2023-10-20 20:39:12 +00:00
|
|
|
# My personal NixOS infrastructure configurations
|
|
|
|
|
|
|
|
This repository contains configurations for Most™ of my NixOS machines.
|
|
|
|
|
|
|
|
All of the host configurations are deployable using
|
|
|
|
[deploy-rs](https://github.com/serokell/deploy-rs),
|
|
|
|
[colmena](https://colmena.cli.rs/), and plain old `nixos-rebuild`. See
|
|
|
|
`deploy.nodes` and `colmena` crimes in flake outputs for details how. Initial
|
|
|
|
host deploment, sadly, needs to happen manually (for now at least). Secrets are
|
|
|
|
managed using [agenix](https://github.com/ryantm/agenix), instead of any
|
|
|
|
deployment-tool-native secret manager.
|
|
|
|
|
|
|
|
## General usage
|
|
|
|
### Adding new module
|
|
|
|
```
|
|
|
|
$ echo -e "{ config, lib, pkgs, inputs, ... }:\n\n{\n}" > modules/new-module.nix
|
|
|
|
```
|
|
|
|
|
|
|
|
### Adding new host
|
|
|
|
```
|
|
|
|
$ mkdir nixos/newhost
|
|
|
|
$ echo -e "{ config, lib, pkgs, inputs, ... }:\n\n{\n}" > nixos/newhost/default.nix
|
2023-12-01 21:36:58 +00:00
|
|
|
$ echo '{"publicKey": "…", "targetHost": "…", "system": "aarch64-linux"}' | jq -rM > nixos/newhost/meta.json
|
2023-10-20 20:39:12 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
### Exploring generated configurations
|
|
|
|
Colmena has a nice feature here called `colmena repl`. Go out there and explore
|
|
|
|
`nodes` and its attributes.
|
|
|
|
|
|
|
|
### Before you commit
|
|
|
|
To keep things clean, uniform, and working at least on some basic level,
|
|
|
|
remember to:
|
|
|
|
```
|
|
|
|
$ nix flake check --no-build
|
|
|
|
$ nix fmt
|
|
|
|
```
|
|
|
|
Small bit of warning: `nix fmt`, with formatters as configured (`deadnix`
|
|
|
|
specifically) *will* remove unused variables and such. Might be annoying when
|
|
|
|
things are work-in-progress.
|
|
|
|
|
|
|
|
### Deploying new configurations
|
|
|
|
There are multiple options here. You can use `nixos-rebuild` either locally:
|
|
|
|
```
|
|
|
|
$ sudo nixos-rebuild switch --flake .#microlith
|
|
|
|
```
|
|
|
|
remotely:
|
|
|
|
```
|
|
|
|
$ nixos-rebuild switch --target-host root@zorigami --build-host root@zorigami --flake .#zorigami
|
|
|
|
```
|
|
|
|
remotely using `deploy-rs`:
|
|
|
|
```
|
2023-10-20 20:49:52 +00:00
|
|
|
$ deploy .#scylla
|
2023-10-20 20:39:12 +00:00
|
|
|
```
|
|
|
|
or using `colmena`:
|
|
|
|
```
|
|
|
|
$ colmena apply --on khas
|
|
|
|
```
|
|
|
|
All of these *should* generally work, though I prefer to use `deploy-rs` on my
|
|
|
|
router (because of magic rollback) when deploying bigger changes, and `colmena`
|
|
|
|
in most cases, because it's faster. And if the changes you're about to deploy
|
|
|
|
had a chance to be built by "CI", most stuff shouldn't need to be built locally.
|
|
|
|
|
2023-10-20 20:49:52 +00:00
|
|
|
Warnings about `colmena` and `deploy` being unknown flake outputs are known, and
|
|
|
|
will stay here at least until
|
|
|
|
[schemas](https://determinate.systems/posts/flake-schemas) get implemented for
|
|
|
|
these.
|
|
|
|
|
2023-10-20 20:39:12 +00:00
|
|
|
## General notes
|
|
|
|
Feel free to use this as a basis for your own configuration flakes, but while I
|
|
|
|
keep things here working for me, the general state might not reflect best
|
|
|
|
practices. Use caution, and if you feel like you don't really understand
|
|
|
|
something (and there are some code crimes commited here), don't feel obliged to
|
|
|
|
use it just because it's already here.
|