71d8bff1e6
Enable redis within the authentik pod, add redis to corp
...
We put it in the pod because I don't know how to make it accessible to
things in the bod without binding all host addresses. There's probably a
sophisticated way to do it correctly, but I don't want to figure it out
yet.
2025-07-18 19:04:50 +00:00
b94bea0a59
Remove redundant settings from corp
...
These are covered in the base image now.
2025-07-18 18:05:37 +00:00
a2f9607685
Switch to running redis within the pod
...
I need time to figure out the networking portion.
2025-07-18 18:04:26 +00:00
29386d8f0d
Create environment file correctly, reference correct services
2025-07-18 17:10:24 +00:00
3bd771709b
Create required volume mount locations
2025-07-18 17:01:08 +00:00
6a4ec1f82b
Don't use slirp4netns with rootful pod
2025-07-18 17:01:08 +00:00
bcd365fb44
Add authentik containers and pod
2025-07-18 17:01:08 +00:00
de7adc50b4
Remove fish_variables in my fish config
...
It causes a failure because fish manages this file and changes it over
time.
2025-07-18 17:01:08 +00:00
43cde1e2f4
Switch authentik env file to an actual env file
...
ini is not env.
2025-07-18 17:00:35 +00:00
f28aa733cc
Remove comments at the top
...
I think they are problematic for the environment file
2025-07-18 16:56:03 +00:00
22a74da80b
Authentik use host.containers.internal instead of raw IP
2025-07-18 16:51:32 +00:00
79c00df400
Add corp to the authentik secrets
2025-07-18 16:44:05 +00:00
5bf6e1ef8c
Add corp age key to sops, rename pazuzu's key
...
dev_ prefix is for developer machines
2025-07-18 16:43:42 +00:00
2af6c783a4
Add test-corp to authentik secrets
2025-07-18 15:58:48 +00:00
9da3485bfd
Add the authentik secrets to the authentik module
2025-07-18 15:55:17 +00:00
859ae228d6
Add a simple template for a module
...
Just to remind me of the incantation.
2025-07-18 15:46:21 +00:00
01d8e5a580
Default to nvim for the editor
2025-07-18 15:46:21 +00:00
07d3b9d35e
Make podman a separate module
...
We're going to hide more in there.
2025-07-18 15:46:21 +00:00
3228b54092
Add the authentik configuration secrets
2025-07-18 15:43:54 +00:00
6d4190e88e
Add basice sops.yaml file for configuring sops.
...
It currently just has the age key for my dev system
2025-07-18 15:39:13 +00:00
259c621a2f
Create base test-corp environmnt
...
This creates more commonality between a nixos-anywhere bootstrapped
system and a locally built nixos image, which is good.
2025-07-17 19:39:38 +00:00
a7e5b4a313
Add swapspace for RAM-limited new hosts
2025-07-17 18:13:03 +00:00
ca4bd03c36
Reference the shared modules for nixos-anywhere
2025-07-17 17:09:26 +00:00
fe4d33cf03
Make do-agent, cloud-init, and fish opt-in via config
...
I just like having lists that show what's going on, and light redundancy
doesn't bother me.
2025-07-17 17:09:11 +00:00
b6fa29e631
Alphabetize the arguments to fish
...
The power of OCD compels you
2025-07-17 17:08:06 +00:00
3e83a50e38
Move disabledModules specification into custom onlyoffice module
...
This is what allows us to override the way the module is defined in the
system
2025-07-17 17:07:17 +00:00
7f29bd7689
Update Readme with latest instructions, remove dead nixos-anywhere files
...
Those files have been moved to other areas that are more common to the
rest of the systems.
2025-07-17 17:07:00 +00:00
f19be411a2
Make create-droplet directly executable, and have slightly better documentation
2025-07-17 16:50:01 +00:00
c022445849
Add more complex user setup for eliribble
...
Includes fish functions and neovim via nix
2025-07-16 15:19:35 -07:00
0c8fea347a
Add secrets and home config to the corp machine
2025-07-16 09:55:20 -07:00
ecbb1b932c
Migrate corp configuration to this repository and use flakes
2025-07-16 09:36:39 -07:00
af5c966e5b
Disable prompting for password for sudo
2025-07-12 03:44:42 +00:00
93c0365a5f
Add cloud-init and digital ocean agent monitor
...
This should help with properly setting up IPv6 and with getting
statistics about what the machine is doing.
2025-07-12 03:42:28 +00:00
ebb456c7cc
Add the fish shell
...
Which we need because of our tmux config.
2025-07-11 23:12:34 +00:00
2fc0223e06
Go to nixOS 25.05, fix breakage with custom configs
2025-07-11 22:31:23 +00:00
152327bd85
Add home-manager, per-user configs, and tmux configuration
2025-07-11 21:24:59 +00:00
f539899dbe
Alphabetize options in configuration.nix
2025-07-11 21:23:03 +00:00
bb224a492b
Retab configuration.nix
2025-07-11 21:22:21 +00:00
a5ef5af880
Retab flake
2025-07-11 21:08:25 +00:00
fd77642f54
Add user for eliribble
2025-07-11 20:52:30 +00:00
edb1adeb2d
Remove unused configurations
...
We are not, and will likely never be, on Hetzner's cloud.
2025-07-11 20:39:46 +00:00
c6ee0599b0
Drop down our droplet size by half.
...
It works, so, that's great.
2025-07-11 20:32:07 +00:00
dd32f7f1ce
Document working nixos-anywhere deployment
2025-07-11 17:59:19 +00:00
32d9721fd5
Switch from infect via cloud-init to nixos-anywhere.
2025-07-11 16:23:21 +00:00
8086dc6f62
Add initial nixos-anywhere config
...
It likely doesn't work, but I have to commit it to use it.
2025-07-11 15:31:30 +00:00
6432c4a5a7
Add things I've learned from building a custom image
...
Still isn't working quite right, but it's a lot of stuff I'd rather not
lose.
2025-07-10 21:22:29 +00:00
e800fdea4e
Initial stab at a custom image
...
May not work, haven't tested it, need to switch systems
2025-07-10 09:42:22 -07:00
c2edcac785
Initial commit
2025-07-10 08:37:20 -07:00
