diff options
| author | Franck Cuny <franck@fcuny.net> | 2026-01-24 17:54:51 -0800 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2026-01-24 17:54:51 -0800 |
| commit | 3701b8631a5c3e9c7992415f9e3fe1a3af77bbce (patch) | |
| tree | 5184c86a477d18e17fcb44cc63a2e802e6e8a88e | |
| parent | backup persisted data (diff) | |
| download | infra-3701b8631a5c3e9c7992415f9e3fe1a3af77bbce.tar.gz | |
Diffstat (limited to '')
| -rw-r--r-- | README.org | 2 | ||||
| -rw-r--r-- | flake.nix | 4 | ||||
| -rw-r--r-- | machines/framebox.nix (renamed from machines/rivendell.nix) | 4 | ||||
| -rw-r--r-- | profiles/authelia.nix | 2 | ||||
| -rw-r--r-- | profiles/monitoring.nix | 2 | ||||
| -rw-r--r-- | profiles/wireguard.nix | 7 | ||||
| -rw-r--r-- | secrets/framebox/wireguard.age (renamed from secrets/rivendell/wireguard.age) | 0 | ||||
| -rwxr-xr-x[-rw-r--r--] | tools/deploy-nixos.py (renamed from tools/provision-nixos.py) | 0 |
8 files changed, 11 insertions, 10 deletions
@@ -99,7 +99,7 @@ agenix -i ~/.ssh/agenix -e <hostname>/wireguard.age Then add the following to the host's configuration: #+begin_src nix -age.secrets.wireguard.file = ../../../../secrets/rivendell/wireguard.age; +age.secrets.wireguard.file = ../../../../secrets/framebox/wireguard.age; networking.wireguard = { enable = true; @@ -144,9 +144,9 @@ machines = { nixos = { - rivendell = { + framebox = { system = "x86_64-linux"; - config = ./machines/rivendell.nix; + config = ./machines/framebox.nix; }; bree = { system = "x86_64-linux"; diff --git a/machines/rivendell.nix b/machines/framebox.nix index 90d501d..15a82bd 100644 --- a/machines/rivendell.nix +++ b/machines/framebox.nix @@ -11,7 +11,7 @@ ephemeralRoot = true; age.secrets = { - wireguard.file = ../secrets/rivendell/wireguard.age; + wireguard.file = ../secrets/framebox/wireguard.age; restic-local-pw.file = ../secrets/restic-pw.age; restic-nas-smb-config.file = ../secrets/restic-nas-smb-config.age; grafana-oidc.file = ../secrets/grafana-oidc.age; @@ -58,7 +58,7 @@ boot.kernelModules = [ "sg" ]; - networking.hostName = "rivendell"; + networking.hostName = "framebox"; networking.useDHCP = lib.mkDefault true; systemd.network.wait-online.anyInterface = lib.mkDefault config.networking.useDHCP; diff --git a/profiles/authelia.nix b/profiles/authelia.nix index d07651d..c83af67 100644 --- a/profiles/authelia.nix +++ b/profiles/authelia.nix @@ -23,7 +23,7 @@ }; environment.persistence."/persist/save".directories = [ - config.services.authelia.instances.main.settings.storage.local.path + "/var/lib/authelia-main" ]; networking.firewall.allowedTCPPorts = [ 9092 ]; diff --git a/profiles/monitoring.nix b/profiles/monitoring.nix index a203078..ad0629e 100644 --- a/profiles/monitoring.nix +++ b/profiles/monitoring.nix @@ -75,7 +75,7 @@ ]; environment.persistence."/persist".directories = [ - config.services.victoriametrics.stateDir + "/var/lib/private/victoriametrics" config.services.grafana.dataDir ]; diff --git a/profiles/wireguard.nix b/profiles/wireguard.nix index 5620699..9abb7ea 100644 --- a/profiles/wireguard.nix +++ b/profiles/wireguard.nix @@ -17,14 +17,15 @@ let publicKey = hostConfigurations.argonath.wgPublicKey; endpoint = "157.230.146.234"; }; - rivendell = { + framebox = { ip = 60; - publicKey = hostConfigurations.rivendell.wgPublicKey; + publicKey = hostConfigurations.framebox.wgPublicKey; endpoint = "192.168.1.114"; }; test = { ip = 41; - publicKey = hostConfigurations.rivendell.wgPublicKey; + publicKey = hostConfigurations.framebox.wgPublicKey; + endpoint = "192.168.1.33"; }; }; diff --git a/secrets/rivendell/wireguard.age b/secrets/framebox/wireguard.age index 9c967a5..9c967a5 100644 --- a/secrets/rivendell/wireguard.age +++ b/secrets/framebox/wireguard.age diff --git a/tools/provision-nixos.py b/tools/deploy-nixos.py index 9946f03..9946f03 100644..100755 --- a/tools/provision-nixos.py +++ b/tools/deploy-nixos.py |