infrastructure stuff
surtur
d89101b437
- mv common vault to group_vars/all/vault_common.yml - conclude timesyncing setup - enable cronie/chrony for systems - set up dnscrypt properly, including replacing /etc/resolv.conf and validating the config - fix privileges (become) |
||
|---|---|---|
| ansible | ||
| .envrc | ||
| .gitignore | ||
| .terraform.lock.hcl | ||
| main.tf | ||
| README.md | ||
| terraform.tf | ||
| variables.tf | ||
infra
this repo holds the code describing my very own infra (machines I use/manage) and is very much a WIP.
should contain zero secrets, except encrypted either with age or
ansible-vault.
terraform secrets are supplied as ENV vars at runtime by sourcing the
decrypted infra-vars file using direnv, which is in turn
stationed in its place using home-manager.