mynixos-config

forked from mirrors_public/oddlama_nix-config

Author	SHA1	Message	Date
oddlama	f606e6e554	feat: enable telegraf on all server nodes; add 10 minute autorestart	2023-06-25 02:34:05 +02:00
oddlama	b8f647fb4a	feat: add telegraf module	2023-06-25 00:44:04 +02:00
oddlama	eb9ee0bf0d	feat: patch oauth2-proxy to support scopes as groups	2023-06-23 15:20:58 +02:00
oddlama	1a0378ee5c	feat: use nginx json logs; oauth2-proxy authentication working, groups not yet	2023-06-23 00:40:15 +02:00
oddlama	71dbda6262	feat: promote oauth proxy config to a nginx virtualHosts option	2023-06-22 02:55:22 +02:00
oddlama	a092a5a846	fix: allow using distributed-config to alter self (skipped promtail secret)	2023-06-22 01:22:28 +02:00
oddlama	f0d2475f74	feat: convert all microvms to use nginx	2023-06-22 00:51:45 +02:00
oddlama	609e562bec	feat: add oauth2 proxy module and simple nginx reverse proxy module	2023-06-21 23:56:12 +02:00
oddlama	e32d5575b4	fix: realize mkif earlier to disable local-vms definition	2023-06-21 01:43:00 +02:00
oddlama	19acca7cba	chore: remove microvm local wireguard if not needed	2023-06-21 01:35:41 +02:00
oddlama	06d5d26dde	fix: apparently ':' is not a great character for basic auth	2023-06-18 16:03:41 +02:00
oddlama	d6af975817	feat: enable promtail on all vms	2023-06-18 14:31:23 +02:00
oddlama	1b42e0cd72	fix: refactoring mistakes; and add generator for initrd_host_ed25519_key	2023-06-18 12:55:18 +02:00
oddlama	b682db7173	chore: add caddy common defaults	2023-06-17 23:46:40 +02:00
oddlama	9ed52a253c	feat: enforce deterministic user and group ids	2023-06-17 23:44:54 +02:00
oddlama	b5d2d31b69	fix: typo	2023-06-13 03:04:38 +02:00
oddlama	998d6d5348	refactor: move all proxy related configuration to the nodes that define them	2023-06-13 02:58:14 +02:00
oddlama	5bd65732f5	fix: distributed-config now works across microvms and colmena nodes	2023-06-13 00:17:12 +02:00
oddlama	69bd2a71ce	feat: generate secrets	2023-06-12 01:03:44 +02:00
oddlama	46ce6ed353	feat: make promtail module reusable	2023-06-12 00:20:32 +02:00
oddlama	777d803b76	feat: add module to allow extending configuration of other nodes	2023-06-12 00:20:30 +02:00
oddlama	4abefb0811	fix: wireguard generator pipe issue	2023-06-10 02:00:08 +02:00
oddlama	cfb7c88862	feat: remove generate-wireguard-keys in favor of agenix-rekey generators	2023-06-09 23:21:18 +02:00
oddlama	dec790c589	chore: update to new agenix-rekey format	2023-06-07 19:48:15 +02:00
oddlama	9e4f8dcf0d	feat: convert sentinel to caddy	2023-06-05 01:53:38 +02:00
oddlama	70203d485a	feat(microvms): use systemd in stage1	2023-06-03 20:17:38 +02:00
oddlama	bd803c5976	feat(microvm): remove VM ids in favor of automatically assigned MACs	2023-06-03 17:46:12 +02:00
oddlama	a7c1fb016b	fix(microvms): fix ensure chmod failure	2023-06-01 17:01:18 +02:00
oddlama	c1fe238c75	fix: move PersistentKeepalive from server to client in case the ip address changes	2023-06-01 01:24:03 +02:00
oddlama	836dfa9fea	fix: add interface naming rules in stage1 udev	2023-06-01 01:08:06 +02:00
oddlama	7ddb0ee23f	fix: add server endpoint to wireguard via clients	2023-06-01 01:07:42 +02:00
oddlama	4fd369f034	fix: missing concatMap in wireguard allowed address calculation	2023-05-31 18:06:25 +02:00
oddlama	dc450f4b54	chore: updated microvm.nix flake doesn't need manually specifying microvm.microvm anymore	2023-05-31 18:05:51 +02:00
oddlama	6672846d59	feat: modularize hetzner-cloud and odroid-n2plus hardware	2023-05-31 16:34:13 +02:00
oddlama	ece9554e76	chore: remove initrd host key generation script, this is a simple oneliner anyways	2023-05-30 02:45:39 +02:00
oddlama	d18e86f981	chore: use auto-ip for microvms, change ipv6 address scheme	2023-05-29 02:13:35 +02:00
oddlama	c789e2de36	feat(wireguard): add ability to automatically assign addresses	2023-05-29 00:07:56 +02:00
oddlama	4e8103af47	wip: prepare for autogenerated wireguard ips; prepare for sentinel server	2023-05-28 01:05:23 +02:00
oddlama	21e88619b7	fix: need attrset in config.lib, fix typo in nftables rule	2023-05-27 02:28:20 +02:00
oddlama	41df399bb6	feat: automatically generate allowedTCPPorts for mdns enabled interfaces; simplify nftables rules by adding a general untrusted zone	2023-05-27 01:59:28 +02:00
oddlama	e37601b486	feat: switch to DHCP based networking for microvms using mDNS for resolution	2023-05-26 01:21:26 +02:00
oddlama	0e3d881887	feat: experiment with kanidm and acme dns-01. add common conditional locations to impermanence	2023-05-25 01:57:16 +02:00
oddlama	668f9fdaf4	fix: it's beneficial to use commonImports instead of just defining it :)	2023-05-24 00:21:32 +02:00
oddlama	cc2397669d	feat: allow microvms to override configPath	2023-05-23 01:09:37 +02:00
oddlama	ec3b34a368	fix: mount vm datasets under /vms to avoid accidental shadowing on creation	2023-05-21 23:39:53 +02:00
oddlama	bd8a14deb0	feat: ensure vms come online after deployment even with missing wireguard keys	2023-05-21 23:26:51 +02:00
oddlama	f3ed1248af	feat: properly ensure vm zfs dataset exists	2023-05-21 22:57:40 +02:00
oddlama	cbcd3c943b	refactor: centralize definition of MicroVM node names	2023-05-21 15:08:27 +02:00
oddlama	d7f69c5baa	refactor: properly modularize repo secret management	2023-05-21 14:40:42 +02:00
oddlama	88f1ac54b8	fix: remove faulty agenix directory early and only if necessary chore: change default microvm naming scheme to <host>-<name>	2023-05-21 01:29:54 +02:00

... 4 5 6 7 8

379 commits