sp-config

thary/sp-config

Fork 0

013bd9b8e2 sp-nixos: split script into ExecStartPre && ExecStart Alexander Tomokhov 2023-12-28 13:20:49 +04:00
15f5d6096d sp-modules: refactor options types Alexander Tomokhov 2023-12-28 12:54:59 +04:00
a32613ece4 nixos-upgrade.serviceConfig.ExecCondition on /etc/nixos changes Alexander Tomokhov 2023-12-28 12:14:58 +04:00
0c895e4015 module: set to false: restartIfChanged and unitConfig.X-StopOnRemoval Alexander Tomokhov 2023-12-28 11:07:18 +04:00
08aa0b9ffc systemd.services.nixos-upgrade.serviceConfig.WorkingDirectory Alexander Tomokhov 2023-12-28 10:57:38 +04:00
be45d3ed52 systemd.services.nixos-upgrade.serviceConfig.ExecStartPre Alexander Tomokhov 2023-12-28 10:42:58 +04:00
efc703bf0c system services lock path:./sp-modules without flake.lock; cd /etc/nixos Alexander Tomokhov 2023-12-28 04:38:24 +04:00
cc78c2915f remove channel option value from syustem.autoUpgrade Alexander Tomokhov 2023-12-28 02:07:46 +04:00
fe44ba6fd8 fix nextcloud: fail if secrets are missing Alexander Tomokhov 2023-12-27 15:05:23 +04:00
77619456d7 /etc/nixos#sp-nixos => /etc/nixos#default Alexander Tomokhov 2023-12-27 14:02:27 +04:00
f94d0aef03 flake.lock: Update Alexander Tomokhov 2023-12-27 13:37:55 +04:00
23332cda46 add TODO about environment.variables.DOMAIN Alexander Tomokhov 2023-12-27 12:54:10 +04:00
85f85239a3 do not set nix.package Alexander Tomokhov 2023-12-27 11:37:59 +04:00
33ba5c41ac API systemd service Type is simple Alexander Tomokhov 2023-12-22 23:52:03 +04:00
5bd15a768a system.stateVersion: default or config.selfprivacy.stateVersion Alexander Tomokhov 2023-12-22 23:04:03 +04:00
a185dd1e3e selfprivacy-api: add debug for nixos-rebuild Alexander Tomokhov 2023-12-22 20:23:54 +04:00
e6496b95a4 useACMEHost for all services Alexander Tomokhov 2023-12-22 19:57:48 +04:00
5aba990f95 move system.stateVersion back to userdata Alexander Tomokhov 2023-12-22 19:33:24 +04:00
05fe40ac21 fix ACME for DigitalOcean: add DNS propagation check exceptions Alexander Tomokhov 2023-12-22 19:08:46 +04:00
19f30daf80 sp-modules: x-systemd.before=... for all mountpoints Alexander Tomokhov 2023-12-22 18:07:14 +04:00
5f8cc727e0 ACME: CLOUDFLARE_POLLING_INTERVAL=30 Alexander Tomokhov 2023-12-22 14:06:53 +04:00
64fc2ae57e mailserver: localDnsResolver = false Alexander Tomokhov 2023-12-21 15:13:21 +04:00
66c0184a93 ACME: dnsPropagationCheck = true Alexander Tomokhov 2023-12-21 13:38:28 +04:00
4c3072ade8 ACME: CLOUDFLARE_POLLING_INTERVAL=10 Alexander Tomokhov 2023-12-21 13:08:34 +04:00
0e62c9292b dnsPropagationCheck = false explicitly for certs.${domain} Alexander Tomokhov 2023-12-21 12:15:28 +04:00
5760a753af ACME dnsPropagationCheck = false Alexander Tomokhov 2023-12-20 18:22:02 +04:00
f2a951a71e API module: systemd service Type = "oneshot" Alexander Tomokhov 2023-12-20 18:21:51 +04:00
fd6e49a21a ACME: do not disable DNS propagation check Alexander Tomokhov 2023-12-20 17:38:35 +04:00
dcaf96c773 Revert "Revert "Revert "add wildcard ACME certificate""" Alexander Tomokhov 2023-12-20 17:36:06 +04:00
3a66da49e1 do not lib.mkForce acme.certs Alexander Tomokhov 2023-12-20 17:16:49 +04:00
5cd12848cc nix.channel.enable = false since we're on flakes Alexander Tomokhov 2023-12-20 17:16:21 +04:00
4faf8e7dda Revert "Revert "add wildcard ACME certificate"" Alexander Tomokhov 2023-12-20 16:59:57 +04:00
