Skip to content

Freifunk-Rhein-Neckar/nixos-config

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

101 Commits
machines
machines
 
 
modules
modules
 
 
nix
nix
 
 
roles
roles
 
 
secrets @ ab1ac64
secrets @ ab1ac64
 
 
.gitmodules
.gitmodules
 
 
README.md
README.md
 
 
hive.nix
hive.nix
 
 
shell.nix
shell.nix
 
 

Repository files navigation

nixos-config

This is the NixOS Config Repo of Freifunk Rhein-Neckar.

The current deployment tool is Colmena.

Secrets are stored encypted with agenix in the private nixos-secrets Repository.

Deployment

It's not neccesary to run NixOS to deploy. Hoewer the Nix package Mananger has to be installed.

Clone this repo with it's submodules and enter the dir.

Run nix-shell. This will give you an shell where all relevant packages (colmena, agenix, niv, ... ) are installed.

Build only

colmena build

Build and deploy

colmena apply

You can also deploy to some to reduce impact:

colmena apply --on "gw01*"

colmena apply --on "gw0[1-4]*"

colmena apply --on "gw02,gw04,gw06,gw08"

And it's also possible to deploy in a way so config will only be activated for the next boot:

colmena apply boot

colmena apply --on "gw01" boot

The --no-substitute parameter is quite useful if the target node(s) is reachable by colmena but has no working internet connection to copy closures from public caches.

Secrets

To create, edit or view secrets cd into the secrets dir.

Create secrets

Modify secrets.nix with an editor of your choice and define which keys should be decryptable with which secret.

And now edit the secret:

Edit secrets

agenix -e gw01/fastd.age

Print secrets

agenix -d gw01/fastd.age

Update

niv update nixpkgs

Ideally only commited and pushed changes are deployed.

About

FFRN nixos-config

Resources

Readme
Activity
Custom properties

Stars

3 stars

Watchers

3 watching

Forks

1 fork
Report repository

Contributors 2

  •  
  •  

Languages