mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-10 23:00:39 +02:00
Code Activity
1128 commits 1 branch 0 tags 7.6 MiB
Commit graph

1128 commits

This branch
This branch
All branches
Author SHA1 Message Date
oddlama
1e6927a434
chore: remove old nginx and oauth2-proxy config for sentinel 2023-06-05 01:54:40 +02:00
oddlama
9e4f8dcf0d
feat: convert sentinel to caddy 2023-06-05 01:53:38 +02:00
oddlama
6f84594c87
feat: add customizable caddy package (with plugin support) 2023-06-05 01:14:46 +02:00
oddlama
c5a863ce51
wip: prepare testing caddy over nginx with oauth2-proxy 2023-06-04 21:42:28 +02:00
oddlama
7f2f93b640
feat: loki working 2023-06-04 02:27:40 +02:00
oddlama
70203d485a
feat(microvms): use systemd in stage1 2023-06-03 20:17:38 +02:00
oddlama
0cc126fb5f
feat: wip: test loki 2023-06-03 17:52:48 +02:00
oddlama
b0e9978ead
chore: add separate /state directory for reboot-persistent non-backuped state 2023-06-03 17:50:54 +02:00
oddlama
ba1932d2ef
fix: let kea wait on the macvtap self interface 2023-06-03 17:47:50 +02:00
oddlama
d2b2f4021a
chore: add new wireguard secrets for loki vm 2023-06-03 17:47:05 +02:00
oddlama
bd803c5976
feat(microvm): remove VM ids in favor of automatically assigned MACs 2023-06-03 17:46:12 +02:00
oddlama
135528e082
feat: add grafana test setup with oauth2 2023-06-02 01:28:35 +02:00
oddlama
a7c1fb016b
fix(microvms): fix ensure chmod failure 2023-06-01 17:01:18 +02:00
oddlama
df2657bb1c
feat(ward): open kanidm port only for sentinel 2023-06-01 01:33:13 +02:00
oddlama
c1fe238c75
fix: move PersistentKeepalive from server to client in case the ip address changes 2023-06-01 01:24:03 +02:00
oddlama
836dfa9fea
fix: add interface naming rules in stage1 udev 2023-06-01 01:08:06 +02:00
oddlama
7ddb0ee23f
fix: add server endpoint to wireguard via clients 2023-06-01 01:07:42 +02:00
oddlama
6cedaa53e6
chore: bind kanidm to proxy 2023-05-31 18:07:07 +02:00
oddlama
ef03fd0594
feat: activate acme on sentinel 2023-05-31 18:06:53 +02:00
oddlama
4fd369f034
fix: missing concatMap in wireguard allowed address calculation 2023-05-31 18:06:25 +02:00
oddlama
dc450f4b54
chore: updated microvm.nix flake doesn't need manually specifying microvm.microvm anymore 2023-05-31 18:05:51 +02:00
oddlama
6672846d59
feat: modularize hetzner-cloud and odroid-n2plus hardware 2023-05-31 16:34:13 +02:00
oddlama
61d582f033
feat: add ability to copy installer scripts to existing live systems 2023-05-30 02:46:29 +02:00
oddlama
ece9554e76
chore: remove initrd host key generation script, this is a simple oneliner anyways 2023-05-30 02:45:39 +02:00
oddlama
04305e5968
chore: only generate installers for real systems, not vms. 2023-05-30 02:43:43 +02:00
oddlama
ca7bbeec72
chore: add secrets for sentinel 2023-05-29 21:51:23 +02:00
oddlama
8c4b0933b9
chore: update flake inputs (nixpkgs override is for instanced-systemd-services activation restart fix) 2023-05-29 16:21:10 +02:00
oddlama
2d618a28ad
fix: only generate mdns zone if necessary 2023-05-29 16:20:36 +02:00
oddlama
97cb4e0ac5
feat: add new machine "sentinel", a Hetzner Cloud server 2023-05-29 16:19:49 +02:00
oddlama
d18e86f981
chore: use auto-ip for microvms, change ipv6 address scheme 2023-05-29 02:13:35 +02:00
oddlama
c789e2de36
feat(wireguard): add ability to automatically assign addresses 2023-05-29 00:07:56 +02:00
oddlama
4e8103af47
wip: prepare for autogenerated wireguard ips; prepare for sentinel server 2023-05-28 01:05:23 +02:00
oddlama
05813fafb4
chore: refactor assignIps as cidr library function that returns ips 2023-05-28 00:17:55 +02:00
oddlama
1a0225336f
feat: add assignIps function that generates semi-stable ips for a list of 
hostnames by (ab-)using hashes with linear probing. Useful for automatic
ip assignments in wireguard.
 2023-05-27 23:28:50 +02:00
oddlama
21e88619b7
fix: need attrset in config.lib, fix typo in nftables rule 2023-05-27 02:28:20 +02:00
oddlama
41df399bb6
feat: automatically generate allowedTCPPorts for mdns enabled 
interfaces; simplify nftables rules by adding a general untrusted zone
 2023-05-27 01:59:28 +02:00
oddlama
e37601b486
feat: switch to DHCP based networking for microvms using mDNS for resolution 2023-05-26 01:21:26 +02:00
oddlama
0e3d881887
feat: experiment with kanidm and acme dns-01. add common conditional locations to impermanence 2023-05-25 01:57:16 +02:00
oddlama
668f9fdaf4
fix: it's beneficial to use commonImports instead of just defining it :) 2023-05-24 00:21:32 +02:00
oddlama
cc2397669d
feat: allow microvms to override configPath 2023-05-23 01:09:37 +02:00
oddlama
f65b217a92
feat: change passwords and hide new hashes 2023-05-22 23:53:45 +02:00
oddlama
aaa1d88d46
docs: update README 2023-05-21 23:58:25 +02:00
oddlama
ec3b34a368
fix: mount vm datasets under /vms to avoid accidental shadowing on creation 2023-05-21 23:39:53 +02:00
oddlama
bd8a14deb0
feat: ensure vms come online after deployment even with missing wireguard keys 2023-05-21 23:26:51 +02:00
oddlama
f3ed1248af
feat: properly ensure vm zfs dataset exists 2023-05-21 22:57:40 +02:00
oddlama
a0d22b8be1
feat: allow specifying host pubkey as string 2023-05-21 16:01:49 +02:00
oddlama
cbcd3c943b
refactor: centralize definition of MicroVM node names 2023-05-21 15:08:27 +02:00
oddlama
d7f69c5baa
refactor: properly modularize repo secret management 2023-05-21 14:40:42 +02:00
oddlama
88f1ac54b8
fix: remove faulty agenix directory early and only if necessary 
chore: change default microvm naming scheme to <host>-<name>
 2023-05-21 01:29:54 +02:00
oddlama
43b2bd1982
fix: route the whole wireguard network when we are a client. 2023-05-20 20:58:37 +02:00