Alexander Tomokhov
fd6e49a21a
ACME: do not disable DNS propagation check
2023-12-20 17:43:47 +04:00
Alexander Tomokhov
dcaf96c773
Revert "Revert "Revert "add wildcard ACME certificate"""
...
This reverts commit 4faf8e7dda
.
2023-12-20 17:43:47 +04:00
Alexander Tomokhov
3a66da49e1
do not lib.mkForce
acme.certs
2023-12-20 17:43:47 +04:00
Alexander Tomokhov
5cd12848cc
nix.channel.enable = false
since we're on flakes
2023-12-20 17:43:46 +04:00
Alexander Tomokhov
4faf8e7dda
Revert "Revert "add wildcard ACME certificate""
...
This reverts commit 0c4d57c33d
.
2023-12-20 16:59:57 +04:00
Alexander Tomokhov
c18f332f5f
Revert "use enableACME for all virtualHosts"
...
This reverts commit 46366702bc
.
2023-12-19 23:46:42 +04:00
Alexander Tomokhov
46366702bc
use enableACME for all virtualHosts
2023-12-19 17:22:32 +04:00
Alexander Tomokhov
0c4d57c33d
Revert "add wildcard ACME certificate"
...
This reverts commit b37cadff68
(except pleroma virtualHosts).
2023-12-19 17:22:32 +04:00
Alexander Tomokhov
426e6f72c5
gitea: bind mount /var/lib/gitea
2023-12-19 17:22:32 +04:00
Alexander Tomokhov
eb59d33e1f
nginx: / location with root = "/var/www/root"
2023-12-19 17:22:31 +04:00
Alexander Tomokhov
b37cadff68
add wildcard ACME certificate
2023-12-19 01:52:27 +04:00
Inex Code
312077240a
fix(acme): add dns propagation check exceptions
2023-12-19 01:19:03 +04:00
Alexander Tomokhov
69f84cdc2b
bitwarden: "ConditionPathExists" instead of "after"
2023-12-19 01:19:03 +04:00
Alexander Tomokhov
0ad2ffc30e
api module: avoid simultaneous runs
2023-12-19 00:20:18 +04:00
Alexander Tomokhov
83a17063ac
explicit dependency between backup-vaultwarden and vaultwarden
2023-12-18 23:40:15 +04:00
Alexander Tomokhov
257b0c08e8
sp-modules: some startup fixes
2023-12-18 22:42:13 +04:00
Alexander Tomokhov
da5dac6877
sp-nixos-upgrade: update sp-modules/ own flake.lock
2023-12-18 22:30:24 +04:00
Alexander Tomokhov
3d7aa5e6de
fix selfprivacy-api build with new nixpkgs
2023-12-18 21:44:32 +04:00
Alexander Tomokhov
365f027326
move nginx exclusive virtualHosts to SP modules
2023-12-18 19:02:54 +04:00
Alexander Tomokhov
d881cc8ce5
upgrade nixpkgs to NixOS 23.11
2023-12-18 18:44:18 +04:00
Alexander Tomokhov
b7045a8198
upgrade nixpkgs to NixOS 23.05
2023-12-18 17:56:15 +04:00
Alexander Tomokhov
67c2b12c44
sp-modules: get rid of systemd.tmpfiles
...
Because it causes troubles when using bind-mounts for /var/lib/*.
2023-12-18 16:30:40 +04:00
Alexander Tomokhov
83e8f6e8a1
get rid of files.nix; ACME/credentialsFile and other cleanup
2023-12-18 07:49:27 +04:00
Alexander Tomokhov
7f6c48f978
gitea: RequiresMountsFor and ConditionPathIsMountPoint @ /var/lib/gitea
2023-12-12 20:50:09 +04:00
Alexander Tomokhov
a797b856fc
flake.lock: Update
...
