Skip to content

Configuration for Nix on my NixOS machines

License

Notifications You must be signed in to change notification settings

tboerger/nixos-config

Repository files navigation

nixos-config

Build

Provisioning for my NixOS systems based on Nix.

Prepare

Copy /etc/ssh/ssh_host_ed25519_key.pub into secrets and rekey the secrets via agenix, you could also just execute ssh-keyscan ip_or_fqdn to fetch the current public keys. After pushing the rekeyed secrets execute the commands below.

Asgard

Bootstrap

sudo loadkeys de
sudo nix-shell --packages nixUnstable

nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode disko --flake github:tboerger/nixos-config#asgard

mkdir -p /mnt/etc/ssh
cp /etc/ssh/ssh_host_* /mnt/etc/ssh/
nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#asgard

Updates

nix run github:serokell/deploy-rs github:tboerger/nixos-config#asgard

Utgard

Bootstrap

sudo loadkeys de
sudo nix-shell --packages nixUnstable

nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode disko --flake github:tboerger/nixos-config#utgard

mkdir -p /mnt/etc/ssh
cp /etc/ssh/ssh_host_* /mnt/etc/ssh/
nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#utgard

Updates

nix run github:serokell/deploy-rs github:tboerger/nixos-config#utgard

Vanaheim

Bootstrap

sudo loadkeys de
sudo nix-shell --packages nixUnstable

nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode disko --flake github:tboerger/nixos-config#vanaheim

mkdir -p /mnt/etc/ssh
cp /etc/ssh/ssh_host_* /mnt/etc/ssh/
nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#vanaheim

Updates

nix run github:serokell/deploy-rs github:tboerger/nixos-config#vanaheim

Yggdrasil

Bootstrap

sudo loadkeys de
sudo nix-shell --packages nixUnstable

mount /dev/disk/by-label/NIXOS_SD /mnt

mkdir -p /mnt/etc/ssh
cp /etc/ssh/ssh_host_* /mnt/etc/ssh/
nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#yggdrasil

Updates

nix run github:serokell/deploy-rs github:tboerger/nixos-config#yggdrasil

Security

If you find a security issue please contact [email protected] first.

Contributing

Fork -> Patch -> Push -> Pull Request

Authors

License

Apache-2.0

Copyright

Copyright (c) 2021 Thomas Boerger <[email protected]>