2023-07-03 14:01:38 +02:00
|
|
|
# [`infra`][infra]
|
|
|
|
|
|
|
|
this repo holds the code describing my very own infra (machines I use/manage)
|
|
|
|
and is very much a WIP.
|
|
|
|
|
2023-10-15 22:16:06 +02:00
|
|
|
:nixos: [NixOS][nixos] configurations are present in the [`./nix`](nix) folder.
|
|
|
|
|
|
|
|
should contain zero secrets, except encrypted either with [`age`][age],
|
|
|
|
[`sops-nix`][sops-nix], or [`ansible-vault`][ansible-vault].
|
2023-07-03 14:01:38 +02:00
|
|
|
|
|
|
|
[`terraform`][tf] secrets are supplied as ENV vars at runtime by sourcing the
|
2023-10-15 22:16:06 +02:00
|
|
|
decrypted `infra-vars` file (stationed in its place with [`home-manager`][hm])
|
|
|
|
using [`direnv`][direnv].
|
2023-07-03 14:01:38 +02:00
|
|
|
|
|
|
|
[infra]: https://git.dotya.ml/wanderer/infra
|
2023-10-15 22:16:06 +02:00
|
|
|
[nixos]: https://nixos.org/
|
2023-07-03 14:01:38 +02:00
|
|
|
[age]: https://github.com/FiloSottile/age
|
2023-10-15 22:16:06 +02:00
|
|
|
[sops-nix]: https://github.com/Mic92/sops-nix
|
2023-07-03 14:01:38 +02:00
|
|
|
[ansible-vault]: https://docs.ansible.com/ansible/latest/cli/ansible-vault.html
|
|
|
|
[tf]: https://www.terraform.io/
|
|
|
|
[hm]: https://github.com/nix-community/home-manager
|
2023-10-15 22:16:06 +02:00
|
|
|
[direnv]: https://direnv.net/
|