ahtlon

ahtlon pushed to master at kalipso/infrastructure

2025-03-04 18:02:55 +01:00

0058c90c34 mp legacy

ahtlon pushed to master at kalipso/infrastructure

2025-03-04 17:58:23 +01:00

b82777fadf Merge branch 'revert'

c0d6607368 revert script ding

7c300eb385 Revert "[disko] Bit of a hack but the storage partition now gets mounted after zroot using a file on the disk."

Compare 3 commits »

ahtlon commented on pull request kalipso/infrastructure#80

2025-03-01 21:48:09 +01:00

User management module

Should be changed at some point to use sops

ahtlon commented on pull request kalipso/infrastructure#80

2025-03-01 21:48:09 +01:00

User management module

Forgot to remove this when I changed the default, but it also doesn't hurt to write it explicitly

ahtlon commented on pull request kalipso/infrastructure#80

2025-03-01 21:48:09 +01:00

User management module

With default enable, this does nothing anymore... Should we disable the admin account on bakunin? The autoupdate script should still run to apply updates but we (and any attackers) could no longer change the system manually

ahtlon pushed to issue77 at kalipso/infrastructure

2025-03-01 21:37:51 +01:00

e2fac827bd [user module] default enable users to prevent lockouts

ahtlon pushed to issue77 at kalipso/infrastructure

2025-03-01 21:14:19 +01:00

912c8e1195 Merge remote-tracking branch 'origin/master' into issue77

ff2ccd5fb4 [user module] use hashed password without sops (for now)

505354078b [users] enable malo user module for fanny

ca246861c3 [fanny] set old ssh keys

f0e25ab64c [deployment] set hostname in pubkey

Compare 32 commits »

ahtlon commented on pull request kalipso/infrastructure#84

2025-02-23 13:37:42 +01:00

Reproducible deployments

Yes, pulling the existing keys is better but since fanny is down currently that'll have to wait

ahtlon deleted branch reproducible-deployments-filestructure from kalipso/infrastructure

2025-02-23 13:34:42 +01:00

ahtlon pushed to reproducible-deployments at kalipso/infrastructure

2025-02-23 13:34:42 +01:00

b423efeaef Merge pull request 'Reproducible deployments new filestructure' (#85) from reproducible-deployments-filestructure into reproducible-deployments

3bc74a3e80 [scripts] make pwpath consistant

251b0f0850 [fanny] generate deployment secrets on new location

70fe179b5b [sops] rm deprecated host secrets

2eec2ed980 [sops] change reproducible secrets file structure

Compare 5 commits »

ahtlon merged pull request kalipso/infrastructure#85

2025-02-23 13:34:40 +01:00

Reproducible deployments new filestructure

ahtlon approved kalipso/infrastructure#85

2025-02-23 13:27:56 +01:00

Reproducible deployments new filestructure

I changed the variables a bit to be more consistent but this looks good!

ahtlon pushed to reproducible-deployments-filestructure at kalipso/infrastructure

2025-02-23 13:23:38 +01:00

3bc74a3e80 [scripts] make pwpath consistant

ahtlon commented on pull request kalipso/infrastructure#84

2025-02-22 12:52:33 +01:00

Reproducible deployments

You are right. I changed the scripts to use sops

ahtlon pushed to reproducible-deployments at kalipso/infrastructure

2025-02-22 12:51:37 +01:00

d00188f770 Add fanny keys and remove keepass

556cc3d423 Changed the rest of the scripts to sops encryption

edc754ee7f Changed the keepass db to sops in add_new_key script

Compare 3 commits »

ahtlon commented on pull request kalipso/infrastructure#80

2025-02-14 23:58:41 +01:00

User management module

Rebased on #84

ahtlon pushed to issue77 at kalipso/infrastructure

2025-02-14 23:58:08 +01:00

e379679448 Change install script to use db

a1d9947cb7 move fanny to db

e1f6baaea1 Add age info after creation

5c21a9207d Add script for creating new hosts

e31cacd2fa Add keepass db for hostkeys etc

Compare 16 commits »

ahtlon commented on pull request kalipso/infrastructure#84

2025-02-14 07:23:18 +01:00

Reproducible deployments

Todo: Move all other hosts to db

ahtlon created pull request kalipso/infrastructure#84

2025-02-14 07:17:52 +01:00

Reproducible deployments

ahtlon pushed to reproducible-deployments at kalipso/infrastructure

2025-02-14 07:12:30 +01:00

ff673f0070 Change install script to use db

57c8e65917 move fanny to db

e4be136b64 Add age info after creation

aedf5ca0bf Add script for creating new hosts

923cbf4621 Add keepass db for hostkeys etc

Compare 5 commits »