chore: update readme
Signed-off-by: Myned <dev@bjork.tech>
This commit is contained in:
parent
e98e4f41f3
commit
74863d2a88
GPG key ID:
C7224454F7881A34
1 changed files with 58 additions and 42 deletions
46
README.md
46
README.md
|
|
@ -9,7 +9,7 @@
|
|||
1. Clone this repository
|
||||
|
||||
```sh
|
||||
git clone https://github.com/Myned/nixos
|
||||
git clone https://github.com/myned/nixos
|
||||
```
|
||||
|
||||
2. Enable [Flakes](https://wiki.nixos.org/wiki/Flakes)
|
||||
|
|
@ -18,13 +18,13 @@
|
|||
|
||||
4. Create machine-specific modules in `machines/MACHINE/`
|
||||
|
||||
b. Machine configuration and hostname in `default.nix`
|
||||
a. Machine configuration and hostname in `default.nix`
|
||||
|
||||
```nix
|
||||
{ custom.hostname = "MACHINE"; }
|
||||
```
|
||||
|
||||
c. [Disko](https://github.com/nix-community/disko) layout in `disko.nix`
|
||||
b. [Disko](https://github.com/nix-community/disko) layout in `disko.nix`
|
||||
|
||||
```sh
|
||||
# Verify /dev identifier on machine
|
||||
|
|
@ -34,7 +34,7 @@
|
|||
[ -d /sys/firmware/efi/efivars ] && echo "UEFI" || echo "BIOS"
|
||||
```
|
||||
|
||||
d. Generated hardware configuration in `hardware-configuration.nix`
|
||||
c. Generated hardware configuration in `hardware-configuration.nix`
|
||||
|
||||
```sh
|
||||
nixos-generate-config --show-hardware-config --no-filesystems --root /mnt
|
||||
|
|
@ -43,34 +43,50 @@
|
|||
5. Choose profile and add machine-specific modules to `flake.in.nix`
|
||||
|
||||
```nix
|
||||
MACHINE = BRANCH [ ./profiles/PROFILE ./machines/MACHINE ];
|
||||
MACHINE = BRANCH "ARCHITECTURE" [ ./profiles/PROFILE ./machines/MACHINE ];
|
||||
```
|
||||
|
||||
6. Generate `flake.nix` with [flakegen](https://github.com/jorsn/flakegen)
|
||||
6. Generate and lock `flake.nix` with [flakegen](https://github.com/jorsn/flakegen)
|
||||
|
||||
```sh
|
||||
cd nixos
|
||||
git add .
|
||||
nix run .#genflake flake.nix
|
||||
nix flake lock
|
||||
```
|
||||
|
||||
7. Copy host public SSH key to root on machine
|
||||
7. Generate machine SSH key and rekey agenix secrets with added public key
|
||||
|
||||
```sh
|
||||
# On machine
|
||||
sudo passwd root
|
||||
mkdir -p tmp/etc/ssh/
|
||||
ssh-keygen -f tmp/etc/ssh/id_ed25519 -N '' -C root@MACHINE
|
||||
cd secrets
|
||||
agenix -r
|
||||
```
|
||||
|
||||
8. Add user SSH key to root authorized_keys on machine
|
||||
|
||||
```sh
|
||||
# On host
|
||||
ssh-copy-id root@MACHINE
|
||||
cat ~/.ssh/id_ed25519.pub | wl-copy
|
||||
```
|
||||
|
||||
8. Test and execute [NixOS Anywhere](https://github.com/nix-community/nixos-anywhere)
|
||||
|
||||
```sh
|
||||
nixos-anywhere --vm-test -f .#MACHINE root@IP
|
||||
nixos-anywhere -f .#MACHINE root@IP
|
||||
# On machine
|
||||
sudo mkdir /root/.ssh/
|
||||
sudo nano /root/.ssh/authorized_keys
|
||||
```
|
||||
|
||||
9. Shutdown, detach ISO, and reboot
|
||||
9. Execute [NixOS Anywhere](https://github.com/nix-community/nixos-anywhere)
|
||||
|
||||
```sh
|
||||
nixos-anywhere --extra-files tmp --flake .#MACHINE root@IP
|
||||
```
|
||||
|
||||
10. Shutdown, detach ISO, and reboot
|
||||
|
||||
11. Remove temporary files
|
||||
|
||||
```sh
|
||||
rm -r tmp
|
||||
```
|
||||
|
|
|
|||
Loading…
Reference in a new issue