removed dedicated deploy user for the moment

fix: support remote deployment
fix: added missing important user
2025-08-07 22:20:33 +02:00 · 2025-05-10 11:03:54 +02:00 · 2025-05-10 10:59:20 +02:00 · 2025-05-10 10:57:14 +02:00 · 2025-05-10 10:54:33 +02:00 · 2025-05-10 10:53:23 +02:00
13 changed files with 114 additions and 108 deletions
--- a/flake.lock
+++ b/flake.lock
@ -166,11 +166,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1746710194,
-        "narHash": "sha256-r2zE8+rWZieU05LMKixeU5SsMy9I4truiTPKchTPNaw=",
+        "lastModified": 1746798521,
+        "narHash": "sha256-axfz/jBEH9XHpS7YSumstV7b2PrPf7L8bhWUtLBv3nA=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "cea975d46d08293eae3ad0d9f16207f1ce2dfc81",
+        "rev": "e95a7c5b6fa93304cd2fd78cf676c4f6d23c422c",
        "type": "github"
      },
      "original": {
@ -211,11 +211,11 @@
        "treefmt-nix": "treefmt-nix"
      },
      "locked": {
-        "lastModified": 1746693006,
-        "narHash": "sha256-IztZLDIwNOvJCxqnBmaU7/oEjOBLJZgmLoK0ikQGQkM=",
+        "lastModified": 1746860762,
+        "narHash": "sha256-DR3jIVXZcJMbsqDyuMPDhc5/hzXBCamiLBJHKmZGRCo=",
        "owner": "nix-community",
        "repo": "neovim-nightly-overlay",
-        "rev": "b969e3c7bfcb7a438382dd6e379788f762094df5",
+        "rev": "a5bf9774518999ee66cd067aad6924ef987c6fde",
        "type": "github"
      },
      "original": {
@ -227,11 +227,11 @@
    "neovim-src": {
      "flake": false,
      "locked": {
-        "lastModified": 1746661883,
-        "narHash": "sha256-kjIDvE1KGhACcvAJGLgzaQDkenH8dN9Hapfc0/b/3bQ=",
+        "lastModified": 1746827679,
+        "narHash": "sha256-+qsql9OvlvvmrVfPVh60SYSgr3oiVyBgwWFrvTmKSO0=",
        "owner": "neovim",
        "repo": "neovim",
-        "rev": "1b8ae4336db86ff95998223cc6bd8e07229d237d",
+        "rev": "db702782e0168d45256a975c4bc1809b5785d952",
        "type": "github"
      },
      "original": {
@ -346,11 +346,11 @@
    },
    "nixpkgsSmall": {
      "locked": {
-        "lastModified": 1746662363,
-        "narHash": "sha256-1LXVNEjo9RXc9IGh711BvgdMhD71+iuUKjhZsq4npgo=",
+        "lastModified": 1746784728,
+        "narHash": "sha256-I7leCVscxg2FLUalLKuVgkGDzfG9Z28ww+ypggQrXiw=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "30ece0005f607654dee9b6c2f8bfa1d182a9f301",
+        "rev": "71b33d466317d0e07557d666be6c888fb757e4ba",
        "type": "github"
      },
      "original": {
@ -362,11 +362,11 @@
    },
    "nixpkgsUnstable": {
      "locked": {
-        "lastModified": 1746461020,
-        "narHash": "sha256-7+pG1I9jvxNlmln4YgnlW4o+w0TZX24k688mibiFDUE=",
+        "lastModified": 1746663147,
+        "narHash": "sha256-Ua0drDHawlzNqJnclTJGf87dBmaO/tn7iZ+TCkTRpRc=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "3730d8a308f94996a9ba7c7138ede69c1b9ac4ae",
+        "rev": "dda3dcd3fe03e991015e9a74b22d35950f264a54",
        "type": "github"
      },
      "original": {
@ -490,11 +490,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1746685734,
-        "narHash": "sha256-bA6UKUmA/byQjO5MuyOT62Z4rg36DW4kt7QIqEQTDB0=",
+        "lastModified": 1746846243,
+        "narHash": "sha256-AV7zvbi1SVbGxODW7SKw3MhMkS1SQNNwp+XEky14rR4=",
        "owner": "0xc000022070",
        "repo": "zen-browser-flake",
-        "rev": "4327bc9352789c7e28bda04696a38a08f10dd716",
+        "rev": "efa32c933ca9f6341bbf57ede9a674d45ebe72e2",
        "type": "github"
      },
      "original": {
--- a/home-manager/home.nix
+++ b/home-manager/home.nix
@ -280,7 +280,7 @@
      {
        name = "powerlevel10k-config";
        src = ./dotfiles/p10k;
-        file = "p10k.zsh";
+        file = ".p10k.zsh";
      }
    ];
  };
--- a/hosts/diva/features/uptime-kuma.nix
+++ b/hosts/diva/features/uptime-kuma.nix
@ -11,7 +11,7 @@
    reverse_proxy :4000
  '';

