Commit Graph

290 Commits

Author SHA1 Message Date
Motiejus Jakštys c8d270e738 wifibackup: make it finally work without known hosts 2024-06-06 02:31:00 +03:00
Motiejus Jakštys f6740477b5 wifibackup: more tuning 2024-06-06 02:22:30 +03:00
Motiejus Jakštys 2cf9ce38d1 unison tuning 2024-06-06 02:13:12 +03:00
Motiejus Jakštys 38c707c96e wifibackup: success with [0 1] 2024-06-06 02:04:35 +03:00
Motiejus Jakštys 2ee5109310 wifibackup: go to their default dirs 2024-06-06 02:01:32 +03:00
Motiejus Jakštys b8728dfbe7 wifibackup: specify full path to ssh 2024-06-06 01:58:45 +03:00
Motiejus Jakštys 95def71a76 wifibackup 2024-06-06 01:57:00 +03:00
Motiejus Jakštys 062609fabf use secrets in syncthing 2024-06-05 23:04:52 +03:00
Motiejus Jakštys afdd9f3bfb Merge branch 'main' into 24.05 2024-06-04 21:09:42 +03:00
Motiejus Jakštys 4bb4349258 network-online.target 2024-05-31 09:21:13 +03:00
Motiejus Jakštys 178aa66a03 remove snmp 2024-05-30 17:14:44 +03:00
Motiejus Jakštys 11af93f220 gitea: enable packages 2024-05-10 15:24:59 +03:00
Motiejus Jakštys 1de6593d28 gitea: disable repo-archive 2024-05-02 17:30:09 +03:00
Motiejus Jakštys e1423d2fed hass: remove trusted_networks
username/password is good enough
2024-04-18 19:47:13 +03:00
Motiejus Jakštys 585b138f23 syncthing: remove `insecureAdminAccess`
This keeps resetting my apikey, which is annoying.
2024-04-08 18:25:58 +03:00
Motiejus Jakštys 469e0355d3 a-kfire: fix 2024-03-23 21:34:07 +02:00
Motiejus Jakštys 734097688e syncthing: +a-kfire 2024-03-23 21:33:26 +02:00
Motiejus Jakštys 5a310cb0ba mxp10: +vaikai 2024-03-23 20:48:43 +02:00
Motiejus Jakštys 8919cf0216 syncthing: +fwminex 2024-03-23 19:54:50 +02:00
Motiejus Jakštys b13d490dec v-kfire: fix id 2024-03-23 19:50:52 +02:00
Motiejus Jakštys 807df4f0cf syncthing: amend v-kfire 2024-03-23 19:45:11 +02:00
Motiejus Jakštys 637f4b1b87 syncthing: add mtworx 2024-03-14 13:48:03 +02:00
Motiejus Jakštys de046eb053 tailscale: --operator=motiejus 2024-03-05 11:50:44 +02:00
Motiejus Jakštys 2a87738bf3 hass: add pyipp 2024-03-03 14:45:39 +02:00
Motiejus Jakštys 4ac540eb60 evolution: sync full folder 2024-03-02 09:56:45 +02:00
Motiejus Jakštys 3ce427193d deployerbot: git push on success 2024-02-28 14:55:42 +02:00
Motiejus Jakštys 7a806d9839 fix data 2024-02-27 23:04:06 +02:00
