peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
535 Commits 3 Branches 0 Tags 2.1 MiB
8c0a902945
Commit Graph

287 Commits

Author SHA1 Message Date
Giulio De Pasquale
b9060ba7c2 prosody: Opened c2s and s2s ports. Cleaned up config 2023-02-21 01:28:58 +01:00
Giulio De Pasquale
83c741a107 nginx: Force TLS 1.3 2023-02-21 01:28:13 +01:00
Giulio De Pasquale
cc9aa1e3a9 architect: Removed scripts 2023-02-19 06:36:20 +01:00
Giulio De Pasquale
1e0a70db62 architect: Removed unused modules 2023-02-19 06:35:36 +01:00
Giulio De Pasquale
f924307e64 backup: Postponed backups 2023-02-19 06:31:24 +01:00
Giulio De Pasquale
e542886345 network: changed name for manduria router to router-manduria 2023-02-15 06:02:34 +01:00
Giulio De Pasquale
743691255a architect: Removed dodino from wireguard 2023-02-15 00:49:21 +01:00
Giulio De Pasquale
650db37686 Removed old and unused VPN configs. Cleanup of firewall rules. Removed Giulio devices from WG 2023-02-15 00:30:26 +01:00
Giulio De Pasquale
3321ec122a architect: Refactored firewall settings. Added architect.firewall option 2023-02-15 00:19:52 +01:00
Giulio De Pasquale
f5668462eb Renamed unstable to unstablePkgs to avoid confusion with nixos-unstable flake 2023-02-14 21:30:37 +01:00
Giulio De Pasquale
be0a1be47d architect: Module cleanup 2023-02-14 18:15:12 +01:00
Giulio De Pasquale
0fec9adf7c architect: Module cleanup 2023-02-14 18:14:06 +01:00
Giulio De Pasquale
608fd46eb4 Formatting 2023-02-11 03:29:48 +01:00
Giulio De Pasquale
a015dc2a89 Removed wireguard devices, cleanup of network names 2023-02-11 03:28:35 +01:00
Giulio De Pasquale
1990ed8a65 Revert "jellyfin: Cleanup derivation" 
This reverts commit 554e5651a7.
 2023-02-11 03:26:30 +01:00
Giulio De Pasquale
554e5651a7 jellyfin: Cleanup derivation 2023-02-11 03:18:52 +01:00
Giulio De Pasquale
b341bee052 architect: Enable SearxNG 2023-02-11 03:16:28 +01:00
Giulio De Pasquale
40d0b5f55c searx: Add service. WIP: use git version 2023-02-11 03:15:49 +01:00
Giulio De Pasquale
99cf228d80 wireguard: Removed unused if. Renamed personal devices 2023-02-08 08:42:33 +01:00
Giulio De Pasquale
dc8aa8406f tailscale: Added additional DNS entries 2023-02-08 08:41:59 +01:00
Giulio De Pasquale
b191ea3f42 network: Added IPs of some tailscale devices 2023-02-08 08:41:21 +01:00
Giulio De Pasquale
394d0d6b48 firewall: Accept all incoming connections from tailscale 2023-02-08 08:40:58 +01:00
Giulio De Pasquale
51b714c159 architect: Add manduria.devs.giugl.io name 2023-02-01 21:56:13 +01:00
Giulio De Pasquale
4414011c95 network: Added router-lan 2023-02-01 21:55:55 +01:00
Giulio De Pasquale
1881025faa architect: Add tailscale IP to hosts for every service 2023-02-01 21:55:32 +01:00
Giulio De Pasquale
79116ae1a7 architect: Added initial support for Tailscale 2023-01-30 09:46:20 +01:00
Giulio De Pasquale
63b2a4aa4b minio: Allow body of 500M. Allow manduria-wg 2023-01-01 13:33:52 +01:00
Giulio De Pasquale
9fa04584cc runas.rocks: Fix branch. master -> main 2023-01-01 13:33:11 +01:00