-  services.caddy.virtualHosts."http://uptime.diva.global.rougebordeaux.xyz.extraConfig = ''
+  services.caddy.virtualHosts."http://uptime.diva.global.rougebordeaux.xyz".extraConfig = ''
    reverse_proxy :4000
  '';
 }
--- a/hosts/sisyphe/configuration.nix
+++ b/hosts/sisyphe/configuration.nix
@ -9,6 +9,7 @@ let
  ip = "192.168.1.177";
  gateway = "192.168.1.1";
  username = "homelab";
+  # TODO: set up internal hostname config
 in
 {
  imports = [
@ -42,11 +43,9 @@ in
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHjz5MUSmc1ahtUJWuvzG7PHH432nx6a0Nj2zfxt3oTP geekcat@protonmail.com"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP9Yp7TbDhYJ27Sh+LcPXT569bMVwbFrkE4zksfU84l+ harry123@goober"
    ];
-
-    initialHashedPassword = "$y$j9T$H0D6NpMw1EU.oDhbMWrwL.$wDGGBKKGQdzeDRTzq0gWhoLdyUpQ2w6PMmGl.nuQ11/";
  };

-  users.users.root.initialHashedPassword = "$y$j9T$99/NEnBGoewbrl5eHvTw7/$87rjPrvqs0Ys72338SxZJDibi8p7Fe8Can37rJyhcQ.";
+  security.sudo.wheelNeedsPassword = false;

  environment.systemPackages = with pkgs; [
    git
--- a/hosts/sisyphe/features/multimedia/arr-suite.nix
+++ b/hosts/sisyphe/features/multimedia/arr-suite.nix
@ -18,8 +18,6 @@ in
    openFirewall = true;
  };

-
-
  services.prowlarr = {
    enable = true;
    openFirewall = true;
@ -58,32 +56,32 @@ in
  */

  services.caddy.virtualHosts = {
-      "http://radarr.sisyphe.normandy.rougebordeaux.xyz".extraConfig = ''
-        reverse_proxy :7878
-      '';
+    "http://radarr.sisyphe.normandy.rougebordeaux.xyz".extraConfig = ''
+      reverse_proxy :7878
+    '';

-      "http://sonarr.sisyphe.normandy.rougebordeaux.xyz.extraConfig = ''
-        reverse_proxy :8989
-      '';
+    "http://sonarr.sisyphe.normandy.rougebordeaux.xyz".extraConfig = ''
+      reverse_proxy :8989
+    '';

-      "http://sonarr-anime.sisyphe.normandy.rougebordeaux.xyz.extraConfig = ''
-        reverse_proxy :8999
-      '';
+    "http://sonarr-anime.sisyphe.normandy.rougebordeaux.xyz".extraConfig = ''
+      reverse_proxy :8999
+    '';

-      "http://prowlarr.sisyphe.normandy.rougebordeaux.xyz.extraConfig = ''
-        reverse_proxy :9696
-      '';
+    "http://prowlarr.sisyphe.normandy.rougebordeaux.xyz".extraConfig = ''
+      reverse_proxy :9696
+    '';

-      "http://katflix.sisyphe.normandy.rougebordeaux.xyz.extraConfig = ''
-        reverse_proxy :5055
-      '';
+    "http://katflix.sisyphe.normandy.rougebordeaux.xyz".extraConfig = ''
+      reverse_proxy :5055
+    '';

-      "http://bazarr.sisyphe.normandy.rougebordeaux.xyz.extraConfig = ''
-        reverse_proxy :6767
-      '';
+    "http://bazarr.sisyphe.normandy.rougebordeaux.xyz".extraConfig = ''
+      reverse_proxy :6767
+    '';

-      "http://bazarr-anime.sisyphe.normandy.rougebordeaux.xyz.extraConfig = ''
-        reverse_proxy :6777
-      '';
+    "http://bazarr-anime.sisyphe.normandy.rougebordeaux.xyz".extraConfig = ''
+      reverse_proxy :6777
+    '';
  };
 }
--- a/hosts/sisyphe/features/multimedia/calibre-web.nix
+++ b/hosts/sisyphe/features/multimedia/calibre-web.nix
@ -11,7 +11,7 @@
    };
  };

-  services.caddy.virtualHosts."http://books.rougebordeaux.xyz".extraConfig = ''
+  services.caddy.virtualHosts."http://read.rougebordeaux.xyz".extraConfig = ''
    reverse_proxy :8083
  '';
 }
--- a/hosts/sisyphe/features/multimedia/jellyfin.nix
+++ b/hosts/sisyphe/features/multimedia/jellyfin.nix
@ -23,12 +23,12 @@
  };

  services.caddy.virtualHosts = {
-      "http://jellyfin.sisyphe.normandy.rougebordeaux.xyz".extraConfig = ''
-        reverse_proxy :8096
-      '';
+    "http://jellyfin.sisyphe.normandy.rougebordeaux.xyz".extraConfig = ''
+      reverse_proxy :8096
+    '';

-      "http://media.rougebordeaux.xyz.extraConfig = ''
-        reverse_proxy :8096
-      '';
+    "http://media.rougebordeaux.xyz".extraConfig = ''
+      reverse_proxy :8096
+    '';
  };
 }
--- a/hosts/sisyphe/features/prometheus.nix
+++ b/hosts/sisyphe/features/prometheus.nix
@ -17,17 +17,21 @@
      systemd = {
        enable = true;
      };
-      sabnzbd = {
-        enable = true;
-        servers = [
-          {
-            "sisyphe" = {
-              baseUrl = "http://nzb.sisyphe.normandy.rougebordeaux.xyz";
-              apiKeyFile = "/run/secrets/sabnbzd_apikey";
-            };
-          }
-        ];
-      };
+      # TODO: enable prometheus services based on whether they are enabled or not
+      /*
+        sabnzbd = {
+          enable = true;
+
+          servers = [
+            {
+              "sisyphe" = {
+                baseUrl = "http://nzb.sisyphe.normandy.rougebordeaux.xyz";
+                apiKeyFile = "/run/secrets/sabnbzd_apikey";
+              };
+            }
+          ];
+        };
+      */
      redis = {
        enable = true;
      };
@ -41,11 +45,14 @@
      php-fpm = {
        enable = true;
      };
-      nextcloud = {
-        enable = true;
-        url = "https://cloud.rougebordeaux.xyz";
-        tokenFile = "/run/secrets/nextcloudTokenFile";
-      };
+      /*
+        TODO: need to fix secrets before
+        nextcloud = {
+          enable = true;
+          url = "https://cloud.rougebordeaux.xyz";
+          tokenFile = "/run/secrets/nextcloudTokenFile";
+        };
+      */
    };
    scrapeConfigs = [

