| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Remove git rev-parse from .envrc | EuAndreh | 2019-05-28 | 1 | -1/+1 |
| | | |||||
| * | Suppress output of docker-compose config | EuAndreh | 2019-05-28 | 1 | -1/+1 |
| | | | | | | This derivation sources =.envrc= and it's output can potentially leak secret environment variables from it. | ||||
| * | Fix docker-compose config step | EuAndreh | 2019-05-28 | 1 | -1/+2 |
| | | | | | | | | Add gitMinimal package to baseTasks to allow any derivation to =source .envrc= freely. dockerComposeLint sources it to properly lint the file that will be ran. | ||||
| * | Add more descriptive error message for FIXME derivation test | EuAndreh | 2019-05-27 | 1 | -1/+5 |
| | | |||||
| * | Fix formatting of default.nix (linter offense) | EuAndreh | 2019-05-27 | 1 | -7/+2 |
| | | |||||
| * | Revert Terraform to "default" version | EuAndreh | 2019-05-27 | 1 | -1/+1 |
| | | |||||
| * | Use Terraform 0.12.0 in nix-shell and CI | EuAndreh | 2019-05-26 | 1 | -2/+7 |
| | | |||||
| * | Format default.nix (nixfmt offense) | EuAndreh | 2019-05-26 | 1 | -7/+2 |
| | | |||||
| * | Use nix-shell --pure to run scripts | EuAndreh | 2019-05-26 | 1 | -2/+8 |
| | | | | | Instead of adding them to the =packages= section of .build.yml. | ||||
| * | Run shellcheck on Bash files stored in git-crypt | EuAndreh | 2019-05-26 | 1 | -2/+1 |
| | | |||||
| * | Automate provisioning and deployment of VPS | EuAndreh | 2019-05-26 | 1 | -1/+2 |
| | | | | | | | | | | | | | | | | | | | | | | | | | In order to perform that I had to remove Terraform's =.tfstate= files from the repository. Terraform does support "backends" for storing the state files, but I settled for storing it on a separate repo (vps-state). For now it solves the state management problem: - it has history of states; - all state files are GPG encrypted; - there's no coordination however, but only the CI should perform a deploy in order to avoid race conditions. I had to add GPG and SSH keys to sr.ht to achieve that: - SSH public key to my profile to authorize it to push to vps-state repo; - SSH private key to the secret builds.sr.ht environment to enable push to the repository from the pipeline; - GPG public key to git-crypt to make it possible for the pipeline to unlock the encrypted content; - GPG private key to the secret builds.sr.ht environment to enable decrypting git-crypt content from the pipeline. In order to avoid divergent environment from local and CI, the ./provision.sh script is ran through nix-shell. | ||||
| * | Don't run shellcheck on encrypted Bash code | EuAndreh | 2019-05-25 | 1 | -1/+2 |
| | | |||||
| * | Format default.nix (nixfmt offense) | EuAndreh | 2019-05-25 | 1 | -10/+7 |
| | | |||||
| * | Fix formatTerraform stage | EuAndreh | 2019-05-25 | 1 | -1/+1 |
| | | |||||
| * | Add dockerComposeLint job stage | EuAndreh | 2019-05-25 | 1 | -4/+15 |
| | | |||||
| * | Add lint checks and a pipeline to check using Nix | EuAndreh | 2019-05-25 | 1 | -0/+93 |
 |
index : toph | |
| Setup and configuration for VPS and other personal server | External SSH Git service user |
| aboutsummaryrefslogtreecommitdiff |