| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2025-10-24 | configure rivendell to be an exit node for tailscale | Franck Cuny | 1 | -0/+5 | |
| 2025-10-18 | move keycloak and forgejo on rivendell | Franck Cuny | 1 | -2/+2 | |
| I had to rekey all the secrets. Updated the documentation for both how to setup forgejo and keycloak. | |||||
| 2025-10-18 | configure wireguard for rivendell | Franck Cuny | 1 | -0/+6 | |
| 2025-08-30 | switch to nginx | Franck Cuny | 1 | -1/+1 | |
| For some reasons, I can't get compression to work with Caddy, and I don't get much benefit from it in the first place anyway. | |||||
| 2025-08-14 | add keycloak for OAuth, runbooks, and finish forgejo setup | Franck Cuny | 1 | -0/+8 | |
| 2025-08-12 | rekey some secrets and deleted unused ones | Franck Cuny | 1 | -9/+4 | |
| 2025-08-12 | delete LLM related stuff for now | Franck Cuny | 1 | -6/+0 | |
| 2025-08-10 | setup wireguard tunnel between the VM and DO hosts | Franck Cuny | 1 | -0/+5 | |
| 2025-08-10 | manage a DigitalOcean virtual machine with nixos | Franck Cuny | 1 | -0/+10 | |
| Add a new machine on DigitalOcean and provision it using terraform + nixos-anywhere. This takes care of bringing the machine up on nixos completely, and use a static SSH host key in order to configure wireguard at the same time. | |||||
| 2025-08-09 | add the SSH key for the remote builder | Franck Cuny | 1 | -0/+7 | |
| All the secrets were rekeyed. | |||||
| 2025-07-25 | add a module for mounting CIFS volumes | Franck Cuny | 1 | -0/+4 | |
| The new module is for NAS clients, where we specify the server and the paths to mount locally. We add a new secret to have the username of the `nas' user. We mount the backups volume from the NAS under `/data/backups` on the VM. | |||||
| 2025-07-06 | add secrets and configurations for cloudflared | Franck Cuny | 1 | -0/+9 | |
| 2025-06-30 | backup the VM to Google Cloud Storage | Franck Cuny | 1 | -0/+11 | |
| For now we only backup git repositories. | |||||
| 2025-06-12 | remove one of my keys from the secrets | Franck Cuny | 1 | -6/+3 | |
| 2025-06-12 | use a dedicated SSH key for agenix | Franck Cuny | 1 | -3/+10 | |
| The key is still stored in 1password, and we add a script to synchronize the key to the host. The existing keys have been rekeyed with the new key. | |||||
| 2025-06-08 | use agenix to manage some secrets | Franck Cuny | 1 | -0/+9 | |
| I have some secrets that I want to manage for my user without having to rely on 1password, and ensure proper rotation everywhere when needed. For now we only have two secrets (one for `llm` and another one is the API key for anthropic for Emacs). Will document the process better in the near future. | |||||
| 2024-12-28 | remove secrets and agenix since nothing uses them | Franck Cuny | 1 | -12/+0 | |
| 2024-12-19 | switch to the newer version of nixfmt | Franck Cuny | 1 | -6/+8 | |
| `nixfmt-rfc-style' replaces `nixfmt-classic'. It's actively maintained, but also changes the style, so this commit touches all the files in the repository. | |||||
| 2024-12-19 | use treefmt to format all the files | Franck Cuny | 1 | -6/+1 | |
| 2024-12-15 | run `ddns-updater' on `vm-synology' | Franck Cuny | 1 | -1/+4 | |
| It has a small UI and the configuration with the secrets is managed with `agenix'. | |||||
| 2024-12-14 | use agenix to manage secrets in the repository | Franck Cuny | 1 | -0/+12 | |
 |
index : infra | |
| nix configuration for my machines | Gitolite user |
| aboutsummaryrefslogtreecommitdiff |