Giulio De Pasquale
9d6474a302 runas.rocks: Pull hourly 2023-01-01 13:32:14 +01:00
Giulio De Pasquale
da8e5572b5 lezzo: Pull hourly 2023-01-01 13:31:48 +01:00
Giulio De Pasquale
d111743509 architect: Removed parisa from network config 2022-12-22 18:25:32 +01:00
Giulio De Pasquale
6a6dbb135d architect: Removed ropfuscator's cachix 2022-12-22 15:18:20 +01:00
Giulio De Pasquale
2c8c26112b architect: Disable navidrome module 2022-12-22 15:13:14 +01:00
Giulio De Pasquale
0177ed496b wireguard: Add framecca 2022-12-22 15:12:57 +01:00
Giulio De Pasquale
e36ebc4322 network: Add germano and framecca to WAN 2022-12-22 15:12:24 +01:00
Giulio De Pasquale
4662a61e71 jellyfin: Whitelist gdevices 2022-12-22 15:11:49 +01:00
Giulio De Pasquale
be4584aa08 gitea: Open gitea to public 2022-12-22 15:11:23 +01:00
Giulio De Pasquale
6a5552b56e architect: Enable runas and lezzo nix modules 2022-12-09 15:39:24 +01:00
Giulio De Pasquale
c5cf59c32c nginx: Removed service skeleton as multiple domains are not needed anymore 2022-12-09 15:38:55 +01:00
Giulio De Pasquale
b64b8ae792 matrix: Remove 404 on root because runas.rocks is online 2022-12-09 15:36:52 +01:00
Giulio De Pasquale
735f1c2bae jellyfin: Add giulio pc to whitelisted devices 2022-12-09 15:36:32 +01:00
Giulio De Pasquale
82ea0222f3 Runas and lezzo websites 2022-12-09 15:35:32 +01:00
Giulio De Pasquale
7a8bacb5df wireguard: Changed germano public key 2022-12-05 12:40:59 +01:00
Giulio De Pasquale
68c1ee4869 Removed domains nix file 2022-12-01 14:28:32 +01:00
Giulio De Pasquale
932378b309 flake: Removed proxy host 2022-12-01 14:28:10 +01:00
Giulio De Pasquale
f759f44024 gitea: Renamed property to SSH_PORT 2022-12-01 14:27:05 +01:00
Giulio De Pasquale
30fd214734 nginx, openid: Allow IP whitelist to bypass OpenID auth 2022-11-29 14:53:17 +01:00
Giulio De Pasquale
ae4c55fdee gitea: Enable OpenID signin 2022-11-29 13:24:48 +01:00
Giulio De Pasquale
74fd09cb16 openid: Extend access token validity to one day 2022-11-29 13:03:26 +01:00
Giulio De Pasquale
b244bfad7d openid: Revoke tokens on logout 2022-11-29 12:56:40 +01:00
Giulio De Pasquale
7ffddeca09 nginx: Add default runas.rocks virtualhost 2022-11-27 11:24:35 +01:00
Giulio De Pasquale
b93d3a33b0 Rename giulio devices, add Steam deck to Wireguard 2022-11-27 11:24:12 +01:00
Giulio De Pasquale
6568784680 matrix: Add OpenID connection and transfer to runas.rocks 2022-11-27 11:23:09 +01:00
Giulio De Pasquale
7e61526538 calibre: Add OpenID auth 2022-11-22 12:59:27 +01:00
Giulio De Pasquale
75b51d24e9 firewall: Allow connections to Minecraft from WAN 2022-11-20 14:56:32 +01:00
Giulio De Pasquale
3c4caaaea5 jellyfin: Go through SSO auth 2022-11-20 14:55:59 +01:00
Giulio De Pasquale
9efea759e4 navidrome: Move beets-import script execution from daily to weekly 2022-11-15 01:12:54 +01:00
Giulio De Pasquale
1122be76bb nginx: Fix indentation 2022-11-15 01:11:39 +01:00
Giulio De Pasquale
d9ef1939b2 invidious: Use unstable package 2022-11-13 22:04:27 +01:00
Giulio De Pasquale
