Servers, containers and stuff

Go to file

Jake Howard 7c8d224c4a Some checks failed / ansible (push) Failing after 39s Details / terraform (push) Failing after 46s Details Add headscale ACLs Tags are managed entirely server side, so there's no priv esc issues. This lets my devices do what they want, and server style devices can't do anything.		2024-04-20 15:46:21 +01:00
.gitea/workflows	Update actions/setup-python action to v5	2024-03-04 08:35:57 +00:00
ansible	Add headscale ACLs	2024-04-20 15:46:21 +01:00
terraform	Update Terraform gandi to v2.3.0	2024-04-15 14:40:48 +01:00
.gitattributes	Mark vault files as generated	2023-01-27 17:33:04 +00:00
.gitignore	Move split secrets into single env file	2023-05-03 20:54:06 +01:00
.yamllint.yml	Fix lint issues	2023-10-01 17:10:37 +01:00
justfile	Always use diff when running deploys	2023-11-08 19:46:28 +00:00
README.md	Move AdGuardHome configuration to Terraform	2024-01-08 21:45:28 +00:00
renovate.json	Let renovate find galaxy requirements	2023-05-06 21:44:12 +01:00

README.md

Infrastructure

Requirements

Python 3
Locally configured SSH config (ideally deployed through dotfiles)
ansible installed on the system
just

Installation

just setup
just terraform init

Private Settings

Ansible integrates with Bitwarden through its CLI.

Terraform secrets are stored in terraform/.env, and provisioned using just update-secrets.

Deploying

just ansible-deploy
juts terraform apply

External configuration

This repository contains most of my infrastructure configuration, but not everything is configured here. Some things are external, for various reasons.

AdGuardHome