aboutsummaryrefslogtreecommitdiff
path: root/machines (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Revert "move droplet specific settings to its own module"Franck Cuny2025-09-082-3/+61
| | | | This reverts commit 3b47113c28c5180d4d5d710e3c1fe74f95aa7226.
* move droplet specific settings to its own moduleFranck Cuny2025-09-082-61/+3
|
* move deployment bits to colmena declarationFranck Cuny2025-09-072-14/+0
|
* the resume is in HTMLFranck Cuny2025-09-071-2/+0
|
* run my personal website on the dropletFranck Cuny2025-09-061-1/+28
|
* initial attempt at using colmena to deploy nixos configurationsFranck Cuny2025-09-012-0/+14
| | | | | | | | | | | | Can be used that way: ``` colmena exec --impure -v --on do-rproxy -- 'systemctl status nginx' ``` or ``` colmena --impure apply dry-activate --on synology-vm ```
* switch to nginxFranck Cuny2025-08-304-75/+76
| | | | | For some reasons, I can't get compression to work with Caddy, and I don't get much benefit from it in the first place anyway.
* run `goget` on `go.fcuny.net`Franck Cuny2025-08-243-0/+22
|
* open firewall ports for forgejo and keycloakFranck Cuny2025-08-242-0/+4
|
* initial configuration for fail2banFranck Cuny2025-08-201-0/+1
| | | | | We need to ensure the firewall is enabled and let's ensure that we open the port for SSH.
* add a wrapper for forgejo admin commandsFranck Cuny2025-08-171-1/+14
|
* enable forgejo dumpFranck Cuny2025-08-171-0/+3
|
* create a new systemd slice for critical servicesFranck Cuny2025-08-172-16/+2
|
* add keycloak for OAuth, runbooks, and finish forgejo setupFranck Cuny2025-08-145-44/+105
|
* initial setup for forgejo and caddyFranck Cuny2025-08-127-6/+78
|
* more simplificationsFranck Cuny2025-08-127-109/+111
|
* move secrets to their own files and delete unused profileFranck Cuny2025-08-125-45/+62
|
* move profile for home-manager under programsFranck Cuny2025-08-124-4/+4
|
* profiles for darwinFranck Cuny2025-08-122-2/+6
|
* profiles for doc, fish, and remove unused profilesFranck Cuny2025-08-122-2/+6
|
* add a profile for fontsFranck Cuny2025-08-122-8/+2
|
* move git server profile closer to host configFranck Cuny2025-08-122-1/+41
|
* move hardware config closer to the host configFranck Cuny2025-08-122-1/+24
|
* add profiles for darwin and remote builderFranck Cuny2025-08-122-1/+3
|
* add profiles for security, firewalls, and usersFranck Cuny2025-08-122-0/+6
|
* add a profile for bootFranck Cuny2025-08-122-0/+2
|
* use podman for containers on nixosFranck Cuny2025-08-122-0/+2
|
* add profile for motdFranck Cuny2025-08-122-0/+2
|
* create profiles for networkd and nix's GCFranck Cuny2025-08-122-2/+4
|
* move disks configuration to the host' directoryFranck Cuny2025-08-124-2/+112
|
* profile for toolsFranck Cuny2025-08-122-0/+2
|
* profile for sshdFranck Cuny2025-08-122-0/+2
|
* import localeFranck Cuny2025-08-122-0/+2
|
* move each machine configuration to a folderFranck Cuny2025-08-124-0/+0
| | | | | This will give me a bit more flexibility to configure things per machine in the future.
* users -> homeFranck Cuny2025-08-124-6/+6
|
* setup wireguard tunnel between the VM and DO hostsFranck Cuny2025-08-102-0/+31
|
* manage a DigitalOcean virtual machine with nixosFranck Cuny2025-08-102-14/+115
| | | | | | | Add a new machine on DigitalOcean and provision it using terraform + nixos-anywhere. This takes care of bringing the machine up on nixos completely, and use a static SSH host key in order to configure wireguard at the same time.
* add the SSH key for the remote builderFranck Cuny2025-08-092-0/+12
| | | | All the secrets were rekeyed.
* absolute path for loading minimal profileFranck Cuny2025-08-031-1/+1
|
* attempt at configuring the remote builder on the VMFranck Cuny2025-08-032-0/+11
|
* add a module for backupsFranck Cuny2025-07-251-0/+9
| | | | | Enable the module on the VM, and backup the git repositories both to the NAS and to a GCS bucket.
* add a module for mounting CIFS volumesFranck Cuny2025-07-251-0/+15
| | | | | | | | | | The new module is for NAS clients, where we specify the server and the paths to mount locally. We add a new secret to have the username of the `nas' user. We mount the backups volume from the NAS under `/data/backups` on the VM.
* enable cloudflared on the vmFranck Cuny2025-07-251-0/+15
|
* fix configuration for work machineFranck Cuny2025-07-241-3/+0
| | | | | | The hostname is capitalized so let's also capitalize the filename! The overlays are not under `customPackages` anymore.
* keep organizing into modules and profilesFranck Cuny2025-07-213-29/+4
|
* move all profiles, modules, and flakes to top-levelFranck Cuny2025-07-213-10/+10
|
* move user configurations to top-levelFranck Cuny2025-07-212-4/+4
|
* install minimal home-manager profile on the VMFranck Cuny2025-07-211-1/+15
|
* move machines definitions to top-levelFranck Cuny2025-07-213-0/+179
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 05:47:01 +0000