Merge branch 'main' of git.atlanticaweb.fr:alexandre/nixos-config

docker/kuma.nix

@@ -13,9 +13,9 @@ in
       containers.uptime-kuma = {
         image = "louislam/uptime-kuma";
         autoStart = true;
-        ports = [ "3001:3001" ]; #server locahost : docker localhost
+        ports = [ "5001:3001" ]; #server locahost : docker localhost
 	volumes = [
-	  "/srv/docker/app/data:/app/data"
+	  "/srv/docker/uptime-kuma:/app/data"
 	];
       };
     };

docker/restic-exporter.nix

@@ -0,0 +1,26 @@
+{ config, pkgs, ... }:
+let
+  host = "restic.atlanticaweb.fr";
+in
+{
+  virtualisation = {
+    podman = {
+      enable = true;
+      dockerCompat = true;
+    };
+    oci-containers = {
+      backend = "podman";
+      containers.restic-exporter = {
+        image = "ngosang/restic-exporter";
+        autoStart = true;
+        ports = [ "8001:8001" ]; #server locahost : docker localhost
+	volumes = [ "/opt/restic:/data" ];
+	environment = [
+	"TZ=Europe/Paris"
+	"RESTIC_REPO_URL=sftp:u329746@u329746.your-storagebox.de:/home/Nextcloud"
+	"RESTIC_REPO_PASSWORD=herzleid"
+	];
+      };
+    };
+  };
+}

hosts/next/configuration.nix

@@ -9,8 +9,8 @@
     ../modules/navidrome.nix
     ../modules/transmission.nix
     ../modules/prometheus-node.nix
-    ../docker/appsmith.nix
-    ../docker/baserow.nix
+#    ../docker/appsmith.nix
+#    ../docker/baserow.nix
     ./agenix.nix
 #    <agenix/modules/age.nix>
   ];

hosts/next/nextcloud.nix

@@ -30,6 +30,7 @@ services.nginx = {
          proxyPass = "http://127.0.0.1:${toString config.services.navidrome.settings.Port}/";
 	 proxyWebsockets = true;
        };
+     };
      "bookmark.atlanticaweb.fr" = {
        forceSSL = true;
        enableACME = true;
@@ -47,7 +48,7 @@ security.acme.acceptTerms = true;
 # Actual Nextcloud Config
   services.nextcloud = {
     enable = true;
-    package = pkgs.nextcloud24;
+    package = pkgs.nextcloud25;
     hostName = "next.atlanticaweb.fr";
     # Enable built-in virtual host management
     # Takes care of somewhat complicated setup

hosts/sup/configuration.nix

@@ -4,6 +4,7 @@
     ./firewall-services.nix
     ../modules/users.nix
     ../modules/common.nix
+    ../modules/smtp.nix
     ../modules/grafana.nix
     
   ];

hosts/web/configuration.nix

@@ -8,8 +8,8 @@
     ../modules/prometheus-node.nix
     ../modules/common.nix
     ../modules/users.nix
-    ../docker/whoogle.nix
-    ../docker/appsmith.nix
+#    ../docker/appsmith.nix
+    ../docker/kuma.nix
   ];
 
   system.stateVersion = "21.11";

hosts/web/firewall-web.nix

@@ -4,7 +4,7 @@
   networking.firewall = {
     allowPing = true;
     # allowed TCP range
-    allowedTCPPorts = [ 22 80 443 9002 2021];
+    allowedTCPPorts = [ 22 80 443 9002 2021 8096 8920];
   };
   services.fail2ban = {
     enable = true;

hosts/web/webserver.nix

@@ -16,6 +16,14 @@ in
       encode gzip
       reverse_proxy http://localhost:3001
     }
+    https://films.atlanticaweb.fr {
+      encode gzip
+      reverse_proxy http://localhost:8096
+    }
+    https://pocket.atlanticaweb.fr {
+      encode gzip
+      reverse_proxy http://localhost:3001
+    }
     https://search.atlanticaweb.fr {
       reverse_proxy http://localhost:5000
     }
@@ -49,4 +57,5 @@ in
   };
 
   users.groups.caddy.gid = config.ids.uids.caddy;
+  services.jellyfin.enable = true;
 }

modules/common.nix

@@ -17,6 +17,7 @@
     lsd
     age
     lsd
+    htop
   ];
 # Nix Garbage Collector
   nix.gc = {

modules/grafana.nix

@@ -38,6 +38,13 @@
           targets = [ "37.187.103.8:${toString config.services.prometheus.exporters.node.port}" ];
         }];
       }
+      {
+        job_name = "pve-exporter";
+        static_configs = [{
+          targets = [ "192.168.10.112:9221" ];
+        }];
+	metrics_path = "/pve" ;
+      }
       {
         job_name = "backup";
         static_configs = [{