Infrastructure as Code for our home servers
|
||
---|---|---|
docs | ||
legacy | ||
nixos | ||
.envrc | ||
.gitignore | ||
bootstrap.sh | ||
flake.lock | ||
flake.nix | ||
README.md |
nixos-servers
Nix definitions to configure our physical servers. Currently, only one physical server (named jefke) is implemented but more are planned!
Additional documentation
Prerequisites
- Install the Nix package manager or NixOS (link)
- Enable flake and nix commands (link)
- Install Direnv (link)
- Allow direnv for this repository:
direnv allow
Bootstrapping
We bootstrap our physical server using nixos-anywhere. This reformats the hard disk of the server and installs a fresh NixOS. Additionally, it deploys an age identity, which is later used for decrypting secrets.
⚠️ This will wipe your server completely ⚠️
- Make sure your have a Secret service running (such as Keepassxc) that provides the age identity.
- Ensure you have root SSH access to the server.
- Run nixos-anywhere:
./bootstrap.sh <servername> <hostname>
Deployment
To deploy all servers at once: deploy
To deploy only one server: deploy --targets .#<host>