aboutsummaryrefslogtreecommitdiff
path: root/nix
Commit message (Collapse)AuthorAgeFilesLines
* wgautomesh persist state to fileAlex Auvolat2023-03-172-1/+8
|
* wgautomesh gossip secret fileAlex Auvolat2023-03-172-1/+14
|
* sample deployment of wgautomesh on staging (dont deploy prod with this commit)Alex Auvolat2023-03-172-9/+131
|
* TODOs in deuxfleurs.nix because the old world is maybe mixing with the newAdrien2023-03-151-2/+2
|
* Remove hardcoded years in deuxfleurs.nixAlex Auvolat2023-01-011-7/+7
|
* Replace deploy_wg by a NixOS activation scriptAlex Auvolat2022-12-141-0/+9
|
* Add origan node in staging cluster (+ refactor system.stateVersion)Alex Auvolat2022-12-111-8/+0
|
* Add possible public_ipv4 node tagAlex Auvolat2022-12-071-1/+10
|
* Staging: Add CNAME target meta parameter, will be used for diplonat auto dns ↵Alex Auvolat2022-12-071-8/+16
| | | | update
* Clean stuff up and update nix driverAlex Auvolat2022-11-291-1/+1
|
* Remove old nomad-driver-nixAlex Auvolat2022-11-291-31/+0
|
* Use nix driver moved to Deuxfleurs namespaceAlex Auvolat2022-11-291-7/+3
|
* Deploy garage on staging using nix2 driverAlex Auvolat2022-11-292-31/+29
|
* Staging: ability to run Nix jobs using exec2 driverAlex Auvolat2022-11-282-0/+32
|
* Remove root, add wg-quick-wg0 after unboundAlex Auvolat2022-11-281-0/+1
|
* Fix wg-quick MTU because it does bad stuff by defaultAlex Auvolat2022-11-221-0/+1
|
* Add after config on nomad and consulAlex Auvolat2022-11-221-0/+2
|
* Add Baptiste ; fix wireguardAlex Auvolat2022-11-221-2/+2
|
* poc 2 for nix containers: use nomad-driver-nixAlex Auvolat2022-11-161-0/+31
|
* remove systemd-resolvedAlex Auvolat2022-10-162-10/+2
|
* Complete telemetry configurationAlex Auvolat2022-10-161-0/+5
|
* Remove additonal DNS entries from dockerMaximilien Richer2022-10-161-1/+1
|
* Correctly inject dns servers in dockerQuentin Dufour2022-10-161-1/+6
|
* Add dockerQuentin Dufour2022-10-161-1/+1
|
* Switch to systemd-networkdQuentin Dufour2022-10-151-25/+27
|
* Disable IPv6 RA/autoconf/temp addrQuentin Dufour2022-10-141-0/+3
|
* Force Garage to use ipv6 connectivityAlex Auvolat2022-09-151-0/+1
|
* systemd timesyncdAlex Auvolat2022-09-081-1/+2
|
* Improve DNS configurationAlex Auvolat2022-08-301-4/+38
| | | | | | | | | Add Unbound server that separates queries between those going to Consul and those going elsewhere. This allows us to have DNS working even if Consul fails for some reason. This way we can also remove the secondary `nameserver` entry in /etc/resolv.conf, thus fixing a bug where certain containers (Alpine-based images?) were using the secondary resolver some of the time, making them unable to access .consul hosts.
* Ask consul to use advertised address and not bind oneQuentin Dufour2022-08-241-0/+1
|
* Fix nomad talking to consulAlex Auvolat2022-08-241-1/+4
|
* Fix access to consul for non-server nodesAlex Auvolat2022-08-241-1/+1
|
* Disable bootstrap_expect unless specific deuxfleurs.bootstrap is setAlex Auvolat2022-08-241-9/+11
|
* Fix IPv6Quentin Dufour2022-08-241-1/+10
|
* Remove wesher, reconfigure staging without itAlex Auvolat2022-08-234-193/+73
|
* Disable ipv6 temporary addressesAlex Auvolat2022-08-231-0/+1
|
* Update to nixos 22.05Alex Auvolat2022-07-272-13/+15
|
* Configure Consul DNSAlex Auvolat2022-06-011-3/+23
|
* Work on drone runner as VMAlex Auvolat2022-05-302-0/+13
|
* Fix firewall rule for IGDAlex Auvolat2022-05-091-2/+2
|
* Network configuration updatesAlex Auvolat2022-05-091-16/+21
|
* Update network configurationAlex Auvolat2022-05-081-1/+1
|
* Replace ad-hoc wireguard by wesher on staging clusterAlex Auvolat2022-04-202-104/+71
|
* Wesher secret key in /var/lib/wesher/secretsAlex Auvolat2022-04-202-3/+19
|
* First working Wesher configurationAlex Auvolat2022-04-192-0/+130
|
* Wesher package now worksAlex Auvolat2022-04-192-21/+23
|
* nix infinite recursioninfinite-recursionAlex Auvolat2022-04-193-6/+34
|
* Move configuration.nix to nix/ subfolderprodAlex Auvolat2022-03-281-0/+116
|
* Wireguard directly using LAN addresses when possibleAlex Auvolat2022-02-261-2/+13
|
* Carcajou is encryptedAlex Auvolat2022-02-251-1/+1
|