From ea27d48a2f80d7c189608e20673abc0ad4ed1cf2 Mon Sep 17 00:00:00 2001 From: Katherina Walshe-Grey Date: Sat, 6 Dec 2025 17:56:04 +0000 Subject: [PATCH 1/6] keys: Add siberys --- keys.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/keys.nix b/keys.nix index cba8c49..9b28be9 100644 --- a/keys.nix +++ b/keys.nix @@ -12,6 +12,7 @@ kilgharrah = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOgGF3gzzlMbxxk3UAAgHJ7sDdjqtrw7UW16M1XhXtz2 root@kilgharrah"; elucredassa = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA+Y/vqGNc1wXUAg4XMAAcLupkggywj2LpYDwA16ONbH root@elucredassa"; carter = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEHHHYG6A995Po05+JXQsvB79ZoIiSOJnW6AiJgVYPic root@carter"; + siberys = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICF9p2X9Mph+PYV1YZHuMXXBevJatecqx3yr/B8znQud root@vps-9fd2f351.vps.ovh.net"; }; users = { From 6a5092ce3150cb149976010c15820e1d6427bf42 Mon Sep 17 00:00:00 2001 From: Katherina Walshe-Grey Date: Sat, 6 Dec 2025 17:56:29 +0000 Subject: [PATCH 2/6] ovh: Fix handler to restart SSH --- playbook.yaml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/playbook.yaml b/playbook.yaml index 5f4e2e1..cd833f2 100644 --- a/playbook.yaml +++ b/playbook.yaml @@ -14,7 +14,7 @@ backup: true become: true notify: - - restart ssh + - Restart SSH - name: Update authorized SSH keys for Ansible user ansible.builtin.copy: dest: '/home/{{ ansible_user }}/.ssh/authorized_keys' @@ -23,6 +23,13 @@ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJEmkV9arotms79lJPsLHkdzAac4eu3pYS08ym0sB/on qenya@tohru ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFjBuuxo+w3yED0aPnsNb8S90p/GgBqFEG9K4ETZ5Wkq qenya@kilgharrah mode: "0600" + + handlers: + - name: Restart SSH + ansible.builtin.service: + name: sshd + state: restarted + - name: Enable automatic upgrades hosts: ovh tasks: @@ -46,9 +53,3 @@ enabled: true state: started become: true - - handlers: - - name: Restart SSH - ansible.builtin.service: - name: sshd - state: restarted From df7c583002b629f7c7000e23cb11c14198b2ec06 Mon Sep 17 00:00:00 2001 From: Katherina Walshe-Grey Date: Sat, 6 Dec 2025 18:37:54 +0000 Subject: [PATCH 3/6] ovh: Install Podman --- playbook.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/playbook.yaml b/playbook.yaml index cd833f2..ac2c3f1 100644 --- a/playbook.yaml +++ b/playbook.yaml @@ -53,3 +53,12 @@ enabled: true state: started become: true + +- name: Set up Podman + hosts: ovh + tasks: + - name: Install Podman + ansible.builtin.dnf: + name: podman + state: present + become: true From 8af16179eee132a00738bdf0864e11c7c1c807b5 Mon Sep 17 00:00:00 2001 From: Katherina Walshe-Grey Date: Sat, 6 Dec 2025 18:39:26 +0000 Subject: [PATCH 4/6] Move ansible files to separate directory --- inventory.yaml => ansible/inventory.yaml | 0 playbook.yaml => ansible/playbook.yaml | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename inventory.yaml => ansible/inventory.yaml (100%) rename playbook.yaml => ansible/playbook.yaml (100%) diff --git a/inventory.yaml b/ansible/inventory.yaml similarity index 100% rename from inventory.yaml rename to ansible/inventory.yaml diff --git a/playbook.yaml b/ansible/playbook.yaml similarity index 100% rename from playbook.yaml rename to ansible/playbook.yaml From 7703ea92d97ac4f48fb75c5ee3a4f80b0d5e7645 Mon Sep 17 00:00:00 2001 From: Katherina Walshe-Grey Date: Sat, 6 Dec 2025 22:05:37 +0000 Subject: [PATCH 5/6] ovh: Enable remote socket for Podman --- ansible/playbook.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ansible/playbook.yaml b/ansible/playbook.yaml index ac2c3f1..eefda05 100644 --- a/ansible/playbook.yaml +++ b/ansible/playbook.yaml @@ -62,3 +62,9 @@ name: podman state: present become: true + - name: Enable a Podman socket to receive remote client commands + ansible.builtin.systemd_service: + name: 'podman.socket' + enabled: true + state: started + scope: user From 8f8e25d746285a43435cd0691ead92da16344eb0 Mon Sep 17 00:00:00 2001 From: Katherina Walshe-Grey Date: Sat, 6 Dec 2025 22:06:08 +0000 Subject: [PATCH 6/6] tohru: Install Podman --- hosts/tohru/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/tohru/default.nix b/hosts/tohru/default.nix index 52f2c6a..b1e5bf9 100644 --- a/hosts/tohru/default.nix +++ b/hosts/tohru/default.nix @@ -55,6 +55,8 @@ in scoutshonour.digital-a-love-story scoutshonour.dont-take-it-personally-babe ]; + + services.podman.enable = true; }; qenya.services.distributed-builds = {