Add role documentation
This commit is contained in:
parent
0f509a7c8e
commit
5f5d6293eb
7 changed files with 74 additions and 0 deletions
21
README.adoc
Normal file
21
README.adoc
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
[[qois-infrastructure]]
|
||||
qo.is Infrastructure
|
||||
--------------------
|
||||
|
||||
This repository contains the infrastructure configuration.
|
||||
|
||||
Structure
|
||||
~~~~~~~~~
|
||||
|
||||
`hardware`:: Hardware specific configuration files, e.g. for wireless
|
||||
cards.
|
||||
`host`:: Main nixos `configuration.nix` for every host. The
|
||||
`configuration.nix` is symlinked to the specific host file.
|
||||
`role`:: Host roles, which are included from a host's configuration.
|
||||
`docs`:: Documentation of the concrete qo.is infrastructure
|
||||
|
||||
Development
|
||||
~~~~~~~~~~~
|
||||
|
||||
* The nix files shoud be formatted using nixfmt:
|
||||
** `nixfmt -c $(git ls-files *.nix)`
|
||||
13
role/README.adoc
Normal file
13
role/README.adoc
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
= Roles
|
||||
|
||||
:toc:
|
||||
|
||||
include::backup/README.adoc[]
|
||||
|
||||
include::base/README.adoc[]
|
||||
|
||||
include::dropbear/README.adoc[]
|
||||
|
||||
include::router/README.adoc[]
|
||||
|
||||
include::wwan/README.adoc[]
|
||||
3
role/backup/README.adoc
Normal file
3
role/backup/README.adoc
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
== Backup Role
|
||||
|
||||
Creates backup to an external mount with borg backup according to a specified schedule.
|
||||
10
role/base/README.adoc
Normal file
10
role/base/README.adoc
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
== Base Role
|
||||
|
||||
The base role handles basic system configuration, which includes:
|
||||
|
||||
* User management
|
||||
* Nix configuration
|
||||
* System default settings
|
||||
* Global packages (like `git` and `curl`) and sane configuration
|
||||
defaults for them
|
||||
* Basic networking configuration (like firewall and ssh)
|
||||
6
role/dropbear/README.adoc
Normal file
6
role/dropbear/README.adoc
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
== Dropbear Role
|
||||
|
||||
Configuration of dropbear to allow HDD decryption from a remote host.
|
||||
|
||||
Note: This role requires manually creating of persistant SSH-Keys with
|
||||
`dropbearkey -t <type> -f <output-keyfile>`
|
||||
10
role/router/README.adoc
Normal file
10
role/router/README.adoc
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
== Router Role
|
||||
|
||||
This role is applied on hosts which serve the rule of a SOHO router.
|
||||
|
||||
Features:
|
||||
|
||||
* NAT and basic Firewalling
|
||||
* Recursive DNS with `unbound` (DNSSEC validated)
|
||||
* Local DHCP and DNS with `dnsmasq`
|
||||
* Wireless with `hostapd`
|
||||
11
role/wwan/README.adoc
Normal file
11
role/wwan/README.adoc
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
== WWAN Module
|
||||
|
||||
This module configures WWAN adapters that support MBIM
|
||||
|
||||
=== Current limitations
|
||||
|
||||
* IPv4 tested only
|
||||
* Currently, it is not simple to get network failures or address updates
|
||||
via a hook or so.
|
||||
** A systemd timer to update the configuration is executed every 2
|
||||
minutes to prevent longer downtimes.
|
||||
Loading…
Add table
Reference in a new issue