Commit Graph

312 Commits

Author SHA1 Message Date
37a1c480a5 hass: add vno1-oh2 as a trusted proxy 2024-08-02 22:30:57 +03:00
fb349648ae photoprism: move userdata mounts to /var/lib 2024-08-02 16:42:17 +03:00
e6fef422e8 photoprism: move userdata to /run/photoprism/userdata 2024-08-02 16:18:07 +03:00
14b85ab2bb photoprism: add to fwminex 2024-08-02 16:03:09 +03:00
9e9e5bb714 firewall 2024-08-02 14:47:20 +03:00
53753ac2ba hs 2024-08-02 14:05:12 +03:00
c62353cc63 headscale: listen on 0.0.0.0 2024-08-02 13:45:25 +03:00
01f008bc84 BORG_RELOCATED_REPO_ACCESS_IS_OK=yes 2024-08-01 14:04:44 +03:00
f485279f66 btrfsborg: minor fixes 2024-07-31 09:58:45 +03:00
23f399024a btrfsborg for fwminex 2024-07-31 09:40:05 +03:00
39a2f0bdc1 remote-builder: +maxJobs 2024-07-31 01:06:24 +03:00
6a54c9f69d fwminex: +synthing 2024-07-30 22:46:29 +03:00
ed33d72e39 syncthing: add www-mtworx 2024-07-29 19:55:34 +03:00
9e301158fa snapshot /home also hourly 2024-07-29 16:31:32 +03:00
7970c36801 btrfssnapshot: make it somewhat work 2024-07-29 16:11:01 +03:00
9ea80639a3 nix fmt 2024-07-29 15:39:54 +03:00
38311119f9 deployerbot: allow fwminex too 2024-07-28 22:25:58 +03:00
7b3b356bf5 syncthing: mtworx +M-R 2024-06-26 22:43:17 +03:00
78cd20056f +Vaikai 2024-06-21 19:32:06 +03:00
7c2f7c77b9 gitea: fix static files 2024-06-16 23:09:41 +03:00
425b47e7a7 s/KrekenavosNamai/sqq1-desk/ 2024-06-16 15:30:35 +03:00
9d5db099d3 wifibackup: no RemainAfterExit 2024-06-07 23:46:29 +03:00
c8d270e738 wifibackup: make it finally work without known hosts 2024-06-06 02:31:00 +03:00
f6740477b5 wifibackup: more tuning 2024-06-06 02:22:30 +03:00
2cf9ce38d1 unison tuning 2024-06-06 02:13:12 +03:00
38c707c96e wifibackup: success with [0 1] 2024-06-06 02:04:35 +03:00
2ee5109310 wifibackup: go to their default dirs 2024-06-06 02:01:32 +03:00
b8728dfbe7 wifibackup: specify full path to ssh 2024-06-06 01:58:45 +03:00
95def71a76 wifibackup 2024-06-06 01:57:00 +03:00
062609fabf use secrets in syncthing 2024-06-05 23:04:52 +03:00
afdd9f3bfb Merge branch 'main' into 24.05 2024-06-04 21:09:42 +03:00
4bb4349258 network-online.target 2024-05-31 09:21:13 +03:00
178aa66a03 remove snmp 2024-05-30 17:14:44 +03:00
11af93f220 gitea: enable packages 2024-05-10 15:24:59 +03:00
1de6593d28 gitea: disable repo-archive 2024-05-02 17:30:09 +03:00
e1423d2fed hass: remove trusted_networks
username/password is good enough
2024-04-18 19:47:13 +03:00
585b138f23 syncthing: remove insecureAdminAccess
This keeps resetting my apikey, which is annoying.
2024-04-08 18:25:58 +03:00
469e0355d3 a-kfire: fix 2024-03-23 21:34:07 +02:00
734097688e syncthing: +a-kfire 2024-03-23 21:33:26 +02:00
5a310cb0ba mxp10: +vaikai 2024-03-23 20:48:43 +02:00
8919cf0216 syncthing: +fwminex 2024-03-23 19:54:50 +02:00
b13d490dec v-kfire: fix id 2024-03-23 19:50:52 +02:00
807df4f0cf syncthing: amend v-kfire 2024-03-23 19:45:11 +02:00
637f4b1b87 syncthing: add mtworx 2024-03-14 13:48:03 +02:00
de046eb053 tailscale: --operator=motiejus 2024-03-05 11:50:44 +02:00
2a87738bf3 hass: add pyipp 2024-03-03 14:45:39 +02:00
4ac540eb60 evolution: sync full folder 2024-03-02 09:56:45 +02:00
3ce427193d deployerbot: git push on success 2024-02-28 14:55:42 +02:00
7a806d9839 fix data 2024-02-27 23:04:06 +02:00
e702cdfb18 add remote builder to vno1-oh2 2024-02-27 22:56:09 +02:00
5207327591 zfsunlock: set -x 2024-02-27 21:22:09 +02:00
878cf4071c deployerbot: nix flake check --all-systems 2024-02-27 18:32:16 +02:00
a554841ac8 remove mtwork 2024-02-27 18:20:44 +02:00
861d4e81fc remote-builder 2024-02-27 15:23:48 +02:00
c1ab3084f5 deployerbot: style nits 2024-02-26 13:56:05 +02:00
7f977e6879 style nitpicks 2024-02-26 12:39:08 +02:00
86bc0dfc1f deployerbot: fixes 2024-02-26 07:57:16 +02:00
c1957a6896 deployerbot: remove --all-systems 2024-02-26 00:15:15 +02:00
e5014bc18d nix flake check --all-systems 2024-02-26 00:03:58 +02:00
10bcb3f0b2 deployerbot: accept-flake-config 2024-02-25 23:56:38 +02:00
b8ccb2216d deployerbot: skip unnecessary checks 2024-02-25 23:53:58 +02:00
7df06680e6 deployerbot: upgrade before deploys 2024-02-25 23:50:08 +02:00
d2ad87558c compressAll: split to compressDrv and compressDrvWeb 2024-02-15 10:55:30 +02:00
6f6a4c9855 compress: accept args too 2024-02-13 21:01:38 +02:00
db07a9d5ba compress-all 2024-02-13 15:53:17 +02:00
8f79a933e7 overlays: fix 1 2024-02-02 15:29:53 +02:00
64c4534d46 rm -fr certget: 2024-02-02 15:02:31 +02:00
cfee124f99 M-Active: versioning 2024-01-25 09:05:46 +02:00
ee1defe4db Revert "Mail: backup the full evolution folder"
