From 1e71533c6b05be180a52b1d363c83fd65a77a4a7 Mon Sep 17 00:00:00 2001 From: Alexandre LUCAZEAU Date: Thu, 30 Mar 2023 15:10:38 +0000 Subject: [PATCH 1/6] ADD Shiori service as bookmarks.atlanticaweb.fr --- hosts/next/nextcloud.nix | 1 + hosts/web/webserver.nix | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/hosts/next/nextcloud.nix b/hosts/next/nextcloud.nix index 440b42a..b98647e 100644 --- a/hosts/next/nextcloud.nix +++ b/hosts/next/nextcloud.nix @@ -30,6 +30,7 @@ services.nginx = { proxyPass = "http://127.0.0.1:${toString config.services.navidrome.settings.Port}/"; proxyWebsockets = true; }; + }; "bookmark.atlanticaweb.fr" = { forceSSL = true; enableACME = true; diff --git a/hosts/web/webserver.nix b/hosts/web/webserver.nix index 28f0fec..a1db773 100644 --- a/hosts/web/webserver.nix +++ b/hosts/web/webserver.nix @@ -16,6 +16,10 @@ in encode gzip reverse_proxy http://localhost:3001 } + https://pocket.atlanticaweb.fr { + encode gzip + reverse_proxy http://localhost:3001 + } https://search.atlanticaweb.fr { reverse_proxy http://localhost:5000 } From 5af138568aed48ecdd2e941623522db2e46b73f7 Mon Sep 17 00:00:00 2001 From: Alexandre LUCAZEAU Date: Thu, 30 Mar 2023 19:15:52 +0000 Subject: [PATCH 2/6] UPDATE nextcloud DEL docker --- hosts/next/configuration.nix | 4 ++-- hosts/next/nextcloud.nix | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/hosts/next/configuration.nix b/hosts/next/configuration.nix index ab3232a..7049d1d 100644 --- a/hosts/next/configuration.nix +++ b/hosts/next/configuration.nix @@ -9,8 +9,8 @@ ../modules/navidrome.nix ../modules/transmission.nix ../modules/prometheus-node.nix - ../docker/appsmith.nix - ../docker/baserow.nix +# ../docker/appsmith.nix +# ../docker/baserow.nix ./agenix.nix # ]; diff --git a/hosts/next/nextcloud.nix b/hosts/next/nextcloud.nix index b98647e..250a47d 100644 --- a/hosts/next/nextcloud.nix +++ b/hosts/next/nextcloud.nix @@ -48,7 +48,7 @@ security.acme.acceptTerms = true; # Actual Nextcloud Config services.nextcloud = { enable = true; - package = pkgs.nextcloud24; + package = pkgs.nextcloud25; hostName = "next.atlanticaweb.fr"; # Enable built-in virtual host management # Takes care of somewhat complicated setup From 953f00bdc76b11d4a4c5024d52c9081062498357 Mon Sep 17 00:00:00 2001 From: Alexandre LUCAZEAU Date: Thu, 30 Mar 2023 20:15:53 +0000 Subject: [PATCH 3/6] ADD PVE prometheus --- hosts/sup/configuration.nix | 1 + modules/grafana.nix | 7 +++++++ 2 files changed, 8 insertions(+) diff --git a/hosts/sup/configuration.nix b/hosts/sup/configuration.nix index a059839..20e991a 100644 --- a/hosts/sup/configuration.nix +++ b/hosts/sup/configuration.nix @@ -4,6 +4,7 @@ ./firewall-services.nix ../modules/users.nix ../modules/common.nix + ../modules/smtp.nix ../modules/grafana.nix ]; diff --git a/modules/grafana.nix b/modules/grafana.nix index 01216c1..766c589 100644 --- a/modules/grafana.nix +++ b/modules/grafana.nix @@ -38,6 +38,13 @@ targets = [ "37.187.103.8:${toString config.services.prometheus.exporters.node.port}" ]; }]; } + { + job_name = "pve-exporter"; + static_configs = [{ + targets = [ "192.168.10.112:9221" ]; + }]; + metrics_path = "/pve" ; + } { job_name = "backup"; static_configs = [{ From a63163e2f2194bbd6994b18370bb606e2270f063 Mon Sep 17 00:00:00 2001 From: Alexandre LUCAZEAU Date: Thu, 30 Mar 2023 20:29:08 +0000 Subject: [PATCH 4/6] ADD restic exporter docker --- docker/restic-exporter.nix | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 docker/restic-exporter.nix diff --git a/docker/restic-exporter.nix b/docker/restic-exporter.nix new file mode 100644 index 0000000..343d86e --- /dev/null +++ b/docker/restic-exporter.nix @@ -0,0 +1,26 @@ +{ config, pkgs, ... }: +let + host = "restic.atlanticaweb.fr"; +in +{ + virtualisation = { + podman = { + enable = true; + dockerCompat = true; + }; + oci-containers = { + backend = "podman"; + containers.restic-exporter = { + image = "ngosang/restic-exporter"; + autoStart = true; + ports = [ "8001:8001" ]; #server locahost : docker localhost + volumes = [ "/opt/restic:/data" ]; + environment = [ + "TZ=Europe/Paris" + "RESTIC_REPO_URL=sftp:u329746@u329746.your-storagebox.de:/home/Nextcloud" + "RESTIC_REPO_PASSWORD=herzleid" + ]; + }; + }; + }; +} From ce000c073828e4f1f93b895e526e0ec4c6725370 Mon Sep 17 00:00:00 2001 From: Alexandre LUCAZEAU Date: Fri, 14 Apr 2023 13:24:04 +0000 Subject: [PATCH 5/6] ADD jellyfin service and open port in firewall ADD kuma script docker image --- docker/kuma.nix | 4 ++-- hosts/web/configuration.nix | 2 +- hosts/web/firewall-web.nix | 2 +- hosts/web/webserver.nix | 1 + 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/docker/kuma.nix b/docker/kuma.nix index b0e0913..4e132a6 100644 --- a/docker/kuma.nix +++ b/docker/kuma.nix @@ -13,9 +13,9 @@ in containers.uptime-kuma = { image = "louislam/uptime-kuma"; autoStart = true; - ports = [ "3001:3001" ]; #server locahost : docker localhost + ports = [ "5001:3001" ]; #server locahost : docker localhost volumes = [ - "/srv/docker/app/data:/app/data" + "/srv/docker/uptime-kuma:/app/data" ]; }; }; diff --git a/hosts/web/configuration.nix b/hosts/web/configuration.nix index 8312d9e..a352b91 100644 --- a/hosts/web/configuration.nix +++ b/hosts/web/configuration.nix @@ -8,8 +8,8 @@ ../modules/prometheus-node.nix ../modules/common.nix ../modules/users.nix - ../docker/whoogle.nix ../docker/appsmith.nix + ../docker/kuma.nix ]; system.stateVersion = "21.11"; diff --git a/hosts/web/firewall-web.nix b/hosts/web/firewall-web.nix index 15077a3..584dee7 100644 --- a/hosts/web/firewall-web.nix +++ b/hosts/web/firewall-web.nix @@ -4,7 +4,7 @@ networking.firewall = { allowPing = true; # allowed TCP range - allowedTCPPorts = [ 22 80 443 9002 2021]; + allowedTCPPorts = [ 22 80 443 9002 2021 8096 8920]; }; services.fail2ban = { enable = true; diff --git a/hosts/web/webserver.nix b/hosts/web/webserver.nix index a1db773..de6c357 100644 --- a/hosts/web/webserver.nix +++ b/hosts/web/webserver.nix @@ -53,4 +53,5 @@ in }; users.groups.caddy.gid = config.ids.uids.caddy; + services.jellyfin.enable = true; } From 08e8bd46c6fe6e248fc618d20cd1b33f66f8493a Mon Sep 17 00:00:00 2001 From: Alexandre LUCAZEAU Date: Fri, 14 Apr 2023 14:45:23 +0000 Subject: [PATCH 6/6] ADD htop package in common.nix Remove appsmith to web server ADD caddy configuration for jellyfin --- hosts/web/configuration.nix | 2 +- hosts/web/webserver.nix | 4 ++++ modules/common.nix | 1 + 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/hosts/web/configuration.nix b/hosts/web/configuration.nix index a352b91..1d21640 100644 --- a/hosts/web/configuration.nix +++ b/hosts/web/configuration.nix @@ -8,7 +8,7 @@ ../modules/prometheus-node.nix ../modules/common.nix ../modules/users.nix - ../docker/appsmith.nix +# ../docker/appsmith.nix ../docker/kuma.nix ]; diff --git a/hosts/web/webserver.nix b/hosts/web/webserver.nix index de6c357..65bec40 100644 --- a/hosts/web/webserver.nix +++ b/hosts/web/webserver.nix @@ -16,6 +16,10 @@ in encode gzip reverse_proxy http://localhost:3001 } + https://films.atlanticaweb.fr { + encode gzip + reverse_proxy http://localhost:8096 + } https://pocket.atlanticaweb.fr { encode gzip reverse_proxy http://localhost:3001 diff --git a/modules/common.nix b/modules/common.nix index fbdf836..f03ae79 100644 --- a/modules/common.nix +++ b/modules/common.nix @@ -17,6 +17,7 @@ lsd age lsd + htop ]; # Nix Garbage Collector nix.gc = {