torjus/nixos-servers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Compare commits

base: torjus:pipe-to-loki
Branches Tags
torjus:master torjus:nrec-forgejo torjus:jellyfin-maintenance torjus:loki-monitoring02 torjus:pipe-to-loki torjus:kanidm-pam-client torjus:deploy-test-hosts torjus:homelab-deploy-metrics torjus:host-vault01
...
compare: torjus:afff1877ab4a8f2959a1d3a4b1eb445ce1604154
Branches Tags
torjus:master torjus:nrec-forgejo torjus:jellyfin-maintenance torjus:loki-monitoring02 torjus:pipe-to-loki torjus:kanidm-pam-client torjus:deploy-test-hosts torjus:homelab-deploy-metrics torjus:host-vault01

8 Commits
pipe-to-lo ... afff1877ab

Author SHA1 Message Date
Torjus Håkestad
afff1877ab fixup! vault: replace vault with openbao
Some checks failed
Run nix flake check / flake-check (push) Failing after 3m18s
Details
2026-02-01 22:02:35 +01:00
Torjus Håkestad
8df1d4398a fixup! vault: replace vault with openbao
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m16s
Details
2026-02-01 21:57:36 +01:00
Torjus Håkestad
8f574c9099 fixup! vault: replace vault with openbao
Some checks failed
Run nix flake check / flake-check (push) Has been cancelled
Details
2026-02-01 21:56:44 +01:00
Torjus Håkestad
30f761e78b fixup! vault: replace vault with openbao
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m24s
Details
2026-02-01 21:37:22 +01:00
Torjus Håkestad
aa0f2efbe8 fixup! vault: replace vault with openbao
Some checks failed
Run nix flake check / flake-check (push) Has been cancelled
Details
2026-02-01 21:32:32 +01:00
Torjus Håkestad
00dda40761 fixup! vault: replace vault with openbao
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m20s
Details
2026-02-01 21:18:07 +01:00
Torjus Håkestad
ec6c693daf fixup! vault: replace vault with openbao
Some checks failed
Run nix flake check / flake-check (push) Has been cancelled
Details
2026-02-01 21:16:02 +01:00
Torjus Håkestad
30d33dfa07 vault: replace vault with openbao
Some checks failed
Run nix flake check / flake-check (push) Failing after 2m13s
Details
2026-02-01 21:10:12 +01:00
2 changed files with 24 additions and 2 deletions
Expand all files Collapse all files

25
services/vault/default.nix
View File

@@ -1,8 +1,29 @@
{ ... }: { ... }:
{ {
services.vault = { services.openbao = {
enable = true; enable = true;
storageBackend = "file"; settings = {
ui = true;
storage.file.path = "/var/lib/openbao";
listener.default = {
type = "tcp";
address = "0.0.0.0:8200";
tls_cert_file = "/run/credentials/openbao.service/cert.pem";
tls_key_file = "/run/credentials/openbao.service/key.pem";
};
listener.socket = {
type = "unix";
address = "/run/openbao/openbao.sock";
};
};
};
systemd.services.openbao.serviceConfig = {
LoadCredential = [
"key.pem:/var/lib/openbao/key.pem"
"cert.pem:/var/lib/openbao/cert.pem"
];
}; };
} }

1
terraform/vms.tf
View File

@@ -43,6 +43,7 @@ locals {
cpu_cores = 2 cpu_cores = 2
memory = 2048 memory = 2048
disk_size = "20G" disk_size = "20G"
flake_branch = "vault-setup" # Bootstrap from this branch instead of master
} }
} }