Commit graph

334 commits

Author SHA1 Message Date
Simon Bruder 5d5a30a72b
vueko/mail: Add alias 2022-01-16 12:51:10 +01:00
Simon Bruder 8748cfdf11
fuuko: Remove drone
I don’t actually use it and it is somewhat of a risk to run
code-execution-as-a-service. Also, the confinement does not work
currently (tries to write to /var/empty), which prompted the removal,
because the low usage does not justify that amount of maintainance.
2022-01-14 17:20:52 +01:00
Simon Bruder ac22d1bc39
fuuko/go-neb: Use persistent system user
Using a dynamic user is unreliable as the pre-start script often starts
before the user and group are created.
2022-01-14 17:16:27 +01:00
Simon Bruder cc9fbf8d37
fuuko: Reinstall on different SSD
The old one is quite small and does not have a cache, which makes it
quite slow. The new SSD also has a much higher endurance rating.
2022-01-14 17:05:40 +01:00
Simon Bruder db5e4d212f
vueko/mail: Add alias 2022-01-12 19:55:35 +01:00
Simon Bruder 80ee98058e
mayushii: Configure new monitor setup
This configures the home profile for kanshi for an Acer B277K monitor.
Since it is both larger than my previous monitor and has a higher
resolution, a few things change with this.

For one, my preferred setup is now to just have one monitor instead of
having my laptop screen as a secondary display device. Therefore, logind
should not suspend if the lid is closed. Since it fails to accurately
detect when a dock is connected, it is configured to never suspend on
lid switch when external power is connected.

Another thing is that the high resolution makes it necessary to use a
scaling factor, which is quite easy to configure with sway and kanshi.
It does, however, not work for Xwayland clients (they render at a lower
resolution and are scaled up with nearest-neighbor interpolation).
That requires me to no longer force the qt backend to xcb for
qutebrowser, because that significantly lowers the browsing experience.

