aboutsummaryrefslogtreecommitdiff
path: root/machines (follow)
Commit message (Collapse)AuthorAgeFilesLines
* move a few more things back as profilesFranck Cuny2025-10-233-0/+9
|
* enable tailscale on 2 machinesFranck Cuny2025-10-232-0/+3
|
* webfinger setup to support tailscaleFranck Cuny2025-10-231-43/+94
| | | | | Based on https://tailscale.com/kb/1240/sso-custom-oidc and https://github.com/randomnetcat/nix-configs/blob/f1963827395d6c82a7e64267fde9b0c82da02380/hosts/bear/auth/default.nix#L134
* simplify darwin configurationFranck Cuny2025-10-235-62/+34
| | | | Remove a bunch of files and consolidate everything into the host's file.
* move keycloak and forgejo on rivendellFranck Cuny2025-10-186-137/+7
| | | | | I had to rekey all the secrets. Updated the documentation for both how to setup forgejo and keycloak.
* configure wireguard for rivendellFranck Cuny2025-10-183-0/+41
|
* move the disk configuration for rivendell as a profileFranck Cuny2025-10-182-68/+1
|
* introduce a module for baremetal machinesFranck Cuny2025-10-131-5/+1
|
* introduce a module for digital ocean dropletFranck Cuny2025-10-132-71/+3
|
* consistent home-manager configuration for all nixos hostsFranck Cuny2025-10-136-44/+0
|
* make the remote unlock bits a nix moduleFranck Cuny2025-10-122-59/+24
| | | | Move all the hardware configuration for rivendell into the default.nix.
* initial setup for the framework destkop (named rivendell)Franck Cuny2025-10-125-0/+194
|
* configure podman for all nixos machinesFranck Cuny2025-10-092-4/+0
|
* import home-manager.nix and user.nix by default on nixosFranck Cuny2025-10-092-4/+0
|
* automatically import home-manager.nix for all hostsFranck Cuny2025-10-094-5/+0
|
* don't import fonts.nixFranck Cuny2025-10-091-1/+0
| | | | This has been merged in the desktop.nix module.
* more simplification of the configurationFranck Cuny2025-10-092-5/+0
|
* move common modules under modules/Franck Cuny2025-10-094-15/+0
| | | | Simplify the import on the various hosts.
* nix configuration is applied by default to nixos machinesFranck Cuny2025-10-062-4/+0
|
* start to refactor nixos modulesFranck Cuny2025-09-122-2/+0
|
* Revert "move droplet specific settings to its own module"Franck Cuny2025-09-082-3/+61
| | | | This reverts commit 3b47113c28c5180d4d5d710e3c1fe74f95aa7226.
* move droplet specific settings to its own moduleFranck Cuny2025-09-082-61/+3
|
* move deployment bits to colmena declarationFranck Cuny2025-09-072-14/+0
|
* the resume is in HTMLFranck Cuny2025-09-071-2/+0
|
* run my personal website on the dropletFranck Cuny2025-09-061-1/+28
|
* initial attempt at using colmena to deploy nixos configurationsFranck Cuny2025-09-012-0/+14
| | | | | | | | | | | | Can be used that way: ``` colmena exec --impure -v --on do-rproxy -- 'systemctl status nginx' ``` or ``` colmena --impure apply dry-activate --on synology-vm ```
* switch to nginxFranck Cuny2025-08-304-75/+76
| | | | | For some reasons, I can't get compression to work with Caddy, and I don't get much benefit from it in the first place anyway.
* run `goget` on `go.fcuny.net`Franck Cuny2025-08-243-0/+22
|
* open firewall ports for forgejo and keycloakFranck Cuny2025-08-242-0/+4
|
* initial configuration for fail2banFranck Cuny2025-08-201-0/+1
| | | | | We need to ensure the firewall is enabled and let's ensure that we open the port for SSH.
