Automate Host Setup with Script #9

New issue

Open

opened 2024-10-02 19:08:04 +02:00 by fabianhauser · 0 comments

fabianhauser commented

2024-10-02 19:08:04 +02:00

Owner

Automate host setup as described in nixos-configurations/setup.md. Most of the stuff is already pretty close to a script.

Write a package that automates most steps in documentation (see packages/sops-rekey for inspiration)
Include script in devShell

Idea for interface:

$ qois-setup-host myhostname x.y.z.a [--luks] [--generate-system-secrets] [--proxy user@jumphost]

Did you update the AGE keys to the setup tools setup keys? [Enter]
Did you check the interfaces names to be correct? [Enter]
Installing to "myhostname", which is reachable on "x.y.z.a". Continue? Host will be cleared. [Enter]

Issues

The initrd-ssh-secrets can currently not be deployed by sops, see this limitations section in nix-sops. They must be somehow manually copied over before the deploy (but after partitioning).

Automate host setup as described in [`nixos-configurations/setup.md`](https://git.qo.is/qo.is/infrastructure/-/blob/master/nixos-configurations/setup.md). Most of the stuff is already pretty close to a script. - [ ] Write a package that automates most steps in documentation (see `packages/sops-rekey` for inspiration) - [ ] Include script in devShell Idea for interface: ```bash $ qois-setup-host myhostname x.y.z.a [--luks] [--generate-system-secrets] [--proxy user@jumphost] Did you update the AGE keys to the setup tools setup keys? [Enter] Did you check the interfaces names to be correct? [Enter] Installing to "myhostname", which is reachable on "x.y.z.a". Continue? Host will be cleared. [Enter] ``` ## Issues - The initrd-ssh-secrets can currently not be deployed by sops, see [this limitations section in nix-sops](https://github.com/Mic92/sops-nix?tab=readme-ov-file#initrd-secrets). They must be somehow manually copied over before the deploy (but after partitioning).