aboutsummaryrefslogtreecommitdiff
path: root/profiles (unfollow)
Commit message (Collapse)AuthorFilesLines
2025-08-17add dysk on linux machinesFranck Cuny1-0/+1
2025-08-17a few more network related sysctlFranck Cuny1-0/+2
2025-08-17create a new systemd slice for critical servicesFranck Cuny2-0/+89
2025-08-14configure podmanFranck Cuny1-0/+8
2025-08-12more simplificationsFranck Cuny1-0/+7
2025-08-12remove unused variableFranck Cuny1-1/+0
2025-08-12move profile for home-manager under programsFranck Cuny1-0/+0
2025-08-12profiles for darwinFranck Cuny4-93/+79
2025-08-12profiles for doc, fish, and remove unused profilesFranck Cuny5-17/+13
2025-08-12add nameservers configuration to network profileFranck Cuny2-6/+6
2025-08-12add a profile for fontsFranck Cuny1-0/+6
2025-08-12move git server profile closer to host configFranck Cuny1-40/+0
2025-08-12move hardware config closer to the host configFranck Cuny1-23/+0
2025-08-12add profiles for darwin and remote builderFranck Cuny3-3/+5
2025-08-12add profiles for security, firewalls, and usersFranck Cuny5-15/+18
2025-08-12add a profile for bootFranck Cuny2-8/+9
2025-08-12use podman for containers on nixosFranck Cuny3-4/+5
2025-08-12add profile for motdFranck Cuny2-2/+9
2025-08-12create profiles for networkd and nix's GCFranck Cuny4-16/+24
2025-08-12move disks configuration to the host' directoryFranck Cuny1-55/+0
2025-08-12profile for toolsFranck Cuny2-17/+19
2025-08-12profile for sshdFranck Cuny2-4/+19
2025-08-12import localeFranck Cuny2-7/+11
2025-08-12users -> homeFranck Cuny1-15/+14
2025-08-10manage a DigitalOcean virtual machine with nixosFranck Cuny3-18/+13
Add a new machine on DigitalOcean and provision it using terraform + nixos-anywhere. This takes care of bringing the machine up on nixos completely, and use a static SSH host key in order to configure wireguard at the same time.
2025-08-09add the SSH key for the remote builderFranck Cuny1-8/+6
All the secrets were rekeyed.
2025-08-03attempt at configuring the remote builder on the VMFranck Cuny1-0/+34
2025-07-29add a home-manager module for 1passwordFranck Cuny1-0/+1
The module takes care of configuring the 1password SSH agent.
2025-07-27add MOTD for serversFranck Cuny1-0/+2
2025-07-25add a module for backupsFranck Cuny1-0/+15
Enable the module on the VM, and backup the git repositories both to the NAS and to a GCS bucket.
2025-07-21keep organizing into modules and profilesFranck Cuny6-82/+160
2025-07-21move all profiles, modules, and flakes to top-levelFranck Cuny7-0/+317
2023-12-09delete even more unused configurationsFranck Cuny24-1067/+0
2023-07-08add fonts specificallyFranck Cuny1-1/+5
For some reasons, while google-fonts install noto, emacs was unable to find it (but was able to find source code pro). List the fonts explicitly to make emacs happy.
2023-07-06update settings for nixos 23.05Franck Cuny1-2/+4
Fix the following error: ``` trace: warning: The option `services.openssh.permitRootLogin' defined in `/nix/store/l0n3297c7znfapx32a6av1c26yj042j4-source/profiles/server.nix' has been renamed to `services.openssh.settings.PermitRootLogin'. trace: warning: The option `services.openssh.passwordAuthentication' defined in `/nix/store/l0n3297c7znfapx32a6av1c26yj042j4-source/profiles/server.nix' has been renamed to `services.openssh.settings.PasswordAuthentication'. ```
2023-07-06enable zsh for all profilesFranck Cuny2-2/+1
2023-07-05update nixos and home-manager to 23.05Franck Cuny2-2/+6
2023-06-08change monospace font back to source code proFranck Cuny1-2/+1
2023-05-29workstation: more tweaks for the UI and fontsFranck Cuny1-2/+1
2023-05-28profiles/default: fix the GC configurationFranck Cuny1-1/+1
I got the settings wrong. The `weekly` applies to `nix.gc.dates`, which is for how often the GC should run. While `nix.gc.options` is to delete content in the store older than 14 days (in my case).
2023-05-28font: switch to Roboto for system font and JetBrain for monospaceFranck Cuny1-17/+11
2023-05-12profiles/monitoring: a bunch of fixesFranck Cuny3-3/+3
2023-05-12profiles/nginx: set the default port to 8080Franck Cuny1-1/+8
If we don't set a default port, with `statusPage` enabled, we can't start nginx on the router, since we also need to bind to port 80 for the stream.
2023-05-12profiles/loki: fix a few configuration errorsFranck Cuny2-5/+4
2023-05-12profiles/monitoring: move loki to a profileFranck Cuny2-1/+104
Add a nginx virtualhost for loki too, so that we can use a valid SSL certificate.
2023-05-12profiles/monitoring: move promtail to a profileFranck Cuny1-0/+54
2023-05-12profiles/monitoring: move node exporter to a profileFranck Cuny1-0/+7
2023-05-12home/carmel: move router's configuration to a profileFranck Cuny1-0/+87
2023-05-12profiles/default: list installed packages in /etc/installed-packagesFranck Cuny1-1/+10
2023-05-12profiles/backup: fix path to the ssh keysFranck Cuny1-2/+2
2023-05-12profiles/backup: configure the backup serverFranck Cuny1-0/+49
It creates the user, ensure sftp is configured correctly, and rsync the backups to rsync.net once a day.
2023-05-10profiles/syncthing: move the old moduleFranck Cuny1-0/+44
2023-05-10profiles/seedbox: move transmission to itFranck Cuny1-0/+49
Note that this is not used by anything yet, as a password needs to be set first.
2023-05-10profiles/samba: fix variableFranck Cuny1-1/+1
2023-05-10profiles/samba: convert the old module as a profileFranck Cuny1-0/+33
2023-05-10profiles/git-server: fix path for the backupFranck Cuny1-1/+1
2023-05-10profiles/git-server: move gitolite and cgitFranck Cuny1-0/+129
2023-05-10profiles/music-server: fix backup configurationFranck Cuny1-2/+2
2023-05-10profiles/music-server: moved navidromeFranck Cuny1-0/+40
2023-05-10profiles/unifi: fix variableFranck Cuny1-1/+1
2023-05-10profiles/unifi: move the module to a profileFranck Cuny1-0/+38
Get rid of configuration that was duplicated (a lot of things are already handled by the upstream module).
2023-05-09profiles/nginx: move common configuration to a profileFranck Cuny1-0/+23
Both tahoe and carmel are using nginx, and we can simplify the configuration by moving common parts to the profile and have these hosts import it.
2023-05-08profiles: clean up the importsFranck Cuny2-3/+0
The hosts should be explicit about what to import.
2023-05-08profile/acme: default DNS provider is gandiFranck Cuny2-1/+19
Add the API key for gandi to the secrest, create a profile for acme with my defaults. The profile is loaded by tahoe since that's where our services are running on. Update all the servers in nginx to listen on their wireguard interface.
2023-05-07profiles/laptop: more tweaksFranck Cuny1-1/+2
2023-05-06profiles/xps9300: add more settingsFranck Cuny3-2/+29
Coming from https://github.com/NixOS/nixos-hardware/blob/51559e691f1493a26f94f1df1aaf516bb507e78b/dell/xps/13-9300/default.nix
2023-05-06profiles/workstation: move sway to the workstation profileFranck Cuny1-0/+23
2023-05-06profiles/laptop: set correct governor for tlpFranck Cuny1-2/+3
I was getting: ``` Error in configuration at CPU_SCALING_GOVERNOR_ON_AC="schedutil": governor not available. Skipped. ``` Restore to the previous configuration.
2023-05-06profiles/default: larger font on the console for all hostsFranck Cuny2-10/+10
Easier on my eyes.
2023-05-02profiles/default: users are immutableFranck Cuny1-0/+3
2023-05-02profiles/server: move boot loader configurationFranck Cuny1-0/+3
2023-05-02profiles: consolidates common networking bitsFranck Cuny5-0/+26
This remove ssh on workstations. I also drop mosh since I don't use it.
2023-05-02profiles/default: move stuff related to bootFranck Cuny1-0/+16
2023-05-02profiles: move things around for btrfsFranck Cuny5-0/+25
2023-05-02profiles/hardware: create a few profiles related to hardwareFranck Cuny4-0/+25
2023-05-02profiles/default: move default packages thereFranck Cuny1-0/+45
2023-05-02profiles/default: more consolidationFranck Cuny4-0/+76
2023-05-02profiles/workstation: add font configurationsFranck Cuny1-0/+31
2023-05-02profiles: create default and serverFranck Cuny3-0/+17
The NAS and the router are "servers", and we create a base profile for them. We add a default profile that will set things that are common to all my hosts, and we start with the locales. Update tahoe/carmel to use the server profile.
