| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
| |
The key is still stored in 1password, and we add a script to
synchronize the key to the host.
The existing keys have been rekeyed with the new key.
|
| |
|
|
|
|
|
|
|
|
|
| |
I have some secrets that I want to manage for my user without having
to rely on 1password, and ensure proper rotation everywhere when
needed.
For now we only have two secrets (one for `llm` and another one is the
API key for anthropic for Emacs).
Will document the process better in the near future.
|
| | |
|
| |
|
|
|
|
| |
`nixfmt-rfc-style' replaces `nixfmt-classic'. It's actively
maintained, but also changes the style, so this commit touches all the
files in the repository.
|
| | |
|
| | |
|
| |
|
|
|
| |
It has a small UI and the configuration with the secrets is managed
with `agenix'.
|
| | |
|
| |
|
|
|
| |
Refactor a bit the configuration, which should simplify the management
and usage of secrets from now on.
|
| |
|
|
|
|
| |
Add a couple of secrets to store the configuration and the service
account, and add a timer to synchronize the restic repository to a GCS
bucket once a day.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
I want to run traefik on the NAS, so I can reach grafana and other
future services running on that host.
To manage TLS, we use let's encrypt with a DNS challenge. For this to
work we need a service account configuration, that is encrypted with
age.
|
| |
|
|
| |
Reinstalled tahoe, new ssh key for the host.
|
| | |
|
| | |
|
| |
|
