aboutsummaryrefslogtreecommitdiff
path: root/secrets (unfollow)
Commit message (Collapse)AuthorFilesLines
2025-08-14add keycloak for OAuth, runbooks, and finish forgejo setupFranck Cuny3-0/+22
2025-08-12rekey some secrets and deleted unused onesFranck Cuny9-34/+30
2025-08-12delete LLM related stuff for nowFranck Cuny1-6/+0
2025-08-10setup wireguard tunnel between the VM and DO hostsFranck Cuny2-0/+12
2025-08-10manage a DigitalOcean virtual machine with nixosFranck Cuny3-0/+17
Add a new machine on DigitalOcean and provision it using terraform + nixos-anywhere. This takes care of bringing the machine up on nixos completely, and use a static SSH host key in order to configure wireguard at the same time.
2025-08-09add the SSH key for the remote builderFranck Cuny8-12/+17
All the secrets were rekeyed.
2025-07-25add a module for mounting CIFS volumesFranck Cuny2-0/+12
The new module is for NAS clients, where we specify the server and the paths to mount locally. We add a new secret to have the username of the `nas' user. We mount the backups volume from the NAS under `/data/backups` on the VM.
2025-07-07store backups locally and remotelyFranck Cuny1-0/+0
It might be useful to have a local backup so that I don't need to pull it from the remote bucket. It is useful to be able to quickly browse and see what's in the backup, and having to go to GCS for that is a waste of resources. Export environment variables to make it easier to interact with the local repository.
2025-07-06add secrets and configurations for cloudflaredFranck Cuny3-0/+9
2025-06-30backup the VM to Google Cloud StorageFranck Cuny3-0/+18
For now we only backup git repositories.
2025-06-12remove one of my keys from the secretsFranck Cuny1-6/+3
2025-06-12use a dedicated SSH key for agenixFranck Cuny3-12/+23
The key is still stored in 1password, and we add a script to synchronize the key to the host. The existing keys have been rekeyed with the new key.
2025-06-08use agenix to manage some secretsFranck Cuny3-0/+20
I have some secrets that I want to manage for my user without having to rely on 1password, and ensure proper rotation everywhere when needed. For now we only have two secrets (one for `llm` and another one is the API key for anthropic for Emacs). Will document the process better in the near future.
2024-12-28remove secrets and agenix since nothing uses themFranck Cuny3-19/+0
2024-12-19switch to the newer version of nixfmtFranck Cuny1-6/+8
`nixfmt-rfc-style' replaces `nixfmt-classic'. It's actively maintained, but also changes the style, so this commit touches all the files in the repository.
2024-12-19use treefmt to format all the filesFranck Cuny1-6/+1
2024-12-16move gitotlite to vm-synologyFranck Cuny2-6/+6
2024-12-15run `ddns-updater' on `vm-synology'Franck Cuny2-1/+4
It has a small UI and the configuration with the secrets is managed with `agenix'.
2024-12-14use agenix to manage secrets in the repositoryFranck Cuny2-0/+19
2022-04-10secrets: move all the secrets under module/Franck Cuny7-25/+0
Refactor a bit the configuration, which should simplify the management and usage of secrets from now on.
2022-03-11rclone: synchronize restic repo to GCSFranck Cuny2-0/+0
Add a couple of secrets to store the configuration and the service account, and add a timer to synchronize the restic repository to a GCS bucket once a day.
2022-03-07restic: add the secret for the repo 'systems'Franck Cuny1-0/+12
2022-03-06unifi: configure the pollerFranck Cuny1-0/+13
2022-03-06traefik: initial configurationFranck Cuny1-0/+0
I want to run traefik on the NAS, so I can reach grafana and other future services running on that host. To manage TLS, we use let's encrypt with a DNS challenge. For this to work we need a service account configuration, that is encrypted with age.
2022-03-05agenix: rekey secretsFranck Cuny2-0/+0
Reinstalled tahoe, new ssh key for the host.
2022-03-01secrets: add a new key and rekey existing keysFranck Cuny2-18/+19
2022-02-21tahoe: wireguard setupFranck Cuny1-0/+10
2022-02-21secrets: initial config and a first secretFranck Cuny1-0/+10
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-08 18:17:49 +0000