2023-05-02profiles/workstation: consolidate sound related configurationsFranck Cuny1-0/+24
2023-05-01profiles/workstation: moved more things aroundFranck Cuny1-0/+18
2023-05-01profiles/laptop: consolidate services related to laptopFranck Cuny1-0/+13
2023-05-01profiles/workstation: reduce the number of moving partsFranck Cuny1-0/+6
There's too many moving parts and layers of abstractions, for no benefits: I only have to manage 3-4 machines. Going to create profiles, move things there, and stop with the `enable` pattern.
2022-06-09ref(profiles): get rid of all the profilesFranck Cuny3-38/+0
All the modules that are setup by the profiles are now managed at the host level. This simplify some configuration, and will make it easier to adjust things at the host instead of trying to squeeze everything into profiles. This will also help the refactoring later, when I'll split nixos and home-manager configuration. Change-Id: I17ffda8b0b5d15bf1915c6fae5030380523d74b5 Reviewed-on: https://cl.fcuny.net/c/world/+/297 Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-06-09ref(GTK): remove the profile for GTKFranck Cuny3-18/+2
All the configuration is done at the host level. Change-Id: Ib5ef71ea7955f6872fb08f576e48b24a70600693 Reviewed-on: https://cl.fcuny.net/c/world/+/296 Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-06-09ref(desktop): move all the modules for home-manager to host levelFranck Cuny1-11/+0
Change-Id: I92abe7d6c9a1f7c5ef3f157137c59cde751d50f0 Reviewed-on: https://cl.fcuny.net/c/world/+/294 Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-06-09ref(trusted): consume modules within host's configurationFranck Cuny2-23/+1
Remove the trusted profiles, the modules are installed directly within the host configuration. Change-Id: I0566fb359803da16bdd3a38e2901deac477fb078 Reviewed-on: https://cl.fcuny.net/c/world/+/293 Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-06-09ref(multimedia): move multimedia modules to hostsFranck Cuny2-13/+1
Consume the modules related to multimedia applications at the host level, instead of having a level of indirection with a profile. Change-Id: I567f0e01cbfe591beaa2e9086e33434402a4a002 Reviewed-on: https://cl.fcuny.net/c/world/+/292 Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-06-09ref(laptop): move services related to laptop to host's configurationFranck Cuny2-16/+1
As for the bluetooth configuration, we don't need that level of indirection. The laptop can consume these services directly, and we can drop the profile for laptop. Change-Id: Ia434d336ae581bd040fbc4963e5856806183d55e Reviewed-on: https://cl.fcuny.net/c/world/+/290 Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-06-09ref(bluetooth): remove the profileFranck Cuny2-13/+1
I don't need a profile for this, the module can be consumed directly from the host's hardware configuration. It removes one level of indirection and helps us toward the goal of completely removing all the profiles. Change-Id: I95a6fdc985420e7fe0ad737e7576d10d5c7eb114 Reviewed-on: https://cl.fcuny.net/c/world/+/289 Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-06-04ref(drone): remove secret and CLI for droneFranck Cuny1-1/+0
I'm not using drone anymore. I don't need the CLI and the secret to be installed. Change-Id: I9c8ecfe5f051fd70d78f0e2e9aaa705e48627714 Reviewed-on: https://cl.fcuny.net/c/world/+/261 Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-05-12add modules to manage bluetoothFranck Cuny2-1/+13
2022-05-02home: install the drone CLIFranck Cuny1-0/+1
2022-05-01home: add a module for direnvFranck Cuny1-0/+1
2022-04-24scanner: install tools on the laptopFranck Cuny1-1/+5
2022-04-24gcloud: add google-cloud-sdk on trusted hostsFranck Cuny1-0/+1
2022-04-21syncthing: enable on trusted machinesFranck Cuny1-0/+1
Add the cert and key for aptos.
2022-04-10home: enable ssh config on trusted hostsFranck Cuny1-0/+1
2022-04-09add a few more packages for home/Franck Cuny2-1/+7
2022-04-09add pcmanfm and easyeffectsFranck Cuny1-0/+1
2022-04-09add a few more modules to home/ and delete stuffFranck Cuny3-11/+28
2022-04-08profiles: create a few new profilesFranck Cuny5-1/+67
2022-04-05create a profile for laptopFranck Cuny2-0/+16
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 10:34:09 +0000