Infrastructure as Code for our home servers

Find a file

Pim Kunis b4fbc0b955 improve nixos anywhere script: - deploy age identity - make script machine indepdendent - add sanity check for wiping the system create nix shell for running the script		2023-11-15 11:41:45 +01:00
secrets	remove ansible	2023-11-14 23:53:04 +01:00
.envrc	improve nixos anywhere script:	2023-11-15 11:41:45 +01:00
.gitignore	update README	2023-11-05 19:03:44 +01:00
agenix.nix	remove ansible	2023-11-14 23:53:04 +01:00
configuration.nix	remove ansible	2023-11-14 23:53:04 +01:00
disk-config.nix	initial nixos-anywhere	2023-11-13 22:44:43 +01:00
flake.lock	improve nixos anywhere script:	2023-11-15 11:41:45 +01:00
flake.nix	improve nixos anywhere script:	2023-11-15 11:41:45 +01:00
hardware-configuration.nix	initial nixos-anywhere	2023-11-13 22:44:43 +01:00
jefke_host_ed25519-cert.pub	remove ansible	2023-11-14 23:53:04 +01:00
jefke_user_ed25519-cert.pub	remove ansible	2023-11-14 23:53:04 +01:00
nftables.conf	add firewall!	2023-11-08 21:16:51 +01:00
nixos-anywhere.sh	improve nixos anywhere script:	2023-11-15 11:41:45 +01:00
README.md	initial nixos-anywhere	2023-11-13 22:44:43 +01:00

nixos-servers

Nix definitions to configure our physical servers. Currently, only one physical server (named jefke) is implemented.

Deployment

nix run github:numtide/nixos-anywhere -- --flake .#hypervisor root@jefke.hyp

Before a NixOS definition can be deployed, some prerequite preparational steps must be performed.

Manually install NixOS on the physical machine. This could potentially be automated in the future with nixos-anywhere, but for now this is a manual process.
Enable SSH and install authorized keys.
Ensure Python3 is installed for Ansible.
Run Ansible playbook which deploys secrets ansible-playbook deploy_secrets.yml.

Finally, the NixOS definition can be deployed as follows: nix run github:serokell/deploy-rs.