Alexander Tomokhov
|
a185dd1e3e
|
selfprivacy-api: add debug for nixos-rebuild
|
2023-12-22 21:18:05 +04:00 |
|
Alexander Tomokhov
|
e6496b95a4
|
useACMEHost for all services
|
2023-12-22 21:18:05 +04:00 |
|
Alexander Tomokhov
|
5aba990f95
|
move system.stateVersion back to userdata
|
2023-12-22 19:33:24 +04:00 |
|
Alexander Tomokhov
|
05fe40ac21
|
fix ACME for DigitalOcean: add DNS propagation check exceptions
|
2023-12-22 19:08:53 +04:00 |
|
Alexander Tomokhov
|
19f30daf80
|
sp-modules: x-systemd.before=... for all mountpoints
|
2023-12-22 18:07:14 +04:00 |
|
Alexander Tomokhov
|
5f8cc727e0
|
ACME: CLOUDFLARE_POLLING_INTERVAL=30
As said in https://github.com/go-acme/lego/issues/2068.
|
2023-12-22 14:06:55 +04:00 |
|
Alexander Tomokhov
|
64fc2ae57e
|
mailserver: localDnsResolver = false
|
2023-12-21 15:13:21 +04:00 |
|
Alexander Tomokhov
|
66c0184a93
|
ACME: dnsPropagationCheck = true
|
2023-12-21 13:38:28 +04:00 |
|
Alexander Tomokhov
|
4c3072ade8
|
ACME: CLOUDFLARE_POLLING_INTERVAL=10
|
2023-12-21 13:08:34 +04:00 |
|
Alexander Tomokhov
|
0e62c9292b
|
dnsPropagationCheck = false explicitly for certs.${domain}
|
2023-12-21 12:15:28 +04:00 |
|
Alexander Tomokhov
|
5760a753af
|
ACME dnsPropagationCheck = false
|
2023-12-20 18:29:39 +04:00 |
|
Alexander Tomokhov
|
f2a951a71e
|
API module: systemd service Type = "oneshot"
|
2023-12-20 18:21:51 +04:00 |
|
Alexander Tomokhov
|
fd6e49a21a
|
ACME: do not disable DNS propagation check
|
2023-12-20 17:43:47 +04:00 |
|
Alexander Tomokhov
|
dcaf96c773
|
Revert "Revert "Revert "add wildcard ACME certificate"""
This reverts commit 4faf8e7dda .
|
2023-12-20 17:43:47 +04:00 |
|
Alexander Tomokhov
|
3a66da49e1
|
do not lib.mkForce acme.certs
|
2023-12-20 17:43:47 +04:00 |
|
Alexander Tomokhov
|
5cd12848cc
|
nix.channel.enable = false since we're on flakes
|
2023-12-20 17:43:46 +04:00 |
|
Alexander Tomokhov
|
4faf8e7dda
|
Revert "Revert "add wildcard ACME certificate""
This reverts commit 0c4d57c33d .
|
2023-12-20 16:59:57 +04:00 |
|
Alexander Tomokhov
|
c18f332f5f
|
Revert "use enableACME for all virtualHosts"
This reverts commit 46366702bc .
|
2023-12-19 23:46:42 +04:00 |
|
Alexander Tomokhov
|
46366702bc
|
use enableACME for all virtualHosts
|
2023-12-19 17:22:32 +04:00 |
|
Alexander Tomokhov
|
0c4d57c33d
|
Revert "add wildcard ACME certificate"
This reverts commit b37cadff68
(except pleroma virtualHosts).
