1
1
Fork 0

chore: update readme

Signed-off-by: Myned <dev@bjork.tech>
This commit is contained in:
Myned 2024-10-08 21:28:14 -05:00
parent e98e4f41f3
commit 74863d2a88
Signed by: Myned
GPG key ID: C7224454F7881A34

View file

@ -9,7 +9,7 @@
1. Clone this repository 1. Clone this repository
```sh ```sh
git clone https://github.com/Myned/nixos git clone https://github.com/myned/nixos
``` ```
2. Enable [Flakes](https://wiki.nixos.org/wiki/Flakes) 2. Enable [Flakes](https://wiki.nixos.org/wiki/Flakes)
@ -18,13 +18,13 @@
4. Create machine-specific modules in `machines/MACHINE/` 4. Create machine-specific modules in `machines/MACHINE/`
b. Machine configuration and hostname in `default.nix` a. Machine configuration and hostname in `default.nix`
```nix ```nix
{ custom.hostname = "MACHINE"; } { custom.hostname = "MACHINE"; }
``` ```
c. [Disko](https://github.com/nix-community/disko) layout in `disko.nix` b. [Disko](https://github.com/nix-community/disko) layout in `disko.nix`
```sh ```sh
# Verify /dev identifier on machine # Verify /dev identifier on machine
@ -34,7 +34,7 @@
[ -d /sys/firmware/efi/efivars ] && echo "UEFI" || echo "BIOS" [ -d /sys/firmware/efi/efivars ] && echo "UEFI" || echo "BIOS"
``` ```
d. Generated hardware configuration in `hardware-configuration.nix` c. Generated hardware configuration in `hardware-configuration.nix`
```sh ```sh
nixos-generate-config --show-hardware-config --no-filesystems --root /mnt nixos-generate-config --show-hardware-config --no-filesystems --root /mnt
@ -43,34 +43,50 @@
5. Choose profile and add machine-specific modules to `flake.in.nix` 5. Choose profile and add machine-specific modules to `flake.in.nix`
```nix ```nix
MACHINE = BRANCH [ ./profiles/PROFILE ./machines/MACHINE ]; MACHINE = BRANCH "ARCHITECTURE" [ ./profiles/PROFILE ./machines/MACHINE ];
``` ```
6. Generate `flake.nix` with [flakegen](https://github.com/jorsn/flakegen) 6. Generate and lock `flake.nix` with [flakegen](https://github.com/jorsn/flakegen)
```sh ```sh
cd nixos
git add . git add .
nix run .#genflake flake.nix nix run .#genflake flake.nix
nix flake lock nix flake lock
``` ```
7. Copy host public SSH key to root on machine 7. Generate machine SSH key and rekey agenix secrets with added public key
```sh ```sh
# On machine mkdir -p tmp/etc/ssh/
sudo passwd root ssh-keygen -f tmp/etc/ssh/id_ed25519 -N '' -C root@MACHINE
cd secrets
agenix -r
``` ```
8. Add user SSH key to root authorized_keys on machine
```sh ```sh
# On host # On host
ssh-copy-id root@MACHINE cat ~/.ssh/id_ed25519.pub | wl-copy
``` ```
8. Test and execute [NixOS Anywhere](https://github.com/nix-community/nixos-anywhere)
```sh ```sh
nixos-anywhere --vm-test -f .#MACHINE root@IP # On machine
nixos-anywhere -f .#MACHINE root@IP sudo mkdir /root/.ssh/
sudo nano /root/.ssh/authorized_keys
``` ```
9. Shutdown, detach ISO, and reboot 9. Execute [NixOS Anywhere](https://github.com/nix-community/nixos-anywhere)
```sh
nixos-anywhere --extra-files tmp --flake .#MACHINE root@IP
```
10. Shutdown, detach ISO, and reboot
11. Remove temporary files
```sh
rm -r tmp
```