# nixos-config [![Build](https://github.com/tboerger/nixos-config/actions/workflows/build.yml/badge.svg)](https://github.com/tboerger/nixos-config/actions/workflows/build.yml) Provisioning for my NixOS systems based on [Nix][nix]. ## Prepare Copy `/etc/ssh/ssh_host_ed25519_key.pub` into [secrets](./secrets/secrets.nix) and rekey the secrets via [agenix][agenix]. After pushing the rekeyed secrets execute the commands below. ## Desktops Generally after the installation I'm cloning this repository somewhere onto the desktop machine and just execute `make switch` within that repository to apply updates, if this is not the case I can always execute `nixos-rebuild switch --flake github:tboerger/nixos-config#name` to get the latest changes pulled in. ### Chnum ```console sudo loadkeys de sudo nix-shell --packages nixUnstable bash -c "$(curl -fsSL https://raw.githubusercontent.com/tboerger/nixos-config/master/scripts/chnum-partitions)" mkdir -p /mnt/etc/ssh cp /etc/ssh/ssh_host_* /mnt/etc/ssh/ nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#chnum ``` ### Hathor ```console sudo loadkeys de sudo nix-shell --packages nixUnstable bash -c "$(curl -fsSL https://raw.githubusercontent.com/tboerger/nixos-config/master/scripts/hathor-partitions)" mkdir -p /mnt/etc/ssh cp /etc/ssh/ssh_host_* /mnt/etc/ssh/ nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#hathor ``` ### Osiris ```console sudo loadkeys de sudo nix-shell --packages nixUnstable bash -c "$(curl -fsSL https://raw.githubusercontent.com/tboerger/nixos-config/master/scripts/osiris-partitions)" mkdir -p /mnt/etc/ssh cp /etc/ssh/ssh_host_* /mnt/etc/ssh/ nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#osiris ``` ## Servers Currently I'm applying the updates manually by cloning the repository into the machine and executing `make switch`, but on longterm it should also just work to use the `deploy #name` command, at least if it's executed from a NixOS desktop. ### Niflheim ```console sudo loadkeys de sudo nix-shell --packages nixUnstable bash -c "$(curl -fsSL https://raw.githubusercontent.com/tboerger/nixos-config/master/scripts/niflheim-partitions)" mkdir -p /mnt/etc/ssh cp /etc/ssh/ssh_host_* /mnt/etc/ssh/ nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#niflheim ``` ### Asgard ```console sudo loadkeys de sudo nix-shell --packages nixUnstable bash -c "$(curl -fsSL https://raw.githubusercontent.com/tboerger/nixos-config/master/scripts/asgard-partitions)" mkdir -p /mnt/etc/ssh cp /etc/ssh/ssh_host_* /mnt/etc/ssh/ nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#asgard ``` ### Utgard ```console sudo loadkeys de sudo nix-shell --packages nixUnstable bash -c "$(curl -fsSL https://raw.githubusercontent.com/tboerger/nixos-config/master/scripts/utgard-partitions)" mkdir -p /mnt/etc/ssh cp /etc/ssh/ssh_host_* /mnt/etc/ssh/ nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#utgard ``` ### Midgard ```console sudo loadkeys de sudo nix-shell --packages nixUnstable mount /dev/disk/by-label/NIXOS_SD /mnt mkdir -p /mnt/etc/ssh cp /etc/ssh/ssh_host_* /mnt/etc/ssh/ nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#midgard ``` ## Security If you find a security issue please contact thomas@webhippie.de first. ## Contributing Fork -> Patch -> Push -> Pull Request ## Authors - [Thomas Boerger](https://github.com/tboerger) ## License Apache-2.0 ## Copyright ```console Copyright (c) 2021 Thomas Boerger ``` [nix]: https://nixos.org/manual/nix/stable/ [agenix]: https://github.com/ryantm/agenix