311890c861
Add frpc/frps to the system packages
2025-10-13 17:10:22 +00:00
8995e95041
Add the sovr role and initial frps deployment
2025-10-13 17:06:15 +00:00
29fa447da6
Make nocix sexcore name consistent
...
I realized I had incorrectly used "hexcore"
2025-10-10 01:36:45 +00:00
6c56e9a6da
Move delta files to bigdisk
2025-10-10 01:34:08 +00:00
eaf2868cd3
Update fieldseeker sync environment for Delta and Gleipnir QA
2025-10-08 20:38:53 +00:00
e0931fae3a
Clean up sops config, allow subdirectories.
2025-10-08 20:35:56 +00:00
fc936897c7
Move base restic backup config into a restic module
...
This way its not duplicated in fieldseeker-sync
2025-10-08 20:35:33 +00:00
da0954e737
Allow logic reuse in fieldseeker-sync deployment
...
This uses a system of patterns to deploy everything needed for
fieldseeker sync and standardizes the naming conventions.
2025-10-08 20:34:49 +00:00
de98f88da8
Make fieldseeker-sync a flake input
...
Makes it easier to update since I just bump the commit ID and then it'll
deploy
2025-10-07 18:24:58 +00:00
bff1b3183c
Pass authentik-nix through as an input
...
We aren't operating on it, just passing it through, so no need to
manually enumerate it on every pass-through point.
2025-10-07 17:07:54 +00:00
a0017979c3
Add system definition for nocix-amd-legacy-hexcore
2025-10-07 17:07:54 +00:00
0abca6a86d
Add definition for amd-legacy-hexcore
...
This is merged between the existing sync system and the existing
nixos-anywhere definition for amd-legacy-hexcore. I'm going to attempt
to bring in a new pattern.
2025-10-07 17:07:54 +00:00
6f89f0fe56
Add noxic-amd-legacy-hexcore to sops secrets
2025-10-07 17:07:19 +00:00
3e89673560
Get rag_api running through unix domain socket postgres
2025-10-03 15:01:36 +00:00
20330304b6
Enable cross-origin requests from minio to label studio
...
This allows streaming of audio files directly to label studio
2025-10-03 15:01:36 +00:00
352ed1a433
Disable signup for new users in label studio
...
I'll manually create all the users myself
2025-10-03 15:01:36 +00:00
e569fcd7d4
Switch to custom built label-studio
...
I have a bug fix in to them for audio streaming
2025-10-03 15:01:36 +00:00
938b1863f4
Fix missing redirect for console login
...
Without this we get redirected to "/console" which doesn't load the UI
for some reason.
2025-10-03 15:01:36 +00:00
54b79f1437
Switch reverse proxy to also handle s3 API
...
Without this we only get the console but can't actually access the
S3-compatible portion of the API
2025-10-03 15:01:36 +00:00
0632df5a30
Add proper Authentik scopes to minio OIDC config
...
See https://integrations.goauthentik.io/infrastructure/minio/ for
details that I was following
2025-10-03 15:01:36 +00:00
dad759c4b3
Add minio module for S3-compatible object storage
...
Label Studio _really_ prefers using a direct object storage model. Can't
say I blame them, it makes sense given they are running Python.
I had to bump Authentik to not use its default port so that minio could
use its own default port. That seemed safest given that Authentik is
always proxied but minio/S3 may _not_ be. I'm just not sure.
2025-10-03 15:01:36 +00:00
dbbed7117a
Set up reverse proxy, configure hostname
...
It was rather rediculously hard to get the CSRF settings correct. I
don't think I can register new users on anything but the commandline at
this point via:
podman exec -it podman-label-studio /bin/bash
label-studio start --username <username> --password <password>
Where <username> should actually be an email.
2025-10-03 15:01:36 +00:00
d246caa613
Connect label-studio to postgres
2025-10-03 15:01:36 +00:00
8790585e6b
Add label-studio initial module
...
To make this work I have to map to the user 1001 inside the container.
I can't figure out how to do that intelligently after a bunch of
experimenting. Instead I'm just creating a new user "label-studio" with
uid 1001 and chowning the data directory to that user.
