- Add NixOS modules for Alloy and Tempo with default configs
- Update Grafana datasource config for Prometheus, Loki, Tempo
- Add Prometheus remote_write for Alloy
- Implement OTEL metrics/tracing/logging in arrtrix (Go)
- Enable Alloy and Tempo in ulmo system config
- Switch arrtrix webhook to a fixed path: /_arrtrix/webhook
- Remove Radarr-specific and secret-based config from arrtrix
- Simplify connector and webhook handler logic
- Update NixOS module to drop legacy webhook config
- Add new tests for generic arrtrix webhook handler
- Refactor var generation scripts to use _rotate helper
- Update Glance service URLs to use configured ports
- Set static password hash for qBittorrent in Servarr config
- Update Caddy plugin hash
- Remove oauth_auto_login from Grafana config
- Add shared pwgen script for password generation
- Add restartUnits and ownership to Matrix and Servarr secrets
- Use sops secret for qbittorrent password hash
- Refactor Cardigann indexer config in Servarr
- Update Caddy plugin version and hash
- Add debug output to machine update justfile
Switch sabnzbd configuration to use the settings and secretFiles options
instead of a static config file. Add support for nzbkey secret. Update
sops template to include nzb_key and remove duplicated server and misc
settings.
Move Caddy configuration from individual services to a shared
networking.caddy module. Update service modules and system config to use
the new interface. Remove redundant user definitions and old Caddy
config blocks.
- Integrate LiveKit SFU, coturn TURN server, and lk-jwt-service for
Element Call support in the Matrix Synapse module
- Add firewall rules for new services and ports
- Add key generation systemd service for LiveKit JWT
- Extend Synapse config with TURN URIs and experimental features
- Update Caddy config for new endpoints and well-known support
- Improve OIDC config with additional scopes and user mapping
- Add Grafana secret_key to SOPS secrets and config
- Refactor and modularize secret checking in justfile scripts
