jfraeysd/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9 commits 1 branch 0 tags 261 KiB
Commit graph

9 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jeremie Fraeys
f9a7411cfb
chore(setup): improve setup.sh UX and update README 
- Add --help and ansible-only/no-terraform modes\n- Add basic prereq checks and clearer error messages\n- Update README with new setup options and python requirements for helper scripts
 2026-01-20 17:19:06 -05:00
Jeremie Fraeys
a22381492e
feat(infra-controller): add restricted SSH access role 
- Add infra_controller role to provision a dedicated user\n- Install register/deregister forced-command authorized_keys entries\n- Read SSH public keys from vault/env and restrict access by source IP
 2026-01-20 17:14:31 -05:00
Jeremie Fraeys
9e7b51b69a
docs: document Actions SSH key setup 
- Document required register/deregister SSH keys for controller workflows\n- Update vault.example.yml with FORGEJO_API_TOKEN and SSH public key placeholders
 2026-01-20 17:10:41 -05:00
Jeremie Fraeys
a3da8deb0f
feat(actions-ssh): use register/deregister keys for services access 
- Add app_ssh_access role to install forced-command keys for infra-register-stdin and infra-deregister\n- Ensure required infra-controller runtime directories exist on services host\n- Add helper script to generate/register both Actions SSH secrets and update vault public keys
 2026-01-20 17:10:02 -05:00
Jeremie Fraeys
c2056d4cd4
fix(forgejo-runner): validate label executor scheme 
- Set default runner label to 'self-hosted:docker://…'\n- Add an early assert to fail fast when labels use an invalid executor scheme
 2026-01-20 17:09:17 -05:00
Jeremie Fraeys
997aff6be3
initial infra commit 2026-01-19 15:02:13 -05:00
Jeremie Fraeys
1d2f8e6141
retry workflows with debian 2026-01-19 14:28:20 -05:00
Jeremie Fraeys
c397737ff1
retry actions 2026-01-19 14:27:52 -05:00
Jeremie Fraeys
3ab4e338b2
retry actions 2026-01-19 14:27:43 -05:00