Commit Graph

344 Commits

Author SHA1 Message Date
Motiejus Jakštys 25e8191177 enable statx 2023-10-02 00:00:30 +03:00
Motiejus Jakštys 0e9f90a960 nix run github:astro/deadnix 2023-10-01 22:15:45 +03:00
Motiejus Jakštys f298984998 Revert "grafana.jakstys.lt: use http"
This reverts commit f98db66b64.

Android Firefox says "this website is redirecting incorrectly"
2023-09-30 06:01:09 +03:00
Motiejus Jakštys 87f014185f fwminex: remove swap
https://utcc.utoronto.ca/~cks/space/blog/solaris/ZFSForSwapMyViews
2023-09-24 22:49:43 +03:00
Motiejus Jakštys 06757b49b0 trying swap 2023-09-24 22:46:20 +03:00
Motiejus Jakštys f98db66b64 grafana.jakstys.lt: use http 2023-09-23 23:11:48 +03:00
Motiejus Jakštys 95c4f94a25 certget 2023-09-23 22:56:43 +03:00
Motiejus Jakštys 96388ab0d9 nsd-acme: add hdd.jakstys.lt 2023-09-23 22:26:33 +03:00
Motiejus Jakštys 91f7ccfb14 add hacotest 2023-09-22 14:48:31 +03:00
Motiejus Jakštys 93e521605d fwminex: fix firewall typo 2023-09-22 09:58:09 +03:00
Motiejus Jakštys 7ddceca0b8 fwminex: reject packets 2023-09-22 09:36:26 +03:00
Motiejus Jakštys 58b5c969fd vno3-rp3b: snapshot /data/shared 2023-09-22 09:34:23 +03:00
Motiejus Jakštys 07e61adc1e firewall: reject packets on some hosts 2023-09-22 09:34:23 +03:00
Motiejus Jakštys 0507fb3328 deployerbot and backups: move time around so they don't ovelap 2023-09-21 06:55:17 +03:00
Motiejus Jakštys 4290a541ef all backups in UTC 2023-09-21 06:44:26 +03:00
Motiejus Jakštys 6630346520 fwminex: remove docker mountpoint 2023-09-21 06:36:15 +03:00
Motiejus Jakštys f846c492bc fwminex: mount /var/lib/docker 2023-09-21 06:21:12 +03:00
Motiejus Jakštys 205aeec19d install iw and acpi; remove random latex 2023-09-20 21:28:15 +03:00
Motiejus Jakštys 21e96199bb deployerbot: use vpn for actual deploying anyway 2023-09-20 14:43:04 +03:00
Motiejus Jakštys dba036a102 autorandr: move to global config
seems to work!
2023-09-20 14:35:11 +03:00
Motiejus Jakštys 774df4064f autorandr: move more config from debian 2023-09-20 07:57:12 +03:00
Motiejus Jakštys 4973a1cdd4 deployerbot: fwminex allows vno1 2023-09-18 20:49:17 +03:00
Motiejus Jakštys 5a5ffd6f00 upgrading fwminex too 2023-09-18 19:50:24 +03:00
Motiejus Jakštys 9cd5d406cf enable node_exporter for fwminex 2023-09-18 19:31:45 +03:00
Motiejus Jakštys c822cc95c2 node_exporter: enable on vno1 subnet 2023-09-18 19:29:27 +03:00
Motiejus Jakštys b9b7f2aa3c move efibootmgr to desktop profile 2023-09-18 14:42:34 +03:00
Motiejus Jakštys 710f7352fa fwminex: install efibootmgr 2023-09-18 13:00:29 +03:00
Motiejus Jakštys a9ec83c732 fwminex: start syncthing 2023-09-18 12:07:41 +03:00
Motiejus Jakštys 0208e59595 grafana: assign viewer role for new people 2023-09-17 22:41:51 +03:00
Motiejus Jakštys f38fd993d3 jakstpub: open up http 2023-09-17 22:13:33 +03:00
Motiejus Jakštys a3e8903669 autorandr: configure lone laptop 2023-09-17 22:02:30 +03:00
Motiejus Jakštys f571a87541 add awesome/rc.lua 2023-09-17 08:00:08 +03:00
Motiejus Jakštys 74d3b2cb23 some autorandr 2023-09-17 07:12:05 +03:00
Motiejus Jakštys dafdf2df30 fwminex: remove iwlwifi from early-early boot 2023-09-16 23:05:01 +03:00
Motiejus Jakštys b436195d49 hardware observability 2023-09-16 08:53:23 +03:00
Motiejus Jakštys 588f530f22 disable syncthing temporarily 2023-09-15 13:29:55 +03:00
Motiejus Jakštys 6b3f073b5b secrets for fwminex 2023-09-15 13:28:15 +03:00
Motiejus Jakštys e3c5f37b43 add some packages 2023-09-15 13:05:56 +03:00
Motiejus Jakštys 93b95af851 borgstor: allow motiejus to read borg backups 2023-09-15 11:17:40 +03:00
Motiejus Jakštys 7ee6a0de71 zfsborg: remove the ${mountpoint}/.snapshot-latest prefix
The path in the filesystem is quite clear from the archive name.