--- a/hosts/sisyphe/features/services/forgejo.nix
+++ b/hosts/sisyphe/features/services/forgejo.nix
@ -41,7 +41,7 @@
    mailerPasswordFile = config.sops.secrets.smtp_password.path;
  };

-  servuces.fail2ban = {
+  services.fail2ban = {
    enable = true;
    jails = {
      forgejo = {
--- a/hosts/sisyphe/features/services/homelab-dashboard.nix
+++ b/hosts/sisyphe/features/services/homelab-dashboard.nix
@ -9,14 +9,10 @@
 with lib;
 let
  cfg = config.homepage-dashboard;
-  ip = cfg.baseURL;
+  ip = "192.168.1.177";
 in
 {
  options = {
-    homepage-dashboard.baseURL = mkOption {
-      type = types.str;
-      default = "192.168.1.177";
-    };
    homepage-dashboard.proxmoxVEIp = mkOption {
      type = types.str;
      default = "192.168.1.10";
@ -29,6 +25,11 @@ in
      type = types.str;
      default = "192.168.1.25";
    };
+
+    homepage-dashboard.baseUrl = mkOption {
+      type = types.str;
+      default = "rougebordeaux.xyz";
+    };
  };

  #TODO: add Radarr/Sonarr/... api key support
@ -38,11 +39,11 @@ in
      format = "dotenv";
    };

-    services.caddy.virtualHosts."http://sisyphe.normandy.rougebordeaux.xyz".extraConfig = ''
+    services.caddy.virtualHosts."http://sisyphe.normandy.${cfg.baseUrl}".extraConfig = ''
      reverse_proxy :8082
    '';

-    services.caddy.virtualHosts."http://home.rougebordeaux.xyz.extraConfig = ''
+    services.caddy.virtualHosts."http://home.${cfg.baseUrl}".extraConfig = ''
      reverse_proxy :8082
    '';

@ -97,7 +98,7 @@ in
            }
            {
              "mastodon" = [
-                { href = "https://fish.rougebordeaux.xyz; }
+                { href = "https://fish.rougebordeaux.xyz"; }
              ];
            }
            {
@ -147,14 +148,14 @@ in
              "Calibre-web" = {
                icon = "calibre";
                description = "Serveur de livres";
-                href = "http://books.rougebordeaux.xyz;
+                href = "http://books.${cfg.baseUrl}";
              };
            }
            {
              "Freshrss" = {
                icon = "freshrss";
                description = "Récupère les articles";
-                href = "http://freshrss.rougebordeaux.xyz;
+                href = "http://freshrss.${cfg.baseUrl}";
              };
            }
          ];
@ -166,7 +167,7 @@ in
              "Jellyfin" = {
                icon = "jellyfin";
                description = "Permet de regarder ou écouter du contenu.";
-                href = "http://media.rougebordeaux.xyz;
+                href = "http://media.${cfg.baseUrl}";
                widget = {
                  type = "jellyfin";
                  url = "http://${ip}:8096";
@ -179,7 +180,7 @@ in
              "Jellyseerr" = {
                icon = "jellyseerr";
                description = "Moteur de recherche de films/séries";
-                href = "http://katflix.sisyphe.normandy.rougebordeaux.xyz;
+                href = "http://katflix.sisyphe.normandy.${cfg.baseUrl}";

