mynixos-config

forked from mirrors_public/oddlama_nix-config

Author	SHA1	Message	Date
oddlama	135528e082	feat: add grafana test setup with oauth2	2023-06-02 01:28:35 +02:00
oddlama	df2657bb1c	feat(ward): open kanidm port only for sentinel	2023-06-01 01:33:13 +02:00
oddlama	6cedaa53e6	chore: bind kanidm to proxy	2023-05-31 18:07:07 +02:00
oddlama	ef03fd0594	feat: activate acme on sentinel	2023-05-31 18:06:53 +02:00
oddlama	6672846d59	feat: modularize hetzner-cloud and odroid-n2plus hardware	2023-05-31 16:34:13 +02:00
oddlama	61d582f033	feat: add ability to copy installer scripts to existing live systems	2023-05-30 02:46:29 +02:00
oddlama	ca7bbeec72	chore: add secrets for sentinel	2023-05-29 21:51:23 +02:00
oddlama	2d618a28ad	fix: only generate mdns zone if necessary	2023-05-29 16:20:36 +02:00
oddlama	97cb4e0ac5	feat: add new machine "sentinel", a Hetzner Cloud server	2023-05-29 16:19:49 +02:00
oddlama	d18e86f981	chore: use auto-ip for microvms, change ipv6 address scheme	2023-05-29 02:13:35 +02:00
oddlama	c789e2de36	feat(wireguard): add ability to automatically assign addresses	2023-05-29 00:07:56 +02:00
oddlama	4e8103af47	wip: prepare for autogenerated wireguard ips; prepare for sentinel server	2023-05-28 01:05:23 +02:00
oddlama	05813fafb4	chore: refactor assignIps as cidr library function that returns ips	2023-05-28 00:17:55 +02:00
oddlama	21e88619b7	fix: need attrset in config.lib, fix typo in nftables rule	2023-05-27 02:28:20 +02:00
oddlama	41df399bb6	feat: automatically generate allowedTCPPorts for mdns enabled interfaces; simplify nftables rules by adding a general untrusted zone	2023-05-27 01:59:28 +02:00
oddlama	e37601b486	feat: switch to DHCP based networking for microvms using mDNS for resolution	2023-05-26 01:21:26 +02:00
oddlama	0e3d881887	feat: experiment with kanidm and acme dns-01. add common conditional locations to impermanence	2023-05-25 01:57:16 +02:00
oddlama	cc2397669d	feat: allow microvms to override configPath	2023-05-23 01:09:37 +02:00
oddlama	f65b217a92	feat: change passwords and hide new hashes	2023-05-22 23:53:45 +02:00
oddlama	ec3b34a368	fix: mount vm datasets under /vms to avoid accidental shadowing on creation	2023-05-21 23:39:53 +02:00
oddlama	bd8a14deb0	feat: ensure vms come online after deployment even with missing wireguard keys	2023-05-21 23:26:51 +02:00
oddlama	f3ed1248af	feat: properly ensure vm zfs dataset exists	2023-05-21 22:57:40 +02:00
oddlama	a0d22b8be1	feat: allow specifying host pubkey as string	2023-05-21 16:01:49 +02:00
oddlama	d7f69c5baa	refactor: properly modularize repo secret management	2023-05-21 14:40:42 +02:00
oddlama	88f1ac54b8	fix: remove faulty agenix directory early and only if necessary chore: change default microvm naming scheme to <host>-<name>	2023-05-21 01:29:54 +02:00
oddlama	f95bc0eb30	feat: allow reservation of addresses in wireguard network	2023-05-20 20:47:09 +02:00
oddlama	0221a24225	fix: ajust firewall rule names and wireguard link name to match	2023-05-20 19:35:17 +02:00
oddlama	3862bd6b14	feat: remove the need to specify cidrs in wireguard addresses and properly derive allowed ips	2023-05-20 18:24:30 +02:00
oddlama	4057ee9051	feat: implement cidr coersion to automatically determine wireguard network size from participants	2023-05-20 15:57:19 +02:00
oddlama	6d8f8ab2e3	feat: add static microvm networking; allow cidrv4 and cidrv6 to be specified explicitly on wireguard networks to allow for simple access by other modules.	2023-05-20 00:55:48 +02:00
oddlama	78cdcd3c69	feat: refactor and integrate wireguard module into microvm module	2023-05-19 21:33:27 +02:00
oddlama	e5f3ffd288	fix: reference extra-builtins.nix with access to relative files	2023-05-18 11:48:09 +02:00
oddlama	02f27c85f4	chore: enforce disko use for microvm hosts	2023-05-16 17:54:43 +02:00
oddlama	70f7ef3023	feat: add automatic zfs persistent dataset management to microvms	2023-05-14 00:27:29 +02:00
oddlama	2b4449569f	chore: add writable store overlay in microvms	2023-05-12 01:45:00 +02:00
oddlama	a543394fa8	feat: enable ipv6 RA	2023-05-11 18:18:52 +02:00
oddlama	cdd35390fb	chore: switch to zfs on luks	2023-05-11 12:54:38 +02:00
oddlama	14ef8ef877	feat: modularize link renaming	2023-05-11 01:28:31 +02:00
oddlama	e8f50ab906	fix: prevent path -> string conversion in hostPubkey definition, which caused repeated unnecessary rekeying	2023-05-10 18:24:24 +02:00
oddlama	24655ece76	feat: add macvtap networking to microvms	2023-05-10 02:07:09 +02:00
oddlama	8cb904c44c	chore: update hostapd module from PR	2023-05-09 01:32:20 +02:00
oddlama	e2ba02234a	feat: restructure user common files, allow selecting "minimal" set of options for vms	2023-05-08 18:03:29 +02:00
oddlama	d842d25eb9	feat: add microvm module to simplify setup	2023-05-08 17:13:40 +02:00
oddlama	1b9d9fc58a	feat: add declarative microvms	2023-05-08 14:48:59 +02:00
oddlama	1a7472207a	chore: update ward hostkey after resetup	2023-05-01 15:32:14 +02:00
oddlama	de19b23d3d	refactor: split hardware related and system related common configuration	2023-05-01 15:27:28 +02:00
oddlama	f55c83c1b8	fix(impermanence): give agenix early access to ssh keys	2023-05-01 15:00:02 +02:00
oddlama	e2e2c2a757	chore: auto optimize biweekly; delete generations older than 90d; use single-definition for stateVersion	2023-05-01 14:42:36 +02:00
oddlama	4cee692eff	feat: enable impermanence	2023-05-01 11:49:37 +02:00
oddlama	30cfdaf860	refactor: remove meta.nix in favor of direct declaration in flake.nix	2023-04-30 14:06:25 +02:00

... 7 8 9 10 11

536 commits