The setup for sayuri is still to be done.
2022-01-10 21:10:55 +01:00
Simon Bruder 07142b8114
vueko/mail: Add alias 2022-01-08 16:52:14 +01:00
Simon Bruder e8e43b70ad
vueko/mail: Correct fold name 2022-01-08 14:25:12 +01:00
Simon Bruder 7376e600d7
vueko/mail: Add alias 2022-01-08 14:25:02 +01:00
Simon Bruder 06a464c182
vueko/mail: Add alias 2021-12-29 12:27:53 +01:00
Simon Bruder dde4275f0c
vueko/mail: Add alias 2021-12-28 23:27:02 +01:00
Simon Bruder c55bc54b35
vueko/mail: Add alias 2021-12-26 12:23:24 +01:00
Simon Bruder 76479d0b37
fuuko/torrent: Increase the open file limit of aria2
The previous attempt in 427361df65 did
increase the open file limit, but for the wrong service.
2021-12-21 18:28:02 +01:00
Simon Bruder bc862642d7
vueko/mail: Add alias 2021-12-18 00:29:11 +01:00
Simon Bruder 2fabf49a06
yuzuru/schabernack: Init 2021-12-11 20:28:44 +01:00
Simon Bruder 5a75e8e443
yuzuru/invidious: Enable auto-restarts
This is not the cleanest way to make it work reliably, but since this is
an upstream problem, I can’t do much else.
2021-12-09 21:43:29 +01:00
Simon Bruder a9f0b42f2f
mayushii/tlp: Adapt to TLP 1.4
It renamed the option to denylist and automatically excludes audio
devices by default.
2021-12-06 16:03:45 +01:00
Simon Bruder 88ba5dd485
vueko/mail: Add alias 2021-12-03 12:33:02 +01:00
Simon Bruder 8d789fbba3
Rework mautrix-whatsapp config for 0.2
Many of the options are the default and some of them got renamed.
2021-12-01 19:15:32 +01:00
Simon Bruder ab793631d2
vueko/coturn: Use upstream module
Fixes #53.
2021-12-01 19:15:31 +01:00
Simon Bruder 2c160661ec
Apply fixes for breaking module changes in 21.11 2021-12-01 19:15:31 +01:00
Simon Bruder cc8727fa80
Use nixFlakes instead of nixUnstable 2021-12-01 18:32:51 +01:00
Simon Bruder a9817baee9
Remove unneeded packages from unstable 2021-12-01 18:32:51 +01:00
Simon Bruder e6c1a105d2
Update to 21.11 2021-12-01 17:51:15 +01:00
Simon Bruder 7ad9d52864
vueko/mail: Add alias 2021-11-28 14:44:32 +01:00
Simon Bruder 4807e930e7
vueko/mail: Add alias 2021-11-28 14:44:27 +01:00
Simon Bruder cde1a05fd7
vueko/mail: Add alias 2021-11-23 20:35:15 +01:00
Simon Bruder f9fc9691a8
yuzuru/nitter: Fix video playback 2021-11-21 21:09:25 +01:00
Simon Bruder 427361df65
fuuko/torrent: Increase open file descriptor limit 2021-11-21 13:11:19 +01:00
Simon Bruder a624378478
vueko/mail: Add alias 2021-11-19 20:06:56 +01:00
Simon Bruder 882f85cecf
vueko/mail: Add alias 2021-11-14 12:48:58 +01:00
Simon Bruder b8735ee4f1
vueko/mail: Add alias 2021-11-03 10:04:24 +01:00
Simon Bruder 60b0dc9c74
mayushii: Add samba vm share 2021-11-02 11:13:59 +01:00
Simon Bruder d22183a8c2
mayushii: Allow manually controlling the fan speed 2021-11-01 16:27:13 +01:00
Simon Bruder f4bf1ced57
yuzuru: Init 2021-11-01 10:10:40 +01:00
Simon Bruder f92ae65467
fuuko/factorio: 1.1.41 -> 1.1.42 2021-10-31 09:09:50 +01:00
Simon Bruder 718e44402f
fuuko: Add factorio 2021-10-15 15:54:48 +02:00
Simon Bruder d6fd45cd57
mayushii: Exclude Audio Interface from usb autosuspend
Even though I didn’t notice a problem when trying to record from it on
battery, it doesn’t hurt to be on the safe side.
2021-10-13 17:29:12 +02:00
Simon Bruder 259969f2b6
mayushii/tlp: Set conservative charge thresholds
My usage pattern (mostly docked) otherwise leads to the battery
accumulating one or more charge cycles every day which quickly
deteriorates it.
2021-10-11 17:50:10 +02:00
Simon Bruder d52084a79b
nunotaba: Remove 2021-10-10 11:40:20 +02:00
Simon Bruder a9a3c74f4a
mayushii: Disable powertop
According to the TLP FAQ[1], TLP does everything powertop does, but
better.

[1] https://linrunner.de/tlp/faq/powertop.html
2021-10-07 21:14:42 +02:00
Simon Bruder 171695dde4
mayushii/readme: Clarify SSD model 2021-10-06 22:43:08 +02:00
Simon Bruder 9743f7050f
vueko/mail: Add alias 2021-10-06 18:10:05 +02:00
Simon Bruder 9c98cf0be7
mayushii: Add radeontop 2021-10-06 16:32:09 +02:00
Simon Bruder 7886cb249a
mayushii: Set trackpoint sensitivity with sway 2021-10-06 16:32:09 +02:00
Simon Bruder b5782f633c
mayushii: Add power saving configuration
When booted with my mouse connected to my kvm switch connected to my
dock connected to mayushii, powertop’s default configuration enables
power saving features that disable the mouse until it registers a click.

