diff options
| author | Martin Fischer <martin@push-f.com> | 2026-01-14 18:03:06 +0100 |
|---|---|---|
| committer | Martin Fischer <martin@push-f.com> | 2026-01-15 19:16:44 +0100 |
| commit | 4f6e691e1c21d221c67e0edfddb2c73850b692dd (patch) | |
| tree | a8cff8df745e1b9bc7b6e99fbb238f59842f0123 /nixos | |
| parent | 27fe948f381fd4cdb3cb687e2eab87eefa0c82b4 (diff) | |
feat(ev): add Actual Budget
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/hosts/ev/default.nix | 9 | ||||
| -rw-r--r-- | nixos/hosts/ev/ports.nix | 2 | ||||
| -rw-r--r-- | nixos/profiles/workstation/firefox.nix | 4 |
3 files changed, 15 insertions, 0 deletions
diff --git a/nixos/hosts/ev/default.nix b/nixos/hosts/ev/default.nix index fc7d425..0b8b2f3 100644 --- a/nixos/hosts/ev/default.nix +++ b/nixos/hosts/ev/default.nix @@ -126,6 +126,15 @@ in virtualHosts."ev.tailnet" = helpers.serviceIndexHost "ev.tailnet" ports.webUis; }; + # Actual Budget requires a "secure context" but I'm accessing it via http:// and Tailscale. + # To make it work I'm allowlisting the host in my browser settings. + services.actual = { + enable = true; + settings = { + port = ports.actual; + }; + }; + home-automation = { zigbee2mqttPort = ports.zigbee2mqtt; zigbeeSerialPort = "/dev/serial/by-id/usb-ITead_Sonoff_Zigbee_3.0_USB_Dongle_Plus_e2fed465c59ded11962fd7a5a7669f5d-if00-port0"; diff --git a/nixos/hosts/ev/ports.nix b/nixos/hosts/ev/ports.nix index b68a046..0f1f5b6 100644 --- a/nixos/hosts/ev/ports.nix +++ b/nixos/hosts/ev/ports.nix @@ -4,6 +4,7 @@ rec { hosehawk = 4000; miniflux = 4001; navidrome = 4002; + actual = 4003; prometheus = 9090; prometheusNodeExporter = 9002; prometheusSqlExporter = 9003; @@ -13,6 +14,7 @@ rec { webUis = { inherit + actual grafanaAlloy hosehawk miniflux diff --git a/nixos/profiles/workstation/firefox.nix b/nixos/profiles/workstation/firefox.nix index ce77960..facfc3d 100644 --- a/nixos/profiles/workstation/firefox.nix +++ b/nixos/profiles/workstation/firefox.nix @@ -20,6 +20,10 @@ "browser.tabs.insertAfterCurrent" = true; "browser.translations.automaticallyPopup" = false; "browser.uidensity" = 1; + # For Actual Budget which requires a secure context. This domain points to ev's tailscale IP. + # Using a separate domain rather than ev.tailnet because this preference doesn't support ports (https://connect.mozilla.org/t5/ideas/-/idi-p/116011) + # and the https upgrading breaks other web apps. + "dom.securecontext.allowlist" = "ev.push-f.com"; "extensions.activeThemeID" = "firefox-compact-dark@mozilla.org"; # can be changed via UI despite this about:config setting being locked "identity.fxaccounts.enabled" = false; "sidebar.revamp" = false; # with the revamped sidebar Ctrl+B opens but not closes the sidebar which is annoying |
