Go to file
Ari Gato 3eed0bb1e5
CI / aarch64-linux (push) Has been cancelled Details
CI / x86_64-linux (push) Has been cancelled Details
m/common: chore: fmt
2024-06-11 14:01:07 +02:00
.forgejo/workflows ci: typo 2024-06-02 15:08:57 +02:00
.github/workflows ci: typo 2024-06-02 15:08:57 +02:00
modules m/common: chore: fmt 2024-06-11 14:01:07 +02:00
nixos n/zorigami: WIP akkoma frontend hack 2024-06-11 13:32:32 +02:00
overlays chore: fmt 2024-06-02 15:08:58 +02:00
pkgs pkgs/glitch-soc: updates 2024-06-11 14:00:45 +02:00
secrets n/zorigami: add matrix (dendrite) server instance for automata.of-a.cat 2024-06-02 15:08:58 +02:00
.ci.sdImages.sh crimes 2024-06-02 15:08:09 +02:00
.ci.sh crimes 2024-06-02 15:08:09 +02:00
.gitignore scaffolding 2023-09-17 21:36:58 +02:00
README.md readme update 2024-06-02 15:08:10 +02:00
ci-secrets.nix chore: fmt 2024-06-02 15:08:57 +02:00
flake.lock chore: flake lock updates 2024-06-11 13:40:54 +02:00
flake.nix chore: fmt, renames 2024-06-02 15:08:57 +02:00
meta.nix meta: avoid repetition with targetHost 2024-06-02 15:08:57 +02:00
secrets.nix n/zorigami: add matrix (dendrite) server instance for automata.of-a.cat 2024-06-02 15:08:58 +02:00


My personal NixOS infrastructure configurations

This repository contains configurations for Most™ of my NixOS machines.

All of the host configurations are deployable using deploy-rs, colmena, and plain old nixos-rebuild. See deploy.nodes and colmena crimes in flake outputs for details how. Initial host deploment, sadly, needs to happen manually (for now at least). Secrets are managed using agenix, instead of any deployment-tool-native secret manager.

General usage

Adding new module

$ echo -e "{ config, lib, pkgs, inputs, ... }:\n\n{\n}" > modules/new-module.nix

Adding new host

$ mkdir nixos/newhost
$ echo -e "{ config, lib, pkgs, inputs, ... }:\n\n{\n}" > nixos/newhost/default.nix
$ echo '{"publicKey": "…", "targetHost": "…", "system": "aarch64-linux"}' | jq -rM > nixos/newhost/meta.json

Exploring generated configurations

Colmena has a nice feature here called colmena repl. Go out there and explore nodes and its attributes.

Before you commit

To keep things clean, uniform, and working at least on some basic level, remember to:

$ nix flake check --no-build
$ nix fmt

Small bit of warning: nix fmt, with formatters as configured (deadnix specifically) will remove unused variables and such. Might be annoying when things are work-in-progress.

Deploying new configurations

There are multiple options here. You can use nixos-rebuild either locally:

$ sudo nixos-rebuild switch --flake .#microlith


$ nixos-rebuild switch --target-host root@zorigami --build-host root@zorigami --flake .#zorigami

remotely using deploy-rs:

$ deploy .#scylla

or using colmena:

$ colmena apply --on khas

All of these should generally work, though I prefer to use deploy-rs on my router (because of magic rollback) when deploying bigger changes, and colmena in most cases, because it's faster. And if the changes you're about to deploy had a chance to be built by "CI", most stuff shouldn't need to be built locally.

Warnings about colmena and deploy being unknown flake outputs are known, and will stay here at least until schemas get implemented for these.

General notes

Feel free to use this as a basis for your own configuration flakes, but while I keep things here working for me, the general state might not reflect best practices. Use caution, and if you feel like you don't really understand something (and there are some code crimes commited here), don't feel obliged to use it just because it's already here.