diff --git a/.agenix_config.nix b/.agenix_config.nix
index a5acd50..a472268 100644
Binary files a/.agenix_config.nix and b/.agenix_config.nix differ
diff --git a/Makefile b/Makefile
index 98c463c..bb06e7a 100644
--- a/Makefile
+++ b/Makefile
@@ -18,7 +18,7 @@ MACHINES := \
macbook-pro
VPS := \
- istal \
+ amstel \
tatos
.PHONY: help
diff --git a/hosts/istal/configuration.nix b/hosts/amstel/configuration.nix
similarity index 86%
rename from hosts/istal/configuration.nix
rename to hosts/amstel/configuration.nix
index b5b109a..9cd8d98 100644
--- a/hosts/istal/configuration.nix
+++ b/hosts/amstel/configuration.nix
@@ -6,7 +6,7 @@
./services
];
- networking.hostName = "istal";
+ networking.hostName = "amstel";
networking.domain = "local";
users.users.root.openssh.authorizedKeys.keys = globalData.publicKeys.users.janistal;
diff --git a/hosts/amstel/data.secret.nix b/hosts/amstel/data.secret.nix
new file mode 100644
index 0000000..4d53245
Binary files /dev/null and b/hosts/amstel/data.secret.nix differ
diff --git a/hosts/istal/hardware-configuration/default.nix b/hosts/amstel/hardware-configuration/default.nix
similarity index 100%
rename from hosts/istal/hardware-configuration/default.nix
rename to hosts/amstel/hardware-configuration/default.nix
diff --git a/hosts/istal/hardware-configuration/generated.nix b/hosts/amstel/hardware-configuration/generated.nix
similarity index 100%
rename from hosts/istal/hardware-configuration/generated.nix
rename to hosts/amstel/hardware-configuration/generated.nix
diff --git a/hosts/amstel/hardware-configuration/networking.secret.nix b/hosts/amstel/hardware-configuration/networking.secret.nix
new file mode 100644
index 0000000..175dd3f
Binary files /dev/null and b/hosts/amstel/hardware-configuration/networking.secret.nix differ
diff --git a/hosts/istal/services/default.nix b/hosts/amstel/services/default.nix
similarity index 100%
rename from hosts/istal/services/default.nix
rename to hosts/amstel/services/default.nix
diff --git a/hosts/istal/services/docker-registry-proxy.nix b/hosts/amstel/services/docker-registry-proxy.nix
similarity index 100%
rename from hosts/istal/services/docker-registry-proxy.nix
rename to hosts/amstel/services/docker-registry-proxy.nix
diff --git a/hosts/istal/services/forgejo-runners/default.nix b/hosts/amstel/services/forgejo-runners/default.nix
similarity index 62%
rename from hosts/istal/services/forgejo-runners/default.nix
rename to hosts/amstel/services/forgejo-runners/default.nix
index a0be046..92a2ddd 100644
--- a/hosts/istal/services/forgejo-runners/default.nix
+++ b/hosts/amstel/services/forgejo-runners/default.nix
@@ -5,7 +5,6 @@ let
in
{
age.secrets.forgejo-runner-token-istal-docker.file = ./forgejo-runner-token-istal-docker.age;
- age.secrets.forgejo-runner-token-codeberg-docker.file = ./forgejo-runner-token-codeberg-docker.age;
virtualisation.docker.enable = true;
systemd.services.docker.serviceConfig = {
@@ -15,9 +14,9 @@ in
services.gitea-actions-runner = {
package = pkgs.unstable.forgejo-runner;
instances = {
- istal-docker = {
+ amstel-docker = {
enable = true;
- name = "istal-docker";
+ name = "amstel-docker";
url = "https://git.pleshevski.ru";
labels = [
"docker:docker://node:20-bullseye"
@@ -28,20 +27,6 @@ in
runner = {
envs = { inherit NODE_OPTIONS; };
- timeout = "1h";