* add a wrapper for forgejo admin commandsFranck Cuny2025-08-171-1/+14
|
* enable forgejo dumpFranck Cuny2025-08-171-0/+3
|
* create a new systemd slice for critical servicesFranck Cuny2025-08-172-16/+2
|
* add keycloak for OAuth, runbooks, and finish forgejo setupFranck Cuny2025-08-145-44/+105
|
* initial setup for forgejo and caddyFranck Cuny2025-08-127-6/+78
|
* more simplificationsFranck Cuny2025-08-127-109/+111
|
* move secrets to their own files and delete unused profileFranck Cuny2025-08-125-45/+62
|
* move profile for home-manager under programsFranck Cuny2025-08-124-4/+4
|
* profiles for darwinFranck Cuny2025-08-122-2/+6
|
* profiles for doc, fish, and remove unused profilesFranck Cuny2025-08-122-2/+6
|
* add a profile for fontsFranck Cuny2025-08-122-8/+2
|
* move git server profile closer to host configFranck Cuny2025-08-122-1/+41
|
* move hardware config closer to the host configFranck Cuny2025-08-122-1/+24
|
* add profiles for darwin and remote builderFranck Cuny2025-08-122-1/+3
|
* add profiles for security, firewalls, and usersFranck Cuny2025-08-122-0/+6
|
* add a profile for bootFranck Cuny2025-08-122-0/+2
|
* use podman for containers on nixosFranck Cuny2025-08-122-0/+2
|
* add profile for motdFranck Cuny2025-08-122-0/+2
|
* create profiles for networkd and nix's GCFranck Cuny2025-08-122-2/+4
|
* move disks configuration to the host' directoryFranck Cuny2025-08-124-2/+112
|
* profile for toolsFranck Cuny2025-08-122-0/+2
|
* profile for sshdFranck Cuny2025-08-122-0/+2
|
* import localeFranck Cuny2025-08-122-0/+2
|
* move each machine configuration to a folderFranck Cuny2025-08-124-0/+0
| | | | | This will give me a bit more flexibility to configure things per machine in the future.
* users -> homeFranck Cuny2025-08-124-6/+6
|
* setup wireguard tunnel between the VM and DO hostsFranck Cuny2025-08-102-0/+31
|
* manage a DigitalOcean virtual machine with nixosFranck Cuny2025-08-102-14/+115
| | | | | | | Add a new machine on DigitalOcean and provision it using terraform + nixos-anywhere. This takes care of bringing the machine up on nixos completely, and use a static SSH host key in order to configure wireguard at the same time.
* add the SSH key for the remote builderFranck Cuny2025-08-092-0/+12
| | | | All the secrets were rekeyed.
* absolute path for loading minimal profileFranck Cuny2025-08-031-1/+1
|
* attempt at configuring the remote builder on the VMFranck Cuny2025-08-032-0/+11
|
* add a module for backupsFranck Cuny2025-07-251-0/+9
| | | | | Enable the module on the VM, and backup the git repositories both to the NAS and to a GCS bucket.
* add a module for mounting CIFS volumesFranck Cuny2025-07-251-0/+15
| | | | | | | | | | The new module is for NAS clients, where we specify the server and the paths to mount locally. We add a new secret to have the username of the `nas' user. We mount the backups volume from the NAS under `/data/backups` on the VM.
* enable cloudflared on the vmFranck Cuny2025-07-251-0/+15
|
* fix configuration for work machineFranck Cuny2025-07-241-3/+0
| | | | | | The hostname is capitalized so let's also capitalize the filename! The overlays are not under `customPackages` anymore.
* keep organizing into modules and profilesFranck Cuny2025-07-213-29/+4
|
* move all profiles, modules, and flakes to top-levelFranck Cuny2025-07-213-10/+10
|
* move user configurations to top-levelFranck Cuny2025-07-212-4/+4
|
* install minimal home-manager profile on the VMFranck Cuny2025-07-211-1/+15
|
* move machines definitions to top-levelFranck Cuny2025-07-213-0/+179
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 13:18:53 +0000