2023-09-15 11:05:05 +03:00
Motiejus Jakštys 331ffa9450 vno3-rp3b: add borgbackup app 2023-09-15 10:49:27 +03:00
Motiejus Jakštys 09f1b62cc8 add a desktop profile 2023-09-14 21:53:59 +03:00
Motiejus Jakštys 0389fa709a vno1-rp3b: enable zfs misc 2023-09-14 21:38:29 +03:00
Motiejus Jakštys 350c9a8d49 disable zfs-mount 2023-09-14 15:26:16 +03:00
Motiejus Jakštys 8b0573409d fwminex: enable firewall 2023-09-14 15:25:08 +03:00
Motiejus Jakštys fb3c39d7dc re-enable tailscale, oops 2023-09-14 14:48:54 +03:00
Motiejus Jakštys 9eb8147660 tailscale: silence logs on some machines 2023-09-14 14:37:55 +03:00
Motiejus Jakštys aad4502030 rename vno1-rp3b to vno3-rp3b
ready for deployment
2023-09-14 13:27:05 +03:00
Motiejus Jakštys 45a9b7475b vno1-rp3b: dhcp 2023-09-14 13:24:40 +03:00
Motiejus Jakštys 4a5893ae73 fwminex: some hardware updates 2023-09-14 09:42:14 +00:00
Motiejus Jakštys 8e32a16f01 add iwlwifi to early-ish boot 2023-09-14 11:35:29 +03:00
Motiejus Jakštys e341092306 fwminex: enable redistributable firmware, remove docker volume 2023-09-14 11:31:53 +03:00
Motiejus Jakštys 280b8cf3ad fwminex: fix mountpoint to /var/lib/docker 2023-09-14 10:40:23 +03:00
Motiejus Jakštys 1430bf9d6d fwminex: swap 2023-09-14 07:43:18 +03:00
Motiejus Jakštys 90be8b6e5f fwminex: fix typo 2023-09-14 06:42:44 +03:00
Motiejus Jakštys 62e00f3bc7 fwminex: firewall and swap devices 2023-09-14 06:41:37 +03:00
Motiejus Jakštys 85917635fd sshguard is now optional 2023-09-14 06:41:16 +03:00
Motiejus Jakštys 182a87b0b9 another fix for swap devices 2023-09-13 15:18:25 +03:00
Motiejus Jakštys e617dbf55f fwminex: fix swap and docker 2023-09-13 15:13:44 +03:00
Motiejus Jakštys 2220be3c81 fwminex: set hostid 2023-09-13 14:46:58 +03:00
Motiejus Jakštys b5a3e29e6f force no legacy grub (now) 2023-09-13 14:14:25 +03:00
Motiejus Jakštys 7775c760fa fwminex: update partition scheme 2023-09-13 13:54:22 +03:00
Motiejus Jakštys 8a01703bb1 fwminex: disable postfix temporarily 2023-09-13 13:30:16 +03:00
Motiejus Jakštys e38f446793 add fwminex 2023-09-13 13:04:40 +03:00
Motiejus Jakštys bef137b967 wsdd: specify existing hostname 2023-09-12 23:18:46 +03:00
Motiejus Jakštys 2dd8cda85a open up samba 2023-09-12 16:08:32 +03:00
Motiejus Jakštys e61944dfde rewrite firewall rules 2023-09-12 15:46:44 +03:00
Motiejus Jakštys 2b5b9bc57f samba some progress 2023-09-12 13:31:46 +03:00
Motiejus Jakštys dea3eef575 fra1-a: disable zfsunlock 2023-09-12 12:25:30 +03:00
Motiejus Jakštys 5cfc0a62b9 vno1-oh2: mitigating the NIC 2023-09-12 09:59:55 +03:00
Motiejus Jakštys 92e940e1d4 wip samba 2023-09-12 09:42:20 +03:00
Motiejus Jakštys 94253212c6 networking.firewall.checkReversePath = "loose" for tailscale 2023-09-11 22:38:44 +03:00
Motiejus Jakštys 05b7858035 borgstor: add remaining paths 2023-09-11 17:50:59 +03:00
Motiejus Jakštys d1a7aebfc9 borgstor: add /var/log for testing 2023-09-11 17:40:47 +03:00
Motiejus Jakštys 583f74cf3f zfsborg: restructure config
Preparing for 2 repo destinations.
