Commit Graph

161 Commits

Author SHA1 Message Date
6f5b9430c9 prometheus: add alert for resilio sync going down
All checks were successful
flake / flake (push) Successful in 1m17s
2024-10-12 21:39:00 +01:00
33cdcdca0a prometheus: enable systemd collector
All checks were successful
flake / flake (push) Successful in 1m15s
2024-10-12 15:27:13 +01:00
2656c0dba9 scx_lavd: package and ship
All checks were successful
flake / flake (push) Successful in 1m18s
2024-10-12 00:54:02 +01:00
961acd80d7 scx_layered: package and ship
All checks were successful
flake / flake (push) Successful in 1m14s
2024-10-11 20:15:55 +01:00
4eaae0fa75 isponsorblocktv: deploy docker container
All checks were successful
flake / flake (push) Successful in 1m18s
2024-10-06 21:38:06 +01:00
72955e2377 homeassistant: announce locally and deploy to hallway tablet
All checks were successful
flake / flake (push) Successful in 1m17s
2024-10-06 20:43:48 +01:00
0a2330cb90 www: fix cloning script
All checks were successful
flake / flake (push) Successful in 1m15s
2024-10-06 16:35:59 +01:00
3d8a60da5b sched_ext: bump kernel to 6.12-rc1
All checks were successful
flake / flake (push) Successful in 1m13s
Removes the custom kernel features and requires any host running
sched_ext to pull a kernel at least 6.12. Looks at
pkgs.unstable.linuxPackages first, if that's too old it falls back to
pkgs.linuxPackages_latest, and if that's too old it goes for
pkgs.unstable.linuxPackages_testing.

The plan is to leave `boot.kernelPackages` alone if new enough, but
we'll keep the assertion. Some schedulers might require more specific
kernel constraints in the future.
2024-10-03 00:17:59 +01:00
ceb8591705 step-ca: pin uid and gid
All checks were successful
flake / flake (push) Successful in 1m14s
2024-09-23 20:30:35 +01:00
415a061842 prometheus: move id pinning to correct module
All checks were successful
flake / flake (push) Successful in 1m15s
2024-09-23 20:26:34 +01:00
31a9828430 prometheus: add service and enable reporting globally (#330)
All checks were successful
flake / flake (push) Successful in 1m15s
## Test plan:

- https://prometheus.ts.hillion.co.uk/graph?g0.expr=1%20-%20(node_filesystem_avail_bytes%7Bmountpoint%20%3D%20%22%2F%22%2C%20device%3D%22tmpfs%22%7D%20%2F%20node_filesystem_size_bytes%7Bmountpoint%20%3D%20%22%2F%22%2C%20device%3D%22tmpfs%22%7D)&g0.tab=0&g0.display_mode=lines&g0.show_exemplars=0&g0.range_input=1h - reports percentage used on all tmpfs roots. This is exactly what I wanted, in the future I might add alerts for it as high tmpfs usage is a sign of something being wrong and is likely to lead to OOMing.

Aside: NixOS is awesome. I just deployed full monitoring to every host I have and all future hosts in minutes.
Reviewed-on: #330
Co-authored-by: Jake Hillion <jake@hillion.co.uk>
Co-committed-by: Jake Hillion <jake@hillion.co.uk>
2024-09-23 20:24:31 +01:00
7afa21e537 chia: update to 2.4.3
All checks were successful
flake / flake (push) Successful in 1m15s
2024-09-22 21:09:31 +01:00
8933d38d36 sched_ext: ship pre-release 6.12 kernel
All checks were successful
flake / flake (push) Successful in 1m14s
2024-09-22 16:18:04 +01:00
0ad31dddae gendry: decrypt encrypted disk with clevis/tang
All checks were successful
flake / flake (push) Successful in 1m15s
2024-09-22 11:06:03 +01:00
ac6f285400 resilio: require mounts be available
All checks were successful
flake / flake (push) Successful in 1m15s
Without this resilio fails on boot on tywin.storage where the paths are
on a ZFS array which gets mounted reliably later than the resilio
service attempts to start.
2024-09-14 02:30:20 +01:00
85246af424 caddy: update to unstable
All checks were successful
flake / flake (push) Successful in 1m13s
The default config for automatic ACME no longer works in Caddy <2.8.0.
This is due to changes with ZeroSSL's auth. Update to unstable Caddy
which is new enough to renew certs again.

