aboutsummaryrefslogtreecommitdiff
path: root/machines/nixos (follow)
Commit message (Collapse)AuthorAgeFilesLines
* configure wireguard for rivendellFranck Cuny2025-10-183-0/+41
|
* move the disk configuration for rivendell as a profileFranck Cuny2025-10-182-68/+1
|
* introduce a module for baremetal machinesFranck Cuny2025-10-131-5/+1
|
* introduce a module for digital ocean dropletFranck Cuny2025-10-132-71/+3
|
* consistent home-manager configuration for all nixos hostsFranck Cuny2025-10-136-44/+0
|
* make the remote unlock bits a nix moduleFranck Cuny2025-10-122-59/+24
| | | | Move all the hardware configuration for rivendell into the default.nix.
* initial setup for the framework destkop (named rivendell)Franck Cuny2025-10-125-0/+194
|
* configure podman for all nixos machinesFranck Cuny2025-10-092-4/+0
|
* import home-manager.nix and user.nix by default on nixosFranck Cuny2025-10-092-4/+0
|
* automatically import home-manager.nix for all hostsFranck Cuny2025-10-092-2/+0
|
* more simplification of the configurationFranck Cuny2025-10-092-5/+0
|
* move common modules under modules/Franck Cuny2025-10-092-2/+0
| | | | Simplify the import on the various hosts.
* nix configuration is applied by default to nixos machinesFranck Cuny2025-10-062-4/+0
|
* start to refactor nixos modulesFranck Cuny2025-09-122-2/+0
|
* Revert "move droplet specific settings to its own module"Franck Cuny2025-09-082-3/+61
| | | | This reverts commit 3b47113c28c5180d4d5d710e3c1fe74f95aa7226.
* move droplet specific settings to its own moduleFranck Cuny2025-09-082-61/+3
|
* move deployment bits to colmena declarationFranck Cuny2025-09-072-14/+0
|
* the resume is in HTMLFranck Cuny2025-09-071-2/+0
|
* run my personal website on the dropletFranck Cuny2025-09-061-1/+28
|
* initial attempt at using colmena to deploy nixos configurationsFranck Cuny2025-09-012-0/+14
| | | | | | | | | | | | Can be used that way: ``` colmena exec --impure -v --on do-rproxy -- 'systemctl status nginx' ``` or ``` colmena --impure apply dry-activate --on synology-vm ```
* switch to nginxFranck Cuny2025-08-304-75/+76
| | | | | For some reasons, I can't get compression to work with Caddy, and I don't get much benefit from it in the first place anyway.
* run `goget` on `go.fcuny.net`Franck Cuny2025-08-243-0/+22
|
* open firewall ports for forgejo and keycloakFranck Cuny2025-08-242-0/+4
|
* initial configuration for fail2banFranck Cuny2025-08-201-0/+1
| | | | | We need to ensure the firewall is enabled and let's ensure that we open the port for SSH.
* add a wrapper for forgejo admin commandsFranck Cuny2025-08-171-1/+14
|
* enable forgejo dumpFranck Cuny2025-08-171-0/+3
|
* create a new systemd slice for critical servicesFranck Cuny2025-08-172-16/+2
|
* add keycloak for OAuth, runbooks, and finish forgejo setupFranck Cuny2025-08-145-44/+105
|
* initial setup for forgejo and caddyFranck Cuny2025-08-127-6/+78
|
* more simplificationsFranck Cuny2025-08-122-53/+56
|
* move secrets to their own files and delete unused profileFranck Cuny2025-08-125-45/+62
|
* move profile for home-manager under programsFranck Cuny2025-08-122-2/+2
|
* profiles for doc, fish, and remove unused profilesFranck Cuny2025-08-122-2/+6
|
* move git server profile closer to host configFranck Cuny2025-08-122-1/+41
|
* move hardware config closer to the host configFranck Cuny2025-08-122-1/+24
|
* add profiles for security, firewalls, and usersFranck Cuny2025-08-122-0/+6
|
* add a profile for bootFranck Cuny2025-08-122-0/+2
|
* use podman for containers on nixosFranck Cuny2025-08-122-0/+2
|
* add profile for motdFranck Cuny2025-08-122-0/+2
|
* create profiles for networkd and nix's GCFranck Cuny2025-08-122-2/+4
|
* move disks configuration to the host' directoryFranck Cuny2025-08-124-2/+112
|
* profile for toolsFranck Cuny2025-08-122-0/+2
|
* profile for sshdFranck Cuny2025-08-122-0/+2
|
* import localeFranck Cuny2025-08-122-0/+2
|
* move each machine configuration to a folderFranck Cuny2025-08-122-0/+0
| | | | | This will give me a bit more flexibility to configure things per machine in the future.
* users -> homeFranck Cuny2025-08-122-2/+2
|
* setup wireguard tunnel between the VM and DO hostsFranck Cuny2025-08-102-0/+31
|
* manage a DigitalOcean virtual machine with nixosFranck Cuny2025-08-102-14/+115
| | | | | | | Add a new machine on DigitalOcean and provision it using terraform + nixos-anywhere. This takes care of bringing the machine up on nixos completely, and use a static SSH host key in order to configure wireguard at the same time.
* add the SSH key for the remote builderFranck Cuny2025-08-091-0/+3
| | | | All the secrets were rekeyed.
* absolute path for loading minimal profileFranck Cuny2025-08-031-1/+1
|
* attempt at configuring the remote builder on the VMFranck Cuny2025-08-031-0/+10
|
* add a module for backupsFranck Cuny2025-07-251-0/+9
| | | | | Enable the module on the VM, and backup the git repositories both to the NAS and to a GCS bucket.
* add a module for mounting CIFS volumesFranck Cuny2025-07-251-0/+15
| | | | | | | | | | The new module is for NAS clients, where we specify the server and the paths to mount locally. We add a new secret to have the username of the `nas' user. We mount the backups volume from the NAS under `/data/backups` on the VM.
* enable cloudflared on the vmFranck Cuny2025-07-251-0/+15
|
* keep organizing into modules and profilesFranck Cuny2025-07-211-26/+4
|
* move all profiles, modules, and flakes to top-levelFranck Cuny2025-07-211-4/+4
|
* install minimal home-manager profile on the VMFranck Cuny2025-07-211-1/+15
|
* move machines definitions to top-levelFranck Cuny2025-07-211-0/+53
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 14:36:23 +0000