jordan/nix-config
1
1
Fork 0
Code Issues 14 Pull Requests Actions Projects 3 Wiki Activity
nix-config/hosts/new.md

1.2 KiB
Raw Blame History

Steps to add a new host

  1. Generate an SSH host key to be used for secrets ssh-keygen -t ed25519 -f /tmp/ssh_host_ed25519_key -C ""
  2. Go to borgmatic.com, add the generated SSH key and create a new repository
  3. Add a new host entry to nix-secrets/secrets.nix
  4. Generate a repository passphrase in nix-secrets
  5. Commit nix-secrets and run nix flake update in nix-config
  6. Add a README.md and default.nix suited to the host
  7. Define (or generate with nixos-generate-config) a hardware-configuration.nix
  8. Define the disk layout to be used by disko
  9. Commit nix-config
  10. Boot the NixOS installer
  11. Copy the generated SSH host key to /etc/ssh
  12. Run nix run github:nix-community/nixos-anywhere -- --flake .#<hostname> root@<ip address>

Post install

The backup and Tailscale modules won't work until the following steps are completed.

  1. Run sudo borgmatic init --encryption repokey-blake2
  2. Restart borgmatic
  3. Run sudo tailscale up --login-server https://headscale.vimium.net
  4. Visit the URL, then SSH onto vps1 and run headscale --user mesh nodes register --key <key>
  5. (Optionally) Give the Tailscale node a friendly name with headscale node rename -i <index> <hostname>