home/nixos-servers
home/nixos-servers
2
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

docs(readme): Update deployment instructions

Browse source 
docs(readme): Fix commands for ZSH
This commit is contained in:
Pim Kunis 2024-07-14 13:31:18 +02:00
parent cf804ac260
commit eeef91333b
1 changed files with 16 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
README.md
View file

@ -30,22 +30,32 @@ Additionally, it deploys an age identity, which is later used for decrypting sec
1. Make sure your have a [Secret service](https://www.gnu.org/software/emacs/manual/html_node/auth/Secret-Service-API.html) running (such as Keepassxc) that provides the age identity. 1. Make sure your have a [Secret service](https://www.gnu.org/software/emacs/manual/html_node/auth/Secret-Service-API.html) running (such as Keepassxc) that provides the age identity.
2. Ensure you have root SSH access to the server. 2. Ensure you have root SSH access to the server.
3. Run nixos-anywhere: `nix run .#bootstrap <servername> <hostname>` 3. Run nixos-anywhere: `nix run '.#bootstrap' <servername> <hostname>`
### Deployment ### Deployment
To deploy all servers at once: `nix run nixpkgs#deploy-rs -- .# -k` To deploy all servers at once: `nix run 'nixpkgs#deploy-rs' -- '.#' -k`
To deploy only one server: `nix run nixpkgs#deploy-rs -- -k --targets .#<host>` To deploy only one server: `nix run 'nixpkgs#deploy-rs' -- -k --targets '.#<host>'`
## Deploying to Kubernetes ## Deploying to Kubernetes
To deploy to the Kubernetes cluster, first make sure you have an admin account on the cluster. To deploy to the Kubernetes cluster, first make sure you have an admin account on the cluster.
You can generate this using `nix run .#gen-k3s-cert <username> <servername> ~/.kube`, assuming you have SSH access to the master node. You can generate this using `nix run '.#gen-k3s-cert' <username> <servername> ~/.kube`, assuming you have SSH access to the master node.
This puts a private key, signed certificate and a kubeconfig in the kubeconfig directory This puts a private key, signed certificate and a kubeconfig in the kubeconfig directory
If the cluster has not been initialized yet, next run `nix run .#kubenix-bootstrap.x86_64-linux`. If the cluster has not been initialized yet, next run `nix run '.#kubenix.x86_64-linux.bootstrap.deploy'`.
Lastly, deploy everything to the cluster using `nix run .#kubenix.x86_64-linux`. Applications are currently deployed in two method:
- A single big deployment of many applications (which I am trying to move away from)
- A separate deployment for each application using [ApplySets](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/declarative-config/#how-to-delete-objects)
The first method: `nix run '.#kubenix.x86_64-linux.all.deploy'`
The second method: `nix run '.#kubenix.x86_64-linux.<application>.deploy'`
Currently, the applications being deployed like this are:
- `cyberchef`
- `freshrss`
Lastly, deploy everything to the cluster using `nix run '.#kubenix.x86_64-linux'`.
## Known bugs ## Known bugs