1
0
mirror of https://github.com/tboerger/nixos-config synced 2024-11-23 03:32:08 +01:00
Go to file
2022-10-30 17:59:33 +01:00
.github chore(deps): bump actions/checkout from 2.4.0 to 3 2022-03-07 14:26:19 +00:00
machines fix: more fixes for various filesystems 2022-10-30 17:59:33 +01:00
overlays feat: override citrix workspace download url 2022-09-29 14:52:30 +02:00
profiles chore: even more restructuring 2022-10-25 09:53:40 +02:00
scripts fix: more fixes for various filesystems 2022-10-30 17:59:33 +01:00
secrets chore: let us regenerate the secrets... again 2022-10-26 20:12:33 +02:00
.editorconfig chore: initial commit 2022-02-20 17:46:48 +01:00
.envrc chore: integrate deploy-rs and flake-utils 2022-09-28 22:28:36 +02:00
.gitignore chore: integrate deploy-rs and flake-utils 2022-09-28 22:28:36 +02:00
flake.lock chore: upgrade flake lockfile 2022-10-25 10:42:45 +02:00
flake.nix chore: no need for bootstrap targets 2022-10-26 20:40:58 +02:00
LICENSE chore: initial commit 2022-02-20 17:46:48 +01:00
Makefile chore: integrate deploy-rs and flake-utils 2022-09-28 22:28:36 +02:00
README.md chore: no need for bootstrap targets 2022-10-26 20:40:58 +02:00
TODO.md fix: more fixes for various filesystems 2022-10-30 17:59:33 +01:00

nixos-config

Build

Provisioning for my NixOS systems based on Nix.

Chnum

Bootstrap

Copy /etc/ssh/ssh_host_ed25519_key.pub into secrets and rekey the secrets via agenix. After pushing the rekeyed secrets execute these commands:

sudo loadkeys de
sudo nix-shell --packages nixUnstable

bash -c "$(curl -fsSL https://raw.githubusercontent.com/tboerger/nixos-config/master/scripts/chnum-partitions)"

mkdir -p /mnt/etc/ssh
cp /etc/ssh/ssh_host_* /mnt/etc/ssh/
nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#chnum-bootstrap

Updates

If the repository had been cloned you could just execute make switch, otherwise there is still this long option to update the deployment:

nixos-rebuild switch \
    --flake github:tboerger/nixos-config#chnum

Asgard

Bootstrap

Copy /etc/ssh/ssh_host_ed25519_key.pub into secrets and rekey the secrets via agenix. After pushing the rekeyed secrets execute these commands:

sudo loadkeys de
sudo nix-shell --packages nixUnstable

bash -c "$(curl -fsSL https://raw.githubusercontent.com/tboerger/nixos-config/master/scripts/asgard-partitions)"

mkdir -p /mnt/etc/ssh
cp /etc/ssh/ssh_host_* /mnt/etc/ssh/
nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#asgard

Updates

If the repository had been cloned you could just execute make switch, otherwise there is still this long option to update the deployment:

nixos-rebuild switch \
    --flake github:tboerger/nixos-config#asgard

Utgard

Bootstrap

Copy /etc/ssh/ssh_host_ed25519_key.pub into secrets and rekey the secrets via agenix. After pushing the rekeyed secrets execute these commands:

sudo loadkeys de
sudo nix-shell --packages nixUnstable

bash -c "$(curl -fsSL https://raw.githubusercontent.com/tboerger/nixos-config/master/scripts/utgard-partitions)"

mkdir -p /mnt/etc/ssh
cp /etc/ssh/ssh_host_* /mnt/etc/ssh/
nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#utgard-bootstrap

Updates

If the repository had been cloned you could just execute make switch, otherwise there is still this long option to update the deployment:

nixos-rebuild switch \
    --flake github:tboerger/nixos-config#utgard

Midgard

Bootstrap

Copy /etc/ssh/ssh_host_ed25519_key.pub into secrets and rekey the secrets via agenix. After pushing the rekeyed secrets execute these commands:

sudo loadkeys de
sudo nix-shell --packages nixUnstable

mount /dev/disk/by-label/NIXOS_SD /mnt

mkdir -p /mnt/etc/ssh
cp /etc/ssh/ssh_host_* /mnt/etc/ssh/
nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#midgard-bootstrap

Updates

If the repository had been cloned you could just execute make switch, otherwise there is still this long option to update the deployment:

nixos-rebuild switch \
    --flake github:tboerger/nixos-config#midgard

Security

If you find a security issue please contact thomas@webhippie.de first.

Contributing

Fork -> Patch -> Push -> Pull Request

Authors

License

Apache-2.0

Copyright (c) 2021 Thomas Boerger <thomas@webhippie.de>