This is very brittle.
However, it's working, so I'm moving forward.
2025-10-03 15:01:36 +00:00
a30f3321b1
Stop copying the glitchtip directory inside itself
...
Over and over and over again
2025-10-03 15:01:36 +00:00
443af99364
Enable mosh on all servers
...
For times when I have to connect over cellular
2025-10-03 15:01:36 +00:00
e3cb729e42
Get fieldseeker-sync database backup working
...
The previous version only cleaned up previous backups because it was
missing a path or a set of dynamic files which is a feature for doing
cleanup. Instead I backported the unstable version so I could use
stdin-from-commend. Tested now and the upload completed.
2025-10-01 14:48:56 +00:00
a2c37bac70
Move glitchtip to big disk and clean up its temp files
2025-09-30 22:57:19 +00:00
fd032b72cb
Stop waiting for completion on export on nixos-rebuild
...
I'm hoping this won't mess with the timer logic. For now, it drives me
nuts I'm waiting for timeout or completion of the export process, which
is slow.
2025-09-30 17:47:49 +00:00
5bd3003c4a
Fix reference to webserver service
2025-09-30 17:47:32 +00:00
24ecd65cf0
Add backup for fieldseeker-sync files.
...
This required changing the directory of the user files so that I don't
accidentially backup Gleipnir test files.
2025-09-30 17:46:46 +00:00
a728e62a72
Add restic to all servers
...
Used for backups
2025-09-30 15:51:21 +00:00
1275e4d6aa
Warning - generating hardware config ruins host
2025-09-29 22:48:47 +00:00
fc4a7519b0
Fix mismatched network interface device name
2025-09-29 22:48:47 +00:00
2670d00728
Rename nocix disks to be more descriptive
...
Since I need to replace sda/sdb, but I don't want to do it twice, miss
one, and have really confusing behavior
2025-09-29 22:48:47 +00:00
9020b3e6d5
Remove old commented-out authentik logic
...
This has been replaced with a separate authentik flake
2025-09-29 22:48:47 +00:00
bbc2bbb5e1
Break networking out to its own file.
...
This makes it easier to figure out what needs review and changing
Also switch to the latest detected hardware state.
2025-09-29 22:48:47 +00:00
122554c4aa
Correctly pass in the timecard-bot parameter to all systems
2025-09-29 21:15:01 +00:00
7acb0fd016
Switch timers for "startAt" in fieldseeker-sync services
...
I'm trying to troubleshoot why I always have time out on these services
when I run nixos-rebuild. Simplification is a plus as well.
2025-09-29 21:13:25 +00:00
b0e373932e
Release latest fieldseeker-sync
2025-09-29 21:13:25 +00:00
f5ea2676ef
Add fieldseeker-sync migrate service
...
Avoids one of my other services randomly failing because they are racing
to migrate the DB.
2025-09-29 21:13:25 +00:00
40517face6
Add timecard-bot deployment to corp
...
This currently has the architecture hard-coded. That's bad, but nix is
hard, and there's probably a much better way to integrate this into the
system when I can be bothered to do it.
2025-09-26 19:08:26 +00:00
f8e532f138
Add tmux window title information
2025-09-26 17:32:15 +00:00
dcc294e979
Add ghostty terminfo support to all servers
2025-09-26 17:27:46 +00:00
09ba3f4abe
Fix up static website hosting on corp
2025-09-26 17:27:46 +00:00
35777dc9cb
Enable vikunja search for SSO users when editing teams
...
See https://vikunja.io/docs/config-options/#1-service-enableopenidteamusersearch
2025-09-26 17:27:46 +00:00
83c4802ff1
Add audio post-processing pipeline to fieldseeker-sync
2025-09-11 19:12:19 +00:00
70dca56cf8
Connect vikunja to the local database rather than the remote one
2025-09-09 21:34:38 +00:00
bb4d7e95a8
Update librechat rag to use locally-built and local DB
...
I have to do the local build because I no longer have access to the one
at docker.io.
2025-09-09 21:34:09 +00:00
c535915ae0
Move cloudreve to the latest version, and the data to the big disk
2025-09-09 21:33:45 +00:00