Motiejus Jakštys e702cdfb18 add remote builder to vno1-oh2 2024-02-27 22:56:09 +02:00
Motiejus Jakštys 5207327591 zfsunlock: set -x 2024-02-27 21:22:09 +02:00
Motiejus Jakštys 878cf4071c deployerbot: nix flake check --all-systems 2024-02-27 18:32:16 +02:00
Motiejus Jakštys a554841ac8 remove mtwork 2024-02-27 18:20:44 +02:00
Motiejus Jakštys 861d4e81fc remote-builder 2024-02-27 15:23:48 +02:00
Motiejus Jakštys c1ab3084f5 deployerbot: style nits 2024-02-26 13:56:05 +02:00
Motiejus Jakštys 7f977e6879 style nitpicks 2024-02-26 12:39:08 +02:00
Motiejus Jakštys 86bc0dfc1f deployerbot: fixes 2024-02-26 07:57:16 +02:00
Motiejus Jakštys c1957a6896 deployerbot: remove --all-systems 2024-02-26 00:15:15 +02:00
Motiejus Jakštys e5014bc18d nix flake check --all-systems 2024-02-26 00:03:58 +02:00
Motiejus Jakštys 10bcb3f0b2 deployerbot: accept-flake-config 2024-02-25 23:56:38 +02:00
Motiejus Jakštys b8ccb2216d deployerbot: skip unnecessary checks 2024-02-25 23:53:58 +02:00
Motiejus Jakštys 7df06680e6 deployerbot: upgrade before deploys 2024-02-25 23:50:08 +02:00
Motiejus Jakštys d2ad87558c compressAll: split to compressDrv and compressDrvWeb 2024-02-15 10:55:30 +02:00
Motiejus Jakštys 6f6a4c9855 compress: accept args too 2024-02-13 21:01:38 +02:00
Motiejus Jakštys db07a9d5ba compress-all 2024-02-13 15:53:17 +02:00
Motiejus Jakštys 8f79a933e7 overlays: fix 1 2024-02-02 15:29:53 +02:00
Motiejus Jakštys 64c4534d46 rm -fr certget: 2024-02-02 15:02:31 +02:00
Motiejus Jakštys cfee124f99 M-Active: versioning 2024-01-25 09:05:46 +02:00
Motiejus Jakštys ee1defe4db Revert "Mail: backup the full evolution folder"
This reverts commit a1484df957.
2024-01-25 08:42:14 +02:00
Motiejus Jakštys a1484df957 Mail: backup the full evolution folder 2024-01-25 08:41:06 +02:00
Motiejus Jakštys ab052cd45d syncthing: bind to 127.0.0.1 2024-01-25 08:21:35 +02:00
Motiejus Jakštys 0170765df5 gitea: use compressed assets 2024-01-17 10:11:13 +02:00
Motiejus Jakštys 7fd85a45c9 video-vincentas: add kfire 2024-01-14 10:02:31 +02:00
Motiejus Jakštys 8008fc9af1 add video-vincentas, kfire 2023-12-27 12:30:46 +02:00
Motiejus Jakštys 2564b3e863 syncthing: copy/backup ~/.cache/evolution/mail
Good enough for email backups. Openable with neomutt with minimal
setup:

```
$ mkdir -p x/cur; cd x
$ cp -s ~/.cache/evolution/mail/*/folders/Debian/cur/*/* cur/
$ neomutt -f .
