b8ccb2216d
deployerbot: skip unnecessary checks
2024-02-25 23:53:58 +02:00
7df06680e6
deployerbot: upgrade before deploys
2024-02-25 23:50:08 +02:00
d2ad87558c
compressAll: split to compressDrv and compressDrvWeb
2024-02-15 10:55:30 +02:00
6f6a4c9855
compress: accept args too
2024-02-13 21:01:38 +02:00
db07a9d5ba
compress-all
2024-02-13 15:53:17 +02:00
8f79a933e7
overlays: fix 1
2024-02-02 15:29:53 +02:00
64c4534d46
rm -fr certget:
2024-02-02 15:02:31 +02:00
cfee124f99
M-Active: versioning
2024-01-25 09:05:46 +02:00
ee1defe4db
Revert "Mail: backup the full evolution folder"
...
This reverts commit a1484df957
.
2024-01-25 08:42:14 +02:00
a1484df957
Mail: backup the full evolution folder
2024-01-25 08:41:06 +02:00
ab052cd45d
syncthing: bind to 127.0.0.1
2024-01-25 08:21:35 +02:00
0170765df5
gitea: use compressed assets
2024-01-17 10:11:13 +02:00
7fd85a45c9
video-vincentas: add kfire
2024-01-14 10:02:31 +02:00
8008fc9af1
add video-vincentas, kfire
2023-12-27 12:30:46 +02:00
2564b3e863
syncthing: copy/backup ~/.cache/evolution/mail
...
Good enough for email backups. Openable with neomutt with minimal
setup:
```
$ mkdir -p x/cur; cd x
$ cp -s ~/.cache/evolution/mail/*/folders/Debian/cur/*/* cur/
$ neomutt -f .
```
2023-12-27 12:23:27 +02:00
f08fa200f6
deployerbot: push forward a bit
2023-12-19 23:58:53 +02:00
72562e8540
hass: add daikin module
2023-12-03 20:37:59 +02:00
fb310f9e29
23.11: get rid of most warnings
2023-11-28 19:59:32 +02:00
3c3758b852
upgrade to 23.11
2023-11-28 19:59:32 +02:00
8e78a31f20
statix
2023-11-28 01:00:10 +02:00
eb404cce87
remove esphome
2023-11-22 17:01:23 +02:00
9d8ab99953
hass: read automations from the ui
2023-11-17 16:59:50 +02:00
480ae45609
tailscale: use unstable
2023-11-15 09:20:23 +02:00
c7de1294db
hass: install esphome and update firewall
2023-11-14 23:36:43 +02:00
c4f3018a33
esphome: listen on wildcard
2023-11-14 23:31:21 +02:00
9535144280
vno1-oh2: esphome
2023-11-14 23:30:00 +02:00
ef164af0f3
TV WoL
2023-11-14 18:29:44 +02:00
5768552a93
add LG Web OS
2023-11-14 12:50:37 +02:00
99be96c899
add shelly
2023-11-14 10:07:52 +02:00
de939d45cd
hass
2023-11-14 09:47:11 +02:00
c3bb5e41d6
hass
2023-11-14 09:18:08 +02:00
b554f3e12f
M-V: add vno1-oh2
2023-11-02 22:04:31 +02:00
1d8eaabf78
syncthing: M-V
2023-10-24 22:07:51 +03:00
0dfd9fb232
silenceLogs => !verboseLogs
2023-10-22 23:06:06 +03:00
35145243bd
tailscaled: silence logs by default
...
it works.
2023-10-22 20:14:25 +03:00
1d262ec6d2
deployerbot: optionals don't fail pushes
2023-10-16 15:50:41 +03:00
31a4ffd360
syncthing: add missing device
2023-10-11 16:44:28 +03:00
b55bb43500
syncthing: add mtwork
2023-10-11 16:39:31 +03:00
5a606a5b96
syncthing: share books with mxp10
2023-10-08 23:22:07 +03:00
1dd4f04725
statix: fix bugs with inherit
...
now I know better what it does.
