❄️ Infrastructure configuration for FSR-operated machines

Find a file

Rouven Seifert 93baff94f1 formatting		2024-01-13 17:40:20 +01:00
.github/workflows	fix cachix ci (#37 )	2023-05-25 23:59:56 +02:00
hosts	tomate: fix printing	2024-01-13 16:38:40 +01:00
keys	sops: add jonasga pgp key	2023-12-26 17:17:42 +01:00
modules	formatting	2024-01-13 17:40:20 +01:00
overlays	use new bacula fixes	2023-12-14 15:51:52 +01:00
pkgs/padlist	matrix: use upstream ldap plugin	2023-11-17 20:38:36 +01:00
secrets	sops: add dex oicd client secret for padlist tool	2024-01-01 16:26:43 +01:00
.gitignore	fix .gitignore	2023-01-09 18:47:37 +01:00
.sops.yaml	sops: rotate again and add jonasga	2023-12-26 18:18:53 +01:00
flake.lock	fix forgejo homedir	2024-01-10 15:23:56 +01:00
flake.nix	tomate: fix missing module causing a failed check	2024-01-02 14:28:58 +01:00
README.md	reflect garbage collection in README.md	2023-07-19 17:52:07 +02:00

README.md

Infrastructure configuration for FSR-operated machines

This repository contains the NixOS configuration files for FSR machines.

Machines configured by this repository:

quitte (new server predestined to run all important services)

Setup

Clone this repository on the target machine to /etc/nixos and build the desired host configuration e.g.

# you may need to copy the generated hardware-configuration.nix to hosts/<hostname>/hardware-configuraion.nix
nixos-rebuild switch --flake .#<hostname>

Tips and Tricks

Resolving merge conflicts in sops files

Required steps

Manually resolve the conflicts in the encrypted file
Open the file using sops --ignore-mac secrets/<hostname>.yml
Change one letter in one of the yml entries to let sops know it has to regenerate the MAC
Close the file. Open it again and revert the change you just did in step 3.