- };
- };
- };
- codeberg-docker = {
- enable = true;
- name = "codeberg-docker";
- url = "https://codeberg.org";
- labels = [ ];
- tokenFile = config.age.secrets.forgejo-runner-token-codeberg-docker.path;
- settings = {
- runner = {
- envs = { inherit NODE_OPTIONS; };
-
timeout = "1h";
};
};
diff --git a/hosts/amstel/services/forgejo-runners/forgejo-runner-token-istal-docker.age b/hosts/amstel/services/forgejo-runners/forgejo-runner-token-istal-docker.age
new file mode 100644
index 0000000..c492c63
Binary files /dev/null and b/hosts/amstel/services/forgejo-runners/forgejo-runner-token-istal-docker.age differ
diff --git a/hosts/istal/services/nginx.nix b/hosts/amstel/services/nginx.nix
similarity index 100%
rename from hosts/istal/services/nginx.nix
rename to hosts/amstel/services/nginx.nix
diff --git a/hosts/istal/services/prometheus.nix b/hosts/amstel/services/prometheus.nix
similarity index 100%
rename from hosts/istal/services/prometheus.nix
rename to hosts/amstel/services/prometheus.nix
diff --git a/hosts/amstel/services/renovate-gitea-token.age b/hosts/amstel/services/renovate-gitea-token.age
new file mode 100644
index 0000000..752c051
Binary files /dev/null and b/hosts/amstel/services/renovate-gitea-token.age differ
diff --git a/hosts/amstel/services/renovate-github-token.age b/hosts/amstel/services/renovate-github-token.age
new file mode 100644
index 0000000..43b0ec2
Binary files /dev/null and b/hosts/amstel/services/renovate-github-token.age differ
diff --git a/hosts/istal/services/renovate.nix b/hosts/amstel/services/renovate.nix
similarity index 100%
rename from hosts/istal/services/renovate.nix
rename to hosts/amstel/services/renovate.nix
diff --git a/hosts/istal/services/wireguard/default.nix b/hosts/amstel/services/wireguard/default.nix
similarity index 94%
rename from hosts/istal/services/wireguard/default.nix
rename to hosts/amstel/services/wireguard/default.nix
index 1ad7989..11e7f29 100644
--- a/hosts/istal/services/wireguard/default.nix
+++ b/hosts/amstel/services/wireguard/default.nix
@@ -2,8 +2,8 @@
let
tatosData = import (hostsPath + "/tatos/data.secret.nix");
- istalData = import (hostsPath + "/istal/data.secret.nix");
- inherit (istalData.wireguard) port;
+ amstelData = import (hostsPath + "/amstel/data.secret.nix");
+ inherit (amstelData.wireguard) port;
in
{
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
diff --git a/hosts/amstel/services/wireguard/wireguard-istal-private.age b/hosts/amstel/services/wireguard/wireguard-istal-private.age
new file mode 100644
index 0000000..50344fc
Binary files /dev/null and b/hosts/amstel/services/wireguard/wireguard-istal-private.age differ
diff --git a/hosts/asus-gl553vd/configs/wireguard/wireguard-asus-gl553vd-private.age b/hosts/asus-gl553vd/configs/wireguard/wireguard-asus-gl553vd-private.age
index 488e98f..0f05fea 100644
Binary files a/hosts/asus-gl553vd/configs/wireguard/wireguard-asus-gl553vd-private.age and b/hosts/asus-gl553vd/configs/wireguard/wireguard-asus-gl553vd-private.age differ
diff --git a/hosts/asus-gl553vd/services/forgejo-runners/forgejo-runner-token-asus-docker.age b/hosts/asus-gl553vd/services/forgejo-runners/forgejo-runner-token-asus-docker.age
index 4544eb7..502be6d 100644
