about summary refs log tree commit diff
AgeCommit message (Collapse)Author
2024-12-31Allow port 23 through firewall HEAD step-4 mainMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-31Add br_netfilter kernel module for Incus bridgeMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-31Add proxy device to VM for port forwarding SSHMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-31Split default profile into a second, more specialized oneMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-31Install and enable sshd in Incus VMsMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-31Add incus bridge to trusted interfacesMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-31Make IPv6 gateway on-linkMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-30Add proper header to cloud-init in Incus preseedMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-30Do not lock password for users in Incus VMMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-30Add Incus patch to repair compatibility with QEMU 9.1.2Mel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-30Remove deprecated `grub.version` optionMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-30Use DHCP for IPv4 configuration, like OVH wantsMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-30Update server host key and rekey secretMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-30Move server from Hetzner to OVHMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-30Pass cloud-init preseed in a YAML stringMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-30Add initial LXC Incus configuration, with cloud-init preseedMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-30Enable nftables as preparation for LXC IncusMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-30Allow user public keys for SSH loginMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-30Move user passwords and keys out for easier reuseMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-30Move secrets folder into configurationMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Reload on name secret change step-3Mel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Create system user for specimen service, and allow it to read name secretMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Use name secret in specimen applicationMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Add name secretMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Add secrets directory and list all keysMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Forced to add IPv4, because to this day GitHub still does not support ↵Mel
IPv6-only hosts!! :( Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Add agenix module and packageMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Disable root login, lsit permitted SSH usersMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Add philip as user on server, force hashed passwordsMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Add overkill hardening to specimen systemd service step-2Mel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Run flake through nixfmtMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Remove unnecessary debug logging from applicationMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Pass default specimen package to module through flake self inputMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Stringify port for service exec, and pass through list to firewallMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Correct service targets in specimen moduleMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Enable specimen module on serverMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Enable flakes on NixOS serverMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Add git to server utilitiesMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Generated system configuration from Hetzner serverMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Add first iteration of NixOS specimen service moduleMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Fix up empty NixOS configuration in flakeMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Read configuration from flags and reply with configured name step-1Mel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Simple Go HTTP server with graceful signal handlingMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Add Taskfile for some useful command shortcutsMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Break up basic go application into my preferred file hierarchyMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Add .gitignoreMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Add direnvMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Add dev shell with some useful tools to flakeMel
Signed-off-by: Mel <einebeere@gmail.com>
2024-12-29Flake harness for application and server configurationMel
Signed-off-by: Mel <einebeere@gmail.com>
generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-04-26 03:59:59 +0000