alyraffauf/nixcfg
1
0
Fork 0
mirror of https://github.com/alyraffauf/nixcfg.git synced 2024-11-22 04:13:55 -05:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
nixcfg/hosts
History
Aly Raffauf ba1d6fe0fd
Some checks are pending
flakehub / flakehub-publish (push) Waiting to run
Details
git-mirror / gitlab-sync (push) Waiting to run
Details
nix-build / default-build (push) Waiting to run
Details
nix-build / fallarbor-build (push) Waiting to run
Details
nix-build / lavaridge-build (push) Waiting to run
Details
nix-build / mauville-build (push) Waiting to run
Details
nix-build / petalburg-build (push) Waiting to run
Details
nix-build / rustboro-build (push) Waiting to run
Details
nix-check / fmt-check (push) Waiting to run
Details
nix-check / eval-check (push) Waiting to run
Details
home: move gnome config to hm (#59) 
* base: limit systemd-boot configurations to 10

* home/gnome: cleanup

* home/gnome: move extesniosn to hm module

* home/gnome: fix nesting

* home/gnome: add cs adjuster

* nixos/gnome: simplify fprintd fixes

* Revert "nixos/gnome: simplify fprintd fixes"

This reverts commit 540ba39bf9.

* home/gnome: enable extensions with dconf

* nixos/gnome: update triple buffer overlay hash
2024-07-23 13:04:10 -04:00
..
common hosts: accept flake config during autoUpgrade 2024-07-22 14:00:32 -04:00
fallarbor hosts: add secrets.nix 2024-07-22 19:56:56 -04:00
lavaridge hosts: add secrets.nix 2024-07-22 19:56:56 -04:00
mauville hosts: add secrets.nix 2024-07-22 19:56:56 -04:00
petalburg home: move gnome config to hm (#59) 2024-07-23 13:04:10 -04:00
rustboro hosts: add secrets.nix 2024-07-22 19:56:56 -04:00
README.md hosts: add README.md 2024-07-20 20:35:01 -04:00

README.md

Hosts

Provisioning New Devices

  1. Create hosts/$HOSTNAME/default.nix and other host-specific nix modules (e.g. disko.nix,hardware.nix, and home.nix).
  2. Add host to nixosConfigurations in flake.nix.
  3. (OPTIONAL) Generate a cert.pem, key.pem, and device ID for Syncthing with syncthing -generate=$HOSTNAME. Find the device ID in the generated config.xml and add it to nixosModules/services/syncthing/default.nix, encrypt the cert and key with agenix, and set them as appropriate in the host configuration.
  4. Install NixOS from this flake. Secrets will not be available on first boot without a valid SSH private key.
  5. Copy the new system's public SSH key (/etc/ssh/ssh_host_ed25519_key.pub) to the host configuration (secrets/publicKeys/root_$HOSTNAME.pub).
  6. Add the new public key to secrets/secrets.nix and rekey all secrets with agenix --rekey.
  7. Rebuild the new system from git. Secrets will be automatically decrypted and immediately available in /run/agenix/ for NixOS and $XDG_RUNTIME_DIR/agenix/ for users.
  8. (OPTIONAL) Generate a new user SSH key and add it to nixosModules/users/default.nix in order to enable passwordless logins to other hosts.