qo.is/infrastructure
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Activity Actions
infrastructure/README.md
Fabian Hauser fef2377502
All checks were successful
CI / build (push) Successful in 13m53s
Details
Commit files for public release
2024-10-02 16:57:36 +03:00

1.4 KiB
Raw Blame History

qo.is Infrastructure

This repository contains the infrastructure configuration and documentation sources.

Check out the current rendered documentation on the deployed gitlab page.

Structure

nixos-configurations: Main nixos configuration for every host.
defaults: Configuration defaults
modules: Custom modules (e.g. for vpn and routers)

Building

This repository requires nix flakes

  • nix build
    Build all host configurations and docs
  • nix build .#nixosConfigurations.<hostname>.config.system.build.toplevel
    Build a single host configuration with
  • nix build .#docs
    Build the documentation website

Development

  • nix develop
    Development environment
  • nix flake check
    Execute the project's checks
  • nix fmt
    Autofix formatting

Working with the private submodule

On changes:

git add private
nix flake lock --update-input private

Deployment

nix run .#deploy

See Deployment for details.

Secrets

Secret management is done with nix-sops.

Secrets are stored in private/passwords.sops.yaml (sysadmin passwords), private/nixos-configurations/secrets.sops.yaml (shared secrets for all hosts) and private/nixos-configurations/<hostname>/secrets.sops.yaml (host specific secrets).

Usage:

sops
sops-rekey