My current workaround is to unplug and plug the dock, so the hot-plug
input devices connected to it are reset.
2021-10-05 22:53:49 +02:00
Simon Bruder 15d6c54900
mayushii: Lower TrackPoint sensitivity 2021-10-05 22:43:01 +02:00
Simon Bruder 8bf63db6e5
mayushii: Init 2021-10-05 21:26:39 +02:00
Simon Bruder bbabc80140
vueko/mail: Add alias 2021-10-01 07:30:19 +02:00
Simon Bruder 59655fd1b0
vueko/coturn: Enable plain connections
(D)TLS connections are obviously better, but they stopped working some
time ago and I can’t figure out why.
2021-09-26 22:22:31 +02:00
Simon Bruder 400893b168
vueko/mail: Add alias 2021-09-25 18:13:59 +02:00
Simon Bruder 2a4cbe6ffb
fuuko/matrix: Raise upload limit to 50M 2021-09-25 17:18:23 +02:00
Simon Bruder 7f4d0903ca
vueko/mail: Add alias 2021-09-19 13:32:01 +02:00
Simon Bruder d1000ee78a
vueko/mail: Add alias 2021-09-17 15:03:44 +02:00
Simon Bruder bd20daea28
vueko/element-web: Make PDF download work 2021-09-15 07:30:41 +02:00
Simon Bruder b3f106010a
vueko/mail: Add alias 2021-09-10 14:28:44 +02:00
Simon Bruder 79636d081f
vueko/mail: Add alias 2021-09-08 11:49:43 +02:00
Simon Bruder 1730681386
fuuko/torrent: Switch wireguard endpoints 2021-09-05 13:35:45 +02:00
Simon Bruder 0ca3062e69
dnsmasq: Add quad9 DNS servers
Thanks Sony Music for bringing this to my attention.
2021-08-31 09:55:51 +02:00
Simon Bruder 2c3e65cf5c
vueko/mail: Add alias 2021-08-30 12:53:17 +02:00
Simon Bruder 37bc221e0c
fuuko/dnsmasq: Increase cache size 2021-08-29 18:56:00 +02:00
Simon Bruder 9f4ffa5932
fuuko: Add hcloud_exporter 2021-08-28 13:53:38 +02:00
Simon Bruder a0e52ea7b6
{nunotaba,sayuri}: Use qemu_kvm for libvirt
I don’t emulate any architectures besides x86_64 anyway.
2021-08-28 11:23:57 +02:00
Simon Bruder 1aa325b1ec
fuuko/torrent: Use nixpkgs unstable’s aria2
It has a new release of aria2 that includes the patch that was
previously manually applied.
2021-08-24 22:06:30 +02:00
Simon Bruder d76c299f6d
vueko/mail: Add alias 2021-08-22 13:04:56 +02:00
Simon Bruder 95b65c5d15
sayuri: Add samba sharing files with windows VM
This requires enabling guest access in Windows [1].

[1] https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/guest-access-in-smb2-is-disabled-by-default
2021-08-11 10:54:31 +02:00
Simon Bruder 3acc1eb0ce
vueko/mail: Remove alias 2021-08-06 12:37:11 +02:00
Simon Bruder a1facf530f
fuuko: Use plain DNS again
DNS over HTTPS often is unreliable in practice (did not empirically test
this).
2021-08-01 19:05:20 +02:00
Simon Bruder 971fda90c4
vueko/mail: Add alias 2021-08-01 11:37:46 +02:00
Simon Bruder d20afbfe4c
vueko/mail: Add alias 2021-08-01 11:36:43 +02:00
Simon Bruder 8b9eb54806
games: Conditionally add emulators
This uses a crude arbitrary number to only install them onto machines
that can actually run them.
2021-07-26 20:44:46 +02:00
Simon Bruder 11ec0ab428
vueko/mail: Add alias 2021-07-22 19:12:08 +02:00
Simon Bruder 376dfa37de
vueko/mail: Add alias 2021-07-22 09:52:02 +02:00
Simon Bruder 8442afae5c
vueko/mail: Add alias 2021-06-26 10:45:15 +02:00
Simon Bruder 0ab3260240
sayuri: Drop amdvlk in favour of radv
DXVK segfaults/exhibits weird errors when using amdvlk since upgrading
to 21.05. Mesa’s radv does work and I did not notice a perofmance drop.
2021-06-20 11:22:34 +02:00
Simon Bruder 71a5ea7a0d
Revert "fuuko/mautrix-whatsapp: Use unstable version from PR"
This reverts commit e1b59d57ff.
2021-06-19 16:02:04 +02:00
Simon Bruder e1b59d57ff
fuuko/mautrix-whatsapp: Use unstable version from PR
nixpkgs PR: https://github.com/NixOS/nixpkgs/pull/126966
2021-06-15 19:20:25 +02:00
Simon Bruder 621d209680
sayuri: Add specialisation that disables mitigations
x264 encodes over 2 times faster in one example with mitigations
disabled.
2021-06-09 15:22:17 +02:00
Simon Bruder 80f33f9095
Add contact page 2021-06-02 13:24:36 +02:00
Simon Bruder e0efa77520
fuuko/nar-serve: Use NixOS module
Since it does not provide a `package` option, it has to be overriden
with an overlay.
2021-06-01 10:16:15 +02:00
Simon Bruder 56b9c6c37f
Add module for on-demand usage of mullvad
Since wg-quick does not require the configuration file to include a
private key and local addresses, they can be added after the execution
of wg-quick.

