sercanto/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2819 commits 1 branch 0 tags 3.4 MiB
Commit graph

48 commits

Author SHA1 Message Date
zowoq
26ce341501 build05: init (aarch64-build-box.nix-community.org) 2025-01-06 01:41:38 +00:00
zowoq
e41ce7ba70 darwin01: update host key 2025-01-03 12:07:33 +00:00
zowoq
bcdbe40580 modules/nixos/backup: move secrets to sops 2024-12-19 00:40:18 +00:00
zowoq
518f527936 modules/shared/community-builder: move secrets to sops 2024-12-19 00:40:18 +00:00
zowoq
36a9be1663 move hercules CI secrets to sops 2024-12-19 00:00:18 +00:00
zowoq
b260b29a85 add all hosts to sops 2024-12-19 00:00:18 +00:00
zowoq
7478e0268a use nix to generate .sops.yaml 2024-12-19 00:00:18 +00:00
zowoq
3c554a18f8 move hercules to agenix 2024-07-10 03:01:16 +00:00
zowoq
907a7082ad secrets.yaml: move ssh host keys 2024-07-03 06:52:26 +00:00
zowoq
03fb7492bb add agenix to deploy darwin secrets 2024-05-16 05:29:31 +00:00
zowoq
e6eb662b36 Revert "darwin01: add darwin03 as builder" 
This reverts commit bbba9d555c.
 2024-05-16 03:59:55 +00:00
zowoq
bbba9d555c darwin01: add darwin03 as builder 2024-03-09 22:41:11 +00:00
zowoq
b917a32aae build02: remove hercules 2023-12-02 03:37:48 +00:00
zowoq
7deb90df67 refactor buildbot, watch-store 2023-11-23 05:42:58 +00:00
zowoq
5f03801844 remove web01 and lemmy 2023-11-19 22:44:53 +00:00
zowoq
2a72d56e9a refactor cachix secrets 
each of these are only used on single host so they don't need to be shared
 2023-11-16 21:29:45 +00:00
zowoq
d90801d01f add buildbot 2023-11-04 08:05:37 +00:00
zowoq
c896c3e3b5 remove terraform effect and hercules secrets 
also move cachix deploy token to repo root secrets
 2023-09-16 03:00:18 +00:00
zowoq
2e4c6101c3 .sops.yaml: restrict cachix to build{02,03,04} 2023-08-14 00:46:27 +00:00
zowoq
53accb3ec0 .sops.yaml: update 2023-08-08 23:39:23 +00:00
zowoq
cc367a8b05 web02: init 2023-07-29 22:29:37 +00:00
zowoq
03fd3afdc4 .sops.yaml: update path_regex for modules 2023-07-21 23:52:04 +00:00
zowoq
2691094597 modules/darwin: refactor 2023-07-17 10:36:51 +00:00
adisbladis
c91f606639 hosts.web01: init 
This machine is intended to host web applications.
Initially [Lemmy](https://join-lemmy.org/), but perhaps more down the line.

The initial PR only deals with setting up the machine and required infra like DNS, not setting up Lemmy itself which will be a follow-up.
 2023-07-05 08:57:43 +00:00
adisbladis
dcd03ebd64 .sops.yml: Add adisbladis key 2023-07-02 17:31:49 +00:00
zowoq
9ad1c65ec6 darwin02: init 2023-06-06 08:52:37 +00:00
zowoq
5e5678ec15 build0*: move into /hosts 2023-06-01 01:04:53 +00:00
zowoq
77a32313e9 roles, services: refactor into modules 2023-05-31 10:05:55 +00:00
zowoq
fde3b61530 .sops.yaml: remove github_actions 2023-03-17 11:35:25 +10:00
zowoq
40f71e4a3c .sops.yaml: format 2023-03-17 11:34:12 +10:00
zowoq
f05a9e14a5 allow hercules to access terraform secrets 2023-03-13 07:48:44 +10:00
Jörg Thalheim
dfc0db1caf build04: update age keys + ip address 2023-02-24 08:43:19 +01:00
zowoq
16962b3a09 tasks.py: add ssh-to-age to shell and update comments 2023-02-07 12:22:46 +10:00
zimbatm
43c95d099c
sops: replace my GPG key with AGE 
GPG is failing again. Time to get rid of it.

This age key is derived from my SSH key that you can double-check from
https://github.com/zimbatm.keys
 2023-01-21 10:51:00 +01:00
Jörg Thalheim
b2eab48b4f re-install build04 2022-12-30 20:56:30 +01:00
zowoq
0ec1d704f4 .sops.yaml: add github_actions for terraform secrets 2022-11-17 09:13:32 +10:00
Jörg Thalheim
bd44b8e130 add zowoq's key to sops policies 2022-10-25 09:55:28 +02:00
Jörg Thalheim
557af34cfc build{01,02}: add aarch64 builder 2022-08-13 18:02:08 +02:00
Jörg Thalheim
0757a72008
move remaining git-crypt secrets to sops 2022-05-15 17:12:19 +02:00
Jörg Thalheim
b88933d38d
move more secrets to sops and closer to terraform 2022-05-15 17:06:14 +02:00
Jörg Thalheim
018211dd23 hercules: also encrypt for build02 2021-12-26 08:58:06 +01:00
Jörg Thalheim
6b8924f2a1 hercules: add cachix deploy agent secrets 2021-12-24 07:42:09 +01:00
Jörg Thalheim
bc1339587a add cachix deploy 2021-12-23 20:39:49 +01:00
Jörg Thalheim
76a747f32c rotate secret for build02 2021-10-24 01:02:16 +02:00
Jörg Thalheim
e40617c555 fixup key for build02 2021-09-29 19:43:42 +02:00
Jörg Thalheim
63f27cd249 add zimbatm's key and rencrypt all files 2021-09-29 19:03:27 +02:00
Ryan Mulligan
e0d5ca7d4a sops-nix: add ryantm 2021-09-26 16:13:37 -07:00
Jörg Thalheim
0c07216370 migrate to sops-nix 2021-09-25 22:35:55 +02:00