aboutsummaryrefslogtreecommitdiff
path: root/rotate-ssh-keys.sh (unfollow)
Commit message (Collapse)AuthorFilesLines
2019-06-09Create Terraform plan before shutting down running containersEuAndreh1-8/+8
2019-06-09Quote $() call (ShellCheck offense)EuAndreh1-1/+1
2019-06-09Use same NIX_PATH locally and on the CIEuAndreh1-0/+0
2019-06-09Make terraform-provider-godaddy available for TerraformEuAndreh1-0/+3
2019-06-09Remove CI dbg codeEuAndreh1-2/+0
2019-06-09s/terraformGodaddy/terraformGodaddyBuild/EuAndreh1-1/+1
2019-06-09ci dbgEuAndreh1-0/+2
2019-06-09Expose build of terraform-godaddy under subtasks attribute setEuAndreh1-1/+1
2019-06-08ci dbg: Revert "Revert "Update modSha256 for terraform-godaddy""EuAndreh1-1/+1
This reverts commit 4d04172f9027203e3656f74bd8cecdc0d9c45e69.
2019-06-08Revert "Update modSha256 for terraform-godaddy"EuAndreh1-1/+1
This reverts commit 5ad5984f47860bdf3a85abeddef18d17c2095e69.
2019-06-08TODOs.orgEuAndreh1-0/+1
2019-06-08Add quote around nested quote expansionEuAndreh1-1/+1
Thanks ShellCheck :)
2019-06-08Remove unused $PUBLIC_KEY_ONLYEuAndreh1-1/+0
Thanks ShellCheck.
2019-06-08Format vps.tf (terraform linter offense)EuAndreh1-3/+3
2019-06-08Format default.nix (nixfmt linter offense)EuAndreh1-2/+3
2019-06-08Update modSha256 for terraform-godaddyEuAndreh1-1/+1
2019-06-08TODOs.orgEuAndreh1-0/+4
2019-06-08Use terraform-godaddy and Terraform 0.11EuAndreh4-10/+32
The =terraform-godaddy= package supports only Terraform 0.11 as of now. It is not packaged by default by nixpkgs, and the =postInstall= hook is required because Terraform looks for providers usinthe the =terraform-provider-$name= template, which the package doesn't follow. I had to remove the loop on vps.tf since it requires Terraform 0.12. I'll either wait for =terraform-godaddy= to upgrade to 0.12 or try to do it myself if it bothers me enough.
2019-06-08Update terraform to 0.12EuAndreh1-1/+1
2019-06-08Provision DNS entries with Terraform! :tada:EuAndreh1-0/+22
Before all the DNS entries had to be entered manually on the web UI.
2019-06-08TODOs.orgEuAndreh1-21/+21
2019-06-08Add credentials for manipulating DNS entries.EuAndreh1-0/+0
2019-06-08Generate UserKnownHostsFile dynamically instead of when rotating keysEuAndreh5-4/+5
The previous solution would hardcode the server IP. This way we can change the server IP address that is hosting everything and keep the SSH keypair. Previously changing the IP address would require either calling the =./rotate-ssh-keys.sh= script or manually changing the IP address on the known-hosts.txt file. The IP address being duplicated itself was a code smell. Both SSH keypair and IP address can now be changed independently.
2019-06-08Use nextcloud.${TLD} instead of cloud.${TLD} as CNAME for Nextcloud installationEuAndreh2-1/+1
2019-06-08CI debug: remove --verbose flag from borg create commandEuAndreh1-1/+0
THe objective is to remove the logged files from the CI log.
2019-06-08TODOs.orgEuAndreh1-1/+9
2019-06-07Add =any_errors_fatal: true= to provision.yml playbookEuAndreh1-0/+2
2019-06-07Revert "Add verbose logging for Ansible playbook command"EuAndreh1-1/+1
This reverts commit 80ee903ac9f09c22b4ef3458393242fa929cff89.
2019-06-07Add verbose logging for Ansible playbook commandEuAndreh1-1/+1
2019-06-07TODOs.orgEuAndreh1-0/+6
2019-06-07Fix boolean logic bug on ${DESTROY_VOLUME} usageEuAndreh1-2/+2
2019-06-07Disable SC2034 for ${DOLLAR} interpolated variableEuAndreh1-0/+3
2019-06-07TODOs.orgEuAndreh1-0/+2
2019-06-06Add ${DESTROY_VOLUME} operational toggleEuAndreh3-2/+13
This way I can dynamically control whether to destroy and recreate all the existing infrastructure entirely from scratch. The advantages of doing so are: - test the non-existence of local state on every deployment; - make sure I can always recreate everything from scratch. The disadvantages are: - slower deployment times; - longer downtime during deployments.
2019-06-06Uncomment docker-compose starting Ansible taskEuAndreh1-5/+5
2019-06-06Remove invalid --stats option from borg extract commandEuAndreh1-1/+0
2019-06-06Fail fast on copied Bash filesEuAndreh2-0/+2
2019-06-06Unify quoted strings from restore-backup.env.shEuAndreh1-1/+1
2019-06-06Use ${DOLLAR}{VAR} to double scape bash variable in .env templatesEuAndreh2-2/+7
2019-06-06Notify when backup fails instead od saying nothingEuAndreh1-1/+1
2019-06-06Don't start docker-compose services while debugging restore-backup.shEuAndreh1-5/+5
2019-06-06Make message when for shellEnvironment when running tests more readableEuAndreh1-1/+1
2019-06-06Allow backups to fail for nowEuAndreh2-1/+2
2019-06-06Add mode to all files being copied by AnsibleEuAndreh1-7/+7
Use strict 400 or 500 modes: r: 4 w: 2 x: 1 4 means read-only, while 5 means readable and executable. None are writable: immuatable infrastructure check.
2019-06-05Re-add Ansible task to create /home/vps/ directoryEuAndreh1-0/+4
2019-06-05Remove debug echoEuAndreh1-1/+0
2019-06-05Fix ShellCheck offensesEuAndreh3-3/+5
2019-06-05Restore backup in Ansible instead of BashEuAndreh5-18/+18
2019-06-05TODOs.orgEuAndreh1-1/+2
2019-06-05Restore from backup in fresh volumeEuAndreh4-10/+48
generated by cgit v1.2.3 (git 2.49.0) at 2025-07-21 17:04:03 +0000