| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Add a new machine on DigitalOcean and provision it using terraform +
nixos-anywhere. This takes care of bringing the machine up on nixos
completely, and use a static SSH host key in order to configure
wireguard at the same time.
|
| |
|
|
| |
All the secrets were rekeyed.
|
| |
|
|
|
|
|
|
|
|
| |
The new module is for NAS clients, where we specify the server and the
paths to mount locally.
We add a new secret to have the username of the `nas' user.
We mount the backups volume from the NAS under `/data/backups` on the
VM.
|
| | |
|
| |
|
|
| |
For now we only backup git repositories.
|
| | |
|
| |
|
|
|
|
|
| |
The key is still stored in 1password, and we add a script to
synchronize the key to the host.
The existing keys have been rekeyed with the new key.
|
| |
|
|
|
|
|
|
|
|
|
| |
I have some secrets that I want to manage for my user without having
to rely on 1password, and ensure proper rotation everywhere when
needed.
For now we only have two secrets (one for `llm` and another one is the
API key for anthropic for Emacs).
Will document the process better in the near future.
|
| | |
|
| |
|
|
|
|
| |
`nixfmt-rfc-style' replaces `nixfmt-classic'. It's actively
maintained, but also changes the style, so this commit touches all the
files in the repository.
|
| | |
|
| |
|
|
|
| |
It has a small UI and the configuration with the secrets is managed
with `agenix'.
|
| |
|
