configurations of hq services
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Daniel Poelzleithner 0fbfadf9cc updates to logging 10 months ago
ansible updates to logging 10 months ago
hosts updates to logging 10 months ago
kubernetes update deployer 10 months ago
lib add prometheus host 10 months ago
secrets @ 573ca8e712 add mongo. add missing files 10 months ago
.gitignore add mongo. add missing files 10 months ago
.gitmodules refactor into lib/lxc-container,shared for grafana 1 year ago
README.md activate central logging 10 months ago
hq.nixops add prometheus host 10 months ago
install-host.sh pulsebert: add home-manager home.nix 1 year ago
nix-maintenance.sh add nix-maintenance.sh 1 year ago

README.md

Deployment

Beide failen bei Activation des neuen Profils. (TODO)

Mit NixOps

The official way for deployment is through deployer.serv.zentralwerk.org

Deploy changes

Use deployer system:

ssh k-ot@172.20.73.9
cd nix-config/
nixops deploy -d hq --check --include=[hostname]

Creating new Container

This does not work yet, as the nixos-system-x86_64-linux.tar.xz image is broken.

  1. log into any proxmox server
  2. pct create [num] cephfs-iso:vztmpl/nixos-system-x86_64-linux.tar.xz -ostype unmanaged -net0 name=eth0,bridge=vmbr0,tag=[vlantag] -storage vms -hostname [hostname]
  3. adjustments through ui if necessary
  4. Adjust hq.nixops, add [hostname]
  5. Run shell ssh k-ot@172.20.73.16 cd nix-config/ nixops deploy -d hq --check --include=[hostname]

Mit nixos-switch rebuild

nixos-rebuild switch -I nixos-config=./hosts/containers/$HOST/configuration.nix --target-host "root@$HOST.hq.c3d2.de"

Secrets

Add your gpg-id to the .gpg-id file in secrets and let somebody reencrypt it for you. Maybe this works for you, maybe not. I did it somehow: PASSWORD_STORE_DIR=`pwd` tr '\n' ' ' < .gpg-id | xargs -I{} pass init {}`

Your gpg key has to have the Authenticate flag set. If not update it and push it to a keyserver and wait. This is necessary, so you can login to any machine with your gpg key.