Commit graph

52 commits

Author SHA1 Message Date
Benjamin Bädorf 5bc46fc64c
auth/sudo: enable u2f for sudo via pam module 2024-02-03 15:01:56 +01:00
Benjamin Bädorf 54c8651494
ssh/keys: add yubi ssh fido2 keys to user dir 2024-02-03 13:17:29 +01:00
Benjamin Bädorf a5d005247e
crypto/secrets: add yubikey identities 2024-02-03 12:21:27 +01:00
Benjamin Bädorf e694009287
secrets: add stroopwafel host key and rekey 2024-01-29 23:20:00 +01:00
Benjamin Bädorf 0f7bbe153c
feat: stroopwafel 2024-01-27 23:53:36 +01:00
Benjamin Bädorf 41387a3f38
feat: non-working ehex VPN 2024-01-24 21:17:31 +01:00
Benjamin Bädorf 2814f8eb56
chore: add github token to env 2023-11-15 11:53:47 +01:00
Benjamin Bädorf 29e183b0c7
feat: use ACME and nginx instead of caddy 2023-11-14 18:44:46 +01:00
Benjamin Bädorf 5cf48868b0
feat: add unbound control 2023-11-13 15:48:05 +01:00
Benjamin Bädorf bf71744b93
feat: more email, like dns 2023-11-12 21:45:02 +01:00
Benjamin Bädorf 4d87bfe502
feat: init mailing 2023-11-12 18:33:58 +01:00
Benjamin Bädorf f638f8c597
chore: give all encrypted secrets the .age suffix 2023-11-05 18:56:11 +01:00
Benjamin Bädorf 544f323b0c
fix: wireguard networking and https on services 2023-11-01 16:27:29 +01:00
Benjamin Bädorf 52e8aa2502
fix: use correct pub/priv key for pie wg 2023-10-24 18:10:54 +02:00
Benjamin Bädorf cec9562e15
feat: frikandel as wireguard hub 2023-10-24 17:56:14 +02:00
Benjamin Bädorf dd42eeca69
fix: fix networking issues on pie 2023-10-24 15:54:18 +02:00
Benjamin Bädorf 46f8357cb6
feat: invoiceplane 2023-10-21 22:46:17 +02:00
Benjamin Bädorf 7a5f10c877
feat: wireguard 2023-10-19 23:17:35 +02:00
Benjamin Bädorf 0ea7f9fb50
fix: firefly importer env 2023-10-11 14:32:09 +02:00
Benjamin Bädorf ece9705f67
feat: update passwords 2023-10-10 11:56:36 +02:00
Benjamin Bädorf 6f6140f660
feat: add backups for firefly and paperless 2023-10-09 22:52:28 +02:00
Benjamin Bädorf 747481c4ea
fix: get networking on pie working properly 2023-10-08 19:32:00 +02:00
Benjamin Bädorf 93bcf469ab
refactor: move fully away from modules & profiles distinction 2023-10-07 16:45:42 +02:00
Benjamin Bädorf 03685e9887
chore: rename ben to b12f 2023-09-12 18:46:36 +02:00
Benjamin Bädorf 519963707a
feat: deploy droppie root user ssh private key via nix 2023-07-20 23:36:40 +02:00
Benjamin Bädorf f5279133f8
Change session_signing_key 2023-07-02 12:59:54 +02:00
Benjamin Bädorf 59ed4d91db
nougat-2 concourse setup 2023-07-02 12:48:34 +02:00
Benjamin Bädorf 6fc5b2553c
Add concepts-and-training test infra config 2023-04-21 11:20:23 +02:00
Benjamin Bädorf c434d1769f
Update drone runner secrets 2023-02-02 23:37:40 +01:00
Benjamin Bädorf 9b53a8c982
Merge branch 'main' into b12f 2023-01-28 22:27:52 +01:00
Benjamin Bädorf bd7b864927
Enable terraform infrastructure management for pub.solar 2023-01-28 22:11:05 +01:00
teutat3s 73bf158392
Run treefmt command 2022-11-20 23:28:23 +01:00
Benjamin Bädorf b2daa8d2db
Merge branch 'b12f' into feature/ci-runner-onecommit-test 2022-08-24 20:45:05 +02:00
Benjamin Bädorf 8a9d83ffb9
Add ddclient to droppie 2022-08-23 18:04:21 +02:00
Benjamin Bädorf 9f886ce51f
Working drone-exec-runner 2022-08-14 20:25:12 +02:00
Benjamin Bädorf 8f8923203b
Add vnc keyfiles and config 2022-04-28 23:24:33 +02:00
Benjamin Bädorf 6962aab06c
Remove .gitattributes files 2021-10-24 19:39:23 +02:00
Benjamin Bädorf 067ce16246
Remove git crypt
Start move to /boot kernel mount
x-os: prepare booting from unencrypted /boot partition
Move to systemd-boot
Remove all unencrypted secrets
2021-10-24 17:13:16 +02:00
Benjamin Bädorf 132042220e
Double encrypt ?? 2021-10-23 14:49:36 +02:00
Benjamin Bädorf 87a9d94d0a
secrets via agenix 2021-10-23 13:24:22 +02:00
Pacman99 64b7892f6e Add agenix integration to secrets and flake 2021-05-14 18:38:55 -07:00
Timothy DeHerrera 2d91946745
doc: move all docs under doc 2021-04-18 20:42:49 -06:00
Timothy DeHerrera 8939c3401b
project rename: nixflk -> devos 2021-02-17 18:31:33 -07:00
Timothy DeHerrera bf34d2071f
doc: new mdbook documentation 2021-02-14 02:46:05 -07:00
Timothy DeHerrera 1eb4d1f5ea
secrets: fix subtle error with .gitkeep
Add secrets .gitattributes to secrets dir and avoid encrypting it.
Fixes an issue with .gitkeep causing build failures on unlocked repos.
2021-02-12 23:07:49 -07:00
Timothy DeHerrera 55630829f9
secrets: init empty secrets dir 2021-02-03 19:42:57 -07:00
Timothy DeHerrera 73d3826d64
Initialize template branch
Remove all idiosyncratic stuff and only leave profiles, modules and pkg
definitions, which are general and applicable for any configuration.
2020-01-03 17:47:17 -07:00
Timothy DeHerrera 873c3a2eef
users#nrd: init cargo credentials 2019-12-15 02:55:54 -07:00
Timothy DeHerrera d1683cc1ba
users#nrd: init ec2-keys 2019-12-15 02:44:31 -07:00
Timothy DeHerrera 3abc7fe973
users#nrd: init ssh 2019-12-15 02:37:45 -07:00