You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Daniel Poelzleithner
0fbfadf9cc
updates to logging
|
1 anno fa | |
|---|---|---|
| ansible | 1 anno fa | |
| hosts | 1 anno fa | |
| kubernetes | 1 anno fa | |
| lib | 1 anno fa | |
| secrets @ 573ca8e712 | 1 anno fa | |
| .gitignore | 1 anno fa | |
| .gitmodules | 2 anni fa | |
| README.md | 1 anno fa | |
| hq.nixops | 1 anno fa | |
| install-host.sh | 2 anni fa | |
| nix-maintenance.sh | 2 anni fa |
README.md
README.md
Deployment
Beide failen bei Activation des neuen Profils. (TODO)
Mit NixOps
The official way for deployment is through deployer.serv.zentralwerk.org
Deploy changes
Use deployer system:
ssh k-ot@172.20.73.9
cd nix-config/
nixops deploy -d hq --check --include=[hostname]
Creating new Container
This does not work yet, as the nixos-system-x86_64-linux.tar.xz image is broken.
- log into any proxmox server
- pct create [num] cephfs-iso:vztmpl/nixos-system-x86_64-linux.tar.xz -ostype unmanaged -net0 name=eth0,bridge=vmbr0,tag=[vlantag] -storage vms -hostname [hostname]
- adjustments through ui if necessary
- Adjust hq.nixops, add [hostname]
- Run
shell ssh k-ot@172.20.73.16 cd nix-config/ nixops deploy -d hq --check --include=[hostname]
Mit nixos-switch rebuild
nixos-rebuild switch -I nixos-config=./hosts/containers/$HOST/configuration.nix --target-host "root@$HOST.hq.c3d2.de"
Secrets
Add your gpg-id to the .gpg-id file in secrets and let somebody reencrypt it for you.
Maybe this works for you, maybe not. I did it somehow:
PASSWORD_STORE_DIR=`pwd` tr '\n' ' ' < .gpg-id | xargs -I{} pass init {}`
Your gpg key has to have the Authenticate flag set. If not update it and push it to a keyserver and wait. This is necessary, so you can login to any machine with your gpg key.