From 436deb267e6118d6e0d6531bd763b366e46e67b0 Mon Sep 17 00:00:00 2001 From: Menno van Leeuwen Date: Wed, 8 Oct 2025 13:01:37 +0200 Subject: [PATCH 1/7] Add smart alias configuration for rtlsdr --- ansible/tasks/global/utils/smart-ssh/config.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ansible/tasks/global/utils/smart-ssh/config.yaml b/ansible/tasks/global/utils/smart-ssh/config.yaml index 5cf26e9..7305818 100644 --- a/ansible/tasks/global/utils/smart-ssh/config.yaml +++ b/ansible/tasks/global/utils/smart-ssh/config.yaml @@ -22,6 +22,12 @@ smart_aliases: check_host: "192.168.1.253" timeout: "2s" + rtlsdr: + primary: "rtlsdr-local" + fallback: "rtlsdr" + check_host: "192.168.1.252" + timeout: "2s" + # Background SSH Tunnel Definitions tunnels: # Example: Desktop database tunnel From 11af7f16e57e066c159b61e7862d4a2225cb89b9 Mon Sep 17 00:00:00 2001 From: Menno van Leeuwen Date: Thu, 23 Oct 2025 13:38:16 +0200 Subject: [PATCH 2/7] Set formatter to prettier and update format_on_save option --- ansible/templates/zed.jsonc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ansible/templates/zed.jsonc b/ansible/templates/zed.jsonc index 6420e0b..3bb2fed 100644 --- a/ansible/templates/zed.jsonc +++ b/ansible/templates/zed.jsonc @@ -10,6 +10,7 @@ // ############################################# // ## Theming ## // ############################################# + "formatter": "prettier", "context_servers": { "mcp-server-context7": { "source": "extension", @@ -96,7 +97,7 @@ "hide_mouse": "on_typing", "on_last_window_closed": "quit_app", "ensure_final_newline_on_save": true, - "format_on_save": "prettier", + "format_on_save": "on", "tab_size": 2, "inlay_hints": { "enabled": true, From e2701dcdf4f9a47549fbd3478a049fbfda9fde92 Mon Sep 17 00:00:00 2001 From: Menno van Leeuwen Date: Thu, 23 Oct 2025 13:43:26 +0200 Subject: [PATCH 3/7] Set executable permission for equibop.desktop and update bash.nix Add BUN_INSTALL env var and include Bun bin in PATH --- config/autostart/equibop.desktop | 0 config/bash.nix | 2 ++ 2 files changed, 2 insertions(+) mode change 100644 => 100755 config/autostart/equibop.desktop diff --git a/config/autostart/equibop.desktop b/config/autostart/equibop.desktop old mode 100644 new mode 100755 diff --git a/config/bash.nix b/config/bash.nix index 9829313..063eb1c 100644 --- a/config/bash.nix +++ b/config/bash.nix @@ -39,6 +39,7 @@ export STARSHIP_ENABLE_RIGHT_PROMPT="true" export STARSHIP_ENABLE_BASH_COMPLETION="true" export XDG_DATA_DIRS="/usr/share:/var/lib/flatpak/exports/share:${config.home.homeDirectory}/.local/share/flatpak/exports/share" + export BUN_INSTALL="$HOME/.bun" # Source .profile (If exists) if [ -f "${config.home.homeDirectory}/.profile" ]; then @@ -212,6 +213,7 @@ export PATH="$PATH:${config.home.homeDirectory}/.cargo/bin" export PATH="$PATH:${config.home.homeDirectory}/.dotfiles/bin" export PATH="/usr/bin:$PATH" + export PATH="$BUN_INSTALL/bin:$PATH" # PKG_CONFIG_PATH if [ -d /usr/lib/pkgconfig ]; then From 461d251356be6b923f6d4af17e7f8fc933630525 Mon Sep 17 00:00:00 2001 From: Menno van Leeuwen Date: Sun, 26 Oct 2025 00:04:14 +0000 Subject: [PATCH 4/7] Add Ansible role to deploy Necesse server with Docker --- .../services/necesse/docker-compose.yml.j2 | 15 +++++++ .../servers/services/necesse/necesse.yml | 41 +++++++++++++++++++ 2 files changed, 56 insertions(+) create mode 100644 ansible/tasks/servers/services/necesse/docker-compose.yml.j2 create mode 100644 ansible/tasks/servers/services/necesse/necesse.yml diff --git a/ansible/tasks/servers/services/necesse/docker-compose.yml.j2 b/ansible/tasks/servers/services/necesse/docker-compose.yml.j2 new file mode 100644 index 0000000..9009e90 --- /dev/null +++ b/ansible/tasks/servers/services/necesse/docker-compose.yml.j2 @@ -0,0 +1,15 @@ +services: + necesse: + image: brammys/necesse-server + container_name: necesse + restart: unless-stopped + ports: + - "14159:14159/udp" + environment: + - MOTD=StarDebris' Server! + - PASSWORD=2142 + - SLOTS=4 + - PAUSE=1 + volumes: + - {{ necesse_data_dir }}/saves:/necesse/saves + - {{ necesse_data_dir }}/logs:/necesse/logs diff --git a/ansible/tasks/servers/services/necesse/necesse.yml b/ansible/tasks/servers/services/necesse/necesse.yml new file mode 100644 index 0000000..d221d5a --- /dev/null +++ b/ansible/tasks/servers/services/necesse/necesse.yml @@ -0,0 +1,41 @@ +--- +- name: Deploy Necesse service + block: + - name: Set Necesse directories + ansible.builtin.set_fact: + necesse_service_dir: "{{ ansible_env.HOME }}/.services/necesse" + necesse_data_dir: "/mnt/services/necesse" + + - name: Create Necesse service directory + ansible.builtin.file: + path: "{{ necesse_service_dir }}" + state: directory + mode: "0755" + + - name: Create Necesse data directories + ansible.builtin.file: + path: "{{ item }}" + state: directory + mode: "0755" + loop: + - "{{ necesse_data_dir }}" + - "{{ necesse_data_dir }}/saves" + - "{{ necesse_data_dir }}/logs" + + - name: Deploy Necesse docker-compose.yml + ansible.builtin.template: + src: docker-compose.yml.j2 + dest: "{{ necesse_service_dir }}/docker-compose.yml" + mode: "0644" + register: necesse_compose + + - name: Stop Necesse service + ansible.builtin.command: docker compose -f "{{ necesse_service_dir }}/docker-compose.yml" down --remove-orphans + when: necesse_compose.changed + + - name: Start Necesse service + ansible.builtin.command: docker compose -f "{{ necesse_service_dir }}/docker-compose.yml" up -d + when: necesse_compose.changed + tags: + - services + - necesse From f0b15f77a15887dce0a2b5659dec1cf1aad65af5 Mon Sep 17 00:00:00 2001 From: Menno van Leeuwen Date: Sun, 26 Oct 2025 00:04:19 +0000 Subject: [PATCH 5/7] Update nixpkgs input to latest commit --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 651abac..a47936b 100644 --- a/flake.lock +++ b/flake.lock @@ -41,11 +41,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1759994382, - "narHash": "sha256-wSK+3UkalDZRVHGCRikZ//CyZUJWDJkBDTQX1+G77Ow=", + "lastModified": 1760423683, + "narHash": "sha256-Tb+NYuJhWZieDZUxN6PgglB16yuqBYQeMJyYBGCXlt8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5da4a26309e796daa7ffca72df93dbe53b8164c7", + "rev": "a493e93b4a259cd9fea8073f89a7ed9b1c5a1da2", "type": "github" }, "original": { From 8bfd8395f53ccb83219e1dd1dcb380324a2b7f22 Mon Sep 17 00:00:00 2001 From: Menno van Leeuwen Date: Sun, 26 Oct 2025 00:04:41 +0000 Subject: [PATCH 6/7] Add Discord environment variables and update data volumes paths --- ansible/tasks/servers/services/sathub/.env.j2 | 6 +++++ .../services/sathub/docker-compose.yml.j2 | 22 ++++++++++++------- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/ansible/tasks/servers/services/sathub/.env.j2 b/ansible/tasks/servers/services/sathub/.env.j2 index e4ac420..dc73eb6 100644 --- a/ansible/tasks/servers/services/sathub/.env.j2 +++ b/ansible/tasks/servers/services/sathub/.env.j2 @@ -45,3 +45,9 @@ CORS_ALLOWED_ORIGINS=https://sathub.de,https://sathub.nl,https://api.sathub.de # Frontend configuration (optional - defaults are provided) VITE_API_BASE_URL=https://api.sathub.de VITE_ALLOWED_HOSTS=sathub.de,sathub.nl + +# Discord related messsaging +DISCORD_CLIENT_ID={{ lookup('community.general.onepassword', 'sathub', vault='Dotfiles', field='DISCORD_CLIENT_ID') }} +DISCORD_CLIENT_SECRET={{ lookup('community.general.onepassword', 'sathub', vault='Dotfiles', field='DISCORD_CLIENT_SECRET') }} +DISCORD_REDIRECT_URI={{ lookup('community.general.onepassword', 