torjus/nixos-servers
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects 1 Releases Wiki Activity
697 Commits 2 Branches 0 Tags
7d92c55d37ec87b559cb4f039031fd2b95e8c53d
Commit Graph

21 Commits

Author SHA1 Message Date
Torjus Håkestad
7d92c55d37 docs: update for sops-to-openbao migration completion
Some checks failed
Run nix flake check / flake-check (push) Failing after 18m17s
Details 
Update CLAUDE.md and README.md to reflect that secrets are now managed
by OpenBao, with sops only remaining for ca. Update migration plans
with sops cleanup checklist and auth01 decommission.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 20:06:21 +01:00
Torjus Håkestad
6d117d68ca docs: move sops-to-openbao migration plan to completed
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m5s
Details 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 19:45:42 +01:00
Torjus Håkestad
0700033c0a secrets: migrate all hosts from sops to OpenBao vault 
Replace sops-nix secrets with OpenBao vault secrets across all hosts.
Hardcode root password hash, add extractKey option to vault-secrets
module, update Terraform with secrets/policies for all hosts, and
create AppRole provisioning playbook.

Hosts migrated: ha1, monitoring01, ns1, ns2, http-proxy, nix-cache01
Wave 1 hosts (nats1, jelly01, pgdb1) get AppRole policies only.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 18:43:09 +01:00
Torjus Håkestad
4d33018285 docs: add ha1 memory recommendation to migration plan
Some checks failed
Run nix flake check / flake-check (push) Failing after 3m28s
Details 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 17:48:45 +01:00
Torjus Håkestad
678fd3d6de docs: add systemd-exporter findings to monitoring gaps plan 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 10:19:33 +01:00
Torjus Håkestad
9d74aa5c04 docs: add zigbee sensor battery monitoring findings 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 09:21:54 +01:00
Torjus Håkestad
fe80ec3576 docs: add monitoring gaps audit plan
Some checks failed
Run nix flake check / flake-check (push) Failing after 20m32s
Details 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 03:19:20 +01:00
Torjus Håkestad
870fb3e532 docs: add plan for remote access to homelab services
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m4s
Details 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 02:53:27 +01:00
Torjus Håkestad
e602e8d70b docs: add plan for prometheus scrape target labels
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m7s
Details 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 02:36:41 +01:00
Torjus Håkestad
09d9d71e2b docs: note to establish hostname naming conventions before migration
Some checks failed
Run nix flake check / flake-check (push) Has been cancelled
Details 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 02:04:58 +01:00
Torjus Håkestad
cc799f5929 docs: note USB passthrough requirement for ha1 migration 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 02:02:14 +01:00
Torjus Håkestad
0abdda8e8a docs: add plan for migrating existing hosts to opentofu
Some checks failed
Run nix flake check / flake-check (push) Failing after 3m28s
Details 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 01:59:51 +01:00
Torjus Håkestad
0ef63ad874 hosts: remove decommissioned media1, ns3, ns4, nixos-test1
Some checks failed
Run nix flake check / flake-check (push) Failing after 4m47s
Details
Run nix flake check / flake-check (pull_request) Successful in 3m20s
Details 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 01:36:57 +01:00
Torjus Håkestad
86a077e152 docs: add host cleanup plan for decommissioned hosts 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 01:04:50 +01:00
Torjus Håkestad
a2a55f3955 docs: add docs directory info and nixos options improvement plan
Some checks failed
Run nix flake check / flake-check (push) Failing after 4m12s
Details 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-04 22:27:11 +01:00
Torjus Håkestad
d7d4b0846c docs: move dns-automation plan to completed
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m17s
Details 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-04 22:13:38 +01:00
Torjus Håkestad
048536ba70 docs: move dns automation from TODO.md to nixos-improvements.md
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m20s
Details
2026-02-03 04:51:27 +01:00
Torjus Håkestad
01d4812280 vault: implement bootstrap integration
Some checks failed
Run nix flake check / flake-check (push) Successful in 2m31s
Details
Run nix flake check / flake-check (pull_request) Failing after 14m16s
Details
2026-02-03 01:10:36 +01:00
Torjus Håkestad
7fc69c40a6 docs: add truenas-migration plan
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m18s
Details
Periodic flake update / flake-update (push) Successful in 1m13s
Details
2026-02-02 18:29:11 +01:00
Torjus Håkestad
34a2f2ab50 docs: add infrastructure documentation
Some checks failed
Run nix flake check / flake-check (push) Failing after 11m9s
Details
2026-02-02 17:36:55 +01:00
Torjus Håkestad
c694b9889a vault: add auto-unseal
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m16s
Details
2026-02-02 00:28:24 +01:00