qo.is/infrastructure
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Activity Actions

Automate Host Setup with Script #9

New issue
Open
opened 2024-10-02 19:08:04 +02:00 by fabianhauser · 0 comments
fabianhauser commented 2024-10-02 19:08:04 +02:00
Owner
Copy link

Automate host setup as described in nixos-configurations/setup.md. Most of the stuff is already pretty close to a script.

  • Write a package that automates most steps in documentation (see packages/sops-rekey for inspiration)
  • Include script in devShell

Idea for interface:

$ qois-setup-host myhostname x.y.z.a [--luks] [--generate-system-secrets] [--proxy user@jumphost]

Did you update the AGE keys to the setup tools setup keys? [Enter]
Did you check the interfaces names to be correct? [Enter]
Installing to "myhostname", which is reachable on "x.y.z.a". Continue? Host will be cleared. [Enter]

Issues

  • The initrd-ssh-secrets can currently not be deployed by sops, see this limitations section in nix-sops. They must be somehow manually copied over before the deploy (but after partitioning).
Automate host setup as described in [`nixos-configurations/setup.md`](https://git.qo.is/qo.is/infrastructure/-/blob/master/nixos-configurations/setup.md). Most of the stuff is already pretty close to a script. - [ ] Write a package that automates most steps in documentation (see `packages/sops-rekey` for inspiration) - [ ] Include script in devShell Idea for interface: ```bash $ qois-setup-host myhostname x.y.z.a [--luks] [--generate-system-secrets] [--proxy user@jumphost] Did you update the AGE keys to the setup tools setup keys? [Enter] Did you check the interfaces names to be correct? [Enter] Installing to "myhostname", which is reachable on "x.y.z.a". Continue? Host will be cleared. [Enter] ``` ## Issues - The initrd-ssh-secrets can currently not be deployed by sops, see [this limitations section in nix-sops](https://github.com/Mic92/sops-nix?tab=readme-ov-file#initrd-secrets). They must be somehow manually copied over before the deploy (but after partitioning).
fabianhauser added the
enhancement
 label 2024-10-02 19:08:04 +02:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
No results found.
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
urgent

This issue should be tackled soon

  
wontfix

This won't be fixed

No labels
bug
duplicate
enhancement
help wanted
invalid
question
urgent
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: qo.is/infrastructure#9
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?