Enhance deployment configuration with machine-specific templates and secrets management
Updated the .gitignore to include machine-specific configurations and secrets handling. Expanded the DEPLOYMENT-GUIDE.md to provide detailed instructions for adding new machines using a template, along with steps for managing encrypted secrets. Introduced example configuration files for boot settings and a sample WireGuard service, improving modularity and flexibility in the NixOS deployment process. Adjusted krops.nix to reference the correct path for machine-specific configurations.
This commit is contained in:
parent
78dcba25ec
commit
d794cf4394
5 changed files with 66 additions and 23 deletions
18
.gitignore
vendored
18
.gitignore
vendored
|
|
@ -5,3 +5,21 @@ result
|
|||
machine-specific
|
||||
web-app
|
||||
lnbits
|
||||
lnbits-extensions
|
||||
|
||||
# Machine-specific configurations (user creates these)
|
||||
# Keep example-machine as a template
|
||||
config/machines/*
|
||||
!config/machines/example-machine/
|
||||
|
||||
# Secrets - only ignore unencrypted secrets
|
||||
# Encrypted .age files are SAFE to commit
|
||||
secrets/**/!(*.age)
|
||||
secrets/**/*.txt
|
||||
secrets/**/*.key
|
||||
secrets/**/*.pem
|
||||
secrets/**/*.env
|
||||
|
||||
# Age/Passage identity files (NEVER commit these!)
|
||||
.passage/
|
||||
identities
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue