Tristan Daniël Maat
3e200c896a
Flake lock file updates: • Updated input 'flake-utils': 'github:numtide/flake-utils/a4b154ebbdc88c8498a5c7b01589addc9e9cb678' (2022-04-11) → 'github:numtide/flake-utils/1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1' (2022-05-30) • Updated input 'nixos-hardware': 'github:nixos/nixos-hardware/6b4ebea9093c997c5f275c820e679108de4871ab' (2022-04-21) → 'github:nixos/nixos-hardware/0cab18a48de7914ef8cad35dca0bb36868f3e1af' (2022-06-01) • Updated input 'nixpkgs': 'github:nixos/nixpkgs/9887f024766aa27704d1f89f623efd1d063da92a' (2022-04-21) → 'github:nixos/nixpkgs/11e805f9935f6ab4b049351ac14f2d1aa93cf1d3' (2022-06-07) • Updated input 'sops-nix': 'github:Mic92/sops-nix/c2614c4fe61943b3d280ac1892fcebe6e8eaf8c8' (2022-04-12) → 'github:Mic92/sops-nix/f075361ecbde21535b38e41dfaa28a28f160855c' (2022-06-05) • Added input 'sops-nix/nixpkgs-21_11': 'github:NixOS/nixpkgs/2de556c4cd46a59e8ce2f85ee4dd400983213d45' (2022-06-04) • Added input 'sops-nix/nixpkgs-22_05': 'github:NixOS/nixpkgs/d6cb04299ce8964290ae7fdcb87aa50da0500b5c' (2022-06-04) |
||
---|---|---|
configuration | ||
keys | ||
lib | ||
modules | ||
pkgs | ||
.gitignore | ||
.sops.yaml | ||
flake.lock | ||
flake.nix | ||
LICENSE | ||
README.md |
tlater.net server configuration
This is the NixOS configuration for tlater.net.
Testing
Building
Build the VM with:
nixos-rebuild build-vm --flake '.#vm'
Running
Note: M-2 will bring up a console for poweroff and such
Running should mostly be as simple as running the command the build script echos.
One caveat: create a larger disk image first. This can be done by running the following in the repository root:
qemu-img create -f qcow2 ./tlaternet.qcow2 20G
Everything else should be handled by the devShell.
New services
Whenever a new service is added, append an appropriate
,hostfwd=::3<port>:<port>
to the QEMU_NET_OPTS
specified in
flake.nix
to bind the service to a host port.
There is no way to test this without binding to the host port, sadly.
Deploying
Currently the deployment process is fully manual because there is no CI system.
Nix makes this fairly painless, though, it's simply:
nixos-rebuild switch --use-remote-sudo --target-host tlater.net --build-host localhost --flake .#tlaternet
This has the added benefit of running the build on the dev machine, which is 99% of the time much faster at building than the target (though artifact upload may take some time on slow connections).
Note that this also requires the current local user to also be present
on the target host, as well as for this user to be in the target
host's wheel group. See nix.trustedUsers
.