1
0
Fork 0
Commit graph

209 commits

Author SHA1 Message Date
ibizaman
bccd6a1181 add more info for nextcloud 2024-01-28 22:37:30 -08:00
ibizaman
e00a41b086 add group and reloadServices options to ssl block 2024-01-24 22:45:51 -08:00
ibizaman
0bfa15fd3c add extraDomains options for cert generation
fixes #133
2024-01-24 18:46:42 -08:00
ibizaman
43beb92ed2 do not create unrelated groups when login in to nextcloud 2024-01-23 22:07:18 -08:00
ibizaman
56dece4190 fix nextcloud openssl path
I don't remember why I hardcoded this, but the default works fine.
2024-01-22 23:17:08 -08:00
ibizaman
1cf6d264e4 add declarative sso integration for nextcloud 2024-01-22 16:44:10 -08:00
sivert
8a5f4e3bf2 Combine authelia client YAML's into one YAML file
- Fixes #126
  - Generate a single oidc_clients.yaml to define all clients
  - `public` property of OIDC clients is now a bool (as it should be), not a string.
  - sed pattern changed to allow multiple replacements
2024-01-22 13:50:11 -08:00
ibizaman
7e2f76e7f9 improve ssl block 2024-01-20 20:19:44 -08:00
ibizaman
adc09acc49 use contract for ssl block 2024-01-19 10:48:10 -08:00
ibizaman
a5e9af27b5 make home-assistant service work without ldap integration 2024-01-08 00:35:06 -08:00
ibizaman
0a34140e34 add nextcloud integration with ldap to the manual and nextcloud demo.
refs #17
2024-01-06 09:48:12 -08:00
ibizaman
4a7e42abaa add declarative configuration of LDAP in Nextcloud
refs #17
2024-01-06 00:12:48 -08:00
ibizaman
db6d8f7f38 fix nextcloud apps config 2024-01-05 16:24:43 -08:00
ibizaman
8bd2e047b0 add default for nextcloud apps config 2024-01-05 16:24:43 -08:00
ibizaman
6f28a72035 talk about extraApps in manual 2024-01-05 16:24:43 -08:00
ibizaman
1581f054aa add declarative configuration of nextcloud preview generator app
fixes #65
2024-01-05 16:24:43 -08:00
ibizaman
3f83285759 rewrite nextcloud server module manual 2024-01-05 16:24:43 -08:00
ibizaman
021c465fd6 make onlyoffice config a bit nicer 2024-01-05 16:24:43 -08:00
ibizaman
bbe18df58f make onlyoffice app through nix 2024-01-05 16:24:43 -08:00
ibizaman
99f0f51406 move onlyoffice to new apps section 2024-01-05 16:24:43 -08:00
ibizaman
4a1291c075 allow extra apps in Nextcloud 2024-01-05 16:24:43 -08:00
ibizaman
52f8b35252 fix warning in nextcloud 2024-01-04 21:52:29 -08:00
ibizaman
0e635e1a76 add nextcloud vm test 2023-12-30 10:01:41 -08:00
ibizaman
7c9b585b81 fix downloading big files for nextcloud 2023-12-30 00:59:10 -08:00
ibizaman
db405d6b7e expose some deluge settings 2023-12-27 08:09:13 -08:00
ibizaman
d7411a79b7 only enable autheliaProtect in deluge if enabled 2023-12-26 23:14:47 -08:00
ibizaman
