b12f
daf2a34274
Some checks failed
Flake checks / Check (pull_request) Failing after 25s
After this has been tested successfully, root SSH login can be disabled. The advantages of having a user for each adminstrator: * Better security analysis: who issued executed what command, who touched which file, who used sudo at which time. * Possibility of granular access, e.g. person X is only allowed to manage service Y |
||
---|---|---|
.forgejo/workflows | ||
docs | ||
hosts | ||
lib | ||
logins | ||
modules | ||
overlays | ||
secrets | ||
terraform | ||
tests | ||
.editorconfig | ||
.envrc | ||
.git-blame-ignore-revs | ||
.gitignore | ||
CONTRIBUTING.md | ||
flake.lock | ||
flake.nix | ||
LICENSE.md | ||
README.md | ||
treefmt.toml |
The pub.solar infrastructure
This repository contains almost all of the configuration for the whole pub.solar infrastructure. Our goal is to have everything, from host configurations to Terraform DNS in this repository.
The architecture we are working towards is a vast simplification of what it was before: one dedicated Hetzner server running NixOS with all services. Offsite backups go to several different locations with restic.
Contributing
If you'd like to contribute, it makes sense to talk to the crew on Matrix via #hakken. We can help figuring out how things work and can make sure your ideas fit the pub.solar philosophy. Of course popping a pull request is always celebrated.
To start, check our contributing guide.