f3b8602f30
Actually serve sync.nidus.cloud with the new config.
2025-11-11 17:57:35 +00:00
44c0d83bf6
Add nidus-sync production module
...
This will allow me to keep nidus-sync stable while continuing to do
development on this same server on a different port.
2025-11-11 17:24:41 +00:00
a94d491929
Add jq to all servers
...
Generically useful
2025-11-11 17:24:41 +00:00
e1f7581bde
Add asterisk
...
It seems to work - I connected a client to it - but I never successfully
made any calls.
2025-11-11 17:24:40 +00:00
273d42024b
Add git-lfs to all systems
2025-11-11 17:24:40 +00:00
0fad3ec351
Add watchexec to all servers
...
Really useful tool for continuously changing things.
2025-11-11 17:24:39 +00:00
d7feca7bea
Get twenty CRM actually running
...
I had to punt and allow IP-based connection over the docker network port
rather than mount the unix domain socket.
For now.
2025-10-22 21:36:19 +00:00
9683488ef9
Add initial draft of twenty-crm
...
Not sure if any of it works, this is a checkpoint to debug other things.
2025-10-22 18:17:13 +00:00
7147413112
Switch fieldseeker to not do a top-level merge
...
This actually breaks on any servers that don't define the fieldseeker
deployments as an empty list. Instead we do the clunkier, but working,
import-then-merge-each-attr.
2025-10-22 18:02:15 +00:00
dd3ae9f4d3
Add ffmpeg to webserver runtime
...
Because it's running it as a subprocess now for transcoding.
2025-10-22 18:02:15 +00:00
6d780d8ada
Add non-standard SSH port
2025-10-22 18:02:15 +00:00
c83b46a352
Deploy fssync without separate audio post processor
2025-10-22 18:02:15 +00:00
fff3fa31b9
Switch to full domains in frps config
2025-10-22 18:02:15 +00:00
4e68e938ef
Add config for frps subdomains
2025-10-22 18:02:15 +00:00
d739394ae2
Specify the bind port directly
...
It's not a secret, and this will make it possible to use the
address/interface configured in the host configuration.
2025-10-22 18:02:15 +00:00
010cabfe14
Add frps systemd unit for running frps all the time
2025-10-22 18:02:15 +00:00
71d1109bf8
Disable glitchtip private tmp
...
I can't auto-clean the temp files when private temp is enabled according
to Claude
2025-10-20 23:00:07 +00:00
2d5ccb7a8c
Disable glitchtip
...
Apparently our problems are fixed in the latest release, but we can't
have it until we go NixOS unstable, which I don't want to do yet.
2025-10-20 23:00:07 +00:00
512a86e0b9
Remove warning about string type.
2025-10-20 23:00:07 +00:00
62b4eb1933
Add frps systemd unit for running frps all the time
2025-10-13 22:03:15 +00:00
311890c861
Add frpc/frps to the system packages
2025-10-13 17:10:22 +00:00
8995e95041
Add the sovr role and initial frps deployment
2025-10-13 17:06:15 +00:00
fc936897c7
Move base restic backup config into a restic module
...
This way its not duplicated in fieldseeker-sync
2025-10-08 20:35:33 +00:00
da0954e737
Allow logic reuse in fieldseeker-sync deployment
...
This uses a system of patterns to deploy everything needed for
fieldseeker sync and standardizes the naming conventions.
2025-10-08 20:34:49 +00:00
de98f88da8
Make fieldseeker-sync a flake input
...
Makes it easier to update since I just bump the commit ID and then it'll
deploy
2025-10-07 18:24:58 +00:00
3e89673560
Get rag_api running through unix domain socket postgres
2025-10-03 15:01:36 +00:00
e569fcd7d4
Switch to custom built label-studio
...
I have a bug fix in to them for audio streaming
2025-10-03 15:01:36 +00:00
938b1863f4
Fix missing redirect for console login
...
Without this we get redirected to "/console" which doesn't load the UI
for some reason.
2025-10-03 15:01:36 +00:00
54b79f1437
Switch reverse proxy to also handle s3 API
...
