aboutsummaryrefslogtreecommitdiff
path: root/secrets/terraform (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Delete all old code and configuration to start from scratch with Guix onlyEuAndreh2022-03-073-0/+0
| | | | | | | | | | Delete files related to: - Terraform - opt/* - scripts/deploy - secrets/* - git-crypt - Nix
* Remove terraform stateEuAndreh2021-03-072-0/+0
|
* Delete Vultr vps resourcesEuAndreh2021-02-232-0/+0
|
* Update tfstate fileEuAndreh2021-01-162-0/+0
|
* Checkpoint: Working vps.tf declaration after Vultr migrationEuAndreh2021-01-152-0/+0
|
* Remove secrets/terraform/tfstate-backups/EuAndreh2021-01-152-0/+0
|
* Remove secrets/terraform/plan-files/ and terraform-apply.shEuAndreh2021-01-1581-0/+0
|
* vps.tf: Add CNAME "*" subdomain aliasEuAndreh2020-11-283-0/+0
|
* Terraform: Add email DNS records (DKIM, DMARC, SPF)EuAndreh2020-11-2615-0/+0
|
* Remove default.nix and shell.nixEuAndreh2020-11-183-0/+0
|
* Remove most Nix filesEuAndreh2020-11-183-0/+0
|
* Add base Guix configuration and start switching to itEuAndreh2020-11-165-0/+0
| | | | | | | | | | | | | | | | - remove NixOS stateVersion from .envrc; - add guix-reconfigure.sh; - add vps.scm with initial Guix system configuration; - update vps.tf to use the new "base-guix" snapshot. The "base-guix" image doesn't need a password. The "andreh" users has one, but it is configured for not requiring it when running commands as "sudo". The expected minimal steps one has to go through for privilege scalation is via the SSH private key, and accessing the VPS via SSH. Since password login is disabled and root can't login via SSH either, only the private SSH key allows access to the server. After that, the attacker will be able to run commands as root.
* Forget existing resource to start working on new VPSEuAndreh2020-11-161-0/+0
|
* Update terraform generated filesEuAndreh2020-11-025-0/+0
|
* Refactor vps-configuration.nix: Split secrets from config and envsubst varsEuAndreh2020-09-068-0/+0
| | | | Also rename thingTLD to thingDomain.
* Build new VPS server from snapshot using bigger machineEuAndreh2020-08-294-0/+0
| | | | | | | I'm using the snapshot here because I don't have any backup system yet, ¯\_(ツ)_/¯ This should be reverted on vps.tf after applying, and I should get down to doing automatic backups.
* Enable automatic backup for VPS serverEuAndreh2020-08-253-0/+0
|
* Chage DNS record of prosodyEuAndreh2020-08-236-0/+0
| | | | | | Terraform file changes were du to me initially trying to do this via creating a SRV DNS record. However this is not required, because Prosody is already on the $TLD sever, the only difference being that it is listening on a different port.
* Add songbooks documentation DNS addressEuAndreh2020-08-225-0/+0
|
* WIP: reenable prosody and matterbridge, and add PDFsEuAndreh2020-08-226-0/+0
|
* Use NGINX to handle the creation of certificates for prosodyEuAndreh2020-08-166-0/+0
| | | | | | | | | | | | | | | | | | After a terraform state rm '...' of the server and domain configuration, and recreating the instance again while leaving the dettached one running. I had to do this because I was experimenting too much with the domain and I hit the Let's Encrypt rate limit[0]. Because of that I'll recreate certificates less often so that doesn't happen in the new domain during development of the VPS. I'm not shure if this solution works, but I'll commit just as a checkpoint. I had to change the custom DNS nameservers from Digital Ocean to Vultr and that may take a while, so it's worth having this as a checkpoint in time while I'm off to other things. [0]: https://letsencrypt.org/docs/rate-limits/
* Use new image with ownership of /etc/nixos/configuration.nix by userEuAndreh2020-08-154-0/+0
| | | | | Useful reference: - https://discourse.nixos.org/t/can-i-move-etc-nixos-to-my-dotfiles-and-symlink-it-back-to-etc-nixos/4833/10
* Add generated Terraform filesEuAndreh2020-08-144-0/+0
|
* Add updated terraform filesEuAndreh2020-08-142-0/+0
|
* Add .tfplan extension to Terraform plan filesEuAndreh2020-08-1233-0/+0
|
* vps-configuration.env.nix: Finish working Nextcloud installationEuAndreh2020-08-116-0/+0
|
* Update Terraform infrastructureEuAndreh2020-08-103-0/+0
|
* Semi working setup: Terraform and LetsEncrypt workingEuAndreh2020-08-1021-0/+0
|
* Interactive Terraform plan -> apply cycleEuAndreh2020-08-1011-0/+0
|
* Migration: Remove Ansible and Docker code, move only to NixOSEuAndreh2020-08-101-0/+0
|
* WIP: Move to Vultr and NixOSEuAndreh2020-08-102-0/+0
generated by cgit v1.2.3 (git 2.50.1) at 2025-08-12 01:42:44 +0000