Commit graph

310 commits

Author SHA1 Message Date
Alexander Tomokhov 2d4e7e89a1 configure NixOS to allow configuration without password nor ssh key 2024-01-23 16:37:35 +04:00
Alexander Tomokhov d389b6785f Merge branch 'flakes-test' into flakes 2024-01-19 09:59:09 +04:00
Inex Code a8aca42762 feat(ssh): Allow ecdsa-sha2-nistp256 keys 2024-01-19 03:01:20 +04:00
Alexander Tomokhov f9b86f403d default timezone is "Etc/UTC" 2024-01-19 02:59:29 +04:00
Alexander Tomokhov 643f7716ae remove DOMAIN environment variable 2024-01-19 02:48:27 +04:00
Alexander Tomokhov c96e6fe099 flake.lock: Update
Flake lock file updates:

• Updated input 'selfprivacy-api':
    'git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git?ref=refs/heads/master&rev=0ccb85d5cc24a20ecc8647035c93bc08e3e31b78' (2024-01-10)
  → 'git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git?ref=refs/heads/master&rev=e3761a200c1ce244b285772a0c731a10e6169ef3' (2024-01-15)
2024-01-18 15:18:32 +04:00
Alexander Tomokhov 842d5a0dd1 flake.lock: Update
Flake lock file updates:

• Updated input 'selfprivacy-api':
    'git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git?ref=remove-rest-flaked&rev=fb5a8142da48436cd7a30f267d156d50f47829f6' (2024-01-09)
  → 'git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git?ref=refs/heads/master&rev=0ccb85d5cc24a20ecc8647035c93bc08e3e31b78' (2024-01-10)
2024-01-11 00:13:44 +04:00
Alexander Tomokhov 3311c5ff50 readme: small additions 2024-01-11 00:03:01 +04:00
Alexander Tomokhov 6b66513870 readme: how to update inputs of this flake 2024-01-10 07:13:17 +04:00
Alexander Tomokhov c08d56ae1c flake.lock: Update
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/1e2e384c5b7c50dbf8e9c441a9e58d85f408b01f' (2023-12-17)
  → 'github:nixos/nixpkgs/c1be43e8e837b8dbee2b3665a007e761680f0c3d' (2024-01-05)
2024-01-10 06:57:58 +04:00
Alexander Tomokhov e8842e455b Merge branch 'flakes' into flakes-test 2024-01-10 03:35:26 +04:00
Alexander Tomokhov 1a677f273b fix nextcloud auth page redirection 2024-01-10 01:49:51 +04:00
Inex Code 94456c8bd8 upd 2024-01-09 22:33:24 +03:00
Inex Code 3e0eae6d7d Test SP API 3.0.0 2024-01-09 22:04:53 +03:00
Inex Code c0af154421 Update SP API version 2023-12-31 19:22:33 +03:00
Inex Code f287e68f2b fix setuptools version 2023-12-28 22:26:53 +03:00
Inex Code f1e789c7af Update SP API version 2023-12-28 22:25:16 +03:00
Alexander Tomokhov 3d8de64da0 selfprivacy-api git branch: userdata => flakes 2023-12-28 20:52:51 +04:00
Alexander Tomokhov 1e73c88547 uppercase config.selfprivacy.server.provider 2023-12-28 20:05:33 +04:00
Alexander Tomokhov 51f3f12640 system.autoUpgrade: no verbosity of nixos-rebuild 2023-12-28 13:28:46 +04:00
Alexander Tomokhov 013bd9b8e2 sp-nixos: split script into ExecStartPre && ExecStart 2023-12-28 13:20:49 +04:00
Alexander Tomokhov 15f5d6096d sp-modules: refactor options types 2023-12-28 13:19:47 +04:00
Alexander Tomokhov a32613ece4 nixos-upgrade.serviceConfig.ExecCondition on /etc/nixos changes 2023-12-28 13:19:47 +04:00
Alexander Tomokhov 0c895e4015 module: set to false: restartIfChanged and unitConfig.X-StopOnRemoval 2023-12-28 11:07:18 +04:00
Alexander Tomokhov 08aa0b9ffc systemd.services.nixos-upgrade.serviceConfig.WorkingDirectory 2023-12-28 10:57:45 +04:00
Alexander Tomokhov be45d3ed52 systemd.services.nixos-upgrade.serviceConfig.ExecStartPre 2023-12-28 10:42:58 +04:00
Alexander Tomokhov efc703bf0c system services lock path:./sp-modules without flake.lock; cd /etc/nixos 2023-12-28 04:38:24 +04:00
Alexander Tomokhov cc78c2915f remove channel option value from syustem.autoUpgrade 2023-12-28 02:07:46 +04:00
Alexander Tomokhov fe44ba6fd8 fix nextcloud: fail if secrets are missing 2023-12-27 15:05:23 +04:00
Alexander Tomokhov 77619456d7 /etc/nixos#sp-nixos => /etc/nixos#default 2023-12-27 14:02:27 +04:00
Alexander Tomokhov f94d0aef03 flake.lock: Update
Flake lock file updates:

