dannydannydanny/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
dotfiles/nixos/hosts
History
DannyDannyDanny 7d3fd2d8cf feat(sunken-ship): migrate cloudflare-tunnel-token to clan vars 🔐 
Declare a clan.core.vars.generators.cloudflare-tunnel generator that
prompts for the tunnel token on first run and stores it SOPS-encrypted
under vars/per-machine/sunken-ship/cloudflare-tunnel/tunnel-token.
systemd.services.cloudflare-tunnel ExecStart now reads the decrypted
secret at runtime from \${config.clan.core.vars...path} (lives at
/run/secrets/vars/...) instead of the unmanaged
/home/danny/.secrets/cloudflare-tunnel-token file.

Stage 4c of the clan migration. The tunnel itself is slated for
retirement in 4d — ZeroTier-only access after that. Cloudflare token
was rotated during this migration; old value no longer valid.
2026-04-19 21:07:02 +02:00
..
daniel-macbook-air.nix feat(nix): zerotier overlay via clan inventory + mac ZT client 🕸️ 2026-04-19 14:43:29 +02:00
phantom-ship-hardware.nix fix: restore bootloader config in phantom-ship hardware nix 🥾 2026-03-31 15:33:23 +02:00
phantom-ship.nix feat(phantom-ship): add shipyard systemd service 🚢 2026-04-19 13:20:27 +02:00
server-install.nix Set efiSysMountPoint = /boot so systemd-boot install succeeds with disko 2026-03-08 18:38:26 +01:00
sunken-ship-hardware.nix Rename nixos-server to sunken-ship 2026-03-01 12:44:28 +01:00
sunken-ship.nix feat(sunken-ship): migrate cloudflare-tunnel-token to clan vars 🔐 2026-04-19 21:07:02 +02:00
wsl.nix refactor(wsl): move user packages to home-manager 🎨 2026-03-30 18:03:11 +02:00