configurations of hq services
Markus Schmidl e72e0f1f28
updated secrects
1 week ago
ansible start ansible project 1 month ago
hosts contains/public-access-proxy: add to nixops and fixed proxy warnings 1 week ago
lib automatically create authorized_keys 2 weeks ago
secrets @ a481a5feb5 updated secrects 1 week ago
.gitmodules refactor into lib/lxc-container,shared for grafana 1 month ago
README.md updated README.md 2 weeks ago
hq.nixops contains/public-access-proxy: add to nixops and fixed proxy warnings 1 week ago
install-host.sh pulsebert: add home-manager home.nix 2 months ago
nix-maintenance.sh add nix-maintenance.sh 2 months ago

README.md

Deployment

Beide failen bei Activation des neuen Profils. (TODO)

Mit nixos-switch rebuild

nixos-rebuild switch -I nixos-config=./hosts/containers/$HOST/configuration.nix --target-host "root@$HOST.hq.c3d2.de"

Mit NixOps

nixops create  hq.nixops -d hq
nixops deploy -d hq --debug --include=dhcp --force-reboot
nixops deploy -d hq --include=grafana -I nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/nixos-18.09.tar.gz --force-reboot

Secrets

Add your gpg-id to the .gpg-id file in secrets and let somebody reencrypt it for you. Maybe this works for you, maybe not. I did it somehow: PASSWORD_STORE_DIR=`pwd` tr '\n' ' ' < .gpg-id | xargs -I{} pass init {}`

Your gpg key has to have the Authenticate flag set. If not update it and push it to a keyserver and wait. This is necessary, so you can login to any machine with your gpg key.