ibizaman
9bcf7650e7
update screenshots
2023-12-17 23:31:33 -08:00
ibizaman
6f71d64257
switch to netdata to pull most of the metrics
2023-12-17 23:31:33 -08:00
ibizaman
036d2b92a5
fix grafana not being able to load dashboards
2023-12-17 23:31:33 -08:00
ibizaman
533d95851b
use not hardcoded OIDC secret in jellyfin
2023-12-17 23:22:25 -08:00
ibizaman
77e21eaceb
add more options to avoid hardcoding in nextcloud
2023-12-17 23:12:45 -08:00
ibizaman
0bdbb975af
split tracing from verbose logging options for nextcloud
2023-12-17 23:09:18 -08:00
ibizaman
318c54e7d3
do not enable onlyoffice for nextcloud by default
2023-12-17 22:55:58 -08:00
ibizaman
e2292de44d
can avoid hardcoding secret now
2023-12-11 12:38:06 -08:00
ibizaman
9a5a10a824
add test for authelia
2023-12-11 00:28:30 -08:00
ibizaman
0829792df0
fix deluge backup permissions by adding backup user to media group
2023-12-10 21:32:35 -08:00
ibizaman
da2e1ff0e1
fix storage creation in homeassistant on first run
2023-12-09 10:34:21 -08:00
ibizaman
ca2f7039cc
add some sections to block backup chapter
2023-12-08 22:48:06 -08:00
ibizaman
11ab7c5ab5
fix missing headers
2023-12-08 11:52:00 -08:00
ibizaman
49913ca4b6
add manual page for configuring backups
2023-12-08 11:52:00 -08:00
ibizaman
3c9f71da0e
allow to stagger backup jobs
2023-12-08 11:13:37 -08:00
ibizaman
c2ac071c72
enable setting performance impact of backup jobs
2023-12-08 11:13:37 -08:00
ibizaman
207b2e44cb
split backup configuration into smaller chunks
2023-12-08 11:13:37 -08:00
ibizaman
f417372fdc
move monitoring docs close to source
2023-12-08 10:41:15 -08:00
Pierre Penninckx
a63b0a6e2e
switch to nixos-render-docs ( #34 )
...
fixes #33
2023-12-04 00:33:16 -08:00
ibizaman
0242ae26c4
fix ensure clauses in postgresql
...
fixes #35
2023-12-04 00:29:40 -08:00
Pierre Penninckx
0014e5c2f7
avoid some impossible states in authelia and nginx
2023-11-30 22:49:34 -08:00
Pierre Penninckx
76e27ae7eb
add nixos test for ldap
2023-11-30 22:08:38 -08:00
Pierre Penninckx
0ae7220c06
rename oidcEndpoint option to authEndpoint
2023-11-30 12:48:57 -08:00
Pierre Penninckx
54ce26efce
some docs revamps
2023-11-30 12:06:41 -08:00
Pierre Penninckx
4a8a7d686c
build docs and deploy to github pages
2023-11-30 10:38:35 -08:00
Pierre Penninckx
86e86dc787
remove usage of sops file in ssl.nix
2023-11-29 22:20:21 -08:00
Pierre Penninckx
7d9dedb845
provision grafana datasources and some dashboards ( #23 )
...
fixes #22
This commit introduces:
- A few more optional options for the monitoring module, in particular
an SMTP option to setup sending alerts with an STMP server.
- 2 required options for adding a secure key for signing and for an
initial admin password. The latter is nice because at least you can
choose securely the initial admin password instead of it being just
"admin", adding a bit more security to the install process.
- Provisioning Grafana with dashboards, datasources, alerts, contact
points and notification policies.
- Documentation for monitoring in
[docs/blocks/monitoring.md](docs/blocks/monitoring.md).
- A NixOS test that makes sure provisioning did go well as expected.
2023-11-26 09:56:08 -08:00
ibizaman
881af5f111
add more collectors to prometheus node exporter
2023-11-24 20:18:12 -08:00
ibizaman
845017103f
automatically cleanup idle connections
...
This is to fix a nextcloud bug that leaves idle connections open which eats into the available
postgres connection pool.