                widget = {
                  type = "jellyseerr";
@ -192,14 +193,14 @@ in
              "slskd" = {
                icon = "slskd";
                description = "Pour télécharger/partager de la musique";
-                href = "http://slskd.sisyphe.normandy.rougebordeaux.xyz;
+                href = "http://slskd.sisyphe.normandy.${cfg.baseUrl}";
              };
            }
            {
              "Prowlarr" = {
                icon = "prowlarr";
                description = "Indexe les différents sites de téléchargement";
-                href = "http://prowlarr.sisyphe.normandy.rougebordeaux.xyz;
+                href = "http://prowlarr.sisyphe.normandy.${cfg.baseUrl}";
                widget = {
                  type = "prowlarr";
                  key = "{{HOMEPAGE_VAR_PROWLARR}}";
@ -211,7 +212,7 @@ in
              "Sonarr" = {
                icon = "sonarr";
                description = "Moteur de recherche pour les séries";
-                href = "http://sonarr.sisyphe.normandy.rougebordeaux.xyz;
+                href = "http://sonarr.sisyphe.normandy.${cfg.baseUrl}";
                widget = {
                  type = "sonarr";
                  url = "http://${ip}:8989";
@ -223,10 +224,10 @@ in
              "Sonarr anime" = {
                icon = "sonarr";
                description = "Moteur de recherche pour les séries animées";
-                href = "http://sonarr-anime.sisyphe.normandy.rougebordeaux.xyz;
+                href = "http://sonarr-anime.sisyphe.normandy.${cfg.baseUrl}";
                widget = {
                  type = "sonarr";
-                  url = "http://${ip}:8999";
+                  url = "";
                  key = "{{HOMEPAGE_VAR_SONARRANIME}}";
                };
              };
@ -235,7 +236,7 @@ in
              "Radarr" = {
                icon = "radarr";
                description = "Moteur de recherche pour les films";
-                href = "http://radarr.sisyphe.normandy.rougebordeaux.xyz;
+                href = "http://radarr.sisyphe.normandy.${cfg.baseUrl}";
                widget = {
                  type = "radarr";
                  key = "{{HOMEPAGE_VAR_RADARR}}";
@ -247,7 +248,7 @@ in
              "Bazarr" = {
                icon = "bazarr";
                description = "Vérifie les sous titres des films/séries.";
-                href = "http://bazarr.sisyphe.normandy.rougebordeaux.xyz;
+                href = "http://bazarr.sisyphe.normandy.${cfg.baseUrl}";
                widget = {
                  type = "bazarr";
                  key = "{{HOMEPAGE_VAR_BAZARR}}";
@ -259,7 +260,7 @@ in
              "Bazarr anime" = {
                icon = "bazarr";
                description = "Vérifie les sous titres des séries animées.";
-                href = "http://bazarr-anime.sisyphe.normandy.rougebordeaux.xyz;
+                href = "http://bazarr-anime.sisyphe.normandy.${cfg.baseUrl}";
                widget = {
                  type = "bazarr";
                  key = "{{HOMEPAGE_VAR_BAZARRANIME}}";
@ -272,7 +273,7 @@ in
              "Transmission" = {
                icon = "transmission";
                description = "s'occupe du téléchargement des fichiers";
-                href = "http://transmission.sisyphe.normandy.rougebordeaux.xyz;
+                href = "http://transmission.sisyphe.normandy.${cfg.baseUrl}";
                widget = {
                  type = "transmission";
                  url = "http://${ip}:9091";
@ -285,7 +286,7 @@ in
              "Sabnzbd" = {
                icon = "sabnzbd";
                description = "s'occupe de naviguer sur les réseaux usenet";
-                href = "http://nzb.sisyphe.normandy.rougebordeaux.xyz;
+                href = "http://nzb.sisyphe.normandy.rougebordeaux.xyz";
              };
            }
          ];
@ -296,14 +297,14 @@ in
              "Nextcloud" = {
                icon = "nextcloud";
                description = "Sauvegarde de données";
-                href = "https://cloud.rougebordeaux.xyz;
+                href = "https://cloud.rougebordeaux.xyz";
              };
            }
            {
              "4get" = {
                icon = "searx";
                description = "Moteur de recherche privé pour remplacer Google.";
-                href = "https://4get.rougebordeaux.xyz;
+                href = "https://4get.rougebordeaux.xyz";
              };
            }
          ];
@ -340,7 +341,7 @@ in
              "Grafana" = {
                icon = "grafana";
                description = "Visualiseur de graphiques";
-                href = "http://grafana.sisyphe.normandy.rougebordeaux.xyz;
+                href = "http://grafana.sisyphe.normandy.${cfg.baseUrl}";
              };
            }
            {
@ -354,7 +355,7 @@ in
              "Uptime Kuma" = {
                icon = "uptime-kuma";
                description = "Surveille l'état des différents services";
-                href = "http://uptime.sisyphe.normandy.rougebordeaux.xyz;
+                href = "http://uptime.sisyphe.normandy.${cfg.baseUrl}";
              };
            }
            {
--- a/hosts/sisyphe/features/services/irc-server.nix
+++ b/hosts/sisyphe/features/services/irc-server.nix
@ -1,4 +1,4 @@
-{config, pkgs, ...}: 
+{ config, pkgs, ... }:
 {
  environment.systemPackages = with pkgs; [ ircdHybrid ];