Fixes #32.
2021-05-31 23:02:11 +02:00
Simon Bruder 6f31ded457
fuuko/wordclock: Use 15 character long password
```cpp
    struct {
      char domain[32];
      char clientId[16];
      char user[16];
      char password[16];
    } mqtt;
```

(f637c2f39e/PersistentStorage.h)

This went unnoticed, because on NixOS, mosquitto does not validate
passwords by default.
2021-05-28 23:08:20 +02:00
Simon Bruder c918486622
fuuko/mqtt: Make compatible with Mosquitto 2
This now requires authenticating with a valid password, which it
apparently didn’t do before?
2021-05-28 23:05:22 +02:00
Simon Bruder de3f8f8909
restic: Make restic prune regularily on fuuko
Closes #41.
2021-05-28 15:01:06 +02:00
Simon Bruder d3d41da2bc
vueko/murmur: Explicitly set murmur as system user 2021-05-28 14:24:25 +02:00
Simon Bruder e80a0b0c07
vueko/radicale: Use services.radicale.settings 2021-05-28 14:24:02 +02:00
Simon Bruder 7d7da189d0
nunotaba: Reinstall on btrfs filesystem 2021-05-28 14:05:14 +02:00
Simon Bruder 6cb59d0149
nunotaba: Use performance cpuFreqGovernor
With kernel 5.10 powersave is stuck at 798 MHz for some reason.
2021-05-28 14:05:13 +02:00
Simon Bruder 091f6b0e14
Update to 21.05
This still uses the relase-21.05 branch which should later be changed to
nixos-21.05.
2021-05-28 14:04:53 +02:00
Simon Bruder 36c0c67e36
sayuri: Update specs in readme 2021-05-27 18:06:34 +02:00
Simon Bruder d64f4a8741
vueko/mail: Add alias 2021-05-25 09:48:25 +02:00
Simon Bruder 71209d0cc8
vueko/mail: Add alias 2021-05-21 12:30:36 +02:00
Simon Bruder 961b497609
vueko/mail: Add alias 2021-05-17 19:05:24 +02:00
Simon Bruder 2c8a291ae9
Make flake inputs available as module argument
This moves a bunch of stuff out of flake.nix into the modules they
belong to. This removes complexity from flake.nix and gives the project
a more organised structure.

Sadly, it is not possible to import modules from a flake outside of
flake.nix, since that leads to an infinite recursion (`config` has to be
evaluated before `config._modules.args.inputs` is available but `config`
depends on an import from `config._modules.args.inputs`). Therefore, the
`extraModules` argument in `machines/default.nix` has to be used for
that (it now has access to all flake inputs).
2021-05-15 10:04:44 +02:00
Simon Bruder 531060668a
fuuko/hydra: Show logs after build is completed 2021-05-15 00:01:04 +02:00
Simon Bruder 9f70024257
fuuko/hydra: Make serving build artifacts work
hydra-server.service does not have access to the signing key.
2021-05-13 14:23:10 +02:00
Simon Bruder dc1698ffaa
fuuko: Add hydra 2021-05-13 13:07:17 +02:00
Simon Bruder ca2136ef04
sayuri: Allow discards on data ssd 2021-05-07 14:37:53 +02:00
Simon Bruder d3ec5f4ba1
sayuri: Reinstall on NVMe ssd 2021-05-04 23:15:05 +02:00
Simon Bruder c3a3d8a12a
Adapt documentation to current configuration 2021-05-04 21:45:05 +02:00
Simon Bruder 2bf9577b61
vueko/mail: Add alias 2021-05-03 19:33:53 +02:00
Simon Bruder 10ced7f2bb
fuuko/torrent: Make socat work after forced stop
This should improve behavour after e.g. a power outage.
2021-05-03 10:17:00 +02:00
Simon Bruder 440fc97f7f
AriaNg: Include as flake 2021-05-03 10:16:59 +02:00
Simon Bruder 51f814c70d
fuuko/go-neb: Use sops for secrets 2021-05-03 10:16:59 +02:00
Simon Bruder 84c72583fe
fuuko/drone-runner-exec: Use unstable nix
This also adds /etc/static as read-only path to the sandbox, since
otherwise /etc/nix/nix.conf can’t be read.
2021-05-01 18:31:05 +02:00
Simon Bruder 400b55a293
Convert to flake
Fixes #3.
2021-05-01 17:36:58 +02:00
Simon Bruder 7d19c9b039
sayuri: Use radeontop from unstable 2021-04-25 09:54:49 +02:00
Simon Bruder 78f4579556
vueko/mail: Add alias 2021-04-23 10:21:11 +02:00
Simon Bruder 08b8fce2d4
fuuko/gitea: Store session on disk 2021-04-19 14:35:42 +02:00
Simon Bruder 4af55ba3e9
vueko/mail: Add alias 2021-04-17 12:15:43 +02:00
Simon Bruder e070cb9107
vueko/mail: Add alias 2021-04-17 10:56:15 +02:00
Simon Bruder 438fad34fb
vueko/mail: Reorganise vim folds 2021-04-17 10:47:07 +02:00
Simon Bruder cd30750fdc
fuuko/media-backup: Init
Fixes #49.
2021-04-16 17:13:46 +02:00
Simon Bruder b9abd825cb
vueko/mail: Add alias 2021-04-14 15:43:16 +02:00
Simon Bruder ec09bbf6c6
fuuko/gitea: Remove version override
Version 1.14.0 has been released and is in nixpkgs.
2021-04-13 09:08:04 +02:00
Simon Bruder 602573cd34
fuuko/dnsmasq: Reliably work after reboot 2021-04-10 23:23:46 +02:00
Simon Bruder bb8c54065a
fuuko/drone/runner-exec: Remove port collision with grafana
Drone docs [1] say “Overriding this value is not recommended”, however I
do not see why I should not be able to change it.

