1
0
Fork 0
Commit graph

112 commits

Author SHA1 Message Date
Pierre Penninckx
a63b0a6e2e
switch to nixos-render-docs (#34)
fixes #33
2023-12-04 00:33:16 -08:00
ibizaman
0242ae26c4 fix ensure clauses in postgresql
fixes #35
2023-12-04 00:29:40 -08:00
Pierre Penninckx
0014e5c2f7
avoid some impossible states in authelia and nginx 2023-11-30 22:49:34 -08:00
Pierre Penninckx
76e27ae7eb
add nixos test for ldap 2023-11-30 22:08:38 -08:00
Pierre Penninckx
0ae7220c06
rename oidcEndpoint option to authEndpoint 2023-11-30 12:48:57 -08:00
Pierre Penninckx
54ce26efce
some docs revamps 2023-11-30 12:06:41 -08:00
Pierre Penninckx
4a8a7d686c
build docs and deploy to github pages 2023-11-30 10:38:35 -08:00
Pierre Penninckx
86e86dc787
remove usage of sops file in ssl.nix 2023-11-29 22:20:21 -08:00
Pierre Penninckx
7d9dedb845
provision grafana datasources and some dashboards (#23)
fixes #22 

This commit introduces:
- A few more optional options for the monitoring module, in particular
an SMTP option to setup sending alerts with an STMP server.
- 2 required options for adding a secure key for signing and for an
initial admin password. The latter is nice because at least you can
choose securely the initial admin password instead of it being just
"admin", adding a bit more security to the install process.
- Provisioning Grafana with dashboards, datasources, alerts, contact
points and notification policies.
- Documentation for monitoring in
[docs/blocks/monitoring.md](docs/blocks/monitoring.md).
- A NixOS test that makes sure provisioning did go well as expected.
2023-11-26 09:56:08 -08:00
ibizaman
881af5f111 add more collectors to prometheus node exporter 2023-11-24 20:18:12 -08:00
ibizaman
845017103f automatically cleanup idle connections
This is to fix a nextcloud bug that leaves idle connections open which eats into the available
postgres connection pool.
2023-11-24 02:16:49 -08:00
ibizaman
4da060986a fix nextcloud to properly disable debug 2023-11-24 02:16:36 -08:00
Pierre Penninckx
52b9233a6c
add postgresql vm test that runs in CI (#19)
Fixes #14 

The tests actually showed a flaw in the implementation, we needed
"password" and not "trust" in the auth file.

Also, having the port defined at the same time as enabling listening for
TCP/IP connection made no sense.
2023-11-23 01:03:33 -08:00
Pierre Penninckx
48eb64043b
enhance nextcloud options a bit 2023-11-20 22:29:00 -08:00
Pierre Penninckx
eae5eade56
distinguish building blocks and provided services
I want to show how composable this project is. For example, you could
just use the Authelia module to add SSO to any service, not just those
provided here.
2023-11-20 22:20:19 -08:00
ibizaman
052a805679 skip part of home assistant onboarding because we use LDAP 2023-11-17 23:50:38 -08:00
ibizaman
8728df8732 make local network ip range optional for LDAP 2023-11-17 23:50:38 -08:00
ibizaman
50798a0f91 add allowed tcp ports for nginx 2023-11-17 23:50:38 -08:00
ibizaman
8d08c5b7c0 force ssl for home assistant only if ssl is enabled 2023-11-17 23:50:38 -08:00
ibizaman
39c2c943a1 fix backupCfg option for arr module 2023-11-16 23:55:38 -08:00
ibizaman
7e5a447257 fix tests 2023-11-16 23:55:38 -08:00
ibizaman
9675d69969 use shb nginx module for hledger 2023-11-16 22:46:57 -08:00
ibizaman
d5f53c4604 fix nginx group 2023-11-16 20:43:44 -08:00
ibizaman
890dec78ec add more examples to the readme 2023-11-16 20:43:36 -08:00
ibizaman
f471db4e3a fix deluge additional plugins to take a list of paths to eggs 2023-11-16 12:03:11 -08:00
ibizaman
f4b8be76b6 enable deluge Label plugin if any arr service is enabled 2023-11-16 11:58:45 -08:00
ibizaman
e5110cace6 add xml config generator for radarr
This is cool but also needed because we now must set the authentication method to "External" for
radarr to be happy with our SSO integration.
2023-11-15 12:46:46 -08:00
ibizaman
0c399bb835 add debug option for postgresql 2023-11-14 00:16:29 -08:00
ibizaman
62872a1fc1 update tinyproxy options prefix after nixpkgs update 2023-11-14 00:15:43 -08:00
ibizaman
d160d16cc9 really fix vaultwarden authelia config I think 2023-11-08 13:53:32 -08:00
ibizaman
b3cc253fd5 backup data folder for vaultwarden 2023-11-08 13:05:20 -08:00
ibizaman
d45d4a5fb6 do not protect vaultwarden web app 2023-11-08 12:28:34 -08:00
ibizaman
d35b4b4f38 fix webdav field 2023-11-08 12:28:15 -08:00
ibizaman
af71513dcf add more tests to be able to import shb with default config 2023-11-08 12:27:47 -08:00
ibizaman
853a79d9b2 do not rely on sops explicitly for authelia 2023-11-07 00:35:27 -08:00
ibizaman
d0221b53a6 add vaultwarden service 2023-11-06 19:47:31 -08:00
ibizaman
d71e94b0bc allow local peer connections to postgresql 2023-11-06 19:43:00 -08:00
ibizaman
0916d7dcd1 use new postgresql module for authelia 2023-11-05 16:37:50 -08:00
ibizaman
df03ba57e2 use new postgresql module for grafana 2023-11-05 16:34:42 -08:00
ibizaman
77e16c0f76 fix conflicting options in postgresql service 2023-11-05 15:47:13 -08:00
ibizaman
685133ba47 fix postgresql password script when multiple users 2023-11-05 15:42:59 -08:00
ibizaman
a05f9d6942 use correct postgresql option 2023-11-05 04:48:39 -08:00
ibizaman
40522c8540 allow no password for postgresql 2023-11-05 04:44:56 -08:00
ibizaman
cc57b1ced7 add postgresql module with tests 2023-11-05 04:44:56 -08:00
ibizaman
7a30f6bde8 add enable option for backup modules 2023-10-28 13:47:06 -07:00
ibizaman
cb7fb66ee2 add dependencies to nextcloud-cron service 2023-10-28 00:10:50 -07:00
ibizaman
4f74564cb4 add davfs module 2023-10-21 21:41:49 -07:00
ibizaman
8daafad9b7 add loki and promtail for monitoring logs 2023-10-21 13:13:20 -07:00
ibizaman
a21e3f0943 add outgoing interface to deluge 2023-10-18 19:52:35 -07:00
ibizaman
8e7321f6ea fix deluge permissions 2023-10-18 19:52:24 -07:00