2019-11-26 23:19:19 +00:00
|
|
|
# tlater.net server configuration
|
|
|
|
|
|
|
|
This is the NixOS configuration for [tlater.net](https://tlater.net/).
|
|
|
|
|
|
|
|
## Testing
|
|
|
|
|
|
|
|
### Building
|
|
|
|
|
2021-04-12 01:35:24 +01:00
|
|
|
Build the VM with:
|
2019-11-26 23:19:19 +00:00
|
|
|
|
|
|
|
```
|
2021-04-12 01:35:24 +01:00
|
|
|
nixos-rebuild build-vm --flake '.#vm'
|
2019-11-26 23:19:19 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
### Running
|
|
|
|
|
2021-04-25 02:29:01 +01:00
|
|
|
*Note: M-2 will bring up a console for poweroff and such*
|
|
|
|
|
2021-04-12 01:35:24 +01:00
|
|
|
Running should *mostly* be as simple as running the command the build
|
|
|
|
script echos.
|
2019-11-26 23:19:19 +00:00
|
|
|
|
2021-04-12 01:35:24 +01:00
|
|
|
One caveat: create a larger disk image first. This can be done by
|
|
|
|
running the following in the repository root:
|
|
|
|
|
|
|
|
```bash
|
|
|
|
qemu-img create -f qcow2 ./tlaternet.qcow2 20G
|
2019-11-26 23:19:19 +00:00
|
|
|
```
|
|
|
|
|
2021-04-12 01:35:24 +01:00
|
|
|
Everything else should be handled by the devShell.
|
|
|
|
|
|
|
|
### New services
|
|
|
|
|
|
|
|
Whenever a new service is added, append an appropriate
|
|
|
|
`,hostfwd=::3<port>:<port>` to the `QEMU_NET_OPTS` specified in
|
|
|
|
`flake.nix` to bind the service to a host port.
|
|
|
|
|
|
|
|
There is no way to test this without binding to the host port, sadly.
|
2021-04-28 00:53:05 +01:00
|
|
|
|
|
|
|
## Deploying
|
|
|
|
|
|
|
|
Currently the deployment process is fully manual because there is no
|
|
|
|
CI system.
|
|
|
|
|
|
|
|
Nix makes this fairly painless, though, it's simply:
|
|
|
|
|
|
|
|
```bash
|
|
|
|
nixos-rebuild switch --use-remote-sudo --target-host tlater.net --build-host localhost --flake .#tlaternet
|
|
|
|
```
|
|
|
|
|
|
|
|
This has the added benefit of running the build on the dev machine,
|
|
|
|
which is 99% of the time much faster at building than the target
|
|
|
|
(though artifact upload may take some time on slow connections).
|
|
|
|
|
|
|
|
Note that this also requires the current local user to also be present
|
|
|
|
on the target host, as well as for this user to be in the target
|
|
|
|
host's wheel group. See `nix.trustedUsers`.
|