[1] https://docs.drone.io/runner/exec/configuration/reference/drone-http-bind/
2021-04-10 23:21:46 +02:00
Simon Bruder 746581ceba
fuuko/dnsmasq: Replace stubby/DoT with https-dns-proxy/DoH 2021-04-10 20:16:08 +02:00
Simon Bruder bed82e297c
sayuri: Migrate to sops
Fixes #38.
2021-04-10 11:58:50 +02:00
Simon Bruder 5dff1a426f
fuuko/binary-cache: Add nar-serve 2021-04-08 21:40:14 +02:00
Simon Bruder 8d9e3af211
Add binary cache hosted on fuuko
See machines/fuuko/services/binary-cache.nix for limitations.
2021-04-08 16:19:57 +02:00
Simon Bruder 68fbc9e185
fuuko/go-neb: Notify room if alert is firing 2021-04-08 10:04:30 +02:00
Simon Bruder 9dbd7f9c85
vueko/coturn: Manage shared secret with sops
This requires not using the NixOS module, since it does not support
loading it from a file.
2021-04-07 12:23:48 +02:00
Simon Bruder 4a8a7e0a4f
Use sops for secrets
Since I currently do not have access to sayuri, sayuri’s migration is
not done yet. The host keys and wg-home-private-key secret still have to
be added.
2021-04-06 14:05:48 +02:00
Simon Bruder d253f74a06
sayuri: Fill in purpose section of readme
Also, next time try to spell FIXME the right way so I don’t notice this
months after setting the machine up.
2021-04-05 13:38:33 +02:00
Simon Bruder 5c4284d68c
fuuko: Add dnsmasq prometheus exporter 2021-04-05 13:18:43 +02:00
Simon Bruder c26539e607
fuuko/prometheus: Actually show node name in alerts 2021-04-04 14:34:44 +02:00
Simon Bruder 1b08afd515
fuuko/gitea: Also use ed25519 ssh key 2021-04-04 11:18:34 +02:00
Simon Bruder 0212f2adbd
fuuko/drone: Init 2021-04-03 18:47:01 +02:00
Simon Bruder ac7e1c1123
fuuko/dnsmasq: Use DNS over TLS via stubby 2021-04-03 13:11:09 +02:00
Simon Bruder ce7425d8c4
Remove issei from vpn and prometheus 2021-04-02 18:13:09 +02:00
Simon Bruder 94b2746018
fuuko/go-neb: Add alertmanager matrix receiver 2021-04-02 17:46:07 +02:00
Simon Bruder 2897451a65
fuuko/prometheus: Set external URLs 2021-04-02 16:44:17 +02:00
Simon Bruder 8b1b969aa9
fuuko: Set target to production hostname 2021-04-02 15:10:14 +02:00
Simon Bruder 98a4f345eb
fuuko/matrix/mautrix-whatsapp: Init 2021-04-02 15:09:57 +02:00
Simon Bruder 0ae96653a5
fuuko/matrix/synapse: Init 2021-04-02 14:59:14 +02:00
Simon Bruder b6297d0153
vueko/coturn: Init 2021-03-31 12:08:35 +02:00
Simon Bruder 15075a818d
installation: Remove FIXME from comments
Otherwise grepping for FIXME shows this, even though it’s not what you
expect.
2021-03-30 23:49:08 +02:00
Simon Bruder 2d74dac8c0
fuuko/hedgedoc: Start after postgresql 2021-03-30 16:13:20 +02:00
Simon Bruder 50f0968738
fuuko: Add gitea 2021-03-29 14:08:53 +02:00
Simon Bruder 5491ef4817
vueko/mailserver: Add gitea user 2021-03-29 13:48:10 +02:00
Simon Bruder cb8a8f3c8d
fuuko/prometheus: Enable admin API 2021-03-28 11:04:48 +02:00
Simon Bruder 55099f1884
fuuko/prometheus: Raise retention time to 90d 2021-03-28 11:04:25 +02:00
Simon Bruder 9f8c80029d
vueko/mailserver: Add aliases 2021-03-26 19:40:20 +01:00
Simon Bruder 5e8fb02b78
vueko/mail: Add alias 2021-03-21 11:53:47 +01:00
Simon Bruder 58c72c3200
Allow build on machines that are missing secrets 2021-03-21 11:36:14 +01:00
Simon Bruder 7cb3142526
nunotaba: Disable docker
Fixes #15.
2021-03-13 10:59:43 +01:00
Simon Bruder 57652d8a79
fuuko: Add hedgedoc 2021-03-10 15:42:21 +01:00
Simon Bruder 966667b87f
fuuko: Exclude scans from system backup 2021-03-10 11:27:56 +01:00
Simon Bruder db54dfaed1
fuuko/dnsmasq: Allow DNS queries over TCP
Sharepoint manages to return enormous responses when querying for an
AAAA record.

$ dig sitename.sharepoint.com AAAA
;; Truncated, retrying in TCP mode.
2021-03-10 09:13:37 +01:00