This reverts commit a1484df957.
2024-01-25 08:42:14 +02:00
a1484df957 Mail: backup the full evolution folder 2024-01-25 08:41:06 +02:00
ab052cd45d syncthing: bind to 127.0.0.1 2024-01-25 08:21:35 +02:00
0170765df5 gitea: use compressed assets 2024-01-17 10:11:13 +02:00
7fd85a45c9 video-vincentas: add kfire 2024-01-14 10:02:31 +02:00
8008fc9af1 add video-vincentas, kfire 2023-12-27 12:30:46 +02:00
2564b3e863 syncthing: copy/backup ~/.cache/evolution/mail
Good enough for email backups. Openable with neomutt with minimal
setup:

```
$ mkdir -p x/cur; cd x
$ cp -s ~/.cache/evolution/mail/*/folders/Debian/cur/*/* cur/
$ neomutt -f .
```
2023-12-27 12:23:27 +02:00
f08fa200f6 deployerbot: push forward a bit 2023-12-19 23:58:53 +02:00
72562e8540 hass: add daikin module 2023-12-03 20:37:59 +02:00
fb310f9e29 23.11: get rid of most warnings 2023-11-28 19:59:32 +02:00
3c3758b852 upgrade to 23.11 2023-11-28 19:59:32 +02:00
8e78a31f20 statix 2023-11-28 01:00:10 +02:00
eb404cce87 remove esphome 2023-11-22 17:01:23 +02:00
9d8ab99953 hass: read automations from the ui 2023-11-17 16:59:50 +02:00
480ae45609 tailscale: use unstable 2023-11-15 09:20:23 +02:00
c7de1294db hass: install esphome and update firewall 2023-11-14 23:36:43 +02:00
c4f3018a33 esphome: listen on wildcard 2023-11-14 23:31:21 +02:00
9535144280 vno1-oh2: esphome 2023-11-14 23:30:00 +02:00
ef164af0f3 TV WoL 2023-11-14 18:29:44 +02:00
5768552a93 add LG Web OS 2023-11-14 12:50:37 +02:00
99be96c899 add shelly 2023-11-14 10:07:52 +02:00
de939d45cd hass 2023-11-14 09:47:11 +02:00
c3bb5e41d6 hass 2023-11-14 09:18:08 +02:00
b554f3e12f M-V: add vno1-oh2 2023-11-02 22:04:31 +02:00
1d8eaabf78 syncthing: M-V 2023-10-24 22:07:51 +03:00
0dfd9fb232 silenceLogs => !verboseLogs 2023-10-22 23:06:06 +03:00
35145243bd tailscaled: silence logs by default
it works.
2023-10-22 20:14:25 +03:00
1d262ec6d2 deployerbot: optionals don't fail pushes 2023-10-16 15:50:41 +03:00
31a4ffd360 syncthing: add missing device 2023-10-11 16:44:28 +03:00
b55bb43500 syncthing: add mtwork 2023-10-11 16:39:31 +03:00
5a606a5b96 syncthing: share books with mxp10 2023-10-08 23:22:07 +03:00
1dd4f04725 statix: fix bugs with inherit
now I know better what it does.
2023-10-02 00:00:30 +03:00
25e8191177 enable statx 2023-10-02 00:00:30 +03:00
0e9f90a960 nix run github:astro/deadnix 2023-10-01 22:15:45 +03:00
95c4f94a25 certget 2023-09-23 22:56:43 +03:00
70e5230611 system users: use /bin/sh
Just learned about "bash security issue" when reading about rrsync.
2023-09-23 22:46:14 +03:00
3b1d1b439f more formatting 2023-09-23 22:29:50 +03:00
92f69eabfa nsd-acme: optionalString 2023-09-23 22:28:27 +03:00
46155b9cb8 cfg cosmetics 2023-09-23 22:25:58 +03:00
397fcd4a44 jakstpub: nicer smb settings 2023-09-22 10:14:10 +03:00
9c1bfd1b24 add a share for snapshots 2023-09-22 10:06:04 +03:00
0507fb3328 deployerbot and backups: move time around so they don't ovelap 2023-09-21 06:55:17 +03:00
21e96199bb deployerbot: use vpn for actual deploying anyway 2023-09-20 14:43:04 +03:00
4973a1cdd4 deployerbot: fwminex allows vno1 2023-09-18 20:49:17 +03:00
ceb7fe191e ping 2023-09-18 20:32:22 +03:00
5a5ffd6f00 upgrading fwminex too 2023-09-18 19:50:24 +03:00
c822cc95c2 node_exporter: enable on vno1 subnet 2023-09-18 19:29:27 +03:00
40a1edb925 syncthing: do not share books with mxp10 2023-09-18 13:31:32 +03:00
4740904244 syncthing host missing 2023-09-18 12:48:22 +03:00
5a1745b6d9 add some hosts 2023-09-18 12:47:51 +03:00
0802e17eb1 nix fmt 2023-09-18 12:46:46 +03:00
031e85fa82 syncthing: more folders 2023-09-18 12:44:09 +03:00
e6a47f4420 syncthing: a few more folders 2023-09-18 12:38:17 +03:00
52b1aa4450 syncthing: starting abstractions 2023-09-18 12:13:45 +03:00
a9ec83c732 fwminex: start syncthing 2023-09-18 12:07:41 +03:00
c84d618d97 jakstpub: fix a caddy error 2023-09-17 22:31:12 +03:00
ed8c51b45c syntax nitpicking 2023-09-17 22:16:11 +03:00
f38fd993d3 jakstpub: open up http 2023-09-17 22:13:33 +03:00
0f9aa4ed0d deploy-rs: remove -- 2023-09-16 10:04:48 +03:00
a5d8ba9cdf deploy-rs: fix typo 2023-09-16 09:35:12 +03:00
fb4b54b24b deployerbot: use deploy-rs directly 2023-09-16 08:56:22 +03:00
b38c4013e7 cosmetics: quoting
it's fine, there is overrides.conf
2023-09-14 15:15:27 +03:00
b73f671bc0 silenceLogs is not picked up
Result:
$ cat result/etc/systemd/system/tailscaled.service
[Unit]
Description=Tailscale node agent
Documentation=https://tailscale.com/kb/
Wants=network-pre.target
After=network-pre.target NetworkManager.service systemd-resolved.service