c18f332f5f Revert "use enableACME for all virtualHosts" Alexander Tomokhov 2023-12-19 23:46:42 +04:00
46366702bc use enableACME for all virtualHosts Alexander Tomokhov 2023-12-19 16:38:46 +04:00
0c4d57c33d Revert "add wildcard ACME certificate" Alexander Tomokhov 2023-12-19 16:27:54 +04:00
426e6f72c5 gitea: bind mount /var/lib/gitea Alexander Tomokhov 2023-12-19 16:20:28 +04:00
eb59d33e1f nginx: / location with root = "/var/www/root" Alexander Tomokhov 2023-12-19 16:19:22 +04:00
b37cadff68 add wildcard ACME certificate Alexander Tomokhov 2023-12-19 01:07:05 +04:00
312077240a fix(acme): add dns propagation check exceptions Inex Code 2023-07-28 03:00:17 +03:00
69f84cdc2b bitwarden: "ConditionPathExists" instead of "after" Alexander Tomokhov 2023-12-19 00:57:12 +04:00
0ad2ffc30e api module: avoid simultaneous runs Alexander Tomokhov 2023-12-18 23:40:56 +04:00
83a17063ac explicit dependency between backup-vaultwarden and vaultwarden Alexander Tomokhov 2023-12-18 23:40:15 +04:00
257b0c08e8 sp-modules: some startup fixes Alexander Tomokhov 2023-12-18 22:16:40 +04:00
da5dac6877 sp-nixos-upgrade: update sp-modules/ own flake.lock Alexander Tomokhov 2023-12-18 22:25:51 +04:00
3d7aa5e6de fix selfprivacy-api build with new nixpkgs Alexander Tomokhov 2023-12-18 21:27:45 +04:00
365f027326 move nginx exclusive virtualHosts to SP modules Alexander Tomokhov 2023-12-18 19:02:54 +04:00
d881cc8ce5 upgrade nixpkgs to NixOS 23.11 Alexander Tomokhov 2023-12-18 18:13:57 +04:00
b7045a8198 upgrade nixpkgs to NixOS 23.05 Alexander Tomokhov 2023-12-18 17:51:59 +04:00
67c2b12c44 sp-modules: get rid of systemd.tmpfiles Alexander Tomokhov 2023-12-18 15:33:09 +04:00
83e8f6e8a1 get rid of files.nix; ACME/credentialsFile and other cleanup Alexander Tomokhov 2023-12-16 09:39:22 +04:00
7f6c48f978 gitea: RequiresMountsFor and ConditionPathIsMountPoint @ /var/lib/gitea Alexander Tomokhov 2023-12-12 20:35:44 +04:00
a797b856fc flake.lock: Update Alexander Tomokhov 2023-12-12 16:30:22 +04:00
d1711ea9c3 selfprivacy-api: sp-nixos-rebuild with sp-modules relocking Alexander Tomokhov 2023-12-12 14:14:54 +04:00
defaca8793 clean configuration; simple-nixos-mailserver is an ordinary SP module Alexander Tomokhov 2023-12-12 08:25:06 +04:00
25bd151ef3 use lower case for config.selfprivacy.server.provider Alexander Tomokhov 2023-12-11 21:58:12 +04:00
519ebbcb69 get rid of system argument; do not set nixpkgs.hostPlatform Alexander Tomokhov 2023-12-05 07:36:26 +04:00
4c4aef5363 get system.stateVersion from "deployment" argument Alexander Tomokhov 2023-12-05 04:41:35 +04:00
9dde55159b update selfprivacy-api Alexander Tomokhov 2023-12-05 01:56:49 +04:00
6cd002ae1d remove restic SP module Alexander Tomokhov 2023-12-05 01:56:13 +04:00
c052f9172a move gitea to SP module Alexander Tomokhov 2023-12-04 15:59:22 +04:00
054d6d9182 move jitsi-meet to SP module Alexander Tomokhov 2023-12-04 15:43:06 +04:00
3f573e3dc3 activationScripts: rewrite /etc/nixos with configuration source Alexander Tomokhov 2023-12-04 14:17:54 +04:00
c63b6b808c acme: RestartSec = 15 * 60 Alexander Tomokhov 2023-12-04 13:22:27 +04:00
c0aa73ca1b move bitwarden to SP module Alexander Tomokhov 2023-12-03 12:29:01 +04:00
ade4dc08b1 sp-modules: use jq exit status code Alexander Tomokhov 2023-12-03 10:37:37 +04:00
4716b9bf19 move restic to SP module Alexander Tomokhov 2023-12-03 09:45:40 +04:00
c7419b3255 move pleroma to SP module Alexander Tomokhov 2023-12-03 03:26:29 +04:00
