colin
/
nix-files
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
6,209 Commits 119 Branches 0 Tags 14 MiB
Commit Graph

9 Commits

Author SHA1 Message Date
Colin c380f61bea fix "rescue" host to eval again 2024-02-28 14:19:45 +00:00
Colin 00bf2f79cc ssh: clean up /etc/ssh/host_keys persistence 2024-02-25 05:19:44 +00:00
Colin 879d01ac2e modules/ssh: note that theres a better store to place the ssh host_keys in 2024-02-24 12:14:14 +00:00
Colin 4023960dc0 README: MANUAL MIGRATION: move "plaintext" store to /nix/persist/plaintext 
to migrate the data:
```sh
$ sudo mkdir /nix/persist/plaintext
$ sudo mv /nix/persist/{etc,home,var} /nix/persist/plaintext
$ sudo ln -s plaintext/etc /nix/persist/etc  #< temporarily; if deploying over ssh
$ switch
$ reboot
$ sudo rm /nix/persist/etc  #< if you did the symlink earlier
```
 2024-02-23 18:02:17 +00:00
Colin 28d4a4b065 persistence: move stores behind a byStore attr to support disabling persistence altogether (for e.g. rescue image) 2023-11-08 15:33:15 +00:00
colin d13bcc49ab refactor hosts directory, and move ssh keys out of modules/data 
longer-term, i want hosts/by-name to define host-specific data
that's accessible via the other hosts (things like pubkeys).

also the secrets management needs some rethinking. there's really not
much point in me specifiying where *exactly* a secret comes from at its
use site. i should really be specifying secret store manifests; i.e.
"servo.yaml contains secrets X Y and Z", and leaving the rest up to
auto-computing.
 2023-01-19 23:23:43 +00:00
colin 71fc1a2fd7 ssh: define system-wide knownHosts 2023-01-08 08:51:06 +00:00
colin a457fc1416 ssh: move sys config out of hosts/common 2023-01-08 08:43:23 +00:00
colin 72d589cb2d ssh: port to modules system 2023-01-08 03:07:57 +00:00