'sathub', vault='Dotfiles', field='DISCORD_REDIRECT_URL') }} +DISCORD_WEBHOOK_URL={{ lookup('community.general.onepassword', 'sathub', vault='Dotfiles', field='DISCORD_WEBHOOK_URL') }} diff --git a/ansible/tasks/servers/services/sathub/docker-compose.yml.j2 b/ansible/tasks/servers/services/sathub/docker-compose.yml.j2 index 86191dd..69c3def 100644 --- a/ansible/tasks/servers/services/sathub/docker-compose.yml.j2 +++ b/ansible/tasks/servers/services/sathub/docker-compose.yml.j2 @@ -62,6 +62,12 @@ services: - MINIO_ACCESS_KEY=${MINIO_ACCESS_KEY} - MINIO_SECRET_KEY=${MINIO_SECRET_KEY} - MINIO_EXTERNAL_URL=https://obj.sathub.de + + # Discord settings + - DISCORD_CLIENT_ID=${DISCORD_CLIENT_ID} + - DISCORD_CLIENT_SECRET=${DISCORD_CLIENT_SECRET} + - DISCORD_REDIRECT_URI=${DISCORD_REDIRECT_URI} + - DISCORD_WEBHOOK_URL=${DISCORD_WEBHOOK_URL} networks: - sathub - caddy_network @@ -98,6 +104,12 @@ services: - MINIO_ACCESS_KEY=${MINIO_ACCESS_KEY} - MINIO_SECRET_KEY=${MINIO_SECRET_KEY} - MINIO_EXTERNAL_URL=https://obj.sathub.de + + # Discord settings + - DISCORD_CLIENT_ID=${DISCORD_CLIENT_ID} + - DISCORD_CLIENT_SECRET=${DISCORD_CLIENT_SECRET} + - DISCORD_REDIRECT_URI=${DISCORD_REDIRECT_URI} + - DISCORD_WEBHOOK_URL=${DISCORD_WEBHOOK_URL} networks: - sathub depends_on: @@ -113,7 +125,7 @@ services: - POSTGRES_PASSWORD=${DB_PASSWORD} - POSTGRES_DB=${DB_NAME:-sathub} volumes: - - postgres_data:/var/lib/postgresql/data + - {{ sathub_data_dir }}/postgres_data:/var/lib/postgresql/data networks: - sathub @@ -136,7 +148,7 @@ services: - MINIO_ROOT_USER=${MINIO_ROOT_USER} - MINIO_ROOT_PASSWORD=${MINIO_ROOT_PASSWORD} volumes: - - minio_data:/data + - {{ sathub_data_dir }}/minio_data:/data command: server /data --console-address :9001 networks: - sathub @@ -158,12 +170,6 @@ services: networks: - sathub -volumes: - minio_data: - driver: local - postgres_data: - driver: local - networks: sathub: driver: bridge From 8ba47c2ebf4d511684c85f0d04719d9db7a90165 Mon Sep 17 00:00:00 2001 From: Menno van Leeuwen Date: Sun, 26 Oct 2025 00:04:51 +0000 Subject: [PATCH 7/7] Fix indentation in server.yml and add necesse service Add become: true to JuiceFS stop/start tasks in redis.yml --- ansible/tasks/servers/server.yml | 298 +++++++++--------- .../tasks/servers/services/redis/redis.yml | 2 + 2 files changed, 153 insertions(+), 147 deletions(-) diff --git a/ansible/tasks/servers/server.yml b/ansible/tasks/servers/server.yml index c1e1a5c..ba7090f 100644 --- a/ansible/tasks/servers/server.yml +++ b/ansible/tasks/servers/server.yml @@ -1,161 +1,165 @@ --- - name: Server setup block: - - name: Ensure openssh-server is installed on Arch-based systems - ansible.builtin.package: - name: openssh - state: present - when: ansible_pkg_mgr == 'pacman' + - name: Ensure openssh-server is installed on Arch-based systems + ansible.builtin.package: + name: openssh + state: present + when: ansible_pkg_mgr == 'pacman' - - name: Ensure openssh-server is installed on non-Arch systems - ansible.builtin.package: - name: openssh-server - state: present - when: ansible_pkg_mgr != 'pacman' + - name: Ensure openssh-server is installed on non-Arch systems + ansible.builtin.package: + name: openssh-server + state: present + when: ansible_pkg_mgr != 'pacman' - - name: Ensure Borg is installed on Arch-based systems - ansible.builtin.package: - name: borg - state: present - become: true - when: ansible_pkg_mgr == 'pacman' + - name: Ensure Borg is installed on Arch-based systems + ansible.builtin.package: + name: borg + state: present + become: true + when: ansible_pkg_mgr == 'pacman' - - name: Ensure Borg is installed on Debian/Ubuntu systems - ansible.builtin.package: - name: borgbackup - state: present - become: true - when: ansible_pkg_mgr != 'pacman' + - name: Ensure Borg is installed on Debian/Ubuntu systems + ansible.builtin.package: + name: borgbackup + state: present + become: true + when: ansible_pkg_mgr != 'pacman' - - name: Include JuiceFS tasks - ansible.builtin.include_tasks: juicefs.yml - tags: - - juicefs + - name: Include JuiceFS tasks + ansible.builtin.include_tasks: juicefs.yml + tags: + - juicefs - - name: Include Dynamic DNS tasks - ansible.builtin.include_tasks: dynamic-dns.yml - tags: - - dynamic-dns + - name: Include Dynamic DNS tasks + ansible.builtin.include_tasks: dynamic-dns.yml + tags: + - dynamic-dns - - name: Include Borg Backup tasks - ansible.builtin.include_tasks: borg-backup.yml - tags: - - borg-backup + - name: Include Borg Backup tasks + ansible.builtin.include_tasks: borg-backup.yml + tags: + - borg-backup - - name: Include Borg Local Sync tasks - ansible.builtin.include_tasks: borg-local-sync.yml - tags: - - borg-local-sync + - name: Include Borg Local Sync tasks + ansible.builtin.include_tasks: borg-local-sync.yml + tags: + - borg-local-sync - - name: System performance optimizations - ansible.posix.sysctl: - name: "{{ item.name }}" - value: "{{ item.value }}" - state: present - reload: true - become: true - loop: - - { name: "fs.file-max", value: "2097152" } # Max open files for the entire system - - { name: "vm.max_map_count", value: "16777216" } # Max memory map areas a process can have - - { name: "vm.swappiness", value: "10" } # Controls how aggressively the kernel swaps out memory - - { name: "vm.vfs_cache_pressure", value: "50" } # Controls kernel's tendency to reclaim memory for directory/inode caches - - { name: "net.core.somaxconn", value: "65535" } # Max pending connections for a listening socket - - { name: "net.core.netdev_max_backlog", value: "65535" } # Max packets queued on network interface input - - { name: "net.ipv4.tcp_fin_timeout", value: "30" } # How long sockets stay in FIN-WAIT-2 state - - { name: "net.ipv4.tcp_tw_reuse", value: "1" } # Allows reusing TIME_WAIT sockets for new outgoing connections + - name: System performance optimizations + ansible.posix.sysctl: + name: "{{ item.name }}" + value: "{{ item.value }}" + state: present + reload: true + become: true + loop: + - { name: "fs.file-max", value: "2097152" } # Max open files for the entire system + - { name: "vm.max_map_count", value: "16777216" } # Max memory map areas a process can have + - { name: "vm.swappiness", value: "10" } # Controls how aggressively the kernel swaps out memory + - { name: "vm.vfs_cache_pressure", value: "50" } # Controls kernel's tendency to reclaim memory for directory/inode caches + - { name: "net.core.somaxconn", value: "65535" } # Max pending connections for a listening socket + - { name: "net.core.netdev_max_backlog", value: "65535" } # Max packets queued on network interface input + - { name: "net.ipv4.tcp_fin_timeout", value: "30" } # How long sockets stay in FIN-WAIT-2 state + - { name: "net.ipv4.tcp_tw_reuse", value: "1" } # Allows reusing TIME_WAIT sockets for new outgoing connections - - name: Include service tasks - ansible.builtin.include_tasks: "services/{{ item.name }}/{{ item.name }}.yml" - loop: "{{ services | selectattr('enabled', 'equalto', true) | selectattr('hosts', 'contains', inventory_hostname) | list if specific_service is not defined else services | selectattr('name', 'equalto', specific_service) | selectattr('enabled', 'equalto', true) | selectattr('hosts', 'contains', inventory_hostname) | list }}" - loop_control: - label: "{{ item.name }}" - tags: - - services - - always + - name: Include service tasks + ansible.builtin.include_tasks: "services/{{ item.name }}/{{ item.name }}.yml" + loop: "{{ services | selectattr('enabled', 'equalto', true) | selectattr('hosts', 