about summary refs log tree commit diff
path: root/secrets (follow)
Commit message (Collapse)AuthorAgeFilesLines
* switch to the newer version of nixfmtFranck Cuny5 days1-6/+8
| | | | | | `nixfmt-rfc-style' replaces `nixfmt-classic'. It's actively maintained, but also changes the style, so this commit touches all the files in the repository.
* use treefmt to format all the filesFranck Cuny5 days1-6/+1
|
* move gitotlite to vm-synologyFranck Cuny8 days2-6/+6
|
* run `ddns-updater' on `vm-synology'Franck Cuny9 days2-1/+4
| | | | | It has a small UI and the configuration with the secrets is managed with `agenix'.
* use agenix to manage secrets in the repositoryFranck Cuny10 days2-0/+19
|
* secrets: move all the secrets under module/Franck Cuny2022-04-107-25/+0
| | | | | Refactor a bit the configuration, which should simplify the management and usage of secrets from now on.
* rclone: synchronize restic repo to GCSFranck Cuny2022-03-112-0/+0
| | | | | | Add a couple of secrets to store the configuration and the service account, and add a timer to synchronize the restic repository to a GCS bucket once a day.
* restic: add the secret for the repo 'systems'Franck Cuny2022-03-071-0/+12
|
* unifi: configure the pollerFranck Cuny2022-03-061-0/+13
|
* traefik: initial configurationFranck Cuny2022-03-061-0/+0
| | | | | | | | | I want to run traefik on the NAS, so I can reach grafana and other future services running on that host. To manage TLS, we use let's encrypt with a DNS challenge. For this to work we need a service account configuration, that is encrypted with age.
* agenix: rekey secretsFranck Cuny2022-03-052-0/+0
| | | | Reinstalled tahoe, new ssh key for the host.
* secrets: add a new key and rekey existing keysFranck Cuny2022-03-012-18/+19
|
* tahoe: wireguard setupFranck Cuny2022-02-211-0/+10
|
* secrets: initial config and a first secretFranck Cuny2022-02-211-0/+10