Infrastructure as Code for our home servers
Find a file
Pim Kunis d7a565f2ce use btrfs as main OS parition type
add 4GB swap partition
closes #6
closes #7
2023-11-19 17:48:57 +01:00
machines create helpers for creating nixos system and deploy nodes 2023-11-15 13:06:59 +01:00
secrets remove ansible 2023-11-14 23:53:04 +01:00
.envrc improve nixos anywhere script: 2023-11-15 11:41:45 +01:00
.gitignore update README 2023-11-05 19:03:44 +01:00
agenix.nix fix formatter error 2023-11-15 13:10:27 +01:00
bootstrap.sh switch to flake version of nixos-anywhere due to nixos-unstable issue 2023-11-15 13:37:13 +01:00
configuration.nix remove rust-motd because it is interferring with SSH 2023-11-19 17:31:12 +01:00
disk-config.nix use btrfs as main OS parition type 2023-11-19 17:48:57 +01:00
flake.lock improve nixos anywhere script: 2023-11-15 11:41:45 +01:00
flake.nix switch to flake version of nixos-anywhere due to nixos-unstable issue 2023-11-15 13:37:13 +01:00
hardware-configuration.nix use rust-motd for greeting message 2023-11-15 21:25:35 +01:00
nftables.conf add firewall! 2023-11-08 21:16:51 +01:00
README.md switch to flake version of nixos-anywhere due to nixos-unstable issue 2023-11-15 13:37:13 +01:00

nixos-servers

Nix definitions to configure our physical servers. Currently, only one physical server (named jefke) is implemented but more are planned!

Prerequisites

  1. Install the Nix package manager or NixOS (link)
  2. Enable flake and nix commands (link)
  3. Install Direnv (link)
  4. Allow direnv for this repository: direnv allow

Bootstrapping

We bootstrap our physical server using nixos-anywhere. This reformats the hard disk of the server and installs a fresh NixOS. Additionally, it deploys an age identity, which is later used for decrypting secrets.

⚠️ This will wipe your server completely ⚠️

  1. Make sure your have a Secret service running (such as Keepassxc) that provides the age identity.
  2. Ensure you have root SSH access to the server.
  3. Run nixos-anywhere: ./bootstrap.sh <servername>

Deployment

Deployment can simply be done as follows: deploy