Jörg Thalheim
bd3f79f11d
extend terraform module to support extra_files_script
2023-09-05 15:23:15 +02:00
Jörg Thalheim
50e1df362e
Revert "wip: extend terraform module to support extra_files_script"
...
This reverts commit 9661aeffcb
.
This was pushed by accident to main
2023-09-05 15:22:07 +02:00
Jörg Thalheim
9661aeffcb
wip: extend terraform module to support extra_files_script
2023-09-05 15:20:28 +02:00
a-kenji
f417afd489
chore: fix typos
2023-08-22 13:55:28 +02:00
Jean-François Roche
8ba2cbf6f4
terraform: do not show private key in local-exec logs
...
While running terraform with and without verbose mode enabled, we don't want the private key content to be shown in the terraform apply output.
2023-06-07 01:19:41 +02:00
dantefromhell
39da91a2e2
Skips nixos-rebuild if stop-after-disko is true
2023-06-05 12:40:43 +02:00
dantefromhell
31c332f3c1
Add stop_after_disko logic to all-in-one module
2023-06-05 12:40:43 +02:00
dantefromhell
28593f799d
Fix variable description in install module
2023-06-05 12:40:43 +02:00
dantefromhell
c0b3ac4e45
Add var.stop_after_disko to all-in-one module
2023-06-05 12:40:43 +02:00
dantefromhell
aee8a3af7b
Add stop_after_disko logic to install module
2023-06-05 12:40:43 +02:00
dantefromhell
1643769f0a
Add var.stop_after_disko to install step
2023-06-05 12:40:43 +02:00
Jean-François Roche
a82a84da8a
terraform/nixos-rebuild: do not ignore deploy errors by default
...
Add option to ignore systemd errors during deployment.
Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
2023-04-04 17:10:28 +02:00
Jean-François Roche
4371932193
fix(rebuild): use sudo if rebuild with another user than root
...
In order to switch the NixOS configuration, we must have root access.
If we are connecting to the target host with a non-root user, we use the "sudo" command.
We could instead use `nixos-rebuild --use-remote-sudo --target-host` but it
would evaluate the nixos system again.
2023-03-31 21:33:05 +02:00
zimbatm
eafa9cfce5
nixos-rebuild: fix double trap
...
Only one callback can be installed per signal in Bash. Because the
previous `trap` removes the whole temporary workdir, the one around the
SSH key is redundant.
2023-03-29 16:17:29 +02:00
zimbatm
1120774e38
nixos-rebuild: fix SSH key security race
...
Make sure the ssh_key file is always 0700
2023-03-29 16:17:28 +02:00
Samuel Rounce
5adb698f51
fix(terraform/nixos-rebuild): typo in variables.sh
2023-03-29 09:09:21 +01:00
Jean-François Roche
16143cd8c0
terraform: allow nixos-rebuild to use specified private key for deployment
...
`nixos-rebuild/deploy.sh` script enable ssh authentication with a given private key
through the `SSH_KEY` environment variable.
Add additional variable for the private key used for the deployment.
To encourage the use of ssh-agent and discourage the storage of deployment keys in the terraform state
we do not set the install ssh key as the default for the deployment key.
Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
2023-03-28 00:28:48 +02:00
Jörg Thalheim
48fe2fa8cc
nixos-rebuild: allow to change deploy user
2023-03-04 13:53:20 +01:00
Jörg Thalheim
c2f70ed844
nixos-rebuild: allow to change deploy user
2023-03-03 14:47:03 +01:00
Jörg Thalheim
c0c5fcce92
make nix find the right flake
2023-03-01 11:36:25 +01:00
Jörg Thalheim
ed67349b96
terraform: improve module description
2023-02-23 17:10:09 +01:00
Jörg Thalheim
29b0f1b5f2
terraform: add instance_id to trigger reinstall
2023-02-23 16:15:52 +01:00
Jörg Thalheim
ed0ab16c58
terraform: drop dependency on the retry program
2023-02-23 16:15:52 +01:00
Jörg Thalheim
ac7f3b86a5
terraform: actually passthru kexec-url to nixos-anywhere
2023-02-22 16:42:55 +01:00
Jörg Thalheim
2abdb32c67
terraform/nix-build: fix building from non-flake
2023-02-22 16:42:55 +01:00
Jörg Thalheim
23bbd22fb2
add debug logging option
2023-02-22 16:42:55 +01:00
Jörg Thalheim
57a6ec5ffc
terraform/install: fix nixos-anywhere flake attribute name
2023-02-22 16:42:49 +01:00
lassulus
411fb9bd76
terraform: init modules
2023-02-14 07:34:24 +01:00