'contains', inventory_hostname) | list if specific_service is not defined else services | selectattr('name', 'equalto', specific_service) | selectattr('enabled', 'equalto', true) | selectattr('hosts', 'contains', inventory_hostname) | list }}" + loop_control: + label: "{{ item.name }}" + tags: + - services + - always vars: - services: - - name: dashy - enabled: true - hosts: - - mennos-server - - name: gitea - enabled: true - hosts: - - mennos-server - - name: factorio - enabled: true - hosts: - - mennos-server - - name: dozzle - enabled: true - hosts: - - mennos-server - - name: beszel - enabled: true - hosts: - - mennos-server - - name: caddy - enabled: true - hosts: - - mennos-server - - name: golink - enabled: true - hosts: - - mennos-server - - name: immich - enabled: true - hosts: - - mennos-server - - name: plex - enabled: true - hosts: - - mennos-server - - name: tautulli - enabled: true - hosts: - - mennos-server - - name: downloaders - enabled: true - hosts: - - mennos-server - - name: wireguard - enabled: true - hosts: - - mennos-server - - name: nextcloud - enabled: true - hosts: - - mennos-server - - name: cloudreve - enabled: true - hosts: - - mennos-server - - name: echoip - enabled: true - hosts: - - mennos-server - - name: arr-stack - enabled: true - hosts: - - mennos-server - - name: home-assistant - enabled: true - hosts: - - mennos-server - - name: privatebin - enabled: true - hosts: - - mennos-server - - name: unifi-network-application - enabled: true - hosts: - - mennos-server - - name: avorion - enabled: false - hosts: - - mennos-server - - name: sathub - enabled: true - hosts: - - mennos-server + services: + - name: dashy + enabled: true + hosts: + - mennos-server + - name: gitea + enabled: true + hosts: + - mennos-server + - name: factorio + enabled: true + hosts: + - mennos-server + - name: dozzle + enabled: true + hosts: + - mennos-server + - name: beszel + enabled: true + hosts: + - mennos-server + - name: caddy + enabled: true + hosts: + - mennos-server + - name: golink + enabled: true + hosts: + - mennos-server + - name: immich + enabled: true + hosts: + - mennos-server + - name: plex + enabled: true + hosts: + - mennos-server + - name: tautulli + enabled: true + hosts: + - mennos-server + - name: downloaders + enabled: true + hosts: + - mennos-server + - name: wireguard + enabled: true + hosts: + - mennos-server + - name: nextcloud + enabled: true + hosts: + - mennos-server + - name: cloudreve + enabled: true + hosts: + - mennos-server + - name: echoip + enabled: true + hosts: + - mennos-server + - name: arr-stack + enabled: true + hosts: + - mennos-server + - name: home-assistant + enabled: true + hosts: + - mennos-server + - name: privatebin + enabled: true + hosts: + - mennos-server + - name: unifi-network-application + enabled: true + hosts: + - mennos-server + - name: avorion + enabled: false + hosts: + - mennos-server + - name: sathub + enabled: true + hosts: + - mennos-server + - name: necesse + enabled: true + hosts: + - mennos-server diff --git a/ansible/tasks/servers/services/redis/redis.yml b/ansible/tasks/servers/services/redis/redis.yml index 22b0f29..3f043f3 100644 --- a/ansible/tasks/servers/services/redis/redis.yml +++ b/ansible/tasks/servers/services/redis/redis.yml @@ -34,6 +34,7 @@ register: juicefs_stop changed_when: juicefs_stop.changed when: redis_compose.changed and juicefs_service_stat.stat.exists + become: true - name: List containers that are running ansible.builtin.command: docker ps -q @@ -68,6 +69,7 @@ register: juicefs_start changed_when: juicefs_start.changed when: juicefs_service_stat.stat.exists + become: true - name: Restart containers that were stopped ansible.builtin.command: docker start {{ item }}