[Service]
ExecStartPre=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup
ExecStart=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port=
ExecStopPost=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup

Restart=on-failure

RuntimeDirectory=tailscale
RuntimeDirectoryMode=0755
StateDirectory=tailscale
StateDirectoryMode=0700
CacheDirectory=tailscale
CacheDirectoryMode=0750
Type=notify

[Install]
WantedBy=multi-user.target
2023-09-14 15:10:18 +03:00
76c07129f3 re-add () 2023-09-14 14:51:36 +03:00
fb3c39d7dc re-enable tailscale, oops 2023-09-14 14:48:54 +03:00
9eb8147660 tailscale: silence logs on some machines 2023-09-14 14:37:55 +03:00
553cda8fc7 vno1-rp3b: enable vno3 2023-09-14 13:23:04 +03:00
85917635fd sshguard is now optional 2023-09-14 06:41:16 +03:00
e12e139128 samba: make file/dir masks a bit more restrictive 2023-09-13 09:00:28 +03:00
4f152205ce samba: log level = 0 2023-09-12 23:27:23 +03:00
bef137b967 wsdd: specify existing hostname 2023-09-12 23:18:46 +03:00
53ce3910aa replace nmbd with wsdd
https://askubuntu.com/questions/661611/make-samba-share-visible-in-windows-network
2023-09-12 23:10:59 +03:00
e45573c8a6 fix samba config
works!
2023-09-12 22:55:17 +03:00
4f45d605e1 vno1-rp3b: some attempts at samba 2023-09-12 17:44:17 +03:00
7891663a65 jakstpub: change home dir to /var/empty 2023-09-12 17:27:11 +03:00
2dd8cda85a open up samba 2023-09-12 16:08:32 +03:00
e61944dfde rewrite firewall rules 2023-09-12 15:46:44 +03:00
2b5b9bc57f samba some progress 2023-09-12 13:31:46 +03:00
866347b042 add borgstor 2023-09-11 15:51:33 +03:00
377030d0c0 headscale: remove ipv6 subnet
it's confusing: I couldn't find an easy way to get the ipv4 address on a client
2023-09-11 14:37:05 +03:00
20ccb666c8 smtp 2023-09-07 19:46:47 +03:00
fd9f30f7d4 snmp exporter: maybe exposing the file will work now? 2023-09-05 14:58:30 +03:00