infra/README.md

# [`infra`][infra]

this repo holds the code describing my very own infra (machines I use/manage)
and is very much a WIP.

should contain zero secrets, except encrypted either with [`age`][age] or
[`ansible-vault`][ansible-vault].

[`terraform`][tf] secrets are supplied as ENV vars at runtime by sourcing the
decrypted `infra-vars` file using [`direnv`][direnv], which is in turn
stationed in its place using [`home-manager`][hm].

[infra]: https://git.dotya.ml/wanderer/infra
[age]: https://github.com/FiloSottile/age
[ansible-vault]: https://docs.ansible.com/ansible/latest/cli/ansible-vault.html
[tf]: https://www.terraform.io/
[direnv]: https://direnv.net/
[hm]: https://github.com/nix-community/home-manager
initial commit 2023-07-03 14:01:38 +02:00			# [`infra`][infra]

			`this repo holds the code describing my very own infra (machines I use/manage)`
			`and is very much a WIP.`

			should contain zero secrets, except encrypted either with [`age`][age] or
			[`ansible-vault`][ansible-vault].

			[`terraform`][tf] secrets are supplied as ENV vars at runtime by sourcing the
			decrypted `infra-vars` file using [`direnv`][direnv], which is in turn
			stationed in its place using [`home-manager`][hm].

			`[infra]: https://git.dotya.ml/wanderer/infra`
			`[age]: https://github.com/FiloSottile/age`
			`[ansible-vault]: https://docs.ansible.com/ansible/latest/cli/ansible-vault.html`
			`[tf]: https://www.terraform.io/`
			`[direnv]: https://direnv.net/`
			`[hm]: https://github.com/nix-community/home-manager`