66 lines
1.1 KiB
Markdown
66 lines
1.1 KiB
Markdown
# jalr's NixOS Configuration
|
|
|
|
## Install a new host
|
|
|
|
This installs nixos on host `somehost`:
|
|
|
|
### NixOS Anywhere
|
|
|
|
```bash
|
|
nix run github:nix-community/nixos-anywhere -- --flake .#<somehost> root@<somehost>
|
|
```
|
|
|
|
### The traditional way
|
|
|
|
```bash
|
|
nix-shell -p nixUnstable --run 'nixos-install --flake https://gitlab.jalr.de/jalr/nixos-configuration#somehost --no-channel-copy'
|
|
```
|
|
|
|
### Build a configuration
|
|
|
|
```
|
|
nix build .#nixosConfigurations.iron.config.system.build.toplevel
|
|
```
|
|
|
|
### setting up sops
|
|
Get the host key and convert it.
|
|
```bash
|
|
ssh-keyscan -t ed25519 $host | ssh-to-age
|
|
```
|
|
|
|
Then add the key to `.sops.yaml`
|
|
|
|
If the key changed, you might want to run
|
|
```bash
|
|
sops updatekeys hosts/$host/secrets.yaml
|
|
```
|
|
|
|
## nix repl
|
|
start an interactive environment for evaluating Nix expressions
|
|
|
|
```
|
|
$ nix repl
|
|
|
|
nix-repl> a=builtins.getFlake (toString ./.)
|
|
```
|
|
|
|
```
|
|
$ nix repl
|
|
|
|
nix-repl> :lf .#
|
|
```
|
|
|
|
|
|
## Import GPG public key
|
|
```
|
|
gpg --card-edit
|
|
gpg/card> fetch
|
|
gpg --edit-key $key
|
|
gpg> trust
|
|
Your decision? 5
|
|
```
|
|
|
|
## Debugging boot issues
|
|
|
|
1. Add `rd.systemd.debug_shell` kernel parameter
|
|
2. Press CTRL+ALT+F9 to switch to root shell
|