2023-10-02 00:00:30 +03:00
25e8191177
enable statx
2023-10-02 00:00:30 +03:00
0e9f90a960
nix run github:astro/deadnix
2023-10-01 22:15:45 +03:00
95c4f94a25
certget
2023-09-23 22:56:43 +03:00
70e5230611
system users: use /bin/sh
...
Just learned about "bash security issue" when reading about rrsync.
2023-09-23 22:46:14 +03:00
3b1d1b439f
more formatting
2023-09-23 22:29:50 +03:00
92f69eabfa
nsd-acme: optionalString
2023-09-23 22:28:27 +03:00
46155b9cb8
cfg cosmetics
2023-09-23 22:25:58 +03:00
397fcd4a44
jakstpub: nicer smb settings
2023-09-22 10:14:10 +03:00
9c1bfd1b24
add a share for snapshots
2023-09-22 10:06:04 +03:00
0507fb3328
deployerbot and backups: move time around so they don't ovelap
2023-09-21 06:55:17 +03:00
21e96199bb
deployerbot: use vpn for actual deploying anyway
2023-09-20 14:43:04 +03:00
4973a1cdd4
deployerbot: fwminex allows vno1
2023-09-18 20:49:17 +03:00
ceb7fe191e
ping
2023-09-18 20:32:22 +03:00
5a5ffd6f00
upgrading fwminex too
2023-09-18 19:50:24 +03:00
c822cc95c2
node_exporter: enable on vno1 subnet
2023-09-18 19:29:27 +03:00
40a1edb925
syncthing: do not share books with mxp10
2023-09-18 13:31:32 +03:00
4740904244
syncthing host missing
2023-09-18 12:48:22 +03:00
5a1745b6d9
add some hosts
2023-09-18 12:47:51 +03:00
0802e17eb1
nix fmt
2023-09-18 12:46:46 +03:00
031e85fa82
syncthing: more folders
2023-09-18 12:44:09 +03:00
e6a47f4420
syncthing: a few more folders
2023-09-18 12:38:17 +03:00
52b1aa4450
syncthing: starting abstractions
2023-09-18 12:13:45 +03:00
a9ec83c732
fwminex: start syncthing
2023-09-18 12:07:41 +03:00
c84d618d97
jakstpub: fix a caddy error
2023-09-17 22:31:12 +03:00
ed8c51b45c
syntax nitpicking
2023-09-17 22:16:11 +03:00
f38fd993d3
jakstpub: open up http
2023-09-17 22:13:33 +03:00
0f9aa4ed0d
deploy-rs: remove --
2023-09-16 10:04:48 +03:00
a5d8ba9cdf
deploy-rs: fix typo
2023-09-16 09:35:12 +03:00
fb4b54b24b
deployerbot: use deploy-rs directly
2023-09-16 08:56:22 +03:00
b38c4013e7
cosmetics: quoting
...
it's fine, there is overrides.conf
2023-09-14 15:15:27 +03:00
b73f671bc0
silenceLogs is not picked up
...
Result:
$ cat result/etc/systemd/system/tailscaled.service
[Unit]
Description=Tailscale node agent
Documentation=https://tailscale.com/kb/
Wants=network-pre.target
After=network-pre.target NetworkManager.service systemd-resolved.service
[Service]
ExecStartPre=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup
ExecStart=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port=
ExecStopPost=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup
Restart=on-failure
RuntimeDirectory=tailscale
RuntimeDirectoryMode=0755
StateDirectory=tailscale
StateDirectoryMode=0700
CacheDirectory=tailscale
CacheDirectoryMode=0750
Type=notify
[Install]
WantedBy=multi-user.target
2023-09-14 15:10:18 +03:00
76c07129f3
re-add ()
2023-09-14 14:51:36 +03:00
fb3c39d7dc
re-enable tailscale, oops
2023-09-14 14:48:54 +03:00
9eb8147660
tailscale: silence logs on some machines
2023-09-14 14:37:55 +03:00
553cda8fc7
vno1-rp3b: enable vno3
2023-09-14 13:23:04 +03:00
85917635fd
sshguard is now optional
2023-09-14 06:41:16 +03:00
e12e139128
samba: make file/dir masks a bit more restrictive
2023-09-13 09:00:28 +03:00
4f152205ce
samba: log level = 0
2023-09-12 23:27:23 +03:00
bef137b967
wsdd: specify existing hostname
2023-09-12 23:18:46 +03:00
53ce3910aa
replace nmbd with wsdd
...