2023-09-11 17:25:12 +03:00
Motiejus Jakštys 866347b042 add borgstor 2023-09-11 15:51:33 +03:00
Motiejus Jakštys 31f1d6d669 vno1-rp3b: some mountpoints 2023-09-11 14:20:07 +03:00
Motiejus Jakštys 0246f9fd69 vno1-rp3b: remove audio/video 2023-09-11 13:25:46 +03:00
Motiejus Jakštys ae7b12a04f vno1-rp3b: move datapool-passphrase to /etc 2023-09-11 13:05:42 +03:00
Motiejus Jakštys 03728838f4 vno1-rp3b: support zfs 2023-09-11 11:01:33 +03:00
Motiejus Jakštys b0bf88169f move grafana logs to /var/log/grafana 2023-09-08 07:42:22 +03:00
Motiejus Jakštys c80e72a450 backup caddy lib dir 2023-09-08 07:41:51 +03:00
Motiejus Jakštys ee36768b0e minidlna: open up /home/motiejus/video 2023-09-07 22:31:02 +03:00
Motiejus Jakštys fc3308a2e9 minidlna 2023-09-07 22:24:00 +03:00
Motiejus Jakštys 11b3894d6f vaultwarden: PUSH_INSTALLATION_ID and PUSH_INSTALLATION_KEY 2023-09-07 14:29:55 +03:00
Motiejus Jakštys 8ab980d059 signups and logging 2023-09-07 14:26:00 +03:00
Motiejus Jakštys a41c0743ab backups: add bitwarden_rs, nsd-acme, tailscale 2023-09-07 14:20:21 +03:00
Motiejus Jakštys d8aa8e5748 fix smtp 2023-09-07 13:51:47 +03:00
Motiejus Jakštys 633e093969 vaultwarden: smtp and secrets 2023-09-07 13:04:38 +03:00
Motiejus Jakštys 83a20aa69a vaultwarden: fix typo 2023-09-07 10:59:14 +03:00
Motiejus Jakštys 721a9b2c5c vaultwarden: add admin secret 2023-09-07 10:57:43 +03:00
Motiejus Jakštys 9163143204 vaultwarden 2023-09-07 09:29:20 +03:00
Motiejus Jakštys 6783a3fb0e update grafana's timeInterval to 10s 2023-09-06 22:59:48 +03:00
Motiejus Jakštys 980b7b0449 prometheus: scrape/evaluation intervals 2023-09-06 22:18:44 +03:00
Motiejus Jakštys cdbbdaaa45 prometheus/caddy 2023-09-06 17:44:30 +03:00
Motiejus Jakštys 810064ebbd prometheus meta scraper 2023-09-06 16:38:38 +03:00
Motiejus Jakštys 49dcbd3d51 prometheus: retention time is 1y 2023-09-06 16:32:11 +03:00
Motiejus Jakštys 44c6bccca6 snmp: add some routers 2023-09-05 15:29:20 +03:00
Motiejus Jakštys 5c1cccb8a4 snmp: from package back to module 2023-09-05 14:41:52 +03:00
Motiejus Jakštys e9d709f507 add motiejus_bk2 properly 2023-09-01 13:42:26 +03:00
Motiejus Jakštys fe30f6c32a Add dl.jakstys.lt 2023-08-29 15:41:57 +03:00
Motiejus Jakštys 97ef691743 grafana.jakstys.lt: abort non-private ips 2023-08-27 15:32:49 +03:00
Motiejus Jakštys cc11726ed7 remove hel1-a 2023-08-27 15:17:54 +03:00
Motiejus Jakštys 617b829589 deployerbot: add fra1-a 2023-08-27 01:04:09 +03:00
Motiejus Jakštys ba821ff7f3 node_exporter: add fra1-a 2023-08-27 00:55:33 +03:00
Motiejus Jakštys de4b47b929 zfsunlock between fra1-a and vno1-oh2 2023-08-26 23:48:18 +03:00
Motiejus Jakštys 1db9253ae6 fra1-a 2023-08-26 23:37:16 +03:00
Motiejus Jakštys 3a5b1e5951 preparing to move headscale to vno1-oh2 2023-08-25 19:53:21 +03:00
Motiejus Jakštys b886b752e0 caddy: snapshot and backup access logs 2023-08-25 19:41:26 +03:00
Motiejus Jakštys 95dfd6d143 caddy: disable on hel1-a, enable logrotate on vno1-oh2 2023-08-25 17:03:01 +03:00
Motiejus Jakštys 23347f6952 matrix-synapse: listen on 127.0.0.1
reverse proxying is over
2023-08-25 17:00:30 +03:00
Motiejus Jakštys c5bfc43b4d matrix: do not encode in caddy 2023-08-25 16:53:44 +03:00
Motiejus Jakštys cc6af1c68f caddy: move to vno1-oh2 2023-08-25 16:44:41 +03:00
Motiejus Jakštys eca5765e8f remove matrix-synapse from hel1-a 2023-08-25 16:27:39 +03:00
