| commit | 82ea805ff6f1bffc2638cc9f68af5cca7f216e36 | [log] [tgz] |
|---|---|---|
| author | Skyler Grey <minion@clicks.codes> | Sat Jun 08 22:56:00 2024 +0000 |
| committer | Samuel Shuert <coded@clicks.codes> | Sun Jun 09 00:40:11 2024 +0000 |
| tree | 85e77e7cbaefa20045e7b6efdac72172dba7e322 | |
| parent | d3377400b7bd81cb1d5b62c0463a52438e2330a9 [diff] |
feat: add sops We've previously used SOPS for our secrets management and liked it. We did, however, find the configuration was a bit annoying to do. In aid of this, we've made a SOPS module that we find a little easier to make the sort of configurations we want without creating so much mess. We haven't set up scalpel/equivalent yet - we intend to avoid it if at all possible. It isn't necessarily out-of-scope but it isn't included in our current SOPS plans. Change-Id: I35b9c7e94c12a4f1360833026efe06803d59626e Reviewed-on: https://git.clicks.codes/c/Infra/NixFiles/+/725 Reviewed-by: Samuel Shuert <coded@clicks.codes> Tested-by: Samuel Shuert <coded@clicks.codes>
This repository contains system configuration for Clicks's infrastructure.
Config is written using Snowfall lib. It keeps us organized and has some nice features like namespaces.
a stands for "area", d stands for "device". So for example, a1d1 is device 1 in area 1. Areas are generally managed by one member of Clicks, who has full access to all of the servers in that area. If you require help for a specific area you can email admin@clicks.codes and in the subject line include the area you want help for.
| System | Description | Address |
|---|---|---|
| a1d1 | Primary Host | d1.a1.clicks.domains |
| a1d2 | Build Server | d2.a1.clicks.domains |
Deploys are done with deploy-rs, you'll need to be able to ssh into a machine with its hostname (either by a nifty .ssh/config rule or tailscale).
Once you've done that, you'll be able to deploy with
$ deploy .#MACHINE_NAME