```
2023-12-27 12:23:27 +02:00
Motiejus Jakštys f08fa200f6 deployerbot: push forward a bit 2023-12-19 23:58:53 +02:00
Motiejus Jakštys 72562e8540 hass: add daikin module 2023-12-03 20:37:59 +02:00
Motiejus Jakštys fb310f9e29 23.11: get rid of most warnings 2023-11-28 19:59:32 +02:00
Motiejus Jakštys 3c3758b852 upgrade to 23.11 2023-11-28 19:59:32 +02:00
Motiejus Jakštys 8e78a31f20 statix 2023-11-28 01:00:10 +02:00
Motiejus Jakštys eb404cce87 remove esphome 2023-11-22 17:01:23 +02:00
Motiejus Jakštys 9d8ab99953 hass: read automations from the ui 2023-11-17 16:59:50 +02:00
Motiejus Jakštys 480ae45609 tailscale: use unstable 2023-11-15 09:20:23 +02:00
Motiejus Jakštys c7de1294db hass: install esphome and update firewall 2023-11-14 23:36:43 +02:00
Motiejus Jakštys c4f3018a33 esphome: listen on wildcard 2023-11-14 23:31:21 +02:00
Motiejus Jakštys 9535144280 vno1-oh2: esphome 2023-11-14 23:30:00 +02:00
Motiejus Jakštys ef164af0f3 TV WoL 2023-11-14 18:29:44 +02:00
Motiejus Jakštys 5768552a93 add LG Web OS 2023-11-14 12:50:37 +02:00
Motiejus Jakštys 99be96c899 add shelly 2023-11-14 10:07:52 +02:00
Motiejus Jakštys de939d45cd hass 2023-11-14 09:47:11 +02:00
Motiejus Jakštys c3bb5e41d6 hass 2023-11-14 09:18:08 +02:00
Motiejus Jakštys b554f3e12f M-V: add vno1-oh2 2023-11-02 22:04:31 +02:00
Motiejus Jakštys 1d8eaabf78 syncthing: M-V 2023-10-24 22:07:51 +03:00
Motiejus Jakštys 0dfd9fb232 silenceLogs => !verboseLogs 2023-10-22 23:06:06 +03:00
Motiejus Jakštys 35145243bd tailscaled: silence logs by default
it works.
2023-10-22 20:14:25 +03:00
Motiejus Jakštys 1d262ec6d2 deployerbot: optionals don't fail pushes 2023-10-16 15:50:41 +03:00
Motiejus Jakštys 31a4ffd360 syncthing: add missing device 2023-10-11 16:44:28 +03:00
Motiejus Jakštys b55bb43500 syncthing: add mtwork 2023-10-11 16:39:31 +03:00
Motiejus Jakštys 5a606a5b96 syncthing: share books with mxp10 2023-10-08 23:22:07 +03:00
Motiejus Jakštys 1dd4f04725 statix: fix bugs with inherit
now I know better what it does.
2023-10-02 00:00:30 +03:00
Motiejus Jakštys 25e8191177 enable statx 2023-10-02 00:00:30 +03:00
Motiejus Jakštys 0e9f90a960 nix run github:astro/deadnix 2023-10-01 22:15:45 +03:00
Motiejus Jakštys 95c4f94a25 certget 2023-09-23 22:56:43 +03:00
Motiejus Jakštys 70e5230611 system users: use /bin/sh
Just learned about "bash security issue" when reading about rrsync.
2023-09-23 22:46:14 +03:00
Motiejus Jakštys 3b1d1b439f more formatting 2023-09-23 22:29:50 +03:00
Motiejus Jakštys 92f69eabfa nsd-acme: optionalString 2023-09-23 22:28:27 +03:00
Motiejus Jakštys 46155b9cb8 cfg cosmetics 2023-09-23 22:25:58 +03:00
Motiejus Jakštys 397fcd4a44 jakstpub: nicer smb settings 2023-09-22 10:14:10 +03:00
Motiejus Jakštys 9c1bfd1b24 add a share for snapshots 2023-09-22 10:06:04 +03:00
Motiejus Jakštys 0507fb3328 deployerbot and backups: move time around so they don't ovelap 2023-09-21 06:55:17 +03:00
Motiejus Jakštys 21e96199bb deployerbot: use vpn for actual deploying anyway 2023-09-20 14:43:04 +03:00
Motiejus Jakštys 4973a1cdd4 deployerbot: fwminex allows vno1 2023-09-18 20:49:17 +03:00