2023-11-24 02:16:49 -08:00
ibizaman
4da060986a
fix nextcloud to properly disable debug
2023-11-24 02:16:36 -08:00
Pierre Penninckx
52b9233a6c
add postgresql vm test that runs in CI ( #19 )
...
Fixes #14
The tests actually showed a flaw in the implementation, we needed
"password" and not "trust" in the auth file.
Also, having the port defined at the same time as enabling listening for
TCP/IP connection made no sense.
2023-11-23 01:03:33 -08:00
Pierre Penninckx
48eb64043b
enhance nextcloud options a bit
2023-11-20 22:29:00 -08:00
Pierre Penninckx
eae5eade56
distinguish building blocks and provided services
...
I want to show how composable this project is. For example, you could
just use the Authelia module to add SSO to any service, not just those
provided here.
2023-11-20 22:20:19 -08:00
ibizaman
052a805679
skip part of home assistant onboarding because we use LDAP
2023-11-17 23:50:38 -08:00
ibizaman
8728df8732
make local network ip range optional for LDAP
2023-11-17 23:50:38 -08:00
ibizaman
50798a0f91
add allowed tcp ports for nginx
2023-11-17 23:50:38 -08:00
ibizaman
8d08c5b7c0
force ssl for home assistant only if ssl is enabled
2023-11-17 23:50:38 -08:00
ibizaman
39c2c943a1
fix backupCfg option for arr module
2023-11-16 23:55:38 -08:00
ibizaman
7e5a447257
fix tests
2023-11-16 23:55:38 -08:00
ibizaman
9675d69969
use shb nginx module for hledger
2023-11-16 22:46:57 -08:00
ibizaman
d5f53c4604
fix nginx group
2023-11-16 20:43:44 -08:00
ibizaman
890dec78ec
add more examples to the readme
2023-11-16 20:43:36 -08:00
ibizaman
f471db4e3a
fix deluge additional plugins to take a list of paths to eggs
2023-11-16 12:03:11 -08:00
ibizaman
f4b8be76b6
enable deluge Label plugin if any arr service is enabled
2023-11-16 11:58:45 -08:00
ibizaman
e5110cace6
add xml config generator for radarr
...
This is cool but also needed because we now must set the authentication method to "External" for
radarr to be happy with our SSO integration.
2023-11-15 12:46:46 -08:00
ibizaman
0c399bb835
add debug option for postgresql
2023-11-14 00:16:29 -08:00
ibizaman
62872a1fc1
update tinyproxy options prefix after nixpkgs update
2023-11-14 00:15:43 -08:00
ibizaman
d160d16cc9
really fix vaultwarden authelia config I think
2023-11-08 13:53:32 -08:00
ibizaman
b3cc253fd5
backup data folder for vaultwarden
2023-11-08 13:05:20 -08:00
ibizaman
d45d4a5fb6
do not protect vaultwarden web app
2023-11-08 12:28:34 -08:00
ibizaman
d35b4b4f38
fix webdav field
2023-11-08 12:28:15 -08:00
ibizaman
af71513dcf
add more tests to be able to import shb with default config
2023-11-08 12:27:47 -08:00
ibizaman
853a79d9b2
do not rely on sops explicitly for authelia
2023-11-07 00:35:27 -08:00
ibizaman
d0221b53a6
add vaultwarden service
2023-11-06 19:47:31 -08:00
ibizaman
d71e94b0bc
allow local peer connections to postgresql
2023-11-06 19:43:00 -08:00
ibizaman
0916d7dcd1
use new postgresql module for authelia
2023-11-05 16:37:50 -08:00
ibizaman
df03ba57e2
use new postgresql module for grafana
2023-11-05 16:34:42 -08:00
ibizaman
77e16c0f76
fix conflicting options in postgresql service
2023-11-05 15:47:13 -08:00
ibizaman
685133ba47
fix postgresql password script when multiple users
2023-11-05 15:42:59 -08:00
ibizaman
a05f9d6942