Without this we only get the console but can't actually access the
S3-compatible portion of the API
2025-10-03 15:01:36 +00:00
dad759c4b3
Add minio module for S3-compatible object storage
...
Label Studio _really_ prefers using a direct object storage model. Can't
say I blame them, it makes sense given they are running Python.
I had to bump Authentik to not use its default port so that minio could
use its own default port. That seemed safest given that Authentik is
always proxied but minio/S3 may _not_ be. I'm just not sure.
2025-10-03 15:01:36 +00:00
dbbed7117a
Set up reverse proxy, configure hostname
...
It was rather rediculously hard to get the CSRF settings correct. I
don't think I can register new users on anything but the commandline at
this point via:
podman exec -it podman-label-studio /bin/bash
label-studio start --username <username> --password <password>
Where <username> should actually be an email.
2025-10-03 15:01:36 +00:00
d246caa613
Connect label-studio to postgres
2025-10-03 15:01:36 +00:00
8790585e6b
Add label-studio initial module
...
To make this work I have to map to the user 1001 inside the container.
I can't figure out how to do that intelligently after a bunch of
experimenting. Instead I'm just creating a new user "label-studio" with
uid 1001 and chowning the data directory to that user.
This is very brittle.
However, it's working, so I'm moving forward.
2025-10-03 15:01:36 +00:00
a30f3321b1
Stop copying the glitchtip directory inside itself
...
Over and over and over again
2025-10-03 15:01:36 +00:00
443af99364
Enable mosh on all servers
...
For times when I have to connect over cellular
2025-10-03 15:01:36 +00:00
e3cb729e42
Get fieldseeker-sync database backup working
...
The previous version only cleaned up previous backups because it was
missing a path or a set of dynamic files which is a feature for doing
cleanup. Instead I backported the unstable version so I could use
stdin-from-commend. Tested now and the upload completed.
2025-10-01 14:48:56 +00:00
a2c37bac70
Move glitchtip to big disk and clean up its temp files
2025-09-30 22:57:19 +00:00
fd032b72cb
Stop waiting for completion on export on nixos-rebuild
...
I'm hoping this won't mess with the timer logic. For now, it drives me
nuts I'm waiting for timeout or completion of the export process, which
is slow.
2025-09-30 17:47:49 +00:00
5bd3003c4a
Fix reference to webserver service
2025-09-30 17:47:32 +00:00
24ecd65cf0
Add backup for fieldseeker-sync files.
...
This required changing the directory of the user files so that I don't
accidentially backup Gleipnir test files.
2025-09-30 17:46:46 +00:00
a728e62a72
Add restic to all servers
...
Used for backups
2025-09-30 15:51:21 +00:00
9020b3e6d5
Remove old commented-out authentik logic
...
This has been replaced with a separate authentik flake
2025-09-29 22:48:47 +00:00
7acb0fd016
Switch timers for "startAt" in fieldseeker-sync services
...
I'm trying to troubleshoot why I always have time out on these services
when I run nixos-rebuild. Simplification is a plus as well.
2025-09-29 21:13:25 +00:00
b0e373932e
Release latest fieldseeker-sync
2025-09-29 21:13:25 +00:00
f5ea2676ef
Add fieldseeker-sync migrate service
...
Avoids one of my other services randomly failing because they are racing
to migrate the DB.
2025-09-29 21:13:25 +00:00
40517face6
Add timecard-bot deployment to corp
...
This currently has the architecture hard-coded. That's bad, but nix is
hard, and there's probably a much better way to integrate this into the
system when I can be bothered to do it.
2025-09-26 19:08:26 +00:00
dcc294e979
Add ghostty terminfo support to all servers
2025-09-26 17:27:46 +00:00
09ba3f4abe
Fix up static website hosting on corp
2025-09-26 17:27:46 +00:00
35777dc9cb
Enable vikunja search for SSO users when editing teams
...
See https://vikunja.io/docs/config-options/#1-service-enableopenidteamusersearch
2025-09-26 17:27:46 +00:00
83c4802ff1
Add audio post-processing pipeline to fieldseeker-sync
2025-09-11 19:12:19 +00:00