b458458c30 move ocserv to SP module Alexander Tomokhov 2023-12-01 08:42:03 +04:00
4cbe63ac64 flake: abort on missing configPathsNeeded with message Alexander Tomokhov 2023-12-01 08:32:31 +04:00
600d8f427d mailserver: set users.groups.acmereceivers.members Alexander Tomokhov 2023-11-29 08:28:19 +04:00
b6cd5846f2 users.groups: acmerecievers => acmereceivers Alexander Tomokhov 2023-11-29 08:25:24 +04:00
1a5a4be306 nextcloud: fix secrets extraction Alexander Tomokhov 2023-11-29 08:19:04 +04:00
364a5c8076 mailserver: adapt to deprecated and new types of certificateScheme Alexander Tomokhov 2023-11-26 09:10:09 +04:00
a224731dcf nextcloud: write passwords using install Alexander Tomokhov 2023-11-26 09:08:14 +04:00
e814157437 fix config attributes contrain for function imports Alexander Tomokhov 2023-11-26 08:56:48 +04:00
0db1c4a6ce downgrade simple-nixos-mailserver to 6d0d9fb9 Alexander Tomokhov 2023-11-26 04:28:36 +04:00
a98dafc98c fix nextcloud (case when enabled) Alexander Tomokhov 2023-11-26 03:11:23 +04:00
3138260605 flake.lock: Update Alexander Tomokhov 2023-11-23 21:33:35 +04:00
1bf7190388 flake.lock: Update Alexander Tomokhov 2023-11-23 21:20:35 +04:00
cc26a5e150 flake.lock: Update Alexander Tomokhov 2023-11-23 11:36:20 +04:00
6ebcc35882 systemd.enableEmergencyMode = false; systemd.coredump.enable = false; Alexander Tomokhov 2023-11-23 11:09:49 +04:00
985aff90d3 disable ssh passwordAuthentication by default Alexander Tomokhov 2023-11-23 11:08:59 +04:00
bd6b8a5e75 flake.lock: Update Alexander Tomokhov 2023-11-23 03:00:25 +04:00
6d96b4aa8f flake.lock: Update Alexander Tomokhov 2023-11-22 23:09:42 +04:00
8067559207 flake.lock: Update Alexander Tomokhov 2023-11-22 22:17:00 +04:00
252ed72154 remove autoUpgrade from userdata-variables.nix Alexander Tomokhov 2023-11-22 06:45:23 +04:00
e53eb8d65d flake.lock: Update Alexander Tomokhov 2023-11-22 01:58:44 +04:00
e59d86fcdc flake.lock: Update Alexander Tomokhov 2023-11-21 03:49:45 +04:00
7c5bc70fec rm -rf /old-root on every boot Alexander Tomokhov 2023-11-21 02:54:06 +04:00
308a70fe20 selfprivacy/current-config-source => selfprivacy/nixos-config-source Alexander Tomokhov 2023-11-21 01:24:32 +04:00
a3063ec732 fileSystems./.options = [ noatime ]; Alexander Tomokhov 2023-11-21 01:23:28 +04:00
e45224d67f fix resources/limits.txt but do not use them for now Alexander Tomokhov 2023-11-18 19:26:47 +04:00
391e41e8a4 disable documentation.enable = false alltogether Alexander Tomokhov 2023-11-18 18:54:55 +04:00
0704d18b1a do not install {man,info}-pages and docs to save space Alexander Tomokhov 2023-11-18 17:39:14 +04:00
6a3a83e270 files.nix: /etc/nixos/userdata.json => /etc/selfprivacy/secrets.json Alexander Tomokhov 2023-11-18 09:11:48 +04:00
b64be4e34f /etc/nixos/userdata/userdata.json => /etc/nixos/userdata.json Alexander Tomokhov 2023-11-18 08:54:29 +04:00
65e58666fd nixpkgs.hostPlatform = system Alexander Tomokhov 2023-11-18 08:28:04 +04:00
43abd2ca45 flake.lock: Update Alexander Tomokhov 2023-11-18 06:39:10 +04:00
e6e2f1fd84 configuration.nix: a few nix.* tweaks Alexander Tomokhov 2023-11-18 05:53:08 +04:00
72d73b6297 autoUpgrade.enable = false by default Alexander Tomokhov 2023-11-18 05:40:57 +04:00

Commit Graph Select branches Hide Pull Requests email-options Mono Color

Commit Graph

Select branches

Hide Pull Requests

email-options