Nix config for my server
- Nix 100%
| secrets | ||
| services | ||
| .gitignore | ||
| .sops.yaml | ||
| configuration.nix | ||
| flake.lock | ||
| flake.nix | ||
| hardware-configuration.nix | ||
| README.md | ||
Nixer
This repository contains nix configuration for my NixOS server.
Using
Since some of the projects that are deployed are private, machine that evaluates this config needs
access to my private git stuff. Easiest way of doing this, is by running nixos-rebuild on my dev machine,
which has all the SSH keys set up, and using the remote builder functionality. Example command is:
nixos-rebuild switch --flake '.#nixer' --build-host root@116.202.25.234 --target-host root@116.202.25.234 --ask-sudo-password
Or, if you are on linux, you can just deploy it somewhere:
nixos-rebuild switch --flake '.#nixer' --target-host nixer --ask-sudo-password
Manual Things
Some things still have to be done manually instead of declarative. Most of the things are secrets:
- set
rootpassword during install - set
viddpassword - for
sparovecandlshopadmin user might have to be created manually - for
forgejoregistration has to be enabled so that admin user can be created. After that, registration should be disabled!
Note
When building on my tower, --max-jobs 8 --cores 0 options yield fastest nix builds.