9259ec098e nitter: Dont use redis (conflict with Nextcloud) 2022-11-11 19:25:33 +01:00
Giulio De Pasquale
1a6c6a5351 nextcloud: Bump to NC 25 2022-11-11 19:17:40 +01:00
Giulio De Pasquale
2e1d374c0b docker: Enable module contents 2022-11-11 19:17:25 +01:00
Giulio De Pasquale
84f2d5fc6b Remove hardware.nix.bk 2022-11-11 19:17:05 +01:00
Giulio De Pasquale
60018c6a9e architect/default: Removed unused modules, removed cudatoolkit, changed tmpOnTmpfs size, removed node from unsafe packages 2022-11-11 19:16:42 +01:00
Giulio De Pasquale
e17d9f5a45 calibre, gitea, invidious, matrix, minio, navidrome, nitter: Use 127.0.0.1 instead of localhost, avoiding ipv6 listening adddress 2022-11-11 19:12:24 +01:00
Giulio De Pasquale
fac8937571 prowlarr: Use 127.0.0.1 instead of localhost, avoiding ipv6 listening adddress 2022-11-11 19:10:38 +01:00
Giulio De Pasquale
4d8742c087 transmission: Use 127.0.0.1 instead of localhost, avoiding ipv6 listening adddress 2022-11-11 19:10:17 +01:00
Giulio De Pasquale
7adfedb7c5 plex: Use 127.0.0.1 instead of localhost, avoiding ipv6 listening adddress 2022-11-11 19:10:02 +01:00
Giulio De Pasquale
3eaf974a5e nzbget: Switch to nginx client for openid 2022-11-11 19:09:21 +01:00
Giulio De Pasquale
bf117df531 bazarr, lidarr, deluge, sonarr, radarr: Switch to nginx client for openid 2022-11-11 19:08:57 +01:00
Giulio De Pasquale
8118462f59 openid: Force nginx app, allow to change only access_role 2022-11-11 19:08:00 +01:00
Giulio De Pasquale
0ac62bb2ae reddit: localhost -> 127.0.0.1 to avoid ipv6 2022-11-11 00:33:06 +01:00
Giulio De Pasquale
fe05235570 jellyfin: localhost -> 127.0.0.1 to avoid ipv6 2022-11-11 00:32:54 +01:00
Giulio De Pasquale
928a9a4456 minecraft: Switch to unstable 2022-11-10 10:59:09 +01:00
Giulio De Pasquale
4bb5af4b5a nginx: Add check_role function to worker init 2022-10-28 22:01:07 +02:00
Giulio De Pasquale
2a7af4e910 openid: Check for role when authenticating 2022-10-28 22:00:29 +02:00
Giulio De Pasquale
09e3ef237b keycloak: Expose /admin endpoint. Use 127.0.0.1 instead of localhost to 
avoid IPv6.
 2022-10-28 18:35:43 +02:00
Giulio De Pasquale
60546992b2 keycloak: Only expose recommended endpoints. Redirect main page to account page. 2022-10-28 15:24:23 +02:00
Giulio De Pasquale
9180f31c3c deluge: Add ACME 2022-10-28 15:03:09 +02:00
Giulio De Pasquale
1be49e4835 deluge: Add OpenID auth 2022-10-28 14:59:17 +02:00
Giulio De Pasquale
35dbc4f40e nzbget: Add OpenID auth 2022-10-28 14:56:40 +02:00
Giulio De Pasquale
4975e3434f bazarr: Add OpenID auth 2022-10-28 14:56:25 +02:00
Giulio De Pasquale
7c3485f585 lidarr, sonarr: Added OpenID auth 2022-10-28 14:48:46 +02:00
Giulio De Pasquale
c9e46ec073 radarr: Use openid.nix template 2022-10-28 14:43:55 +02:00
Giulio De Pasquale
69ffff50e0 radarr: Setup OpenID auth 2022-10-28 14:35:43 +02:00
Giulio De Pasquale
c1a2c8238b nginx: Add additional plugins for OpenID to work 2022-10-28 14:35:22 +02:00
Giulio De Pasquale
dddc557b46 nginx: Use openresty package. Add openidc plugin. 2022-10-28 13:40:50 +02:00
