| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 11 days | add a module to remotely unlock machines | Franck Cuny | 1 | -0/+12 | |
| For machines with full disk encryption, we can remotely unlock them from bree. A systemd timer will run every 10 minutes and check if we need to unlock the host. If we need to, it will SSH and provide the passphrase to unlock the disk(s). | |||||
| 11 days | add a profile for wireguard configuration | Franck Cuny | 1 | -32/+1 | |
| 11 days | the VM on the synology was reinstalled | Franck Cuny | 1 | -0/+1 | |
| All the secrets were re-keyed. | |||||
| 12 days | rename synology-vm to bree | Franck Cuny | 1 | -34/+8 | |
| 2025-11-16 | run my website from rivendell | Franck Cuny | 1 | -5/+0 | |
| 2025-11-15 | simplify the backups | Franck Cuny | 1 | -21/+0 | |
| 2025-11-02 | cleanup nixos related configurations | Franck Cuny | 1 | -26/+8 | |
| 2025-11-02 | simplify configuration for darwin | Franck Cuny | 1 | -0/+8 | |
| 2025-10-24 | simplify hosts management | Franck Cuny | 1 | -7/+45 | |
| 2025-10-23 | move a few more things back as profiles | Franck Cuny | 1 | -0/+3 | |
| 2025-10-18 | move keycloak and forgejo on rivendell | Franck Cuny | 1 | -2/+0 | |
| I had to rekey all the secrets. Updated the documentation for both how to setup forgejo and keycloak. | |||||
| 2025-10-18 | configure wireguard for rivendell | Franck Cuny | 1 | -0/+6 | |
| 2025-10-13 | consistent home-manager configuration for all nixos hosts | Franck Cuny | 1 | -8/+0 | |
| 2025-10-09 | configure podman for all nixos machines | Franck Cuny | 1 | -2/+0 | |
| 2025-10-09 | import home-manager.nix and user.nix by default on nixos | Franck Cuny | 1 | -2/+0 | |
| 2025-10-09 | automatically import home-manager.nix for all hosts | Franck Cuny | 1 | -1/+0 | |
| 2025-10-09 | more simplification of the configuration | Franck Cuny | 1 | -2/+0 | |
| 2025-10-09 | move common modules under modules/ | Franck Cuny | 1 | -1/+0 | |
| Simplify the import on the various hosts. | |||||
| 2025-10-06 | nix configuration is applied by default to nixos machines | Franck Cuny | 1 | -2/+0 | |
| 2025-09-12 | start to refactor nixos modules | Franck Cuny | 1 | -1/+0 | |
| 2025-09-07 | move deployment bits to colmena declaration | Franck Cuny | 1 | -7/+0 | |
| 2025-09-01 | initial attempt at using colmena to deploy nixos configurations | Franck Cuny | 1 | -0/+7 | |
| Can be used that way: ``` colmena exec --impure -v --on do-rproxy -- 'systemctl status nginx' ``` or ``` colmena --impure apply dry-activate --on synology-vm ``` | |||||
| 2025-08-24 | run `goget` on `go.fcuny.net` | Franck Cuny | 1 | -0/+1 | |
| 2025-08-17 | create a new systemd slice for critical services | Franck Cuny | 1 | -8/+1 | |
| 2025-08-14 | add keycloak for OAuth, runbooks, and finish forgejo setup | Franck Cuny | 1 | -1/+1 | |
| 2025-08-12 | initial setup for forgejo and caddy | Franck Cuny | 1 | -0/+1 | |
| 2025-08-12 | move secrets to their own files and delete unused profile | Franck Cuny | 1 | -31/+10 | |
| 2025-08-12 | move profile for home-manager under programs | Franck Cuny | 1 | -1/+1 | |
| 2025-08-12 | profiles for doc, fish, and remove unused profiles | Franck Cuny | 1 | -1/+3 | |
| 2025-08-12 | move git server profile closer to host config | Franck Cuny | 1 | -1/+1 | |
| 2025-08-12 | move hardware config closer to the host config | Franck Cuny | 1 | -1/+1 | |
| 2025-08-12 | add profiles for security, firewalls, and users | Franck Cuny | 1 | -0/+3 | |
| 2025-08-12 | add a profile for boot | Franck Cuny | 1 | -0/+1 | |
| 2025-08-12 | use podman for containers on nixos | Franck Cuny | 1 | -0/+1 | |
| 2025-08-12 | add profile for motd | Franck Cuny | 1 | -0/+1 | |
| 2025-08-12 | create profiles for networkd and nix's GC | Franck Cuny | 1 | -1/+2 | |
| 2025-08-12 | move disks configuration to the host' directory | Franck Cuny | 1 | -0/+1 | |
| 2025-08-12 | profile for tools | Franck Cuny | 1 | -0/+1 | |