https://askubuntu.com/questions/661611/make-samba-share-visible-in-windows-network
2023-09-12 23:10:59 +03:00
e45573c8a6
fix samba config
...
works!
2023-09-12 22:55:17 +03:00
4f45d605e1
vno1-rp3b: some attempts at samba
2023-09-12 17:44:17 +03:00
7891663a65
jakstpub: change home dir to /var/empty
2023-09-12 17:27:11 +03:00
2dd8cda85a
open up samba
2023-09-12 16:08:32 +03:00
e61944dfde
rewrite firewall rules
2023-09-12 15:46:44 +03:00
2b5b9bc57f
samba some progress
2023-09-12 13:31:46 +03:00
866347b042
add borgstor
2023-09-11 15:51:33 +03:00
377030d0c0
headscale: remove ipv6 subnet
...
it's confusing: I couldn't find an easy way to get the ipv4 address on a client
2023-09-11 14:37:05 +03:00
20ccb666c8
smtp
2023-09-07 19:46:47 +03:00
fd9f30f7d4
snmp exporter: maybe exposing the file will work now?
2023-09-05 14:58:30 +03:00
24e6aa333e
snmp exporter: expose in vpn for all to see
2023-09-05 14:45:09 +03:00
5c1cccb8a4
snmp: from package back to module
2023-09-05 14:41:52 +03:00
fe30f6c32a
Add dl.jakstys.lt
2023-08-29 15:41:57 +03:00
617b829589
deployerbot: add fra1-a
2023-08-27 01:04:09 +03:00
23347f6952
matrix-synapse: listen on 127.0.0.1
...
reverse proxying is over
2023-08-25 17:00:30 +03:00
3687d7cd73
matrix-synapse listen on 0.0.0.0
2023-08-25 16:14:12 +03:00
2776f8c517
fix extraConfigFiles
2023-08-25 16:03:46 +03:00
355d8c21cc
move matrix-synapse to it's module
2023-08-25 15:49:37 +03:00
f87a712635
node_exporter gets its own uidgid
2023-08-25 09:55:21 +03:00
9740b42493
gitea: listen on 3001
2023-08-25 09:41:42 +03:00
c3168bb2d3
headscale
2023-08-24 23:46:45 +03:00
be4df58cbb
move gitea to its own module
2023-08-24 23:34:48 +03:00
407024dfa9
zfsunlock: use IP addresses + zfsunlock
2023-08-22 14:14:20 +03:00
bbf562d205
move node_exporter to its own module
2023-08-18 09:32:01 +03:00
4dee4159e7
nix --accept-flake-config
2023-08-16 20:26:37 +03:00
98a4ad79f8
grafana now on https://grafana.jakstys.lt , over vpn
2023-08-14 09:04:09 +03:00
a2a741d27e
fmt and formatting; nsd-acme is less verbose
2023-08-10 10:48:34 +03:00
fa435f65d0
zones don't need to be sanitized
...
it's DNS!