Context: https://github.com/caddyserver/caddy/releases/tag/v2.8.0

Add `pkgs.unstable` as an overlay as recommended on the NixOS wiki. This
is needed here as Caddy must be runnable on all architectures.
2024-09-05 00:04:08 +01:00
264799952e bathroom_light: trust switchbot if more recently updated
All checks were successful
flake / flake (push) Successful in 1m13s
2024-08-30 18:46:38 +01:00
5cef32cf1e gitea actions: use cache for nix
All checks were successful
flake / flake (push) Successful in 1m15s
2024-08-30 18:39:02 +01:00
3d642e2320 boron: move postgresqlBackup to disk to reduce ram pressure
All checks were successful
flake / flake (push) Successful in 1m14s
2024-08-09 23:37:16 +01:00
41d5f0cc53 homeassistant: add sonos
All checks were successful
flake / flake (push) Successful in 1m17s
2024-08-08 18:31:10 +01:00
974c947130 homeassistant: add smartthings
All checks were successful
flake / flake (push) Successful in 1m15s
2024-08-04 18:15:34 +01:00
8a9498f8d7 homeassistant: expose sleep_mode to google
All checks were successful
flake / flake (push) Successful in 1m15s
2024-08-04 17:56:32 +01:00
db5dc5aee6 step-ca: enable server on sodium and load root certs
All checks were successful
flake / flake (push) Successful in 1m14s
2024-08-01 23:28:22 +01:00
67c8e3dcaf homeassistant: migrate to basnijholt/adaptive-lighting
All checks were successful
flake / flake (push) Successful in 1m14s
2024-07-22 11:16:34 +01:00
1052379119 unifi: switch to nixos module
All checks were successful
flake / flake (push) Successful in 1m24s
2024-07-19 16:43:53 +01:00
6bdaca40e0 tmux: index from 0 and always allow attach
All checks were successful
flake / flake (push) Successful in 1m14s
2024-07-17 15:02:19 +01:00
5dcf3b8e3f chia: update to 2.4.1
All checks were successful
flake / flake (push) Successful in 1m13s
2024-07-10 10:01:16 +01:00
cde6bdd498 tywin: enable clevis/tang for boot
All checks were successful
flake / flake (push) Successful in 1m13s
2024-06-10 22:34:28 +01:00
67644162e1 sodium: rekey
All checks were successful
flake / flake (push) Successful in 1m12s
accidentally ran `rm -r /data`...
2024-06-02 21:45:03 +01:00
a0f93c73d0 sodium.pop: add rpi5 host
All checks were successful
flake / flake (push) Successful in 1m22s
2024-05-25 22:56:27 +01:00
78705d440a homeassistant: only switch bathroom light when it is already on
All checks were successful
flake / flake (push) Successful in 1m18s
Although the system now knows whether the bathroom light is on, it switches the switch every time the light should be turned off regardless of if it's already off. Because this is a device running on battery that performs a physical movement this runs the battery out very fast. Adjust the system to only switch the light off if it thinks it's on, even though this has the potential for desyncs.
2024-05-25 22:03:11 +01:00
3f829236a2 homeassistant: read bathroom light status from motion sensor
All checks were successful
flake / flake (push) Successful in 1m18s
2024-05-25 17:03:57 +01:00
22305815c6 matrix: fix warning about renamed sliding sync
All checks were successful
flake / flake (push) Successful in 1m17s
2024-05-25 16:33:05 +01:00
62e61bec8a matrix: add sliding sync
All checks were successful
flake / flake (push) Successful in 1m18s
2024-05-24 10:18:30 +01:00
796bbc7a68 chore(deps): update nixpkgs to nixos-24.05 (#271)
All checks were successful
flake / flake (push) Successful in 1m20s
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [nixpkgs](https://github.com/NixOS/nixpkgs) | major | `nixos-23.11` -> `nixos-24.05` |

