nix/machines
1
0
Fork 0
Code Issues Releases Packages Activity Actions
machines/nix/systems/aarch64-linux/security.kaareskovgaard.net/README.md
Kaare Hoff Skovgaard 8cd2737aca
Some checks failed
/ rust-packages (push) Successful in 2m45s
Details
/ systems (push) Failing after 1m40s
Details
/ terraform-providers (push) Successful in 4m2s
Details
/ dev-shell (push) Successful in 54s
Details
/ check (push) Failing after 1m31s
Details
Begin moving openbao and authentik server to new setup
2025-07-14 23:34:02 +02:00

5 lines
521 B
Markdown
Raw Blame History

# After creating the instance
Open https://vault.kaareskovgaard.net and initialize OpenBAO. Remember to get some sort of auto unsealing set up afterwards, currently this is implemented with a cronjob on TrueNAS. Doing it this way allows various certificates to continue getting issued, even as OpenBAO gets sealed (due to auto updates).
After this, run the post provisioning script to initialize the various OpenBAO parts needed. Then `nix run '.#bitwarden-to-vault` can transfer the needed Bitwarden secrets to vault.
Reference in a new issue View git blame Copy permalink