aboutsummaryrefslogtreecommitdiff
path: root/rotate-ssh-keys.sh (unfollow)
Commit message (Expand)AuthorFilesLines
2019-06-05Use Ansible instead of Bash for provisioning•••The deployment is not quite working, and I'm unable to test right now: DigitalOcean is returning 503 for my requests. As of this commit, I can run =ansible-playbook provider.yml= more than once and it will actually be idempotent. Notes: - SSH fingerprint are now taken from the public key file instead of manually supplying it in the terraform template using the =digitalocean_ssh_key= resource; - use Ansible instead of ad-hoc Bash scripts for provisioning the Droplets created by Terraform; - use the =filename.env.extension= to create the concrete files in CI; - use the =user_data= to add the know SSH key pair to the newly created Droplet; - add =rotate-ssh-keys.sh= utils; EuAndreh1-0/+28
2019-06-04Use =nix build= instead of =nix-build=EuAndreh1-1/+1
2019-06-04Fix "dotfiles" name left overEuAndreh1-1/+1
2019-06-04Build shell buildInputs in test derivation•••This way we make sure the =shell= derivation always builds, instead of seeing these kinds of failure during CI runs when it's trying to deploy. EuAndreh1-7/+16
2019-06-04Add utils.nix and remove common derivations from default.nixEuAndreh2-79/+120
2019-06-04TODOs.orgEuAndreh1-0/+1
2019-06-04Inline definition of rootSrcEuAndreh1-2/+1
2019-06-04TODOs.orgEuAndreh1-0/+4
2019-06-02TODOs.orgEuAndreh1-0/+2
2019-06-01TODOs.orgEuAndreh1-0/+1
2019-05-30TODOs.orgEuAndreh1-5/+52
2019-05-28Fix vps.tf formatting (linter offense)EuAndreh1-1/+1
2019-05-28Use Floating IP on DropletEuAndreh3-1/+13
2019-05-28Split $VPS_COMMIT_SHA variable declaration for exporting•••ShellCheck offense. EuAndreh1-1/+2
2019-05-28Use correct Droplet size slug•••Taken from https://developers.digitalocean.com/documentation/v2/#list-all-sizes EuAndreh1-1/+1
2019-05-28Rotate SSH key and use correct VPS_COMMIT_SHA on provisioningEuAndreh2-5/+6
2019-05-28Rotate SSH key secretEuAndreh1-1/+1
2019-05-28Disable StrictHostKeyChecking for CI SSH configurationEuAndreh1-0/+2
2019-05-28TODOs.org•••Extend on how to use =vps-state= to store Terraform state. EuAndreh1-1/+5
2019-05-28Configure git for vps-state repo in ./scripts/ci/setup.shEuAndreh3-4/+6
2019-05-28Use SSH to fetch vps-state so we can push to it laterEuAndreh1-1/+1
2019-05-28TODOs.org•••Expand on the decision of using =vps-state= to store Terraform files. EuAndreh1-0/+11
2019-05-28Add git config metadata to enable commiting in CIEuAndreh1-0/+2
2019-05-28Fix mixed usage of $PLAN_FILE variable•••Split $PLAN_FILE into $PLAN_FILE_NAME and $PLAN_FILE_PATH. EuAndreh1-4/+5
2019-05-28Store plan file in vps-state tooEuAndreh1-4/+18
2019-05-28Fix shell.nix path in nix-shell custom shebangEuAndreh2-2/+2
2019-05-28Fix script references in .build.ymlEuAndreh1-6/+3
2019-05-28Split scripts into CI and VPS boxEuAndreh5-2/+4
2019-05-28Remove git rev-parse from .envrcEuAndreh3-2/+2
2019-05-28Rotate secretsEuAndreh1-0/+0
2019-05-28Remove set -x from ci-setup.shEuAndreh1-1/+1
2019-05-28Suppress output of docker-compose config•••This derivation sources =.envrc= and it's output can potentially leak secret environment variables from it. EuAndreh1-1/+1
2019-05-28Fix docker-compose config step•••Add gitMinimal package to baseTasks to allow any derivation to =source .envrc= freely. dockerComposeLint sources it to properly lint the file that will be ran. EuAndreh1-1/+2
2019-05-28Fix Nextcloud image nameEuAndreh1-1/+1
2019-05-28Split Bash variable declaration from assignment (shellcheck offense)EuAndreh1-0/+0
2019-05-28Add =set -x= to ci-setup.shEuAndreh1-1/+1
2019-05-28Add backup routing before possibly tearing down machine•••Create a new backup entry before running =terraform apply=, which may (or may not) destroy the current machine. This shouldn't be an issue for the backup itself, since all of the data should be stored in a separate Block Storage Volume, but we can take advantage of the sevices already needing to be taken down in order to perform a full backup of the data. EuAndreh6-11/+21
2019-05-28Add secrets/borg_remote{.pub} SSH keypairEuAndreh2-0/+0
2019-05-28Rename ./secrets/id_rsa{.pub} -> ./secrets/vps_box{.pub}EuAndreh5-3/+3
2019-05-27TODOs.orgEuAndreh1-0/+2
2019-05-27TODOs.org•••Add =Nice to have= task on docker-compose version EuAndreh1-0/+1
2019-05-27TODOs.org•••Add notes on creating backups, and questions on the best strategies available. EuAndreh1-0/+9
2019-05-27Add variables to properly tag a backupEuAndreh1-0/+0
2019-05-27Add --color to ls aliasEuAndreh1-1/+1
2019-05-27Add cd to /home/vps/ in profile•••Just a nice to have when SSH'ing interactively, doesn't have and effect on non-interactive SSH commands. EuAndreh1-0/+1
2019-05-27Use ssh pipe and cat instead of hacky temporary file descriptor•••Taken from http://compgroups.net/comp.unix.shell/-scp-dev-fd-63-not-a-regular-file/3063561 EuAndreh1-3/+1
2019-05-27WIP: take a backup during deployment•••Before possibly tearing down the machine, while all services are stopped (after the =docker-compose down= command), create a new backup with the current data. The backup tag should include the commit SHA of the deployment. EuAndreh2-2/+11
2019-05-27Add more descriptive error message for FIXME derivation testEuAndreh1-1/+5
2019-05-27Add bash_aliases.sh and scp it when deploying a new boxEuAndreh2-0/+4
2019-05-27Add Nextcloud recipe to docker-compose.yamlEuAndreh2-0/+19
generated by cgit v1.2.3 (git 2.52.0) at 2026-05-09 19:59:49 +0000