate
passwords by default.
2021-05-28 23:08:20 +02:00
Simon Bruder
c918486622
fuuko/mqtt: Make compatible with Mosquitto 2
...
This now requires authenticating with a valid password, which it
apparently didn’t do before?
2021-05-28 23:05:22 +02:00
Simon Bruder
de3f8f8909
restic: Make restic prune regularily on fuuko
...
Closes #41 .
2021-05-28 15:01:06 +02:00
Simon Bruder
091f6b0e14
Update to 21.05
...
This still uses the relase-21.05 branch which should later be changed to
nixos-21.05.
2021-05-28 14:04:53 +02:00
Simon Bruder
531060668a
fuuko/hydra: Show logs after build is completed
2021-05-15 00:01:04 +02:00
Simon Bruder
9f70024257
fuuko/hydra: Make serving build artifacts work
...
hydra-server.service does not have access to the signing key.
2021-05-13 14:23:10 +02:00
Simon Bruder
dc1698ffaa
fuuko: Add hydra
2021-05-13 13:07:17 +02:00
Simon Bruder
10ced7f2bb
fuuko/torrent: Make socat work after forced stop
...
This should improve behavour after e.g. a power outage.
2021-05-03 10:17:00 +02:00
Simon Bruder
440fc97f7f
AriaNg: Include as flake
2021-05-03 10:16:59 +02:00
Simon Bruder
51f814c70d
fuuko/go-neb: Use sops for secrets
2021-05-03 10:16:59 +02:00
Simon Bruder
84c72583fe
fuuko/drone-runner-exec: Use unstable nix
...
This also adds /etc/static as read-only path to the sandbox, since
otherwise /etc/nix/nix.conf can’t be read.
2021-05-01 18:31:05 +02:00
Simon Bruder
400b55a293
Convert to flake
...
Fixes #3 .
2021-05-01 17:36:58 +02:00
Simon Bruder
08b8fce2d4
fuuko/gitea: Store session on disk
2021-04-19 14:35:42 +02:00
Simon Bruder
cd30750fdc
fuuko/media-backup: Init
...
Fixes #49 .
2021-04-16 17:13:46 +02:00
Simon Bruder
ec09bbf6c6
fuuko/gitea: Remove version override
...
Version 1.14.0 has been released and is in nixpkgs.
2021-04-13 09:08:04 +02:00
Simon Bruder
602573cd34
fuuko/dnsmasq: Reliably work after reboot
2021-04-10 23:23:46 +02:00
Simon Bruder
bb8c54065a
fuuko/drone/runner-exec: Remove port collision with grafana
...
Drone docs [1] say “Overriding this value is not recommended”, however I
do not see why I should not be able to change it.
[1] https://docs.drone.io/runner/exec/configuration/reference/drone-http-bind/
2021-04-10 23:21:46 +02:00
Simon Bruder
746581ceba
fuuko/dnsmasq: Replace stubby/DoT with https-dns-proxy/DoH
2021-04-10 20:16:08 +02:00
Simon Bruder
5dff1a426f
fuuko/binary-cache: Add nar-serve
2021-04-08 21:40:14 +02:00
Simon Bruder
8d9e3af211
Add binary cache hosted on fuuko
...
See machines/fuuko/services/binary-cache.nix for limitations.
2021-04-08 16:19:57 +02:00
Simon Bruder
68fbc9e185
fuuko/go-neb: Notify room if alert is firing
2021-04-08 10:04:30 +02:00
Simon Bruder
9dbd7f9c85
vueko/coturn: Manage shared secret with sops
...
This requires not using the NixOS module, since it does not support
loading it from a file.
2021-04-07 12:23:48 +02:00
Simon Bruder
4a8a7e0a4f
Use sops for secrets
...
Since I currently do not have access to sayuri, sayuri’s migration is
not done yet. The host keys and wg-home-private-key secret still have to
be added.
