| Commit message (Expand) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Format vps.tf (linter offense) | EuAndreh | 2019-06-05 | 1 | -1/+1 |
| * | Add volume to VPS•••Don't destroy everything on deploy. This would destroy the volume too. | EuAndreh | 2019-06-05 | 1 | -0/+13 |
| * | Format vps.tf (linter offense) | EuAndreh | 2019-06-05 | 1 | -1/+1 |
| * | Use Ansible instead of Bash for provisioning•••The deployment is not quite working, and I'm unable to test right now: DigitalOcean is returning 503 for my requests. As of this commit, I can run =ansible-playbook provider.yml= more than once and it will actually be idempotent. Notes: - SSH fingerprint are now taken from the public key file instead of manually supplying it in the terraform template using the =digitalocean_ssh_key= resource; - use Ansible instead of ad-hoc Bash scripts for provisioning the Droplets created by Terraform; - use the =filename.env.extension= to create the concrete files in CI; - use the =user_data= to add the know SSH key pair to the newly created Droplet; - add =rotate-ssh-keys.sh= utils; | EuAndreh | 2019-06-05 | 1 | -5/+11 |
| * | Fix vps.tf formatting (linter offense) | EuAndreh | 2019-05-28 | 1 | -1/+1 |
| * | Use Floating IP on Droplet | EuAndreh | 2019-05-28 | 1 | -0/+6 |
| * | Use correct Droplet size slug•••Taken from https://developers.digitalocean.com/documentation/v2/#list-all-sizes | EuAndreh | 2019-05-28 | 1 | -1/+1 |
| * | Rename ./secrets/id_rsa{.pub} -> ./secrets/vps_box{.pub} | EuAndreh | 2019-05-28 | 1 | -1/+1 |
| * | Fix terraform fmt offense | EuAndreh | 2019-05-26 | 1 | -1/+1 |
| * | Automate provisioning and deployment of VPS•••In order to perform that I had to remove Terraform's =.tfstate= files from the repository. Terraform does support "backends" for storing the state files, but I settled for storing it on a separate repo (vps-state). For now it solves the state management problem: - it has history of states; - all state files are GPG encrypted; - there's no coordination however, but only the CI should perform a deploy in order to avoid race conditions. I had to add GPG and SSH keys to sr.ht to achieve that: - SSH public key to my profile to authorize it to push to vps-state repo; - SSH private key to the secret builds.sr.ht environment to enable push to the repository from the pipeline; - GPG public key to git-crypt to make it possible for the pipeline to unlock the encrypted content; - GPG private key to the secret builds.sr.ht environment to enable decrypting git-crypt content from the pipeline. In order to avoid divergent environment from local and CI, the ./provision.sh script is ran through nix-shell. | EuAndreh | 2019-05-26 | 1 | -1/+5 |
| * | Increase droplet image to 1024mb | EuAndreh | 2019-05-25 | 1 | -1/+1 |
| * | Remove provisioning from Terraform | EuAndreh | 2019-05-25 | 1 | -4/+0 |
| * | Move provisioning code into provision.sh | EuAndreh | 2019-05-25 | 1 | -8/+1 |
| * | Add lint checks and a pipeline to check using Nix | EuAndreh | 2019-05-25 | 1 | -1/+0 |
| * | Format vps.tf | EuAndreh | 2019-05-25 | 1 | -13/+16 |
| * | Don't use pub_key and pvt_key as input variables•••Embed SSH keypair directly into git-crypt. | EuAndreh | 2019-05-25 | 1 | -5/+6 |
| * | Add simple DigitalOcean droplet skeleton for Terraform | EuAndreh | 2019-05-25 | 1 | -0/+36 |
 |
index : server | |
| Setup and configuration for VPS and other personal server | External SSH Git service user |
| aboutsummaryrefslogtreecommitdiff |