new machine, altostratus, my remote-work remote box.
This commit is contained in:
parent
44cd697b63
commit
7ea5e9ed3c
9 changed files with 184 additions and 2 deletions
12
README.md
12
README.md
|
|
@ -31,3 +31,15 @@ Each host *must also* define the variables declared in `modules/hostopts.nix`.
|
|||
## Secrets
|
||||
This repo uses nix-sops for secrets management, with the encrypted secrets being stored in a private repo imported as an input.
|
||||
if the `nix-secrets` input is commented out, the repo should still build, gracefully degrading to default, non-secret, values.
|
||||
|
||||
## Spinning up a new machine:
|
||||
run `nix build ./#iso` or `nix build aarch64-iso.nix` (depending on architecture), and boot it while on the same network.
|
||||
(you can also use a regular nixos iso, but this has my tools and pub ssh keys already on it.)
|
||||
SSH into the machine (hostname will be nixos-installer), and run `nixos-generate --show-hardware-config`, and copy the kernel modules section into your config.
|
||||
run `ls /dev/disk/by-id`, and note the disk IDs.
|
||||
|
||||
Now your ready to write a config.
|
||||
You should probably base it off of one of the other configs in `hosts`.
|
||||
Just modify it to your needs (adding roles, importing other configs, setting up networking, etc) and write a `disk-config.nix` for it.
|
||||
now, run `nix run github:nix-community/nixos-anywhere -- --flake .\#$CONFIG_NAME root@nixos-installer`, and nixos anywhere will do the rest.
|
||||
If the machine is headless, you probably also want to add an entry to the deploy config, to update it remotely.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue