From 9c59a20b54abb4c152fbeacd256446b8c09ba37d Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Sun, 5 Nov 2023 19:03:44 +0100
Subject: [PATCH] update README change directory naming

---
 secrets/.gitignore => .gitignore                  |  0
 README.md                                         | 15 +++++++++++----
 {secrets => ansible}/.envrc                       |  0
 {secrets => ansible}/ansible.cfg                  |  0
 secrets/deploy.yml => ansible/deploy_secrets.yml  |  0
 {secrets => ansible}/files/jefke_host_ed25519     |  0
 {secrets => ansible}/files/jefke_host_ed25519.crt |  0
 {secrets => ansible}/files/jefke_host_ed25519.pub |  0
 {secrets => ansible}/files/jefke_user_ed25519     |  0
 {secrets => ansible}/files/jefke_user_ed25519.crt |  0
 {secrets => ansible}/files/jefke_user_ed25519.pub |  0
 {secrets => ansible}/flake.lock                   |  0
 {secrets => ansible}/flake.nix                    |  0
 {secrets => ansible}/inventory/hosts.yml          |  0
 secrets/README.md                                 |  7 -------
 15 files changed, 11 insertions(+), 11 deletions(-)
 rename secrets/.gitignore => .gitignore (100%)
 rename {secrets => ansible}/.envrc (100%)
 rename {secrets => ansible}/ansible.cfg (100%)
 rename secrets/deploy.yml => ansible/deploy_secrets.yml (100%)
 rename {secrets => ansible}/files/jefke_host_ed25519 (100%)
 rename {secrets => ansible}/files/jefke_host_ed25519.crt (100%)
 rename {secrets => ansible}/files/jefke_host_ed25519.pub (100%)
 rename {secrets => ansible}/files/jefke_user_ed25519 (100%)
 rename {secrets => ansible}/files/jefke_user_ed25519.crt (100%)
 rename {secrets => ansible}/files/jefke_user_ed25519.pub (100%)
 rename {secrets => ansible}/flake.lock (100%)
 rename {secrets => ansible}/flake.nix (100%)
 rename {secrets => ansible}/inventory/hosts.yml (100%)
 delete mode 100644 secrets/README.md

diff --git a/secrets/.gitignore b/.gitignore
similarity index 100%
rename from secrets/.gitignore
rename to .gitignore
diff --git a/README.md b/README.md
index 4b7a003..76e7bb6 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,14 @@
 Nix definitions to configure our physical servers.
 Currently, only one physical server (named jefke) is implemented.
 
-To deploy:
-```
-nixos-rebuild switch -j auto --target-host root@jefke.hyp --flake ".#jefke"
-```
+## Deployment
+
+### Prerequisites
+
+Before a NixOS definition can be deployed, some prerequite preparational steps must be performed.
+
+1. Manually install NixOS on the physical machine. This could potentially be automated in the future with [nixos-anywhere](https://github.com/nix-community/nixos-anywhere), but for now this is a manual process.
+2. Enable SSH and install authorized keys.
+3. Ensure Python3 is installed for Ansible.
+4. Run Ansible playbook which deploys secrets `ansible-playbook deploy_secrets.yml`.
+5. Deploy the NixOS definition: `nixos-rebuild switch -j auto --target-host root@jefke.hyp --flake ".#jefke"`.
diff --git a/secrets/.envrc b/ansible/.envrc
similarity index 100%
rename from secrets/.envrc
rename to ansible/.envrc
diff --git a/secrets/ansible.cfg b/ansible/ansible.cfg
similarity index 100%
rename from secrets/ansible.cfg
rename to ansible/ansible.cfg
diff --git a/secrets/deploy.yml b/ansible/deploy_secrets.yml
similarity index 100%
rename from secrets/deploy.yml
rename to ansible/deploy_secrets.yml
diff --git a/secrets/files/jefke_host_ed25519 b/ansible/files/jefke_host_ed25519
similarity index 100%
rename from secrets/files/jefke_host_ed25519
rename to ansible/files/jefke_host_ed25519
diff --git a/secrets/files/jefke_host_ed25519.crt b/ansible/files/jefke_host_ed25519.crt
similarity index 100%
rename from secrets/files/jefke_host_ed25519.crt
rename to ansible/files/jefke_host_ed25519.crt
diff --git a/secrets/files/jefke_host_ed25519.pub b/ansible/files/jefke_host_ed25519.pub
similarity index 100%
rename from secrets/files/jefke_host_ed25519.pub
rename to ansible/files/jefke_host_ed25519.pub
diff --git a/secrets/files/jefke_user_ed25519 b/ansible/files/jefke_user_ed25519
similarity index 100%
rename from secrets/files/jefke_user_ed25519
rename to ansible/files/jefke_user_ed25519
diff --git a/secrets/files/jefke_user_ed25519.crt b/ansible/files/jefke_user_ed25519.crt
similarity index 100%
rename from secrets/files/jefke_user_ed25519.crt
rename to ansible/files/jefke_user_ed25519.crt
diff --git a/secrets/files/jefke_user_ed25519.pub b/ansible/files/jefke_user_ed25519.pub
similarity index 100%
rename from secrets/files/jefke_user_ed25519.pub
rename to ansible/files/jefke_user_ed25519.pub
diff --git a/secrets/flake.lock b/ansible/flake.lock
similarity index 100%
rename from secrets/flake.lock
rename to ansible/flake.lock
diff --git a/secrets/flake.nix b/ansible/flake.nix
similarity index 100%
rename from secrets/flake.nix
rename to ansible/flake.nix
diff --git a/secrets/inventory/hosts.yml b/ansible/inventory/hosts.yml
similarity index 100%
rename from secrets/inventory/hosts.yml
rename to ansible/inventory/hosts.yml
diff --git a/secrets/README.md b/secrets/README.md
deleted file mode 100644
index f51972c..0000000
--- a/secrets/README.md
+++ /dev/null
@@ -1,7 +0,0 @@
-We can for now keep using Ansible vault to deploy secrets.
-The steps for setting up a hypervisor will thus become:
-1. Manually install NixOS
-2. Configure SSH and install authorized keys
-3. Ensure python3 is present on the system
-4. Run Ansible script to copy secrets
-5. Run Nix to configure everything else