Infrastructure as Code for our home servers

Find a file

Pim Kunis deb87e4da3 add option to fix MAC address of VM create atlas VM		2023-11-29 18:59:36 +01:00
machines	manage atlas	2023-11-29 17:21:18 +01:00
modules	WIP: nixos-anywhere for virtual machines	2023-11-25 21:00:21 +01:00
secrets	manage atlas	2023-11-29 17:21:18 +01:00
terraform	add option to fix MAC address of VM	2023-11-29 18:59:36 +01:00
.envrc	add psql env variables to .envrc	2023-11-25 14:43:37 +01:00
.gitignore	WIP: nixos-anywhere for virtual machines	2023-11-25 21:00:21 +01:00
bootstrap.sh	WIP: nixos-anywhere for virtual machines	2023-11-25 21:00:21 +01:00
configuration.nix	WIP: nixos-anywhere for virtual machines	2023-11-25 21:00:21 +01:00
flake.lock	improve nixos anywhere script:	2023-11-15 11:41:45 +01:00
flake.nix	WIP: nixos-anywhere for virtual machines	2023-11-25 21:00:21 +01:00
nftables.conf	allow postgresql traffic in nftables	2023-11-24 10:53:18 +01:00
postgresql_server.crt	working postgresql installation	2023-11-24 10:31:23 +01:00
README.md	WIP: nixos-anywhere for virtual machines	2023-11-25 21:00:21 +01:00

README.md

nixos-servers

Nix definitions to configure our physical servers. Currently, only one physical server (named jefke) is implemented but more are planned!

Prerequisites

Install the Nix package manager or NixOS (link)
Enable flake and nix commands (link)
Install Direnv (link)
Allow direnv for this repository: direnv allow

Bootstrapping

We bootstrap our physical server using nixos-anywhere. This reformats the hard disk of the server and installs a fresh NixOS. Additionally, it deploys an age identity, which is later used for decrypting secrets.

⚠️ This will wipe your server completely ⚠️

Make sure your have a Secret service running (such as Keepassxc) that provides the age identity.
Ensure you have root SSH access to the server.
Run nixos-anywhere: ./bootstrap.sh <servername> <hostname>

Deployment

Deployment can simply be done as follows: deploy