aboutsummaryrefslogtreecommitdiff
path: root/.envrc (follow)
Commit message (Collapse)AuthorAgeFilesLines
* mv src/* src/infrastructure/EuAndreh2022-03-201-1/+1
|
* mv src/curth0.scm src/lib/EuAndreh2022-03-141-1/+1
|
* Add barely working Guix configuration for tophEuAndreh2022-03-071-0/+4
|
* WIP reactivate nixvps with Terraform and nixos-rebuild on VultrEuAndreh2021-07-291-26/+0
|
* mv vps/ servers/vps/EuAndreh2021-02-211-2/+2
|
* Update paths in .envrcEuAndreh2021-02-211-7/+9
|
* Add vps_ prefix to existing resourcesEuAndreh2021-02-211-6/+6
|
* .envrc: Get hostname from shared/hostname.txtEuAndreh2021-01-151-3/+4
|
* .envrc: Move to POSIX shEuAndreh2021-01-151-4/+4
|
* Remove unnecessary curly braces from Bash variablesEuAndreh2020-12-051-1/+1
|
* Terraform: Add email DNS records (DKIM, DMARC, SPF)EuAndreh2020-11-261-1/+8
|
* Add base Guix configuration and start switching to itEuAndreh2020-11-161-6/+5
| | | | | | | | | | | | | | | | - remove NixOS stateVersion from .envrc; - add guix-reconfigure.sh; - add vps.scm with initial Guix system configuration; - update vps.tf to use the new "base-guix" snapshot. The "base-guix" image doesn't need a password. The "andreh" users has one, but it is configured for not requiring it when running commands as "sudo". The expected minimal steps one has to go through for privilege scalation is via the SSH private key, and accessing the VPS via SSH. Since password login is disabled and root can't login via SSH either, only the private SSH key allows access to the server. After that, the attacker will be able to run commands as root.
* .envrc: Update TLDEuAndreh2020-11-021-2/+1
|
* Add Vultr API KEY to .envrc to enable calling "terraform destroy" from shellEuAndreh2020-11-021-0/+2
|
* Switch TLD for iterationEuAndreh2020-09-221-1/+1
|
* Refactor: simplify configuration.nix and put everything under /data/EuAndreh2020-09-221-10/+0
| | | | Preparation for doing backups with borg of /data/ on cronjob.
* Refactor vps-configuration.nix: Split secrets from config and envsubst varsEuAndreh2020-09-061-1/+26
| | | | Also rename thingTLD to thingDomain.
* Migration: Remove Ansible and Docker code, move only to NixOSEuAndreh2020-08-101-43/+1
|
* .envrc: Ignore missing 'file'EuAndreh2020-08-021-1/+1
|
* Tweak early exit of .envrcEuAndreh2019-06-111-1/+1
| | | | I guess this is needed because =direnv= loads the .envrc in a non-conventional way.
* Only access any secret file in .envrc when decryptedEuAndreh2019-06-111-6/+8
|
* Only source ./secrets/secret-envrc.sh when decrypted.EuAndreh2019-06-111-1/+6
|
* Turn off $DESTROY_VOLUME toggleEuAndreh2019-06-111-1/+1
|
* Don't rely on git when running .buildenv and .envrcEuAndreh2019-06-111-1/+1
|
* Set the directory before sourcingEuAndreh2019-06-111-1/+0
|
* Allow envrc to be sourced in CIEuAndreh2019-06-101-0/+1
|
* Remove call to =cd= in envrc filesEuAndreh2019-06-101-1/+0
|
* Switch $DESTROY_VOLUME back onEuAndreh2019-06-101-1/+1
|
* Switch off $DESTROY_VOLUME toggleEuAndreh2019-06-101-1/+1
|
* Output all generated files on ./generated/, refactor .envrc variablesEuAndreh2019-06-101-1/+37
|
* Add simple stub VM definitionEuAndreh2019-05-251-0/+1
generated by cgit v1.2.3 (git 2.50.1) at 2025-12-13 15:54:11 +0000