7a62b5b89c add usage chapter in the manual 2023-12-25 23:26:50 -08:00
ibizaman
d908ae31c5 add nextcloud manual 2023-12-25 00:51:44 -08:00
ibizaman
40f0f233c2 remove sops file dependency in nextcloud and ssl requirement
refs #24
2023-12-24 02:06:25 -08:00
ibizaman
9bcf7650e7 update screenshots 2023-12-17 23:31:33 -08:00
ibizaman
6f71d64257 switch to netdata to pull most of the metrics 2023-12-17 23:31:33 -08:00
ibizaman
036d2b92a5 fix grafana not being able to load dashboards 2023-12-17 23:31:33 -08:00
ibizaman
533d95851b use not hardcoded OIDC secret in jellyfin 2023-12-17 23:22:25 -08:00
ibizaman
77e21eaceb add more options to avoid hardcoding in nextcloud 2023-12-17 23:12:45 -08:00
ibizaman
0bdbb975af split tracing from verbose logging options for nextcloud 2023-12-17 23:09:18 -08:00
ibizaman
318c54e7d3 do not enable onlyoffice for nextcloud by default 2023-12-17 22:55:58 -08:00
ibizaman
e2292de44d can avoid hardcoding secret now 2023-12-11 12:38:06 -08:00
ibizaman
9a5a10a824 add test for authelia 2023-12-11 00:28:30 -08:00
ibizaman
0829792df0 fix deluge backup permissions by adding backup user to media group 2023-12-10 21:32:35 -08:00
ibizaman
da2e1ff0e1 fix storage creation in homeassistant on first run 2023-12-09 10:34:21 -08:00
ibizaman
ca2f7039cc add some sections to block backup chapter 2023-12-08 22:48:06 -08:00
ibizaman
11ab7c5ab5 fix missing headers 2023-12-08 11:52:00 -08:00
ibizaman
49913ca4b6 add manual page for configuring backups 2023-12-08 11:52:00 -08:00
ibizaman
3c9f71da0e allow to stagger backup jobs 2023-12-08 11:13:37 -08:00
ibizaman
c2ac071c72 enable setting performance impact of backup jobs 2023-12-08 11:13:37 -08:00
ibizaman
207b2e44cb split backup configuration into smaller chunks 2023-12-08 11:13:37 -08:00
ibizaman
f417372fdc move monitoring docs close to source 2023-12-08 10:41:15 -08:00
Pierre Penninckx
a63b0a6e2e
switch to nixos-render-docs (#34)
fixes #33
2023-12-04 00:33:16 -08:00
ibizaman
0242ae26c4 fix ensure clauses in postgresql
fixes #35
2023-12-04 00:29:40 -08:00
Pierre Penninckx
0014e5c2f7
avoid some impossible states in authelia and nginx 2023-11-30 22:49:34 -08:00
Pierre Penninckx
76e27ae7eb
add nixos test for ldap 2023-11-30 22:08:38 -08:00
Pierre Penninckx
0ae7220c06
rename oidcEndpoint option to authEndpoint 2023-11-30 12:48:57 -08:00
Pierre Penninckx
54ce26efce
some docs revamps 2023-11-30 12:06:41 -08:00
Pierre Penninckx
4a8a7d686c
build docs and deploy to github pages 2023-11-30 10:38:35 -08:00
Pierre Penninckx
86e86dc787
remove usage of sops file in ssl.nix 2023-11-29 22:20:21 -08:00
Pierre Penninckx
7d9dedb845
provision grafana datasources and some dashboards (#23)
fixes #22 

