infrastructure stuff

Go to file

surtur 588b0b5a5c nix(coredns): force user, force restart always... ... and set MemoryDenyWriteExecute = true.		2023-11-24 16:27:07 +01:00
ansible	role(sshconfigdmachine): update machines file	2023-08-03 11:08:44 +02:00
nix	nix(coredns): force user, force restart always...	2023-11-24 16:27:07 +01:00
.envrc	initial commit	2023-07-03 14:01:38 +02:00
.gitattributes	nix: add loki system configuration	2023-10-15 22:16:06 +02:00
.gitignore	initial commit	2023-07-03 14:01:38 +02:00
.terraform.lock.hcl	initial commit	2023-07-03 14:01:38 +02:00
main.tf	tf: add tailscale configuration	2023-08-03 22:37:07 +02:00
README.md	nix: add loki system configuration	2023-10-15 22:16:06 +02:00
tailscale.tf	tf: add tailscale configuration	2023-08-03 22:37:07 +02:00
terraform.tf	tf: add tailscale configuration	2023-08-03 22:37:07 +02:00
variables.tf	tf: add tailscale configuration	2023-08-03 22:37:07 +02:00

README.md

`infra`

this repo holds the code describing my very own infra (machines I use/manage) and is very much a WIP.

NixOS configurations are present in the ./nix folder.

should contain zero secrets, except encrypted either with age, sops-nix, or ansible-vault.

terraform secrets are supplied as ENV vars at runtime by sourcing the decrypted infra-vars file (stationed in its place with home-manager) using direnv.