|
2023-12-19 17:22:32 +04:00 |
|
Alexander Tomokhov
|
426e6f72c5
|
gitea: bind mount /var/lib/gitea
|
2023-12-19 17:22:32 +04:00 |
|
Alexander Tomokhov
|
eb59d33e1f
|
nginx: / location with root = "/var/www/root"
|
2023-12-19 17:22:31 +04:00 |
|
Alexander Tomokhov
|
b37cadff68
|
add wildcard ACME certificate
|
2023-12-19 01:52:27 +04:00 |
|
Inex Code
|
312077240a
|
fix(acme): add dns propagation check exceptions
|
2023-12-19 01:19:03 +04:00 |
|
Alexander Tomokhov
|
69f84cdc2b
|
bitwarden: "ConditionPathExists" instead of "after"
|
2023-12-19 01:19:03 +04:00 |
|
Alexander Tomokhov
|
0ad2ffc30e
|
api module: avoid simultaneous runs
|
2023-12-19 00:20:18 +04:00 |
|
Alexander Tomokhov
|
83a17063ac
|
explicit dependency between backup-vaultwarden and vaultwarden
|
2023-12-18 23:40:15 +04:00 |
|
Alexander Tomokhov
|
257b0c08e8
|
sp-modules: some startup fixes
|
2023-12-18 22:42:13 +04:00 |
|
Alexander Tomokhov
|
da5dac6877
|
sp-nixos-upgrade: update sp-modules/ own flake.lock
|
2023-12-18 22:30:24 +04:00 |
|
Alexander Tomokhov
|
3d7aa5e6de
|
fix selfprivacy-api build with new nixpkgs
|
2023-12-18 21:44:32 +04:00 |
|
Alexander Tomokhov
|
365f027326
|
move nginx exclusive virtualHosts to SP modules
|
2023-12-18 19:02:54 +04:00 |
|
Alexander Tomokhov
|
d881cc8ce5
|
upgrade nixpkgs to NixOS 23.11
|
2023-12-18 18:44:18 +04:00 |
|
Alexander Tomokhov
|
b7045a8198
|
upgrade nixpkgs to NixOS 23.05
|
2023-12-18 17:56:15 +04:00 |
|
Alexander Tomokhov
|
67c2b12c44
|
sp-modules: get rid of systemd.tmpfiles
Because it causes troubles when using bind-mounts for /var/lib/*.
|
2023-12-18 16:30:40 +04:00 |
|
Alexander Tomokhov
|
83e8f6e8a1
|
get rid of files.nix; ACME/credentialsFile and other cleanup
|
2023-12-18 07:49:27 +04:00 |
|
Alexander Tomokhov
|
7f6c48f978
|
gitea: RequiresMountsFor and ConditionPathIsMountPoint @ /var/lib/gitea
|
2023-12-12 20:50:09 +04:00 |
|
Alexander Tomokhov
|
a797b856fc
|
flake.lock: Update
Flake lock file updates:
• Updated input 'selfprivacy-api':
'git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git?ref=userdata&rev=dc230e2e898a510bfdc52e57d829996df02f26b5' (2023-12-12)
→ 'git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git?ref=userdata&rev=2bdb73d348d1a8b85a71aa480ab1c08fafb2c9ba' (2023-12-12)
|
2023-12-12 16:30:22 +04:00 |
|
Alexander Tomokhov
|
d1711ea9c3
|
selfprivacy-api: sp-nixos-rebuild with sp-modules relocking
|
2023-12-12 14:15:06 +04:00 |
|
Alexander Tomokhov
|
defaca8793
|
clean configuration; simple-nixos-mailserver is an ordinary SP module
|
2023-12-12 08:25:10 +04:00 |
|
Alexander Tomokhov
|
25bd151ef3
|
use lower case for config.selfprivacy.server.provider
|
2023-12-11 21:58:12 +04:00 |
|
Alexander Tomokhov
|
519ebbcb69
|
get rid of system argument; do not set nixpkgs.hostPlatform
|
2023-12-05 07:36:26 +04:00 |
|
Alexander Tomokhov
|
4c4aef5363
|
get system.stateVersion from "deployment" argument
|
2023-12-05 04:51:37 +04:00 |
|
Alexander Tomokhov
|
9dde55159b
|
update selfprivacy-api
|
2023-12-05 01:56:49 +04:00 |
|
Alexander Tomokhov
|
6cd002ae1d
|
remove restic SP module
|
2023-12-05 01:56:13 +04:00 |
|
Alexander Tomokhov
|
c052f9172a
|
move gitea to SP module
|
2023-12-04 15:59:22 +04:00 |
|
Alexander Tomokhov
|
054d6d9182
|
move jitsi-meet to SP module
|
2023-12-04 15:50:00 +04:00 |
|
Alexander Tomokhov
|
3f573e3dc3
|
activationScripts: rewrite /etc/nixos with configuration source
|
2023-12-04 15:25:01 +04:00 |
|
Alexander Tomokhov
|
c63b6b808c
|
acme: RestartSec = 15 * 60
|
2023-12-04 14:33:43 +04:00 |
|
Alexander Tomokhov
|
c0aa73ca1b
|
move bitwarden to SP module
|
2023-12-04 14:33:43 +04:00 |
|
Alexander Tomokhov
|
ade4dc08b1
|
sp-modules: use jq exit status code
|
2023-12-03 10:37:37 +04:00 |
|