This commit introduces:
- A few more optional options for the monitoring module, in particular
an SMTP option to setup sending alerts with an STMP server.
- 2 required options for adding a secure key for signing and for an
initial admin password. The latter is nice because at least you can
choose securely the initial admin password instead of it being just
"admin", adding a bit more security to the install process.
- Provisioning Grafana with dashboards, datasources, alerts, contact
points and notification policies.
- Documentation for monitoring in
[docs/blocks/monitoring.md](docs/blocks/monitoring.md).
- A NixOS test that makes sure provisioning did go well as expected.
2023-11-26 09:56:08 -08:00
ibizaman
881af5f111 add more collectors to prometheus node exporter 2023-11-24 20:18:12 -08:00
ibizaman
845017103f automatically cleanup idle connections
This is to fix a nextcloud bug that leaves idle connections open which eats into the available
postgres connection pool.
2023-11-24 02:16:49 -08:00
ibizaman
4da060986a fix nextcloud to properly disable debug 2023-11-24 02:16:36 -08:00
Pierre Penninckx
52b9233a6c
add postgresql vm test that runs in CI (#19)
Fixes #14 

The tests actually showed a flaw in the implementation, we needed
"password" and not "trust" in the auth file.

Also, having the port defined at the same time as enabling listening for
TCP/IP connection made no sense.
2023-11-23 01:03:33 -08:00
Pierre Penninckx
48eb64043b
enhance nextcloud options a bit 2023-11-20 22:29:00 -08:00
Pierre Penninckx
eae5eade56
distinguish building blocks and provided services
I want to show how composable this project is. For example, you could
just use the Authelia module to add SSO to any service, not just those
provided here.
2023-11-20 22:20:19 -08:00
ibizaman
052a805679 skip part of home assistant onboarding because we use LDAP 2023-11-17 23:50:38 -08:00
ibizaman
8728df8732 make local network ip range optional for LDAP 2023-11-17 23:50:38 -08:00
ibizaman
50798a0f91 add allowed tcp ports for nginx 2023-11-17 23:50:38 -08:00
ibizaman
8d08c5b7c0 force ssl for home assistant only if ssl is enabled 2023-11-17 23:50:38 -08:00
ibizaman
39c2c943a1 fix backupCfg option for arr module 2023-11-16 23:55:38 -08:00
ibizaman
7e5a447257 fix tests 2023-11-16 23:55:38 -08:00
ibizaman
9675d69969 use shb nginx module for hledger 2023-11-16 22:46:57 -08:00
ibizaman
d5f53c4604 fix nginx group 2023-11-16 20:43:44 -08:00
ibizaman
890dec78ec add more examples to the readme 2023-11-16 20:43:36 -08:00
ibizaman
f471db4e3a fix deluge additional plugins to take a list of paths to eggs 2023-11-16 12:03:11 -08:00
ibizaman
f4b8be76b6 enable deluge Label plugin if any arr service is enabled 2023-11-16 11:58:45 -08:00
ibizaman
e5110cace6 add xml config generator for radarr
This is cool but also needed because we now must set the authentication method to "External" for
radarr to be happy with our SSO integration.
2023-11-15 12:46:46 -08:00
ibizaman
0c399bb835 add debug option for postgresql 2023-11-14 00:16:29 -08:00
ibizaman
62872a1fc1 update tinyproxy options prefix after nixpkgs update 2023-11-14 00:15:43 -08:00
ibizaman
d160d16cc9 really fix vaultwarden authelia config I think 2023-11-08 13:53:32 -08:00
ibizaman
b3cc253fd5 backup data folder for vaultwarden 2023-11-08 13:05:20 -08:00
ibizaman
d45d4a5fb6 do not protect vaultwarden web app 2023-11-08 12:28:34 -08:00
ibizaman
d35b4b4f38 fix webdav field 2023-11-08 12:28:15 -08:00
ibizaman
af71513dcf add more tests to be able to import shb with default config 2023-11-08 12:27:47 -08:00
ibizaman
853a79d9b2 do not rely on sops explicitly for authelia 2023-11-07 00:35:27 -08:00
ibizaman
d0221b53a6 add vaultwarden service 2023-11-06 19:47:31 -08:00
ibizaman
d71e94b0bc allow local peer connections to postgresql 2023-11-06 19:43:00 -08:00
ibizaman
0916d7dcd1 use new postgresql module for authelia 2023-11-05 16:37:50 -08:00
ibizaman
df03ba57e2 use new postgresql module for grafana 2023-11-05 16:34:42 -08:00
ibizaman
77e16c0f76 fix conflicting options in postgresql service 2023-11-05 15:47:13 -08:00
ibizaman
685133ba47 fix postgresql password script when multiple users 2023-11-05 15:42:59 -08:00
ibizaman
a05f9d6942 use correct postgresql option 2023-11-05 04:48:39 -08:00
ibizaman
40522c8540 allow no password for postgresql 2023-11-05 04:44:56 -08:00
ibizaman
cc57b1ced7 add postgresql module with tests 2023-11-05 04:44:56 -08:00
ibizaman
7a30f6bde8 add enable option for backup modules 2023-10-28 13:47:06 -07:00
ibizaman
cb7fb66ee2 add dependencies to nextcloud-cron service 2023-10-28 00:10:50 -07:00
ibizaman
4f74564cb4 add davfs module 2023-10-21 21:41:49 -07:00
ibizaman
8daafad9b7 add loki and promtail for monitoring logs 2023-10-21 13:13:20 -07:00
ibizaman
a21e3f0943 add outgoing interface to deluge 2023-10-18 19:52:35 -07:00
ibizaman
8e7321f6ea fix deluge permissions 2023-10-18 19:52:24 -07:00
ibizaman
ca9882e39c fix wrong spelling 2023-10-17 13:41:33 -07:00
ibizaman
20c2f32d4e use options for ldap ports 2023-10-14 21:17:59 -07:00
ibizaman
ada91bc0aa add loglevel to deluge 2023-10-13 22:39:38 -07:00