Motiejus Jakštys 4ef5ac515e matrix-synapse: redirect to vno1-oh2 2023-08-25 16:16:28 +03:00
Motiejus Jakštys 3687d7cd73 matrix-synapse listen on 0.0.0.0 2023-08-25 16:14:12 +03:00
Motiejus Jakštys ac50f832da moving synapse to vno1-oh2 2023-08-25 15:55:06 +03:00
Motiejus Jakštys 355d8c21cc move matrix-synapse to it's module 2023-08-25 15:49:37 +03:00
Motiejus Jakštys afdc532d8d update comment 2023-08-25 15:43:25 +03:00
Motiejus Jakštys 565c64062a access-jakstys.lt: do not rotate logs at all 2023-08-25 15:38:07 +03:00
Motiejus Jakštys cd632db944 access-jakstys.lt: do not rotate logs at all 2023-08-25 11:32:16 +03:00
Motiejus Jakštys 5a81bacfac remove obsolete domain 2023-08-25 10:40:28 +03:00
Motiejus Jakštys e677966c3d remove gitea from hel1-b 2023-08-25 10:35:49 +03:00
Motiejus Jakštys f10cfb1147 enable acme for caddy 2023-08-25 10:14:10 +03:00
Motiejus Jakštys 1b6c35ed76 vno1-oh2: enable gitea 2023-08-25 09:27:24 +03:00
Motiejus Jakštys 6cf894ee68 move logRefusedConnections to base 2023-08-24 23:49:21 +03:00
Motiejus Jakštys c3168bb2d3 headscale 2023-08-24 23:46:45 +03:00
Motiejus Jakštys be4df58cbb move gitea to its own module 2023-08-24 23:34:48 +03:00
Motiejus Jakštys 6263f88887 Revert "gitea: enable email"
This reverts commit bcf8b365c8.

Failed to send a testing email to 'motiejus@jakstys.lt': gomail: could not send email 1: signal: aborted (core dumped)
2023-08-24 23:21:07 +03:00
Motiejus Jakštys bcf8b365c8 gitea: enable email 2023-08-24 23:19:06 +03:00
Motiejus Jakštys f159d9d89e vno1-rp3b: journald logs to memory 2023-08-24 15:11:19 +03:00
Motiejus Jakštys ef14233811 vno1-oh2: backup /var/lib/{grafana,soju} 2023-08-22 15:18:24 +03:00
Motiejus Jakštys 5ea92ad8ab soju: store logs to files 2023-08-22 15:13:33 +03:00
Motiejus Jakštys 6f5240a53c soju: add unix+admin 2023-08-22 14:39:42 +03:00
Motiejus Jakštys e082b2cd40 fix soju config 2023-08-22 14:35:54 +03:00
Motiejus Jakštys d812f5f91d nsd-acme is now a requirement for services 2023-08-22 14:32:09 +03:00
Motiejus Jakštys 833b2bd1cf nsd-acme fixes
- remove obsolete conditions (that's what After is for)
- irc.jakstys.lt is no longer staging
2023-08-22 14:30:08 +03:00
Motiejus Jakštys 2e1af09789 enable soju 2023-08-22 14:28:59 +03:00
Motiejus Jakštys c4bd57c47d acme for irc.jakstys.lt 2023-08-22 14:26:47 +03:00
Motiejus Jakštys 407024dfa9 zfsunlock: use IP addresses + zfsunlock 2023-08-22 14:14:20 +03:00
Motiejus Jakštys 7063b1d84e vim nitpicks 2023-08-18 18:50:39 +03:00
Motiejus Jakštys e1378a3617 start with vim 2023-08-18 18:43:34 +03:00
Motiejus Jakštys bbf562d205 move node_exporter to its own module 2023-08-18 09:32:01 +03:00
Motiejus Jakštys 5eb2772356 install kodi 2023-08-17 21:47:32 +03:00
Motiejus Jakštys 0bf61ad07c disable cage
want stdout/stderr
2023-08-17 15:23:49 +03:00
Motiejus Jakštys 76f3d529da kodi: enable custom launcher
youtube cannot be found
2023-08-17 15:10:17 +03:00
Motiejus Jakštys 3b33358739 kodi on Xorg works: enable wayland now 2023-08-17 15:07:48 +03:00
Motiejus Jakštys 101ef65d00 semicolon 2023-08-17 14:58:21 +03:00
Motiejus Jakštys 174c0b569e cma=320M? 2023-08-17 14:56:56 +03:00
Motiejus Jakštys a0ff2577e9 gpu_mem: 256MB
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980536
2023-08-17 14:45:03 +03:00