| 2025-08-12 | profile for sshd | Franck Cuny | 1 | -0/+1 | |
| 2025-08-12 | import locale | Franck Cuny | 1 | -0/+1 | |
| 2025-08-12 | move each machine configuration to a folder | Franck Cuny | 1 | -0/+0 | |
| This will give me a bit more flexibility to configure things per machine in the future. | |||||
| 2025-08-12 | users -> home | Franck Cuny | 1 | -1/+1 | |
| 2025-08-10 | setup wireguard tunnel between the VM and DO hosts | Franck Cuny | 1 | -0/+22 | |
| 2025-08-10 | manage a DigitalOcean virtual machine with nixos | Franck Cuny | 1 | -14/+5 | |
| Add a new machine on DigitalOcean and provision it using terraform + nixos-anywhere. This takes care of bringing the machine up on nixos completely, and use a static SSH host key in order to configure wireguard at the same time. | |||||
| 2025-08-09 | add the SSH key for the remote builder | Franck Cuny | 1 | -0/+3 | |
| All the secrets were rekeyed. | |||||
| 2025-08-03 | absolute path for loading minimal profile | Franck Cuny | 1 | -1/+1 | |
| 2025-08-03 | attempt at configuring the remote builder on the VM | Franck Cuny | 1 | -0/+10 | |
| 2025-07-25 | add a module for backups | Franck Cuny | 1 | -0/+9 | |
| Enable the module on the VM, and backup the git repositories both to the NAS and to a GCS bucket. | |||||
| 2025-07-25 | add a module for mounting CIFS volumes | Franck Cuny | 1 | -0/+15 | |
| The new module is for NAS clients, where we specify the server and the paths to mount locally. We add a new secret to have the username of the `nas' user. We mount the backups volume from the NAS under `/data/backups` on the VM. | |||||
| 2025-07-25 | enable cloudflared on the vm | Franck Cuny | 1 | -0/+15 | |
| 2025-07-21 | keep organizing into modules and profiles | Franck Cuny | 1 | -26/+4 | |
| 2025-07-21 | move all profiles, modules, and flakes to top-level | Franck Cuny | 1 | -4/+4 | |
| 2025-07-21 | install minimal home-manager profile on the VM | Franck Cuny | 1 | -1/+15 | |
| 2025-07-21 | move machines definitions to top-level | Franck Cuny | 1 | -0/+0 | |
| 2025-07-21 | import nix profile in the server profile | Franck Cuny | 1 | -15/+1 | |
| 2025-07-21 | refactoring to use flake-parts and automatic imports of hosts | Franck Cuny | 1 | -37/+12 | |
| This is the first step in a large refactoring to use flake-parts, and to automatically imports hosts based on paths. | |||||
| 2025-07-17 | build and deploy my personal website on the VM | Franck Cuny | 1 | -0/+1 | |
| 2025-07-14 | create common network configuration for nixos | Franck Cuny | 1 | -0/+1 | |
| 2025-07-06 | add secrets and configurations for cloudflared | Franck Cuny | 1 | -0/+7 | |
| 2025-06-30 | backup the VM to Google Cloud Storage | Franck Cuny | 1 | -1/+13 | |
| For now we only backup git repositories. | |||||
| 2025-06-30 | add configuration for vm-synology | Franck Cuny | 1 | -0/+71 | |
| This is a VM running on the Synology NAS. For now it only run `gitolite`, but we may host additional services in the future. | |||||
| 2025-04-20 | remove configuration for the VMs | Franck Cuny | 1 | -13/+0 | |
| 2024-12-28 | removed a few services from vm-synology | Franck Cuny | 1 | -3/+0 | |
| 2024-12-19 | switch to the newer version of nixfmt | Franck Cuny | 1 | -2/+9 | |
| `nixfmt-rfc-style' replaces `nixfmt-classic'. It's actively maintained, but also changes the style, so this commit touches all the files in the repository. | |||||
| 2024-12-16 | move gitotlite to vm-synology | Franck Cuny | 1 | -1/+1 | |
| 2024-12-15 | run `ddns-updater' on `vm-synology' | Franck Cuny | 1 | -1/+1 | |
| It has a small UI and the configuration with the secrets is managed with `agenix'. | |||||
| 2024-12-09 | fix misconfiguration of the bootloader | Franck Cuny | 1 | -0/+4 | |
| 2024-12-09 | move each machine into a directory | Franck Cuny | 1 | -0/+5 | |
| it will be easier to break down some configs. | |||||
 |
index : infra | |
| nix configuration for my machines | Gitolite user |
| aboutsummaryrefslogtreecommitdiff |