Binary files a/hosts/asus-gl553vd/services/forgejo-runners/forgejo-runner-token-asus-docker.age and b/hosts/asus-gl553vd/services/forgejo-runners/forgejo-runner-token-asus-docker.age differ
diff --git a/hosts/default.nix b/hosts/default.nix
index c3fce12..b2a9c06 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -33,14 +33,14 @@ in
];
};
- istal = {
+ amstel = {
system = x86_64-linux;
extraModules = [
../modules/vps.nix
];
- targetHost = (import ./istal/data.secret.nix).addr;
+ targetHost = (import ./amstel/data.secret.nix).addr;
};
tatos = {
diff --git a/hosts/home/configs/wireguard/wireguard-home-private.age b/hosts/home/configs/wireguard/wireguard-home-private.age
index 526c797..f506a44 100644
Binary files a/hosts/home/configs/wireguard/wireguard-home-private.age and b/hosts/home/configs/wireguard/wireguard-home-private.age differ
diff --git a/hosts/home/services/forgejo-runners/forgejo-runner-token-home-docker.age b/hosts/home/services/forgejo-runners/forgejo-runner-token-home-docker.age
index b99b93c..faf041d 100644
Binary files a/hosts/home/services/forgejo-runners/forgejo-runner-token-home-docker.age and b/hosts/home/services/forgejo-runners/forgejo-runner-token-home-docker.age differ
diff --git a/hosts/istal/data.secret.nix b/hosts/istal/data.secret.nix
deleted file mode 100644
index a76968c..0000000
Binary files a/hosts/istal/data.secret.nix and /dev/null differ
diff --git a/hosts/istal/hardware-configuration/networking.secret.nix b/hosts/istal/hardware-configuration/networking.secret.nix
deleted file mode 100644
index a05dc12..0000000
Binary files a/hosts/istal/hardware-configuration/networking.secret.nix and /dev/null differ
diff --git a/hosts/istal/services/forgejo-runners/forgejo-runner-token-codeberg-docker.age b/hosts/istal/services/forgejo-runners/forgejo-runner-token-codeberg-docker.age
deleted file mode 100644
index bd96280..0000000
Binary files a/hosts/istal/services/forgejo-runners/forgejo-runner-token-codeberg-docker.age and /dev/null differ
diff --git a/hosts/istal/services/forgejo-runners/forgejo-runner-token-istal-docker.age b/hosts/istal/services/forgejo-runners/forgejo-runner-token-istal-docker.age
deleted file mode 100644
index 7202cd5..0000000
Binary files a/hosts/istal/services/forgejo-runners/forgejo-runner-token-istal-docker.age and /dev/null differ
diff --git a/hosts/istal/services/renovate-gitea-token.age b/hosts/istal/services/renovate-gitea-token.age
deleted file mode 100644
index f67d540..0000000
Binary files a/hosts/istal/services/renovate-gitea-token.age and /dev/null differ
diff --git a/hosts/istal/services/renovate-github-token.age b/hosts/istal/services/renovate-github-token.age
deleted file mode 100644
index 9f06782..0000000
Binary files a/hosts/istal/services/renovate-github-token.age and /dev/null differ
diff --git a/hosts/istal/services/wireguard/wireguard-istal-private.age b/hosts/istal/services/wireguard/wireguard-istal-private.age
deleted file mode 100644
index e1f5585..0000000
Binary files a/hosts/istal/services/wireguard/wireguard-istal-private.age and /dev/null differ
diff --git a/hosts/networking.secret.nix b/hosts/networking.secret.nix
index a09fc53..f8d02ba 100644
Binary files a/hosts/networking.secret.nix and b/hosts/networking.secret.nix differ
diff --git a/hosts/tatos/hardware-configuration/networking.secret.nix b/hosts/tatos/hardware-configuration/networking.secret.nix
