Commit graph

229 commits

Author SHA1 Message Date
Tristan Daniël Maat 0047b585a3
flake.lock: Update
Flake lock file updates:

• Updated input 'disko':
    'github:nix-community/disko/d185770ea261fb5cf81aa5ad1791b93a7834d12c' (2024-06-30)
  → 'github:nix-community/disko/0257e44f4ad472b54f19a6dd1615aee7fa48ed49' (2024-08-05)
• Updated input 'foundryvtt':
    'github:reckenrode/nix-foundryvtt/1176cc325e5e1d46c7a018663a8e02e699e838ec' (2024-06-28)
  → 'github:reckenrode/nix-foundryvtt/699a175398410688214615a9d977354e9ef98d2d' (2024-08-03)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/10c832d0548e9e3a6df7eb51e68c2783212a303e' (2024-07-01)
  → 'github:nixos/nixpkgs/0ab9c4c1e0cab782fcde00ec2b32436abfd2a6d4' (2024-08-05)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/7f993cdf26ccef564eabf31fdb40d140821e12bc' (2024-07-01)
  → 'github:nixos/nixpkgs/41d21a82c38e226e234e16f4ff213b3fcf85e6e9' (2024-08-05)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/b5974d4331fb6c893e808977a2e1a6d34b3162d6' (2024-06-30)
  → 'github:Mic92/sops-nix/eb34eb588132d653e4c4925d862f1e5a227cc2ab' (2024-07-27)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/4a1e673523344f6ccc84b37f4413ad74ea19a119' (2024-06-29)
  → 'github:NixOS/nixpkgs/556533a23879fc7e5f98dd2e0b31a6911a213171' (2024-07-21)
2024-08-05 19:38:04 +02:00
Tristan Daniël Maat d426e783cd
grafana: Properly proxy websocket connections
Fixes #115
2024-07-03 02:56:23 +02:00
Tristan Daniël Maat 306b69f6b5
nextcloud: Use the system postgres version 2024-07-03 01:28:23 +02:00
Tristan Daniël Maat 21b9112f76
fail2ban-exporter: Bump generated source json/nix 2024-07-01 19:24:04 +02:00
Tristan Daniël Maat d568436d83
conduit: Use new upstream delegation support 2024-07-01 19:24:03 +02:00
Tristan Daniël Maat 222829d82a
starbound: Don't build service for now
This includes the really huge steam-run closure, which is just a PITA
to keep up with if we're never using it.
2024-07-01 19:24:03 +02:00
Tristan Daniël Maat 32f4cabfa3
nextcloud: Update to 28 since 27 is EOL
We were waiting for nextcloud news to update, but we can't wait any
longer.
2024-07-01 19:24:02 +02:00
Tristan Daniël Maat 21cb4eab9c
foundryvtt: Set foundry version explicitly 2024-07-01 18:37:43 +02:00
Tristan Daniël Maat 9654d599e9
flake.lock: Update
Flake lock file updates:

• Updated input 'deploy-rs':
    'github:serokell/deploy-rs/88b3059b020da69cbe16526b8d639bd5e0b51c8b' (2024-04-01)
  → 'github:serokell/deploy-rs/3867348fa92bc892eba5d9ddb2d7a97b9e127a8a' (2024-06-12)
• Updated input 'disko':
    'github:nix-community/disko/285e26465a0bae510897ca04da26ce6307c652b4' (2024-04-26)
  → 'github:nix-community/disko/115311bc395f24c1b553338fec4b3aa28cbf5ae2' (2024-06-28)
• Updated input 'foundryvtt':
    'github:reckenrode/nix-foundryvtt/6025615b431170558c3c13f16b549fc0126425e1' (2024-04-09)
  → 'github:reckenrode/nix-foundryvtt/1176cc325e5e1d46c7a018663a8e02e699e838ec' (2024-06-28)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/cc54fb41d13736e92229c21627ea4f22199fee6b' (2024-06-12)
  → 'github:nixos/nixpkgs/89c49874fb15f4124bf71ca5f42a04f2ee5825fd' (2024-06-26)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/58a1abdbae3217ca6b702f03d3b35125d88a2994' (2024-04-27)
  → 'github:nixos/nixpkgs/2893f56de08021cffd9b6b6dfc70fd9ccd51eb60' (2024-06-24)
• Updated input 'nvfetcher':
    'github:berberman/nvfetcher/2a824322dc6a755ffda83a13b948d42304521e4d' (2024-04-17)
  → 'github:berberman/nvfetcher/fa7609950023462c6f91c425de7610c0bb6b86ba' (2024-06-13)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/f1b0adc27265274e3b0c9b872a8f476a098679bd' (2024-04-23)
  → 'github:Mic92/sops-nix/c2ea1186c0cbfa4d06d406ae50f3e4b085ddc9b3' (2024-06-24)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/74574c38577914733b4f7a775dd77d24245081dd' (2024-04-20)
  → 'github:NixOS/nixpkgs/5e8e3b89adbd0be63192f6e645e0a54080004924' (2024-06-22)
2024-07-01 18:37:42 +02:00
Tristan Daniël Maat 038a797427
git: Blame-ignore nixpkgs-fmt commit 2024-06-28 20:19:42 +02:00
Tristan Daniël Maat fd138d45e6
treewide: Start using nixpkgs-fmt formatting 2024-06-28 20:12:55 +02:00
Tristan Daniël Maat 501c3466bc
Update to NixOS 24.05 2024-06-14 00:49:12 +02:00
Tristan Daniël Maat 0312fbad3a
afvalcalendar: Add proper error handling 2024-04-30 06:09:04 +02:00
Tristan Daniël Maat d8f1b9941e
nextcloud: Update apps 2024-04-29 09:46:11 +02:00
Tristan Daniël Maat 5ddd9914e4
flake.lock: Update
Flake lock file updates:

• Updated input 'disko':
    'github:nix-community/disko/0a17298c0d96190ef3be729d594ba202b9c53beb' (2024-04-05)
  → 'github:nix-community/disko/285e26465a0bae510897ca04da26ce6307c652b4' (2024-04-26)
• Updated input 'foundryvtt':
    'github:reckenrode/nix-foundryvtt/0e61d84370fd051d873216553d09e596b7ad3a34' (2024-03-17)
  → 'github:reckenrode/nix-foundryvtt/6025615b431170558c3c13f16b549fc0126425e1' (2024-04-09)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/e38d7cb66ea4f7a0eb6681920615dfcc30fc2920' (2024-04-06)
  → 'github:nixos/nixpkgs/12430e43bd9b81a6b4e79e64f87c624ade701eaf' (2024-04-28)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/ff0dbd94265ac470dda06a657d5fe49de93b4599' (2024-04-06)
  → 'github:nixos/nixpkgs/58a1abdbae3217ca6b702f03d3b35125d88a2994' (2024-04-27)
• Updated input 'nvfetcher':
    'github:berberman/nvfetcher/1463db224a54cbc9499860ef5a51a9b6bf7c3180' (2024-04-08)
  → 'github:berberman/nvfetcher/2a824322dc6a755ffda83a13b948d42304521e4d' (2024-04-17)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/39191e8e6265b106c9a2ba0cfd3a4dafe98a31c6' (2024-04-07)
  → 'github:Mic92/sops-nix/f1b0adc27265274e3b0c9b872a8f476a098679bd' (2024-04-23)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/e38d7cb66ea4f7a0eb6681920615dfcc30fc2920' (2024-04-06)
  → 'github:NixOS/nixpkgs/74574c38577914733b4f7a775dd77d24245081dd' (2024-04-20)
2024-04-29 09:20:14 +02:00
Tristan Daniël Maat e16f3be326
acme: Switch to a wildcard certificate 2024-04-16 01:25:59 +02:00
Tristan Daniël Maat 8f178f776e
afvalcalendar: Host enschede afvalcalendar 2024-04-15 03:14:46 +02:00
Tristan Daniël Maat 0d43b5177d
treewide: Refactor nginx config 2024-04-13 04:46:22 +02:00
Tristan Daniël Maat 7bb27d9bee
conduit: Switch to stable package since that has updated 2024-04-08 20:49:44 +02:00
Tristan Daniël Maat a6091b4133
pkgs: Update nextcloud extensions 2024-04-08 20:44:09 +02:00
Tristan Daniël Maat a243613e6a
flake.lock: Update
Flake lock file updates:

• Updated input 'deploy-rs':
    'github:serokell/deploy-rs/0a0187794ac7f7a1e62cda3dabf8dc041f868790' (2024-02-16)
  → 'github:serokell/deploy-rs/88b3059b020da69cbe16526b8d639bd5e0b51c8b' (2024-04-01)
• Updated input 'disko':
    'github:nix-community/disko/5d2d3e421ade554b19b4dbb0d11a04023378a330' (2024-03-24)
  → 'github:nix-community/disko/0a17298c0d96190ef3be729d594ba202b9c53beb' (2024-04-05)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/56528ee42526794d413d6f244648aaee4a7b56c0' (2024-03-22)
  → 'github:nixos/nixpkgs/e38d7cb66ea4f7a0eb6681920615dfcc30fc2920' (2024-04-06)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/44d0940ea560dee511026a53f0e2e2cde489b4d4' (2024-03-23)
  → 'github:nixos/nixpkgs/ff0dbd94265ac470dda06a657d5fe49de93b4599' (2024-04-06)
• Updated input 'nvfetcher':
    'github:berberman/nvfetcher/c774baef4285ce5c72784f58dc565d48f41fd22d' (2024-03-24)
  → 'github:berberman/nvfetcher/1463db224a54cbc9499860ef5a51a9b6bf7c3180' (2024-04-08)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/405987a66cce9a4a82f321f11b205982a7127c88' (2024-03-24)
  → 'github:Mic92/sops-nix/39191e8e6265b106c9a2ba0cfd3a4dafe98a31c6' (2024-04-07)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/ac6bdf6181666ebb4f90dd20f31e2fa66ede6b68' (2024-03-23)
  → 'github:NixOS/nixpkgs/e38d7cb66ea4f7a0eb6681920615dfcc30fc2920' (2024-04-06)
2024-04-08 20:14:41 +02:00
Tristan Daniël Maat 119db5e1d3
sonnenshift: Init 2024-04-08 20:02:53 +02:00
Tristan Daniël Maat 14785afa14
vm: Set up proper bridge networking 2024-03-27 01:51:15 +01:00
Tristan Daniël Maat d28979c61f
nvfetcher: Update package inputs 2024-03-25 01:18:45 +01:00
Tristan Daniël Maat e7d6879063
flake.lock: Update
Flake lock file updates:

• Updated input 'disko':
    'github:nix-community/disko/d389901567d9ceda5a1a833fbf8e8e254e18eb0a' (2024-03-11)
  → 'github:nix-community/disko/5d2d3e421ade554b19b4dbb0d11a04023378a330' (2024-03-24)
• Updated input 'foundryvtt':
    'github:reckenrode/nix-foundryvtt/5cf4e6d9ed7b662dbea7a61d785b67a878598986' (2024-03-03)
  → 'github:reckenrode/nix-foundryvtt/0e61d84370fd051d873216553d09e596b7ad3a34' (2024-03-17)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/b94a96839afcc56de3551aa7472b8d9a3e77e05d' (2024-03-09)
  → 'github:nixos/nixpkgs/56528ee42526794d413d6f244648aaee4a7b56c0' (2024-03-22)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/3030f185ba6a4bf4f18b87f345f104e6a6961f34' (2024-03-09)
  → 'github:nixos/nixpkgs/44d0940ea560dee511026a53f0e2e2cde489b4d4' (2024-03-23)
• Updated input 'nvfetcher':
    'github:berberman/nvfetcher/367e2eaa92d8f5133c2c5ac03a80c0cf25f301b8' (2024-02-25)
  → 'github:berberman/nvfetcher/c774baef4285ce5c72784f58dc565d48f41fd22d' (2024-03-24)
• Updated input 'nvfetcher/flake-utils':
    'github:numtide/flake-utils/1ef2e671c3b0c19053962c07dbda38332dcebf26' (2024-01-15)
  → 'github:numtide/flake-utils/b1d9ab70662946ef0850d488da1c9019f3a9752a' (2024-03-11)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/6c32d3b9c7593f4b466ec5404e59fc09a803a090' (2024-03-14)
  → 'github:Mic92/sops-nix/405987a66cce9a4a82f321f11b205982a7127c88' (2024-03-24)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/b17375d3bb7c79ffc52f3538028b2ec06eb79ef8' (2024-03-10)
  → 'github:NixOS/nixpkgs/ac6bdf6181666ebb4f90dd20f31e2fa66ede6b68' (2024-03-23)
2024-03-25 01:10:31 +01:00
Tristan Daniël Maat c161eeb056
backups: Switch to hetzner storage box 2024-03-18 07:30:54 +01:00
Tristan Daniël Maat f43f8742d9
sops: Fix encryption 2024-03-18 05:05:43 +01:00
Tristan Daniël Maat cf02da0d00
acme: Back up SSL certificates 2024-03-12 06:07:26 +01:00
Tristan Daniël Maat fa73574dba
nginx: Factor nginx configuration into a separate module 2024-03-12 06:07:24 +01:00
Tristan Daniël Maat 329a6c4cf1
foundryvtt: Enable backups 2024-03-12 05:40:49 +01:00
Tristan Daniël Maat f8789ee4d0
foundryvtt: Mark as running behind a reverse proxy 2024-03-12 05:35:18 +01:00
Tristan Daniël Maat 07f819cc58
coturn: Fix outdated IP address 2024-03-11 21:56:41 +01:00
Tristan Daniël Maat 980122563e
nextcloud: Downgrade cookbook 2024-03-11 05:04:17 +01:00
Tristan Daniël Maat 7affed34f1
nextcloud: Remove unused variable 2024-03-11 04:51:25 +01:00
Tristan Daniël Maat aec7c5c7d8
vm: Change domain 2024-03-11 04:50:59 +01:00
Tristan Daniël Maat aaa9a164f7
flake: Fix vm run command path 2024-03-11 04:50:48 +01:00
Tristan Daniël Maat c44c9fd8e8
nextcloud: Update apps 2024-03-11 04:50:40 +01:00
Tristan Daniël Maat 1b66bf4910
flake.lock: Update
Flake lock file updates:

• Updated input 'deploy-rs':
    'github:serokell/deploy-rs/b709d63debafce9f5645a5ba550c9e0983b3d1f7' (2023-12-20)
  → 'github:serokell/deploy-rs/0a0187794ac7f7a1e62cda3dabf8dc041f868790' (2024-02-16)
• Updated input 'disko':
    'github:nix-community/disko/bde7dd352c07d43bd5b8245e6c39074a391fdd46' (2024-03-01)
  → 'github:nix-community/disko/d389901567d9ceda5a1a833fbf8e8e254e18eb0a' (2024-03-11)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/d02d818f22c777aa4e854efc3242ec451e5d462a' (2023-12-25)
  → 'github:nixos/nixpkgs/b94a96839afcc56de3551aa7472b8d9a3e77e05d' (2024-03-09)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/cfc3698c31b1fb9cdcf10f36c9643460264d0ca8' (2023-12-27)
  → 'github:nixos/nixpkgs/3030f185ba6a4bf4f18b87f345f104e6a6961f34' (2024-03-09)
• Updated input 'nvfetcher':
    'github:berberman/nvfetcher/2bcf73dea96497ac9c36ed320b457caa705f9485' (2023-09-01)
  → 'github:berberman/nvfetcher/367e2eaa92d8f5133c2c5ac03a80c0cf25f301b8' (2024-02-25)
• Updated input 'nvfetcher/flake-compat':
    'github:edolstra/flake-compat/35bb57c0c8d8b62bbfd284272c928ceb64ddbde9' (2023-01-17)
  → 'github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33' (2023-10-04)
• Updated input 'nvfetcher/flake-utils':
    'github:numtide/flake-utils/f9e7cf818399d17d347f847525c5a5a8032e4e44' (2023-08-23)
  → 'github:numtide/flake-utils/1ef2e671c3b0c19053962c07dbda38332dcebf26' (2024-01-15)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/e523e89763ff45f0a6cf15bcb1092636b1da9ed3' (2023-12-24)
  → 'github:Mic92/sops-nix/f8d5c8baa83fe620a28c0db633be9db3e34474b4' (2024-03-10)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/7790e078f8979a9fcd543f9a47427eeaba38f268' (2023-12-23)
  → 'github:NixOS/nixpkgs/b17375d3bb7c79ffc52f3538028b2ec06eb79ef8' (2024-03-10)
2024-03-11 03:48:57 +01:00
Tristan Daniël Maat ae18832cb0
linode: Remove old server 2024-03-11 03:42:30 +01:00
Tristan Daniël Maat 1c6e7ec106
acme: Don't attempt to get certs if the domain is wrong 2024-03-11 03:42:29 +01:00
Tristan Daniël Maat ddda6f534b
hetzner: Add new server config 2024-03-11 03:42:28 +01:00
Tristan Daniël Maat 54e0826860
gitea: Migrate to forgejo 2024-03-11 00:33:41 +01:00
Tristan Daniël Maat ebc45a9af1
treewide: Upgrade to NixOS 23.11 2023-12-30 19:41:06 +01:00
Tristan Daniël Maat 4a966412b8
staging: Use a static ssh host key 2023-12-29 16:48:23 +01:00
Tristan Daniël Maat 95b5d4b3bd
nginx: Reduce number of rotated logs kept around 2023-12-15 17:04:42 +01:00
Tristan Daniël Maat eb3bd485c4
metrics: Add size limit to victoriametrics 2023-12-15 17:04:39 +01:00
Tristan Daniël Maat 759a9c7c0c
conduit: Fix acme issue
letsencrypt will prod on port 80 to verify the domain. `listen`
overrides `addSSL`, so none of the NixOS modules' setup will actually
work.

This means the conduit virtualhost never listened on port 80, and
couldn't verify letsencrypt requests.

How this *ever* worked is beyond me, but this commit resolves the
problems (don't worry, `forceSSL` does what it says on the tin and
overrides the `listen` again).
2023-10-13 06:08:26 +02:00
Tristan Daniël Maat 55a4aaf48b
metrics: Add metrics with victoriametrics + grafana 2023-10-12 20:41:04 +02:00
Tristan Daniël Maat 78a9eac9bb
sops: Sort secrets alphabetically 2023-10-12 20:27:43 +02:00
Tristan Daniël Maat 87dd9daa4f
backups: Add atomic backups with restic 2023-10-12 20:27:34 +02:00