Berwn 344f432640 Add Hetzner Cloud firewall auto-sync from clan config ...

control runs a oneshot on each deploy that creates each firewall if
missing and replaces its rules via the Hetzner API set_rules action,
using a Read/Write token stored as a clan secret. Public SSH is not
exposed; admin access rides the ZeroTier mesh, with emergency-access as
the console fallback.

2026-06-14 15:40:05 +07:00

machines

Add Hetzner Cloud firewall auto-sync from clan config

2026-06-14 15:40:05 +07:00

modules

Add Hetzner Cloud firewall auto-sync from clan config

2026-06-14 15:40:05 +07:00

sops

Add machine ns2 to secrets

2026-06-14 12:20:27 +07:00

vars

Update vars via generator hetzner-firewall for machine control

2026-06-14 15:37:25 +07:00

.envrc

Initial commit

2026-06-14 12:11:16 +07:00

.gitignore

Initial commit

2026-06-14 12:11:16 +07:00

clan.nix

Enable emergency-access recovery service

2026-06-14 15:02:34 +07:00

flake.lock

Initial commit

2026-06-14 12:11:16 +07:00

flake.nix

Add authoritative DNS on ns1/ns2 and finalize clan config

2026-06-14 13:24:23 +07:00

inventory.json

update(inventory.json): Installed ns2

2026-06-14 13:34:17 +07:00

S

Description

No description provided

550 KiB

Languages

Nix 100%