sercanto/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1945 commits 1 branch 0 tags 3.4 MiB
Commit graph

33 commits

Author SHA1 Message Date
zowoq
2a72d56e9a refactor cachix secrets 
each of these are only used on single host so they don't need to be shared
 2023-11-16 21:29:45 +00:00
zowoq
d90801d01f add buildbot 2023-11-04 08:05:37 +00:00
zowoq
c896c3e3b5 remove terraform effect and hercules secrets 
also move cachix deploy token to repo root secrets
 2023-09-16 03:00:18 +00:00
zowoq
2e4c6101c3 .sops.yaml: restrict cachix to build{02,03,04} 2023-08-14 00:46:27 +00:00
zowoq
53accb3ec0 .sops.yaml: update 2023-08-08 23:39:23 +00:00
zowoq
cc367a8b05 web02: init 2023-07-29 22:29:37 +00:00
zowoq
03fd3afdc4 .sops.yaml: update path_regex for modules 2023-07-21 23:52:04 +00:00
zowoq
2691094597 modules/darwin: refactor 2023-07-17 10:36:51 +00:00
adisbladis
c91f606639 hosts.web01: init 
This machine is intended to host web applications.
Initially [Lemmy](https://join-lemmy.org/), but perhaps more down the line.

The initial PR only deals with setting up the machine and required infra like DNS, not setting up Lemmy itself which will be a follow-up.
 2023-07-05 08:57:43 +00:00
adisbladis
dcd03ebd64 .sops.yml: Add adisbladis key 2023-07-02 17:31:49 +00:00
zowoq
9ad1c65ec6 darwin02: init 2023-06-06 08:52:37 +00:00
zowoq
5e5678ec15 build0*: move into /hosts 2023-06-01 01:04:53 +00:00
zowoq
77a32313e9 roles, services: refactor into modules 2023-05-31 10:05:55 +00:00
zowoq
fde3b61530 .sops.yaml: remove github_actions 2023-03-17 11:35:25 +10:00
zowoq
40f71e4a3c .sops.yaml: format 2023-03-17 11:34:12 +10:00
zowoq
f05a9e14a5 allow hercules to access terraform secrets 2023-03-13 07:48:44 +10:00
Jörg Thalheim
dfc0db1caf build04: update age keys + ip address 2023-02-24 08:43:19 +01:00
zowoq
16962b3a09 tasks.py: add ssh-to-age to shell and update comments 2023-02-07 12:22:46 +10:00
zimbatm
43c95d099c
sops: replace my GPG key with AGE 
GPG is failing again. Time to get rid of it.

This age key is derived from my SSH key that you can double-check from
https://github.com/zimbatm.keys
 2023-01-21 10:51:00 +01:00
Jörg Thalheim
b2eab48b4f re-install build04 2022-12-30 20:56:30 +01:00
zowoq
0ec1d704f4 .sops.yaml: add github_actions for terraform secrets 2022-11-17 09:13:32 +10:00
Jörg Thalheim
bd44b8e130 add zowoq's key to sops policies 2022-10-25 09:55:28 +02:00
Jörg Thalheim
557af34cfc build{01,02}: add aarch64 builder 2022-08-13 18:02:08 +02:00
Jörg Thalheim
0757a72008
move remaining git-crypt secrets to sops 2022-05-15 17:12:19 +02:00
Jörg Thalheim
b88933d38d
move more secrets to sops and closer to terraform 2022-05-15 17:06:14 +02:00
Jörg Thalheim
018211dd23 hercules: also encrypt for build02 2021-12-26 08:58:06 +01:00
Jörg Thalheim
6b8924f2a1 hercules: add cachix deploy agent secrets 2021-12-24 07:42:09 +01:00
Jörg Thalheim
bc1339587a add cachix deploy 2021-12-23 20:39:49 +01:00
Jörg Thalheim
76a747f32c rotate secret for build02 2021-10-24 01:02:16 +02:00
Jörg Thalheim
e40617c555 fixup key for build02 2021-09-29 19:43:42 +02:00
Jörg Thalheim
63f27cd249 add zimbatm's key and rencrypt all files 2021-09-29 19:03:27 +02:00
Ryan Mulligan
e0d5ca7d4a sops-nix: add ryantm 2021-09-26 16:13:37 -07:00
Jörg Thalheim
0c07216370 migrate to sops-nix 2021-09-25 22:35:55 +02:00