mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-10 23:00:39 +02:00
Code Activity
1128 commits 1 branch 0 tags 7.6 MiB
Commit graph

379 commits

Author SHA1 Message Date
oddlama
7c48e51320
feat: use kanidm secret provisioning 2023-08-27 01:17:11 +02:00
oddlama
522de920bb
feat: switch to upstreamed influxdb2 provisioning, add kanidm provisioning module 2023-08-26 20:25:38 +02:00
oddlama
ec47f80bb8
chore(kanidm): reenable provisioning (waiting for new package release still) 2023-08-23 12:24:16 +02:00
oddlama
31602de07d
feat(kanidm): run provision script and secret manipulator 2023-08-23 02:00:09 +02:00
oddlama
5d934bddf0
chore(kanidm): add preliminary provisioning scripts 2023-08-21 13:24:01 +02:00
oddlama
659ed7c854
chore: some kanidm provisioning prototyping 2023-08-19 19:49:35 +02:00
oddlama
36e9f22602
feat: provide package definition for kanidm-secret-manipulator 2023-08-19 18:40:35 +02:00
oddlama
8917449b70
feat: add kanidm secret manipulator 2023-08-19 18:30:19 +02:00
oddlama
dfd49c656a
fix: more robust resolving of influxdb2 provisioning address 2023-08-17 17:18:28 +02:00
oddlama
f29318a5ac
feat: preferably bind to 0.0.0.0 in vms to remove issues with wireguard 
coming up late; also increase default vm memory to 2G
 2023-08-17 17:10:14 +02:00
oddlama
af066925b4
feat: switch to influxdb2 module from provisioning PR 2023-08-17 16:45:03 +02:00
oddlama
e99253b9db
fix(influxdb): also update auth token indices 2023-08-17 12:40:37 +02:00
oddlama
301e7b353c
fix: properly pass influx token to telegraf 2023-08-17 12:40:31 +02:00
oddlama
ad0164c787
fix: ensure that influxdb2 is restarted for token manipulation 2023-08-17 01:40:29 +02:00
oddlama
c494c66f5a
fix: propagate influxdb token secrets properly and simplify distributed configuration implementation (repo.nodes) 2023-08-16 23:51:13 +02:00
oddlama
36e3348b37
feat: use declaratively provisioned influx tokens for telegraf 2023-08-16 22:32:49 +02:00
oddlama
70f564ad40
chore: add influx-token-manipulator to provision deterministic api tokens 2023-08-16 21:37:09 +02:00
oddlama
ca3d1f0e96
chore: switch to qemu from cloud-hypervisor because it deadlocks :/ 2023-08-16 14:56:31 +02:00
oddlama
377da23c0d
feat: automatically provision tokens for telegraf 2023-08-16 01:16:19 +02:00
oddlama
6a14451033
chore: test all aspects of influxdb provisioning (and fix minor issues) 2023-08-14 22:59:21 +02:00
oddlama
03382e15f9
chore: activate influxdb provisioning module 2023-08-14 22:26:06 +02:00
oddlama
13eb38d8fc
chore: remove nix-plugin definition from dev systems 2023-08-14 22:25:41 +02:00
oddlama
16c9d8bb5e
feat: add influxdb provisioning module 2023-08-14 22:23:52 +02:00
oddlama
3548867a40
fix(nginx): apply recommended security headers to each location 2023-08-03 00:36:06 +02:00
oddlama
8be9646d1a
feat: add paperless 2023-08-03 00:35:20 +02:00
oddlama
a975cc1f7f
feat: add forgejo 2023-08-01 02:01:43 +02:00
oddlama
788e7e3fa7
chore: move generated secrets to separate directory 2023-07-31 12:42:46 +02:00
oddlama
eeac57d30d
feat(zackbiene): reenable hass with ACME double proxy 2023-07-27 19:06:03 +02:00
oddlama
82d757059f
feat(zackbiene): use efi boot with tow-boot; remove switch-to-configuration patch for now 2023-07-25 01:24:27 +02:00
oddlama
4175ce3cf7
chore: update to main nixpkgs, include my temporary switch-to-configuration changes 2023-07-24 21:42:01 +02:00
oddlama
e521a68e87
feat(telegraf): track smart attributes 2023-07-06 22:36:06 +02:00
oddlama
fa5e23af22
fix: persist correct path for adguardhome 2023-07-06 15:27:35 +02:00
oddlama
e076aca5a0
chore: also disable per link DNS for ipv6 (dhcp, RA) on servers 2023-07-06 15:09:33 +02:00
oddlama
836cd7c6c2
chore: dont use adguardhome for servers 2023-07-06 14:49:37 +02:00
oddlama
13d9baedc1
chore: disable access logs for uninteresting high volume endpoint (telegraf write api), and internal nginx_status 2023-07-06 12:38:20 +02:00
oddlama
f2a97b16c6
chore: remove ip address from etc issue again due to frequent microvm redraws 2023-07-06 12:37:58 +02:00
oddlama
554d25d94b
chore: persist adguardhome state 2023-07-06 02:49:32 +02:00
oddlama
3f6286ef31
feat(adguardhome): bind only external interface 2023-07-06 02:34:07 +02:00
oddlama
31ef29569d
chore: only enable sensors in telegraf for physical machines 2023-07-05 15:04:23 +02:00
oddlama
822bace189
fix: track change to disko dataset creation 2023-07-05 14:31:01 +02:00
oddlama
7c3a40cd89
feat: add elewrap to elevate telegraf permissions 2023-07-05 14:30:42 +02:00
oddlama
a087b1f731
feat(telegraf): allow nginx_status access via ipv6 too 2023-07-02 12:17:38 +02:00
oddlama
73ab856da9
feat(nginx): add dummy host that matches unrecognized server_names 2023-07-02 12:17:36 +02:00
oddlama
e1e7516e1a
refactor: add lib extensions to nixpkgs.lib as overlays 2023-07-02 00:08:17 +02:00
oddlama
aaf3babf9b
fix: set hostname with higher priority 2023-07-01 01:44:26 +02:00
oddlama
80e7c1bdbf
refactor: finish decoupling the library functions from config 2023-07-01 01:11:58 +02:00
oddlama
68bb9731d3
wip: remove very specific special args and unify library functions 2023-06-30 01:55:17 +02:00
oddlama
84ac34cb6c
refactor: major refactor into proper reusable modules. No logical changes. 2023-06-29 00:27:54 +02:00
oddlama
10a52642ad
chore: test basic auth with influx, but seems to conflict with internal auth 2023-06-25 14:37:25 +02:00
oddlama
6e15d49cbc
fix: missing https scheme in telegraf output influxdb 2023-06-25 02:56:16 +02:00