---

### Release Notes

<details>
<summary>NixOS/nixpkgs (nixpkgs)</summary>

### [`vnixos-24.05`](https://github.com/NixOS/nixpkgs/compare/nixos-23.11...nixos-24.05)

[Compare Source](https://github.com/NixOS/nixpkgs/compare/nixos-23.11...nixos-24.05)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNzQuMyIsInVwZGF0ZWRJblZlciI6IjM3LjM3NC4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Co-authored-by: Jake Hillion <jake@hillion.co.uk>
Reviewed-on: #271
Co-authored-by: Renovate Bot <renovate-bot@noreply.gitea.hillion.co.uk>
Co-committed-by: Renovate Bot <renovate-bot@noreply.gitea.hillion.co.uk>
2024-05-23 22:40:58 +01:00
8123653a92 jorah.cx: delete
All checks were successful
flake / flake (push) Successful in 1m17s
2024-05-21 22:43:56 +01:00
a9c9600b14 matrix: move jorah->boron
All checks were successful
flake / flake (push) Successful in 2m20s
2024-05-18 19:14:39 +01:00
eae5e105ff unifi: move jorah->boron
All checks were successful
flake / flake (push) Successful in 1m21s
2024-05-18 16:52:22 +01:00
f1fd6ee270 gitea: fix ips in iptables rules
All checks were successful
flake / flake (push) Successful in 1m10s
2024-05-18 15:34:43 +01:00
f59824ad62 gitea: move jorah->boron
All checks were successful
flake / flake (push) Successful in 2m16s
2024-05-12 13:11:54 +01:00
bff93529aa www.global: move jorah->boron
All checks were successful
flake / flake (push) Successful in 1m56s
2024-05-12 12:11:15 +01:00
13bfe6f787 boron: enable authoritative dns
All checks were successful
flake / flake (push) Successful in 2m4s
2024-05-10 22:44:48 +01:00
ad8c8b9b19 boron: enable version_tracker
All checks were successful
flake / flake (push) Successful in 2m5s
2024-05-10 22:12:49 +01:00
a4235b2581 boron: move to kernel 6.8 and re-image
All checks were successful
flake / flake (push) Successful in 1m58s
The extremely modern hardware on this server appears to experience
kernel crashes with the default NixOS 23.11 kernel 6.1 and the default
NixOS 24.05 kernel 6.6. Empirical testing shows the server staying up on
Ubuntu 22's 6.2 and explicit NixOS kernel 6.8.

The server was wiped during this testing so now needs reimaging.
2024-05-08 21:11:09 +01:00
a272cd0661 downloads: add explicit nameservers
All checks were successful
flake / flake (push) Successful in 1m48s
2024-05-06 00:07:25 +01:00
1ca4daab9c locations: move attrset into config block
All checks were successful
flake / flake (push) Successful in 1m42s
2024-04-28 10:39:40 +01:00
745ea58dec homeassistant: update trusted proxies
All checks were successful
flake / flake (push) Successful in 1m46s
2024-04-27 19:14:12 +01:00
348bca745b jorah: add authoritative dns server
All checks were successful
flake / flake (push) Successful in 1m44s
2024-04-27 18:54:46 +01:00
0ef24c14e7 tailscale: update to included nixos module
All checks were successful
flake / flake (push) Successful in 1m43s
2024-04-27 15:36:45 +01:00
d9233021c7 add enable options for modules/common/default
All checks were successful
flake / flake (push) Successful in 2m9s
2024-04-27 13:46:06 +01:00