@ -6,15 +6,16 @@
    enable = true;
    serverName = "irc.rougebordeaux.xyz";
    description = "welcome to the silly kittens hut !! meow:3";
-    adminEmail = "admin@rougebordeaux.xyz;
+    adminEmail = "admin@rougebordeaux.xyz";
  };

-  /**environment.etc = {
-    "ircd.conf" = {
-      text =''
-      '';
-      mode = "440";
-    };
-  };**/
+  /**
+    environment.etc = {
+      "ircd.conf" = {
+        text =''
+        '';
+        mode = "440";
+      };
+    };*
+  */
 }
-
--- a/hosts/sisyphe/features/services/nextcloud.nix
+++ b/hosts/sisyphe/features/services/nextcloud.nix
@ -46,7 +46,7 @@
        "OC\\Preview\\HEIC"
      ];

-      trustedDomains = [ "cloud.rougebordeaux.xyz ];
+      trustedDomains = [ "cloud.rougebordeaux.xyz" ];
      overwriteprotocol = "https";
      log_type = "file"; # temporary fix for https://nixos.org/manual/nixos/stable/#module-services-nextcloud-warning-logreader
      default_phone_region = "FR";
--- a/hosts/sisyphe/features/services/uptime-kuma.nix
+++ b/hosts/sisyphe/features/services/uptime-kuma.nix
@ -12,7 +12,7 @@
    reverse_proxy :4000
  '';

-  services.caddy.virtualHosts."http://uptime.sisyphe.normandy.rougebordeaux.xyz.extraConfig = ''
+  services.caddy.virtualHosts."http://uptime.sisyphe.normandy.rougebordeaux.xyz".extraConfig = ''
    reverse_proxy :4000
  '';
Author	SHA1	Message	Date
harry123	7fd1e4ff00	removed dedicated deploy user for the moment	2025-05-10 11:03:54 +02:00
harry123	0e50822e78	fix: support remote deployment	2025-05-10 10:59:20 +02:00
harry123	61f5ffd3cc	fix: added missing important user	2025-05-10 10:57:14 +02:00
harry123	c51fd8fa7c	fix: typo	2025-05-10 10:54:33 +02:00
harry123	a6384d587d	fix: name confusion	2025-05-10 10:53:23 +02:00
harry123	6061f489e6	fixed typo	2025-05-10 10:38:59 +02:00
harry123	33fd7ada93	even more fixes	2025-05-10 10:27:04 +02:00
harry123	dc18cc850f	fixed even more url	2025-05-10 10:21:27 +02:00
harry	3ce26a6c3e	updated flakes	2025-05-10 10:11:29 +02:00
harry123	5b0e2828d1	fix: bad replace	2025-05-10 10:09:49 +02:00
harry123	06e89225e1	fix: p10k file not taken care of	2025-05-10 10:09:41 +02:00