2021-04-06 14:05:48 +02:00
Simon Bruder
5c4284d68c
fuuko: Add dnsmasq prometheus exporter
2021-04-05 13:18:43 +02:00
Simon Bruder
c26539e607
fuuko/prometheus: Actually show node name in alerts
2021-04-04 14:34:44 +02:00
Simon Bruder
1b08afd515
fuuko/gitea: Also use ed25519 ssh key
2021-04-04 11:18:34 +02:00
Simon Bruder
0212f2adbd
fuuko/drone: Init
2021-04-03 18:47:01 +02:00
Simon Bruder
ac7e1c1123
fuuko/dnsmasq: Use DNS over TLS via stubby
2021-04-03 13:11:09 +02:00
Simon Bruder
ce7425d8c4
Remove issei from vpn and prometheus
2021-04-02 18:13:09 +02:00
Simon Bruder
94b2746018
fuuko/go-neb: Add alertmanager matrix receiver
2021-04-02 17:46:07 +02:00
Simon Bruder
2897451a65
fuuko/prometheus: Set external URLs
2021-04-02 16:44:17 +02:00
Simon Bruder
98a4f345eb
fuuko/matrix/mautrix-whatsapp: Init
2021-04-02 15:09:57 +02:00
Simon Bruder
0ae96653a5
fuuko/matrix/synapse: Init
2021-04-02 14:59:14 +02:00
Simon Bruder
2d74dac8c0
fuuko/hedgedoc: Start after postgresql
2021-03-30 16:13:20 +02:00
Simon Bruder
50f0968738
fuuko: Add gitea
2021-03-29 14:08:53 +02:00
Simon Bruder
cb8a8f3c8d
fuuko/prometheus: Enable admin API
2021-03-28 11:04:48 +02:00
Simon Bruder
55099f1884
fuuko/prometheus: Raise retention time to 90d
2021-03-28 11:04:25 +02:00
Simon Bruder
57652d8a79
fuuko: Add hedgedoc
2021-03-10 15:42:21 +01:00
Simon Bruder
966667b87f
fuuko: Exclude scans from system backup
2021-03-10 11:27:56 +01:00
Simon Bruder
db54dfaed1
fuuko/dnsmasq: Allow DNS queries over TCP
...
Sharepoint manages to return enormous responses when querying for an
AAAA record.
$ dig sitename.sharepoint.com AAAA
;; Truncated, retrying in TCP mode.
2021-03-10 09:13:37 +01:00
Simon Bruder
d6bddf40c0
fuuko: Add ankisyncd
2021-03-09 21:22:19 +01:00
Simon Bruder
3a5568a136
fuuko: Enable full postgresql backup
2021-03-09 11:50:32 +01:00
Simon Bruder
515939677b
fuuko/torrent: Add resolv.conf to aria2 netns
...
Even though aria2 doesn’t respect it, it is useful for for debugging.
2021-03-08 19:38:26 +01:00
Simon Bruder
3da67f7576
fuuko: Enable system backups
2021-03-08 17:33:30 +01:00
Simon Bruder
e8626ba27a
fuuko: Add wordclock-dimmer
2021-03-08 17:03:30 +01:00
Simon Bruder
0c081d9805
fuuko: Add dnsmasq
2021-03-08 16:19:49 +01:00
Simon Bruder
786edd1caf
fuuko: Add aria2
2021-03-08 15:55:24 +01:00
Simon Bruder
07f152cb20
fuuko: Add media file index
2021-03-08 15:40:41 +01:00
Simon Bruder
878bdd30d5
fuuko: Add ftp server and scan converter
2021-03-08 15:30:04 +01:00
Simon Bruder
d1cf0f698f
fuuko: Add grafana
2021-03-08 15:10:15 +01:00
Simon Bruder
70ee44fbc5
fuuko: Add prometheus fritzbox exporter
2021-03-08 15:10:15 +01:00
Simon Bruder
f388995ef6
fuuko: Add prometheus
2021-03-08 15:10:15 +01:00
Simon Bruder
df303dcc2b
fuuko: Init
2021-03-08 15:10:15 +01:00