2023-08-10 10:46:06 +03:00
7bedc09abb
deployerbot: do not restart if changed
...
leads to interesting deadlocks when upgrading self
2023-08-10 10:40:07 +03:00
4878c42ca9
cron + alerting for cert updates
2023-08-10 00:46:36 +03:00
9059f84632
uacme can return 1 when cert is up to date
2023-08-10 00:37:21 +03:00
76a748e086
grafana is now prod
2023-08-10 00:29:56 +03:00
98816538d2
trying grafana1
2023-08-10 00:24:36 +03:00
69e6734eb7
nsd-acme: misc fixes
2023-08-09 15:55:05 +03:00
9a456192af
nsd-acme
2023-08-09 15:34:44 +03:00
3e66f95668
zfsunlock nitpick
2023-08-09 14:26:49 +03:00
9a7e42b95d
nsd: ConditionPathExists all files
2023-08-07 14:50:32 +03:00
5ae9886929
deployerbot: set PATH in systemd service definition
2023-08-07 14:39:38 +03:00
c8525b4e6b
node_exporter on hel1-a
2023-08-06 01:00:02 +03:00
665e79a984
prometheus: beginnings
2023-08-05 18:32:28 +03:00
f4e04faef3
friendlyport
2023-08-05 18:18:30 +03:00
cf6eeb6f29
deployerbot: start action at 23:30 UTC
...
According to 'nixos infra status' finding a good time of day to run the
updates for nixos release non-small is futile.
2023-08-02 15:41:07 +03:00
07921f1eaa
nix flake update: schedule at 16:00 UTC
2023-08-01 14:24:32 +03:00
7a224096ba
set PATH once
2023-07-30 09:01:27 +03:00
c99adbbaa1
bring back exec
2023-07-30 08:59:58 +03:00
d536eb5656
set OLD_PATH once
2023-07-30 08:56:38 +03:00
afd7743f37
deployerbot: push after a successful deploy
2023-07-30 08:53:19 +03:00
482f01bb01
deployer: set -x
2023-07-30 07:36:12 +03:00
36bbceac03
limit deployerbot-follower to our vpn
2023-07-30 07:23:43 +03:00
d1b19e6cf6
deployerbot: do not set -x
2023-07-30 07:00:10 +03:00
a9e8904d28
add deployerbot-follower to trusted users
2023-07-30 06:55:04 +03:00
ef050725c1
deploy-rs can deploy multiple targets with --targets
2023-07-30 06:50:06 +03:00
69ee6c9caa
add comment re calendar time
2023-07-30 06:45:54 +03:00
f18a2ff855
deploy updates regularly
2023-07-30 06:41:13 +03:00
9de5120cc3
updaterbot: move all to deployer
2023-07-30 06:30:52 +03:00
9e0bd48a22
clean up old paths -- untested
2023-07-28 16:15:59 +03:00
49b9cc8351
vno1-oh2: enable deployerbot master
2023-07-28 16:09:41 +03:00
bff8cef210
fixes in deployment script
2023-07-28 15:55:16 +03:00
e588514c07
updater
2023-07-28 15:43:23 +03:00
bddb20cd13
updater: move to it's own service
2023-07-28 14:22:40 +03:00
45724064d1
add M-R
2023-07-28 09:10:40 +03:00
89f7838c93
add Irenos folder
2023-07-26 22:24:51 +03:00
4522af453b
start/stop firewall commands
2023-07-26 15:14:12 +03:00
cff18bfb8f
move common zfs settings to modules/base
2023-07-26 14:01:57 +03:00
d4527c24a6
mailutils comes with postfix
2023-07-26 13:32:03 +03:00
bac191ef2f
postfix: add to vno1-oh2
2023-07-26 13:27:15 +03:00
4f1aa85659
syncthing
2023-07-26 12:55:15 +03:00
8b673d25af
change initrd pubkey of vno1-oh2
2023-07-24 16:46:35 +03:00
4611c08d4f
cleanup ips; nix fmt
2023-07-24 12:36:34 +03:00
c2249cebb1
zfsunlock: quiet diagnostics
2023-07-24 10:38:29 +03:00