Configuration files for my NixOS and nix-darwin machines.
Very much a work in progress.
Create a root password using the TTY
sudo su
passwdFrom your host, copy the public SSH key to the server
export NIXOS_HOST=192.168.2.xxx
ssh-add ~/.ssh/notthebee
ssh-copy-id -i ~/.ssh/notthebee root@$NIXOS_HOSTSSH into the host with agent forwarding enabled (for the secrets repo access)
ssh -A root@$NIXOS_HOSTEnable flakes
mkdir -p ~/.config/nix
echo "experimental-features = nix-command flakes" >> ~/.config/nix/nix.confPartition and mount the drives using disko
DISK='/dev/disk/by-id/ata-Samsung_SSD_870_EVO_250GB_S6PENL0T902873K'
DISK2='/dev/disk/by-id/ata-Samsung_SSD_870_EVO_250GB_S6PE58S586SAER'
curl https://raw.githubusercontent.com/notthebee/nix-config/main/disko/zfs-root/default.nix \
-o /tmp/disko.nix
sed -i "s|to-be-filled-during-installation|$DISK|" /tmp/disko.nix
nix --experimental-features "nix-command flakes" run github:nix-community/disko \
-- -m destroy,format,mount /tmp/disko.nixInstall git and git-crypt
nix-env -f '<nixpkgs>' -iA git
nix-env -f '<nixpkgs>' -iA git-cryptClone this repository
mkdir -p /mnt/etc/nixos
git clone https://github.com/notthebee/nix-config.git /mnt/etc/nixosPut the private and GPG key into place (required for secret management)
mkdir -p /mnt/home/notthebee/.ssh
exit
scp ~/.ssh/notthebee root@$NIXOS_HOST:/mnt/home/notthebee/.ssh
scp ~/.ssh/git-crypt-nix root@$NIXOS_HOST:/mnt/home/notthebee/.ssh
ssh root@$NIXOS_HOST
chmod 700 /mnt/home/notthebee/.ssh
chmod 600 /mnt/home/notthebee/.ssh/*Unlock the git-crypt vault
cd /mnt/etc/nixos
chown -R root:root .
git-crypt unlock /mnt/home/notthebee/.ssh/git-crypt-nixInstall the system
nixos-install \
--root "/mnt" \
--no-root-passwd \
--flake "git+file:///mnt/etc/nixos#hostname" # alison, emily, etc.Unmount the filesystems
umount "/mnt/boot/efis/*"
umount -Rl "/mnt"
zpool export -aReboot
reboot