NixOS configuration
7c014f6534
- Add curl timeout requirement (5 seconds) - Add comprehensive 8-step workflow for new application deployment - Add troubleshooting procedures for domain availability and SSL certs - Add infrastructure roadmap for Borg backup server and sops-nix - Update README with session start protocol and infrastructure tasks |
||
|---|---|---|
| desktop | ||
| servers | ||
| systems | ||
| users | ||
| .gitignore | ||
| agents.md | ||
| flake.lock | ||
| flake.nix | ||
| README.md | ||
NixOS Configuration Repository
Session Start Protocol
Always begin by reading agents.md for workflow instructions and development standards.
System Installation
- Partition the disk:
sudo parted /dev/nvme0n1 -- mklabel gpt
sudo parted /dev/nvme0n1 -- mkpart primary ext4 512MB 100%
sudo parted /dev/nvme0n1 -- mkpart ESP fat32 1MB 512MB
sudo parted /dev/nvme0n1 -- set 2 esp on
sleep 2
sudo mkfs.ext4 /dev/disk/by-partlabel/primary
- Mount the filesystems:
sudo mount -o rw /dev/disk/by-partlabel/primary /mnt/
sudo mkdir /mnt/boot
sudo mkfs.vfat /dev/disk/by-partlabel/ESP
sudo mount -o rw /dev/disk/by-partlabel/ESP /mnt/boot/
sudo mkdir /mnt/root
sudo git clone https://jsutter:b9cf9383b20dc6efe4d0a732d659709097879b67@git.symbiotrip.com/jsutter/nixos /mnt/root/nixos
- Install NixOS:
sudo -i
cd /mnt/root/nixos
nixos-install --flake .#<name> --no-root-password --impure
- Set user password:
nixos-enter --root '/mnt'
passwd jsutter
Infrastructure Roadmap
Planned Work
Borg Backup Server
- Set up a dedicated Borg backup server for automated backups
- Configure backup schedules for critical systems
- Implement retention policies and pruning rules
Secrets Management with sops-nix
- Implement sops-nix for secrets management
- Move all hardcoded secrets from server configs into sops-nix
- Set up encryption keys and key rotation policies
- Document the secrets management workflow