Flake lock file updates:
• Updated input 'selfprivacy-api':
'git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git?ref=userdata&rev=dc230e2e898a510bfdc52e57d829996df02f26b5 ' (2023-12-12)
→ 'git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git?ref=userdata&rev=2bdb73d348d1a8b85a71aa480ab1c08fafb2c9ba ' (2023-12-12)
2023-12-12 16:30:22 +04:00
Alexander Tomokhov
d1711ea9c3
selfprivacy-api: sp-nixos-rebuild with sp-modules relocking
2023-12-12 14:15:06 +04:00
Alexander Tomokhov
defaca8793
clean configuration; simple-nixos-mailserver is an ordinary SP module
2023-12-12 08:25:10 +04:00
Alexander Tomokhov
25bd151ef3
use lower case for config.selfprivacy.server.provider
2023-12-11 21:58:12 +04:00
Alexander Tomokhov
519ebbcb69
get rid of system argument; do not set nixpkgs.hostPlatform
2023-12-05 07:36:26 +04:00
Alexander Tomokhov
4c4aef5363
get system.stateVersion from "deployment" argument
2023-12-05 04:51:37 +04:00
Alexander Tomokhov
9dde55159b
update selfprivacy-api
2023-12-05 01:56:49 +04:00
Alexander Tomokhov
6cd002ae1d
remove restic SP module
2023-12-05 01:56:13 +04:00
Alexander Tomokhov
c052f9172a
move gitea to SP module
2023-12-04 15:59:22 +04:00
Alexander Tomokhov
054d6d9182
move jitsi-meet to SP module
2023-12-04 15:50:00 +04:00
Alexander Tomokhov
3f573e3dc3
activationScripts: rewrite /etc/nixos with configuration source
2023-12-04 15:25:01 +04:00
Alexander Tomokhov
c63b6b808c
acme: RestartSec = 15 * 60
2023-12-04 14:33:43 +04:00
Alexander Tomokhov
c0aa73ca1b
move bitwarden to SP module
2023-12-04 14:33:43 +04:00
Alexander Tomokhov
ade4dc08b1
sp-modules: use jq exit status code
2023-12-03 10:37:37 +04:00
Alexander Tomokhov
4716b9bf19
move restic to SP module
2023-12-03 10:05:51 +04:00
Alexander Tomokhov
c7419b3255
move pleroma to SP module
2023-12-03 09:46:36 +04:00
Alexander Tomokhov
b458458c30
move ocserv to SP module
2023-12-03 09:46:36 +04:00
Alexander Tomokhov
4cbe63ac64
flake: abort on missing configPathsNeeded with message
2023-12-01 08:32:31 +04:00
Alexander Tomokhov
600d8f427d
mailserver: set users.groups.acmereceivers.members
2023-11-29 08:28:19 +04:00
Alexander Tomokhov
b6cd5846f2
users.groups: acmerecievers => acmereceivers
2023-11-29 08:25:24 +04:00
Alexander Tomokhov
1a5a4be306
nextcloud: fix secrets extraction
2023-11-29 08:19:04 +04:00
Alexander Tomokhov
364a5c8076
mailserver: adapt to deprecated and new types of certificateScheme
2023-11-26 09:39:47 +04:00
Alexander Tomokhov
a224731dcf
nextcloud: write passwords using install
2023-11-26 09:39:47 +04:00
Alexander Tomokhov
e814157437
fix config attributes contrain for function imports
2023-11-26 08:56:48 +04:00
Alexander Tomokhov
0db1c4a6ce
downgrade simple-nixos-mailserver to 6d0d9fb9
2023-11-26 04:28:36 +04:00
Alexander Tomokhov
a98dafc98c
fix nextcloud (case when enabled)
...
Previously, second mkIf for cleanup case took precedence when merge with
`//`. Now it's 2 modules: one for selfprivacy.modules.nextcloud.enable
== true, another for selfprivacy.modules.nextcloud.enable == false.
2023-11-26 03:11:29 +04:00