torjus/nixos-servers
1
0
Fork 0
Code Issues 1 Pull Requests Actions 1 Packages Projects 1 Releases Wiki Activity
699 Commits 2 Branches 0 Tags
41d42268124d3e870e72469c14049acbee73cce3
Commit Graph

31 Commits

Author SHA1 Message Date
Torjus Håkestad
0700033c0a secrets: migrate all hosts from sops to OpenBao vault 
Replace sops-nix secrets with OpenBao vault secrets across all hosts.
Hardcode root password hash, add extractKey option to vault-secrets
module, update Terraform with secrets/policies for all hosts, and
create AppRole provisioning playbook.

Hosts migrated: ha1, monitoring01, ns1, ns2, http-proxy, nix-cache01
Wave 1 hosts (nats1, jelly01, pgdb1) get AppRole policies only.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 18:43:09 +01:00
Torjus Håkestad
64f2688349 nix: configure gc to delete generations older than 14d
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m27s
Details 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 02:21:19 +01:00
Torjus Håkestad
cee1b264cd dns: auto-generate zone entries from host configurations 
Replace static zone file with dynamically generated records:
- Add homelab.dns module with enable/cnames options
- Extract IPs from systemd.network configs (filters VPN interfaces)
- Use git commit timestamp as zone serial number
- Move external hosts to separate external-hosts.nix

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-04 21:43:44 +01:00
Torjus Håkestad
7ae474fd3e pki: add new vault root ca to pki 2026-02-03 06:53:59 +01:00
Torjus Håkestad
01d4812280 vault: implement bootstrap integration
Some checks failed
Run nix flake check / flake-check (push) Successful in 2m31s
Details
Run nix flake check / flake-check (pull_request) Failing after 14m16s
Details
2026-02-03 01:10:36 +01:00
Torjus Håkestad
cba1821f3b Add lldap to auth01 host 2025-04-01 22:23:59 +02:00
Torjus Håkestad
dd86298253 Change substituter override
Some checks failed
Run nix flake check / flake-check (push) Failing after 4m4s
Details
Periodic flake update / flake-update (push) Successful in 1m20s
Details
2025-02-26 18:44:45 +01:00
Torjus Håkestad
844449b899 Disable using itself as substituter for nix-cache
Some checks failed
Run nix flake check / flake-check (push) Has been cancelled
Details
2025-02-26 18:34:44 +01:00
Torjus Håkestad
298f2372ca Add some default packages
Some checks failed
Run nix flake check / flake-check (push) Has been cancelled
Details
2025-02-24 18:54:59 +01:00
Torjus Håkestad
4d2fbff6d0 Fix error in journald config
Some checks failed
Run nix flake check / flake-check (push) Failing after 4m0s
Details
2025-02-07 13:22:50 +01:00
Torjus Håkestad
f29edfe34a Configure journald storage
Some checks failed
Run nix flake check / flake-check (push) Failing after 34s
Details
2025-02-07 13:21:43 +01:00
Torjus Håkestad
002f934c70 Add ansible and playbook to trigger upgrade
Some checks failed
Run nix flake check / flake-check (push) Failing after 27m26s
Details
Periodic flake update / flake-update (push) Successful in 1m24s
Details
2025-02-07 00:28:05 +01:00
Torjus Håkestad
fbcb81291b Enable gc and optimise
Some checks failed
Run nix flake check / flake-check (push) Failing after 4m52s
Details
2025-02-06 23:39:54 +01:00
Torjus Håkestad
44d4dc6cdf Remove weekly-rebuild
Some checks failed
Run nix flake check / flake-check (push) Failing after 11m1s
Details
2025-02-06 20:00:22 +01:00
Torjus Håkestad
5866a2be8f Add autoupgrade
Some checks failed
Run nix flake check / flake-check (push) Has been cancelled
Details
2025-02-06 19:58:01 +01:00
Torjus Håkestad
60b2a24271 Add kitty terminfo
Some checks failed
Run nix flake check / flake-check (push) Failing after 15m6s
Details
2025-02-06 11:38:07 +01:00
Torjus Håkestad
e366a05204 Fix caddy logging
Some checks failed
Run nix flake check / flake-check (push) Failing after 9m1s
Details
Periodic flake update / flake-update (push) Successful in 1m36s
Details
2025-01-28 00:49:22 +01:00
Torjus Håkestad
006d0b9213 Finish nix-cache
Some checks failed
Run nix flake check / flake-check (push) Failing after 4m3s
Details
2025-01-24 15:48:03 +01:00
Torjus Håkestad
8545807dd8 Add job label to promtail journald logs
Some checks failed
Run nix flake check / flake-check (push) Failing after 4m51s
Details
2025-01-23 19:50:25 +01:00
Torjus Håkestad
02ef7e861b Add qemu guest agent to all VMs 2024-12-05 18:35:06 +01:00
Torjus Håkestad
a4592ffda3 Improve monitoring stuff
Some checks failed
Run nix flake check / flake-check (push) Failing after 23m19s
Details
2024-12-01 20:51:14 +01:00
Torjus Håkestad
32425807fc Add promtail for journal
Some checks failed
Run nix flake check / flake-check (push) Failing after 7m47s
Details
2024-12-01 03:00:07 +01:00
Torjus Håkestad
5844e7b32b Add internal CA
All checks were successful
Run nix flake check / flake-check (push) Successful in 3m31s
Details
2024-11-30 20:24:43 +01:00
Torjus Håkestad
1da20471a8 Add jq to system packages
All checks were successful
Run nix flake check / flake-check (push) Successful in 3m45s
Details
2024-11-30 12:53:20 +01:00
Torjus Håkestad
c089cbedee Remove rebuild switch, messes with running unit
All checks were successful
Run nix flake check / flake-check (push) Successful in 1m45s
Details
Periodic flake update / flake-update (push) Successful in 1m57s
Details
2024-10-12 21:59:28 +02:00
Torjus Håkestad
b7d9a12786 Collect garbage after rebuild
All checks were successful
Run nix flake check / flake-check (push) Successful in 1m36s
Details
2024-10-12 21:53:34 +02:00
Torjus Håkestad
c4e1026d5e Add weekly-rebuild timer
All checks were successful
Run nix flake check / flake-check (push) Successful in 1m37s
Details
2024-10-12 21:38:37 +02:00
Torjus Håkestad
07f519bf36 Add monitoring services 2024-06-03 04:08:16 +02:00
Torjus Håkestad
2576748c38 Add prometheus monitoring 2024-06-03 03:44:34 +02:00
Torjus Håkestad
7ba862f21d Add template host 2024-03-08 20:10:50 +01:00
Torjus Håkestad
0ed396cd88 Initial commit 2024-03-07 23:14:44 +01:00