Motiejus Jakštys ceb7fe191e ping 2023-09-18 20:32:22 +03:00
Motiejus Jakštys 5a5ffd6f00 upgrading fwminex too 2023-09-18 19:50:24 +03:00
Motiejus Jakštys c822cc95c2 node_exporter: enable on vno1 subnet 2023-09-18 19:29:27 +03:00
Motiejus Jakštys 40a1edb925 syncthing: do not share books with mxp10 2023-09-18 13:31:32 +03:00
Motiejus Jakštys 4740904244 syncthing host missing 2023-09-18 12:48:22 +03:00
Motiejus Jakštys 5a1745b6d9 add some hosts 2023-09-18 12:47:51 +03:00
Motiejus Jakštys 0802e17eb1 nix fmt 2023-09-18 12:46:46 +03:00
Motiejus Jakštys 031e85fa82 syncthing: more folders 2023-09-18 12:44:09 +03:00
Motiejus Jakštys e6a47f4420 syncthing: a few more folders 2023-09-18 12:38:17 +03:00
Motiejus Jakštys 52b1aa4450 syncthing: starting abstractions 2023-09-18 12:13:45 +03:00
Motiejus Jakštys a9ec83c732 fwminex: start syncthing 2023-09-18 12:07:41 +03:00
Motiejus Jakštys c84d618d97 jakstpub: fix a caddy error 2023-09-17 22:31:12 +03:00
Motiejus Jakštys ed8c51b45c syntax nitpicking 2023-09-17 22:16:11 +03:00
Motiejus Jakštys f38fd993d3 jakstpub: open up http 2023-09-17 22:13:33 +03:00
Motiejus Jakštys 0f9aa4ed0d deploy-rs: remove -- 2023-09-16 10:04:48 +03:00
Motiejus Jakštys a5d8ba9cdf deploy-rs: fix typo 2023-09-16 09:35:12 +03:00
Motiejus Jakštys fb4b54b24b deployerbot: use deploy-rs directly 2023-09-16 08:56:22 +03:00
Motiejus Jakštys b38c4013e7 cosmetics: quoting
it's fine, there is overrides.conf
2023-09-14 15:15:27 +03:00
Motiejus Jakštys b73f671bc0 silenceLogs is not picked up
Result:
$ cat result/etc/systemd/system/tailscaled.service
[Unit]
Description=Tailscale node agent
Documentation=https://tailscale.com/kb/
Wants=network-pre.target
After=network-pre.target NetworkManager.service systemd-resolved.service

[Service]
ExecStartPre=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup
ExecStart=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port=
ExecStopPost=/nix/store/gr38ww9sj0qbcs8sb17iq9871qvmhfjw-tailscale-1.42.0/bin/tailscaled --cleanup

Restart=on-failure

RuntimeDirectory=tailscale
RuntimeDirectoryMode=0755
StateDirectory=tailscale
StateDirectoryMode=0700
CacheDirectory=tailscale
CacheDirectoryMode=0750
Type=notify

[Install]
WantedBy=multi-user.target
2023-09-14 15:10:18 +03:00
Motiejus Jakštys 76c07129f3 re-add () 2023-09-14 14:51:36 +03:00
Motiejus Jakštys fb3c39d7dc re-enable tailscale, oops 2023-09-14 14:48:54 +03:00
Motiejus Jakštys 9eb8147660 tailscale: silence logs on some machines 2023-09-14 14:37:55 +03:00
Motiejus Jakštys 553cda8fc7 vno1-rp3b: enable vno3 2023-09-14 13:23:04 +03:00
Motiejus Jakštys 85917635fd sshguard is now optional 2023-09-14 06:41:16 +03:00
Motiejus Jakštys e12e139128 samba: make file/dir masks a bit more restrictive 2023-09-13 09:00:28 +03:00
Motiejus Jakštys 4f152205ce samba: log level = 0 2023-09-12 23:27:23 +03:00
Motiejus Jakštys bef137b967 wsdd: specify existing hostname 2023-09-12 23:18:46 +03:00
Motiejus Jakštys 53ce3910aa replace nmbd with wsdd
https://askubuntu.com/questions/661611/make-samba-share-visible-in-windows-network
2023-09-12 23:10:59 +03:00
Motiejus Jakštys e45573c8a6 fix samba config
works!