index 03c3471..709057f 100644
Binary files a/hosts/tatos/hardware-configuration/networking.secret.nix and b/hosts/tatos/hardware-configuration/networking.secret.nix differ
diff --git a/hosts/tatos/services/loki-basicauth.age b/hosts/tatos/services/loki-basicauth.age
index 53696b5..12623dd 100644
Binary files a/hosts/tatos/services/loki-basicauth.age and b/hosts/tatos/services/loki-basicauth.age differ
diff --git a/hosts/tatos/services/miniflux/miniflux-admin-credentials.age b/hosts/tatos/services/miniflux/miniflux-admin-credentials.age
index a91c67f..896f3e8 100644
Binary files a/hosts/tatos/services/miniflux/miniflux-admin-credentials.age and b/hosts/tatos/services/miniflux/miniflux-admin-credentials.age differ
diff --git a/hosts/tatos/services/prometheus-basicauth-password.age b/hosts/tatos/services/prometheus-basicauth-password.age
index ed9da0f..d5c7d03 100644
Binary files a/hosts/tatos/services/prometheus-basicauth-password.age and b/hosts/tatos/services/prometheus-basicauth-password.age differ
diff --git a/hosts/tatos/services/prometheus.nix b/hosts/tatos/services/prometheus.nix
index 9a5653a..e03fa01 100644
--- a/hosts/tatos/services/prometheus.nix
+++ b/hosts/tatos/services/prometheus.nix
@@ -34,7 +34,7 @@ in
{
targets = [
"tatos:${toString nodeExporterPort}"
- "istal:${toString nodeExporterPort}"
+ "amstel:${toString nodeExporterPort}"
];
}
];
diff --git a/hosts/tatos/services/wireguard/default.nix b/hosts/tatos/services/wireguard/default.nix
index a9f8e2b..d812d6e 100644
--- a/hosts/tatos/services/wireguard/default.nix
+++ b/hosts/tatos/services/wireguard/default.nix
@@ -3,7 +3,7 @@
# Source: https://habr.com/ru/companies/xakep/articles/699000/
let
- istalData = import (hostsPath + "/istal/data.secret.nix");
+ amstelData = import (hostsPath + "/amstel/data.secret.nix");
tatosData = import (hostsPath + "/tatos/data.secret.nix");
port = tatosData.wireguard.port;
@@ -67,9 +67,9 @@ in
privateKeyFile = config.age.secrets.wireguard-tatos-private.path;
peers = [
- # Istal
+ # Amstel
{
- publicKey = istalData.wireguard.publicKey;
+ publicKey = amstelData.wireguard.publicKey;
allowedIPs = [ "10.20.30.2/32" "0.0.0.0/0" ];
}
# Home
diff --git a/hosts/tatos/services/wireguard/wireguard-tatos-private.age b/hosts/tatos/services/wireguard/wireguard-tatos-private.age
index 980728c..fab9762 100644
Binary files a/hosts/tatos/services/wireguard/wireguard-tatos-private.age and b/hosts/tatos/services/wireguard/wireguard-tatos-private.age differ
diff --git a/shared/prometheus/web-config.yml.age b/shared/prometheus/web-config.yml.age
index 1c51a12..cd370ad 100644
Binary files a/shared/prometheus/web-config.yml.age and b/shared/prometheus/web-config.yml.age differ
diff --git a/users/jan/ssh.secret.nix b/users/jan/ssh.secret.nix
index a4f1e8b..e2dd6ef 100644
Binary files a/users/jan/ssh.secret.nix and b/users/jan/ssh.secret.nix differ
diff --git a/users/jan/users-jan-passfile.age b/users/jan/users-jan-passfile.age
index a4ad13d..c5bf0d2 100644
Binary files a/users/jan/users-jan-passfile.age and b/users/jan/users-jan-passfile.age differ
diff --git a/users/nas/users-nas-passfile.age b/users/nas/users-nas-passfile.age
index 8e96cef..485dc9b 100644
Binary files a/users/nas/users-nas-passfile.age and b/users/nas/users-nas-passfile.age differ