use correct postgresql option
2023-11-05 04:48:39 -08:00
ibizaman
40522c8540
allow no password for postgresql
2023-11-05 04:44:56 -08:00
ibizaman
cc57b1ced7
add postgresql module with tests
2023-11-05 04:44:56 -08:00
ibizaman
7a30f6bde8
add enable option for backup modules
2023-10-28 13:47:06 -07:00
ibizaman
cb7fb66ee2
add dependencies to nextcloud-cron service
2023-10-28 00:10:50 -07:00
ibizaman
4f74564cb4
add davfs module
2023-10-21 21:41:49 -07:00
ibizaman
8daafad9b7
add loki and promtail for monitoring logs
2023-10-21 13:13:20 -07:00
ibizaman
a21e3f0943
add outgoing interface to deluge
2023-10-18 19:52:35 -07:00
ibizaman
8e7321f6ea
fix deluge permissions
2023-10-18 19:52:24 -07:00
ibizaman
ca9882e39c
fix wrong spelling
2023-10-17 13:41:33 -07:00
ibizaman
20c2f32d4e
use options for ldap ports
2023-10-14 21:17:59 -07:00
ibizaman
ada91bc0aa
add loglevel to deluge
2023-10-13 22:39:38 -07:00
ibizaman
ef4bacdf58
allow to download with jackett
2023-10-12 22:49:04 -07:00
ibizaman
5d5cb5c664
add enabled plugins to deluge
2023-10-12 22:34:00 -07:00
ibizaman
d53dba45ea
add jackett
2023-10-12 22:23:58 -07:00
ibizaman
c369defef6
fix having multiple vpns by using unique routing table numbers
2023-10-12 13:37:52 -07:00
ibizaman
2a87816161
delay restart for tinyproxy otherwise it fails on openvpn restarts
2023-10-12 13:37:09 -07:00
ibizaman
d62702f092
add more settings to deluge
2023-10-12 13:36:44 -07:00
ibizaman
e5d7240ca1
use variable for acme secret location
2023-09-30 16:47:06 -07:00
ibizaman
3055451ac9
add nodejs as dependency for nextcloud app
2023-09-30 15:51:26 -07:00
ibizaman
237c7c6e82
fix arr backup
2023-09-29 23:19:39 -07:00
ibizaman
82225c63fc
tentatively tune postgres
2023-09-27 13:36:29 -07:00
ibizaman
1163204d5c
add ffmpeg in path for nextcloud apps
2023-09-27 13:28:10 -07:00
ibizaman
868f28ca68
switch to nextcloud27
2023-09-26 23:34:24 -07:00
ibizaman
e2b69a36f7
fix backup and authelia rules for arr suite
2023-09-26 20:13:08 -07:00
ibizaman
fda0daf6d3
fix arr config
2023-09-25 23:15:36 -07:00
ibizaman
ad6809fc5d
export openvpn status for prometheus
2023-09-25 22:56:00 -07:00
ibizaman
d0e3e2a035
add smartctl prometheus exporter
2023-09-25 22:55:41 -07:00
ibizaman
bf0c92a32a
fix borgmatic backups
2023-09-25 20:27:35 -07:00
ibizaman
dc712c08fe
add arr suite
2023-09-24 13:31:21 -07:00
ibizaman
71610a5415
move authelia nginx protection to nginx module
2023-09-24 11:04:59 -07:00
ibizaman
a9c7e3c3db
add deluge and vpn with tinyproxy
2023-09-22 15:41:24 -07:00
ibizaman
1541ccef80
allow to debug nextcloud
2023-09-18 22:41:54 -07:00
ibizaman
455b71237d
remove commented line
2023-09-14 22:25:07 -07:00
ibizaman
a971124464
make ssl module more generic
2023-09-14 22:25:07 -07:00
ibizaman
44465c37c2
add sso with authelia for hledger
2023-09-02 15:05:33 -07:00
ibizaman
4e97e2afb6
add openoffice to nextcloud
2023-08-27 22:20:59 -07:00
ibizaman
d41b93df43
only use ldap for home-assistant login
2023-08-25 09:51:20 -07:00
ibizaman
be24e241d7
add scraping of prometheus' own metrics
2023-08-25 09:45:14 -07:00
ibizaman
4116aafcee
add option to enable debug logging in grafana
2023-08-25 09:45:14 -07:00
ibizaman
bc8f7b51e2
restart phpfpm nextcloud unit when secret changes
2023-08-25 09:45:14 -07:00