Bruno BELANYI
|
9f86615e77
|
profiles: gtk: new best practices for dconf
continuous-integration/drone/push Build is passing
|
2021-09-27 17:07:47 +02:00 |
|
Bruno BELANYI
|
e805496588
|
modules: secrets: fix permission for grafana
continuous-integration/drone/push Build is passing
|
2021-09-26 23:09:33 +02:00 |
|
Bruno BELANYI
|
3201445c08
|
modules: secrets: fix permission of 'matrix/mail'
|
2021-09-26 23:09:33 +02:00 |
|
Bruno BELANYI
|
30eaefc1d1
|
modules: secrets: add 'owner' logic
|
2021-09-26 23:09:33 +02:00 |
|
Bruno BELANYI
|
5f41bb1647
|
modules: secrets: remove 'with lib;'
|
2021-09-26 23:09:33 +02:00 |
|
Bruno BELANYI
|
fec4956063
|
secrets: move into 'modules'
|
2021-09-26 23:09:33 +02:00 |
|
Bruno BELANYI
|
a62c0ad126
|
project: bootstrap: retrieve agenix key
|
2021-09-26 23:09:33 +02:00 |
|
Bruno BELANYI
|
2cc13dddb5
|
ci: use 'nix flake check'
Now that I am using agenix, secrets stays encrypted at rest.
|
2021-09-26 23:09:33 +02:00 |
|
Bruno BELANYI
|
de92358bc0
|
flake: remove 'git-crypt'
|
2021-09-26 23:09:33 +02:00 |
|
Bruno BELANYI
|
167db81c6c
|
secrets: remove git-crypt
|
2021-09-26 23:09:33 +02:00 |
|
Bruno BELANYI
|
738d1760c3
|
secrets: remove git-crypt secrets
|
2021-09-26 23:09:33 +02:00 |
|
Bruno BELANYI
|
e962d4c574
|
modules: services: nginx: sso: use runtime secrets
|
2021-09-26 23:09:33 +02:00 |
|
Bruno BELANYI
|
1c0d671fff
|
machines: porthos: services: switch to agenix
The prep-work should be done now, time to hit the switch.
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
3bf3980e45
|
modules: services: nginx: allow sso secret files
This is in preparation of the migration to agenix, which does not allow
access to the secrets at build time.
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
f6faa11ff7
|
home: put modules into folders
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
67090494e2
|
home: terminal: put modules into folders
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
0d44b3b9f2
|
home: x: put modules into folders
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
37c20529c1
|
home: wm: put modules into folders
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
2449a96652
|
home: mail: put modules into folders
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
8a9337710f
|
home: firefox: put modules into folders
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
7b75ea43ad
|
profiles: put modules into folders
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
fb6e2afe89
|
modules: services: drone: split into files
This is cleaner to read.
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
51067582e0
|
modules: services: put modules into folders
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
78ade4c605
|
modules: hardware: put modules into folders
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
5c2921e00d
|
modules: system: put modules into folders
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
62a18cd3f6
|
modules: programs: put modules into folders
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
c6cc64e156
|
modules: home: put into folder
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
875a3d8587
|
machines: porthos: users: use clear-text ssh key
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
409e0ef357
|
modules: system: users: use agenix secrets
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
b6af754199
|
modules: services: wireguard: use agenix secrets
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
ca5e5a53cd
|
modules: services: nginx: use 'credentialsFile'
In preparation for the migration to agenix.
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
ba10af0644
|
modules: services: matrix: use 'mailConfigFile'
In preparation of the migration to agenix.
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
0f2c20e51d
|
modules: services: paperless: use 'secretKeyFile'
In preparation for the migration to agenix.
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
ca218730ff
|
modules: services: nextcloud: use 'credentialsfile'
In preparation for the migration to agenix.
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
ac5fd7f472
|
modules: services: miniflux: use 'credentialsFiles'
In preparation for the migration to agenix.
|
2021-09-26 23:09:32 +02:00 |
|
Bruno BELANYI
|
db37cea907
|
modules: services: transmission: secrets w/ file
In preparation for the migration to using agenix.
|
2021-09-26 23:09:31 +02:00 |
|
Bruno BELANYI
|
1cf93825b2
|
secrets: register agenix secrets automatically
|
2021-09-26 23:09:31 +02:00 |
|
Bruno BELANYI
|
8a2aad9b54
|
secrets: migrate to agenix
It is finally time to graduate to an actually secure, stateless
solution.
|
2021-09-26 23:09:31 +02:00 |
|
Bruno BELANYI
|
018394b61d
|
secrets: import 'agenix' module
|
2021-09-25 13:31:43 +02:00 |
|
Bruno BELANYI
|
1e3c633c72
|
flake: add 'agenix'
|
2021-09-25 13:30:51 +02:00 |
|
Bruno BELANYI
|
df302465c9
|
home: remove unused 'secrets' module
|
2021-09-25 13:27:01 +02:00 |
|
Bruno BELANYI
|
673ead7863
|
home: ssh: add missing 'mkIf cfg.enable'
continuous-integration/drone/push Build is passing
|
2021-09-24 01:21:57 +02:00 |
|
Bruno BELANYI
|
3d10461a6e
|
home: remove unused arguments
|
2021-09-24 01:21:57 +02:00 |
|
Bruno BELANYI
|
75312c747b
|
modules: remove unused arguments
|
2021-09-24 01:21:57 +02:00 |
|
Bruno BELANYI
|
68be7743ad
|
machines: remove unused arguments
|
2021-09-24 01:21:57 +02:00 |
|
Bruno BELANYI
|
9d362655e2
|
pkgs: remove unused arguments
|
2021-09-24 01:21:57 +02:00 |
|
Bruno BELANYI
|
604b99a7ac
|
lib: remove 'with self;'
|
2021-09-24 01:21:57 +02:00 |
|
Bruno BELANYI
|
8467fda721
|
lib: modules: refactor 'mapModules'
Introduce the recursive version of this function, then refactor to
reduce repetition.
|
2021-09-24 01:21:57 +02:00 |
|
Bruno BELANYI
|
bad9b8a06b
|
lib: modules: document 'mapModules'
|
2021-09-24 00:26:28 +02:00 |
|
Bruno BELANYI
|
2d26b36e31
|
modules: services: nginx: use 'recursiveMerge'
continuous-integration/drone/push Build is passing
|
2021-09-23 22:11:25 +02:00 |
|