• Updated input 'selfprivacy-api':
    'git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git?ref=userdata&rev=400be88738fd6c8d18bcc439a81ee208b49bc749' (2023-12-22)
  → 'git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git?ref=userdata&rev=7883063dca4d946c0955faafd78642224d4a9be8' (2023-12-27)
2023-12-27 13:37:55 +04:00
Alexander Tomokhov 23332cda46 add TODO about environment.variables.DOMAIN 2023-12-27 12:54:10 +04:00
Alexander Tomokhov 85f85239a3 do not set nix.package 2023-12-27 11:37:59 +04:00
Alexander Tomokhov 33ba5c41ac API systemd service Type is simple 2023-12-22 23:52:03 +04:00
Alexander Tomokhov 5bd15a768a system.stateVersion: default or config.selfprivacy.stateVersion 2023-12-22 23:04:03 +04:00
Alexander Tomokhov a185dd1e3e selfprivacy-api: add debug for nixos-rebuild 2023-12-22 21:18:05 +04:00
Alexander Tomokhov e6496b95a4 useACMEHost for all services 2023-12-22 21:18:05 +04:00
Alexander Tomokhov 5aba990f95 move system.stateVersion back to userdata 2023-12-22 19:33:24 +04:00
Alexander Tomokhov 05fe40ac21 fix ACME for DigitalOcean: add DNS propagation check exceptions 2023-12-22 19:08:53 +04:00
Alexander Tomokhov 19f30daf80 sp-modules: x-systemd.before=... for all mountpoints 2023-12-22 18:07:14 +04:00
Alexander Tomokhov 5f8cc727e0 ACME: CLOUDFLARE_POLLING_INTERVAL=30
As said in https://github.com/go-acme/lego/issues/2068.
2023-12-22 14:06:55 +04:00
Alexander Tomokhov 64fc2ae57e mailserver: localDnsResolver = false 2023-12-21 15:13:21 +04:00
Alexander Tomokhov 66c0184a93 ACME: dnsPropagationCheck = true 2023-12-21 13:38:28 +04:00
Alexander Tomokhov 4c3072ade8 ACME: CLOUDFLARE_POLLING_INTERVAL=10 2023-12-21 13:08:34 +04:00
Alexander Tomokhov 0e62c9292b dnsPropagationCheck = false explicitly for certs.${domain} 2023-12-21 12:15:28 +04:00
Alexander Tomokhov 5760a753af ACME dnsPropagationCheck = false 2023-12-20 18:29:39 +04:00
Alexander Tomokhov f2a951a71e API module: systemd service Type = "oneshot" 2023-12-20 18:21:51 +04:00
Alexander Tomokhov fd6e49a21a ACME: do not disable DNS propagation check 2023-12-20 17:43:47 +04:00
Alexander Tomokhov dcaf96c773 Revert "Revert "Revert "add wildcard ACME certificate"""
This reverts commit 4faf8e7dda.
2023-12-20 17:43:47 +04:00
Alexander Tomokhov 3a66da49e1 do not lib.mkForce acme.certs 2023-12-20 17:43:47 +04:00