aboutsummaryrefslogtreecommitdiff
path: root/machines/nixos/x86_64-linux (unfollow)
Commit message (Collapse)AuthorFilesLines
2025-08-24run `goget` on `go.fcuny.net`Franck Cuny3-0/+22
2025-08-24open firewall ports for forgejo and keycloakFranck Cuny2-0/+4
2025-08-20initial configuration for fail2banFranck Cuny1-0/+1
We need to ensure the firewall is enabled and let's ensure that we open the port for SSH.
2025-08-17add a wrapper for forgejo admin commandsFranck Cuny1-1/+14
2025-08-17enable forgejo dumpFranck Cuny1-0/+3
2025-08-17create a new systemd slice for critical servicesFranck Cuny2-16/+2
2025-08-14add keycloak for OAuth, runbooks, and finish forgejo setupFranck Cuny5-44/+105
2025-08-12initial setup for forgejo and caddyFranck Cuny7-6/+78
2025-08-12more simplificationsFranck Cuny2-53/+56
2025-08-12move secrets to their own files and delete unused profileFranck Cuny5-45/+62
2025-08-12move profile for home-manager under programsFranck Cuny2-2/+2
2025-08-12profiles for doc, fish, and remove unused profilesFranck Cuny2-2/+6
2025-08-12move git server profile closer to host configFranck Cuny2-1/+41
2025-08-12move hardware config closer to the host configFranck Cuny2-1/+24
2025-08-12add profiles for security, firewalls, and usersFranck Cuny2-0/+6
2025-08-12add a profile for bootFranck Cuny2-0/+2
2025-08-12use podman for containers on nixosFranck Cuny2-0/+2
2025-08-12add profile for motdFranck Cuny2-0/+2
2025-08-12create profiles for networkd and nix's GCFranck Cuny2-2/+4
2025-08-12move disks configuration to the host' directoryFranck Cuny4-2/+112
2025-08-12profile for toolsFranck Cuny2-0/+2
2025-08-12profile for sshdFranck Cuny2-0/+2
2025-08-12import localeFranck Cuny2-0/+2
2025-08-12move each machine configuration to a folderFranck Cuny2-0/+0
This will give me a bit more flexibility to configure things per machine in the future.
2025-08-12users -> homeFranck Cuny2-2/+2
2025-08-10setup wireguard tunnel between the VM and DO hostsFranck Cuny2-0/+31
2025-08-10manage a DigitalOcean virtual machine with nixosFranck Cuny2-14/+115
Add a new machine on DigitalOcean and provision it using terraform + nixos-anywhere. This takes care of bringing the machine up on nixos completely, and use a static SSH host key in order to configure wireguard at the same time.
2025-08-09add the SSH key for the remote builderFranck Cuny1-0/+3
All the secrets were rekeyed.
2025-08-03absolute path for loading minimal profileFranck Cuny1-1/+1
2025-08-03attempt at configuring the remote builder on the VMFranck Cuny1-0/+10
2025-07-25add a module for backupsFranck Cuny1-0/+9
Enable the module on the VM, and backup the git repositories both to the NAS and to a GCS bucket.
2025-07-25add a module for mounting CIFS volumesFranck Cuny1-0/+15
The new module is for NAS clients, where we specify the server and the paths to mount locally. We add a new secret to have the username of the `nas' user. We mount the backups volume from the NAS under `/data/backups` on the VM.
2025-07-25enable cloudflared on the vmFranck Cuny1-0/+15
2025-07-21keep organizing into modules and profilesFranck Cuny1-26/+4
2025-07-21move all profiles, modules, and flakes to top-levelFranck Cuny1-4/+4
2025-07-21install minimal home-manager profile on the VMFranck Cuny1-1/+15
2025-07-21move machines definitions to top-levelFranck Cuny1-0/+53
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-08 14:50:51 +0000