2023-09-12 22:55:17 +03:00
Motiejus Jakštys 4f45d605e1 vno1-rp3b: some attempts at samba 2023-09-12 17:44:17 +03:00
Motiejus Jakštys 7891663a65 jakstpub: change home dir to /var/empty 2023-09-12 17:27:11 +03:00
Motiejus Jakštys 2dd8cda85a open up samba 2023-09-12 16:08:32 +03:00
Motiejus Jakštys e61944dfde rewrite firewall rules 2023-09-12 15:46:44 +03:00
Motiejus Jakštys 2b5b9bc57f samba some progress 2023-09-12 13:31:46 +03:00
Motiejus Jakštys 866347b042 add borgstor 2023-09-11 15:51:33 +03:00
Motiejus Jakštys 377030d0c0 headscale: remove ipv6 subnet
it's confusing: I couldn't find an easy way to get the ipv4 address on a client
2023-09-11 14:37:05 +03:00
Motiejus Jakštys 20ccb666c8 smtp 2023-09-07 19:46:47 +03:00
Motiejus Jakštys fd9f30f7d4 snmp exporter: maybe exposing the file will work now? 2023-09-05 14:58:30 +03:00
Motiejus Jakštys 24e6aa333e snmp exporter: expose in vpn for all to see 2023-09-05 14:45:09 +03:00
Motiejus Jakštys 5c1cccb8a4 snmp: from package back to module 2023-09-05 14:41:52 +03:00
Motiejus Jakštys fe30f6c32a Add dl.jakstys.lt 2023-08-29 15:41:57 +03:00
Motiejus Jakštys 617b829589 deployerbot: add fra1-a 2023-08-27 01:04:09 +03:00
Motiejus Jakštys 23347f6952 matrix-synapse: listen on 127.0.0.1
reverse proxying is over
2023-08-25 17:00:30 +03:00
Motiejus Jakštys 3687d7cd73 matrix-synapse listen on 0.0.0.0 2023-08-25 16:14:12 +03:00
Motiejus Jakštys 2776f8c517 fix extraConfigFiles 2023-08-25 16:03:46 +03:00
Motiejus Jakštys 355d8c21cc move matrix-synapse to it's module 2023-08-25 15:49:37 +03:00
Motiejus Jakštys f87a712635 node_exporter gets its own uidgid 2023-08-25 09:55:21 +03:00
Motiejus Jakštys 9740b42493 gitea: listen on 3001 2023-08-25 09:41:42 +03:00
Motiejus Jakštys c3168bb2d3 headscale 2023-08-24 23:46:45 +03:00
Motiejus Jakštys be4df58cbb move gitea to its own module 2023-08-24 23:34:48 +03:00
Motiejus Jakštys 407024dfa9 zfsunlock: use IP addresses + zfsunlock 2023-08-22 14:14:20 +03:00
Motiejus Jakštys bbf562d205 move node_exporter to its own module 2023-08-18 09:32:01 +03:00
Motiejus Jakštys 4dee4159e7 nix --accept-flake-config 2023-08-16 20:26:37 +03:00
Motiejus Jakštys 98a4ad79f8 grafana now on https://grafana.jakstys.lt, over vpn 2023-08-14 09:04:09 +03:00
Motiejus Jakštys a2a741d27e fmt and formatting; nsd-acme is less verbose 2023-08-10 10:48:34 +03:00
Motiejus Jakštys fa435f65d0 zones don't need to be sanitized
it's DNS!
2023-08-10 10:46:06 +03:00
Motiejus Jakštys 7bedc09abb deployerbot: do not restart if changed
leads to interesting deadlocks when upgrading self
2023-08-10 10:40:07 +03:00
Motiejus Jakštys 4878c42ca9 cron + alerting for cert updates 2023-08-10 00:46:36 +03:00
Motiejus Jakštys 9059f84632 uacme can return 1 when cert is up to date 2023-08-10 00:37:21 +03:00
Motiejus Jakštys 76a748e086 grafana is now prod 2023-08-10 00:29:56 +03:00