Giulio De Pasquale
9a2c8886ed nextcloud: Updates to service 2022-10-28 13:32:49 +02:00
Giulio De Pasquale
a6f81150e7 keycloack: Add keycloack service 2022-10-28 13:32:31 +02:00
Giulio De Pasquale
bb5bf44156 Set meme as default site on nginx 2022-10-13 16:04:56 +02:00
Giulio De Pasquale
8a00748447 Open additional torrent port 2022-10-11 21:31:55 +02:00
Giulio De Pasquale
8622e9d4f3 Add swapfile 2022-10-11 21:31:16 +02:00
Giulio De Pasquale
54f30c0120 Add prosody to nginx group 2022-10-11 21:30:49 +02:00
Giulio De Pasquale
17168caa41 Calibre open to public, max 500M uploads 2022-10-11 21:29:58 +02:00
Giulio De Pasquale
184e6fafce Backup /services 2022-10-11 21:29:41 +02:00
Giulio De Pasquale
f1f018a1a1 Expose jellyfin to public 2022-10-09 23:24:27 +02:00
Giulio De Pasquale
dfb25e3c72 Better variable names for DNS 2022-10-09 23:23:58 +02:00
Giulio De Pasquale
41d0053278 home assistant 2022-10-09 23:23:44 +02:00
Giulio De Pasquale
f2aefa3fb7 Firewall ports named, removed unused services 2022-08-25 15:09:36 +02:00
Giulio De Pasquale
ad9b9b2e02 Use Nixpkgs default PostgreSQL. Fix permission by escaping name 2022-07-25 21:33:32 +02:00
Giulio De Pasquale
eed29e8d10 Use variable for db_name 2022-07-25 21:29:41 +02:00
Giulio De Pasquale
92ea949c6d Debloat matrix 2022-07-19 00:58:49 +02:00
Giulio De Pasquale
02a81c1dd4 Bump to 22.05 2022-07-17 20:30:45 +02:00
Giulio De Pasquale
7bd60d982b mah boh 2022-07-06 20:34:12 +02:00
Giulio De Pasquale
b640bd32a1 Move proxy directive to main block, allow javascript for casting 2022-04-05 17:07:56 +02:00
Giulio De Pasquale
895d17ab68 Allow docker interface to network on WAN 2022-04-05 17:00:25 +02:00
Giulio De Pasquale
8312f69c98 Enable docker 2022-04-05 14:07:35 +02:00
Giulio De Pasquale
bc637c5710 Modified backup start time 2022-04-05 14:05:08 +02:00
Giulio De Pasquale
c18f4a590e Calibre and cachix 2022-04-05 14:04:53 +02:00
Giulio De Pasquale
c47d25c943 many updates, yasssss 2022-03-15 16:58:04 +01:00
Giulio De Pasquale
2e352d1032 Remove deprecated option from restic 2022-02-15 12:03:05 +01:00
Giulio De Pasquale
b144c30596 Bring minecraft service up to par with other modules 2022-02-15 12:02:12 +01:00
Giulio De Pasquale
a84d6fe163 Merge branch 'master' of ssh://git.giugl.io/peperunas/nixos 2022-02-15 12:00:17 +01:00
Giulio De Pasquale
791da4c612 prossima volta committo seriamente 2022-02-15 11:58:08 +01:00
Giulio De Pasquale
e098a2268b Cleaned up gAluminum defaults. Added Pipewire. Added nvidia-offload 2022-02-15 10:51:34 +00:00
Giulio De Pasquale
34d463ffe0 Use defaults 2021-12-19 13:24:33 +01:00
Giulio De Pasquale
c01239c99d Removed password auth from sshd 2021-12-19 13:24:19 +01:00
Giulio De Pasquale
12b02bbaa3 Changed firewall ports 2021-12-18 22:02:52 +01:00
Giulio De Pasquale
19a48e7993 Enabled ccache module, tmpOnTmpfsSize = 150% 2021-12-18 22:02:23 +01:00
Giulio De Pasquale
a911ced6f5 Added Ludo to wg, changed parisa-phone public key 2021-12-18 22:01:46 +01:00
Giulio De Pasquale
