qo.is/infrastructure
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Activity Actions
⚙️ Configuration and Deployment of qo.is infrastructure. https://docs-ops.qo.is
2 commits 1 branch 0 tags 13 MiB
Nix 94.8%
Shell 4.4%
Vim Script 0.8%
Find a file
Fabian Hauser a3e02192aa Update inputs
2024-10-02 17:37:13 +03:00
.github/workflows Commit files for public release 2024-10-02 16:57:36 +03:00
.vscode Commit files for public release 2024-10-02 16:57:36 +03:00
checks Commit files for public release 2024-10-02 16:57:36 +03:00
defaults Commit files for public release 2024-10-02 16:57:36 +03:00
deploy Commit files for public release 2024-10-02 16:57:36 +03:00
dev-shells Commit files for public release 2024-10-02 16:57:36 +03:00
lib Commit files for public release 2024-10-02 16:57:36 +03:00
nixos-configurations Commit files for public release 2024-10-02 16:57:36 +03:00
nixos-modules Commit files for public release 2024-10-02 16:57:36 +03:00
overlays Commit files for public release 2024-10-02 16:57:36 +03:00
packages Commit files for public release 2024-10-02 16:57:36 +03:00
private@9a646336c5 Commit files for public release 2024-10-02 16:57:36 +03:00
.envrc Commit files for public release 2024-10-02 16:57:36 +03:00
.gitignore Commit files for public release 2024-10-02 16:57:36 +03:00
.gitmodules Commit files for public release 2024-10-02 16:57:36 +03:00
.nixd.json Commit files for public release 2024-10-02 16:57:36 +03:00
backups.md Commit files for public release 2024-10-02 16:57:36 +03:00
book.toml Commit files for public release 2024-10-02 16:57:36 +03:00
email.md Commit files for public release 2024-10-02 16:57:36 +03:00
flake.lock Update inputs 2024-10-02 17:37:13 +03:00
flake.nix Commit files for public release 2024-10-02 16:57:36 +03:00
README.md Commit files for public release 2024-10-02 16:57:36 +03:00
robots.txt Commit files for public release 2024-10-02 16:57:36 +03:00
SUMMARY.md Commit files for public release 2024-10-02 16:57:36 +03:00
updates.md Commit files for public release 2024-10-02 16:57:36 +03:00

README.md

qo.is Infrastructure

This repository contains the infrastructure configuration and documentation sources.

Check out the current rendered documentation on the deployed gitlab page.

Structure

nixos-configurations: Main nixos configuration for every host.
defaults: Configuration defaults
modules: Custom modules (e.g. for vpn and routers)

Building

This repository requires nix flakes

  • nix build
    Build all host configurations and docs
  • nix build .#nixosConfigurations.<hostname>.config.system.build.toplevel
    Build a single host configuration with
  • nix build .#docs
    Build the documentation website

Development

  • nix develop
    Development environment
  • nix flake check
    Execute the project's checks
  • nix fmt
    Autofix formatting

Working with the private submodule

On changes:

git add private
nix flake lock --update-input private

Deployment

nix run .#deploy

See Deployment for details.

Secrets

Secret management is done with nix-sops.

Secrets are stored in private/passwords.sops.yaml (sysadmin passwords), private/nixos-configurations/secrets.sops.yaml (shared secrets for all hosts) and private/nixos-configurations/<hostname>/secrets.sops.yaml (host specific secrets).

Usage:

sops
sops-rekey