|
|
0be7d44784
|
hosts: enable crowdsec-firewall-bouncer for hel-01 and nbg-01
|
2025-11-09 18:55:24 -08:00 |
|
|
|
0397c89918
|
secrets/lax-01: fix secret for wafLapiKey
|
2025-11-09 18:47:49 -08:00 |
|
|
|
bc69a69ddb
|
hosts/lax-01: fix reference to fwBouncerLapiKey
|
2025-11-09 18:22:29 -08:00 |
|
|
|
7d131891f2
|
hosts/lax-01: configure crowdsec-firewall-bouncer
|
2025-11-09 18:18:49 -08:00 |
|
|
|
649eb8d1d9
|
Merge branch 'services' into services.crowdsec-firewall-bouncer
|
2025-11-09 18:04:16 -08:00 |
|
|
|
77da55d4d3
|
flake.lock: update 2025-11-09
|
2025-11-09 18:03:35 -08:00 |
|
|
|
3c5d81ef4c
|
services/crowdsec-firewall-bouncer: turn lapiHost into URI
|
2025-11-09 18:01:55 -08:00 |
|
|
|
e7d2ffd852
|
services/crowdsec-firewall-bouncer: fix reference of module in config
|
2025-11-09 18:00:03 -08:00 |
|
|
|
0314578c32
|
hosts/test-nixos: use path attr of secret for apiKeyFile
|
2025-11-09 17:58:48 -08:00 |
|
|
|
227effc5bd
|
secrets/test-nixos: add secret for crowdsec-firewall-bouncer
|
2025-11-09 17:47:53 -08:00 |
|
|
|
35485dda87
|
hosts/test-nixos: enable crowdsec-firewall-bouncer
|
2025-11-09 17:47:43 -08:00 |
|
|
|
89eb890905
|
Merge branch 'main' into services.crowdsec-firewall-bouncer
|
2025-11-09 17:44:40 -08:00 |
|
|
|
8a018fa982
|
.sops.yaml: add entry and key for test-nixos
|
2025-11-09 17:44:21 -08:00 |
|
|
|
a382452507
|
services/crowdsec-firewall-bouncer: initial implementation
|
2025-11-09 17:39:01 -08:00 |
|
|
|
797cabb55d
|
services/crowdsec: move stirling-pdf acquisition from Docker to systemd_unit
|
2025-11-02 21:12:46 -08:00 |
|
|
|
7d9f8aad20
|
hosts/app-01: remove owner attr from stirling env file
|
2025-11-02 21:06:43 -08:00 |
|
|
|
7f09546f06
|
services/stirling-pdf.nix: change type of opts from bool to str
|
2025-11-02 21:01:06 -08:00 |
|
|
|
9eb544337c
|
services/stirling-pdf: change type of environmentFiles to list
|
2025-11-02 20:53:31 -08:00 |
|
|
|
32bbf23e2f
|
hosts/app-01: add config and secrets for stirling-pdf
|
2025-11-02 20:51:15 -08:00 |
|
|
|
69810d9c16
|
services: add module stirling-pdf
|
2025-11-02 20:49:44 -08:00 |
|
|
|
aa19af8cc9
|
.sops.yaml: enable less restrictive regex for app-01
|
2025-11-02 20:22:43 -08:00 |
|
|
|
81523b82f0
|
services/crowdsec: add collection and acquisition for stirling-pdf
|
2025-11-02 20:04:56 -08:00 |
|
|
|
57f30e79d5
|
all files: run nixfmt formatter
|
2025-11-02 07:56:50 -08:00 |
|
|
|
208cb1f42a
|
hosts/riv-01: remove fileSystems entry
|
2025-11-02 01:47:41 -07:00 |
|
|
|
e5d2637e59
|
hosts/riv-01: add fileSystems entry
|
2025-11-02 01:45:21 -07:00 |
|
|
|
a0f19cd0a0
|
hosts/lax-01: run formatter on hardware-configuration
|
2025-11-02 01:40:13 -07:00 |
|
|
|
06bf14f417
|
flake.nix: add disko module to riv-01
|
2025-11-02 01:33:48 -07:00 |
|
|
|
333e79fa1d
|
hosts/nbg-01: add params to disko module
|
2025-11-02 01:32:14 -07:00 |
|
|
|
dbd6d40341
|
hosts/riv-01: add disko module
|
2025-11-02 01:30:48 -07:00 |
|
|
|
10ce933cf8
|
flake.nix: add host riv-01
|
2025-11-02 01:24:52 -07:00 |
|
|
|
19b6c88902
|
hosts/riv-01: new tailscale host for exit node
|
2025-11-02 01:19:31 -07:00 |
|
|
|
22731bb955
|
roles/syncthingserver: use guiAddress setting for ExecStart
|
2025-11-01 17:34:15 -07:00 |
|
|
|
9464d9c3ac
|
roles/syncthingserver: use correct toGNUCommandLine flags
|
2025-10-31 18:30:25 -07:00 |
|
|
|
35485fb36d
|
roles/logserver: split loki and prometheus into service modules
|
2025-10-29 19:49:45 -07:00 |
|
|
|
53cf7a8f23
|
flake.lock: update 2025-10-28
|
2025-10-28 21:02:49 -07:00 |
|
|
|
fdef2c7634
|
services/healthchecks: change logo url to healthchecks.svg
|
2025-10-26 14:31:35 -07:00 |
|
|
|
39d3b5055a
|
services/healthchecks: use default healthchecks logo
|
2025-10-26 14:17:34 -07:00 |
|
|
|
3ba49ec237
|
services/healthchecks: add its-et.me logo for site
|
2025-10-26 14:12:34 -07:00 |
|
|
|
e660aeac36
|
roles/printserver: use http to connect to CUPS
|
2025-10-24 16:07:55 -04:00 |
|
|
|
4eedb341d8
|
roles/printserver: remove insecureSkipVerify opt
|
2025-10-24 16:04:50 -04:00 |
|
|
|
2b71a3f01f
|
hosts/print-01: change serverAlias to loopback IP, not localhost
|
2025-10-24 16:03:51 -04:00 |
|
|
|
cb281f8ffb
|
roles/printserver: change reverse proxy from caddy to traefik
|
2025-10-24 15:50:09 -04:00 |
|
|
|
bc623309ba
|
roles/syncthingserver: change reverse proxy from caddy to traefik
|
2025-10-24 15:30:29 -04:00 |
|
|
|
241674cb83
|
hosts/lax-01: Hostsni -> HostSNI
|
2025-10-24 11:53:22 -04:00 |
|
|
|
46e4aa90de
|
hosts/lax-01: add iPhone ssh key
|
2025-10-24 08:12:22 -04:00 |
|
|
|
96b591aa2a
|
base/network: fix call for enableTSExitNode in tailscale config
|
2025-10-20 10:20:06 -07:00 |
|
|
|
f3386283ee
|
base/network: add mkOption attr to enableTSExitNode
|
2025-10-20 10:17:03 -07:00 |
|
|
|
510dc8c6f8
|
base/network: use if then else instead of mkIf in tailscale routing config
|
2025-10-20 10:14:54 -07:00 |
|
|
|
e7845c4800
|
hosts/lax-01: enable tailscale exit node
|
2025-10-20 10:01:39 -07:00 |
|
|
|
490b1f972b
|
base/network: add opt enableTSExitNode
|
2025-10-20 10:00:29 -07:00 |
|