1399bd0592 ccache 2021-12-18 22:00:07 +01:00
Giulio De Pasquale
ee9eedbf70 accept ping 2021-12-08 18:09:13 +01:00
Giulio De Pasquale
62326b6c99 fixed allow directive for nginx services 2021-12-08 17:58:01 +01:00
Giulio De Pasquale
163d5f6db2 removed implicit use of network.nix. use domain names in each service conf file. restrict access to gdevices to sensitive services. 2021-12-08 17:39:00 +01:00
Giulio De Pasquale
07de18a9a9 max upload size bumped to 30MB 2021-12-08 16:48:02 +01:00
Giulio De Pasquale
394b5e5070 gitea ssh listen with sshd, lfs enabled 2021-12-08 16:47:11 +01:00
Giulio De Pasquale
05a4fa074b use tmpOnTmpfsSize 2021-12-08 16:45:21 +01:00
Giulio De Pasquale
853ee74826 nixos 21.11, added nitter, invidious and libreddit. modified umask transmission 2021-12-01 15:47:50 +01:00
Giulio De Pasquale
583688ca70 nixos 21.11, added nitter, invidious and libreddit. modified umask transmission 2021-12-01 15:47:40 +01:00
Giulio De Pasquale
91ef8ff1e2 formatting 2021-11-25 11:42:32 +00:00
Giulio De Pasquale
522e4b7bbc Merge branch 'master' of ssh://git.giugl.io:10022/peperunas/nixos 2021-11-25 11:39:17 +00:00
Giulio De Pasquale
f2377efc53 added ledger, steam and teamviewer 2021-11-25 11:38:00 +00:00
Giulio De Pasquale
40b00f3eeb Merge branch 'master' of ssh://git.giugl.io:10022/peperunas/nixos 2021-11-25 12:35:03 +01:00
Giulio De Pasquale
f16d56e8be add runner and remove giugl.io from nginx 2021-11-25 12:25:57 +01:00
Giulio De Pasquale
9cd3f738e3 formatting 2021-11-22 00:41:17 +01:00
Giulio De Pasquale
9ff2e78681 added github-runner 2021-11-21 11:37:18 +01:00
Giulio De Pasquale
14c1b77f91 added github-runner 2021-11-19 11:39:04 +01:00
Giulio De Pasquale
e90a82f3ba added frznn, changed pubkey of wolfsonhouse 2021-11-18 00:58:50 +01:00
Giulio De Pasquale
77931ab71a jacopo, mikey, andrew wg clients. transmission added 2021-11-05 20:16:08 +01:00
Giulio De Pasquale
f58b776a3d added prowlarr from unstable, moved hosts to wireguard file 2021-10-21 15:51:44 +02:00
Giulio De Pasquale
576e2f5791 Merge branch 'master' of https://git.giugl.io/peperunas/nixos 2021-10-14 15:44:39 +00:00
Giulio De Pasquale
f912e3d511 architect fix 2021-10-14 14:07:05 +02:00
Giulio De Pasquale
f0769647ff Merge branch 'master' of https://git.giugl.io/peperunas/nixos 2021-10-14 14:00:13 +02:00
Giulio De Pasquale
75a63c6329 huge reorganization 2021-10-13 13:29:07 +01:00
Giulio De Pasquale
cc288ea260 removed security.acme in nginx to follow common acme.nix file 2021-10-11 11:39:11 +02:00
Giulio De Pasquale
c9966c2f9b Merge branch 'master' of https://git.giugl.io/peperunas/nixos 2021-10-11 11:34:26 +02:00
Giulio De Pasquale
bdebb2c35a removed giugl.io name from services. added encryption to telegram, support for proxy 2021-10-11 11:31:21 +02:00
Giulio De Pasquale
7206622bec refactored proxy conf 2021-10-11 08:59:31 +00:00
Giulio De Pasquale
ced9c72d4a cleanup 2021-10-06 17:31:41 +00:00
Giulio De Pasquale
caedfac586 added proxy, use mkHost function 2021-10-06 17:17:06 +00:00