| .github/workflows | ||
| config | ||
| hosts | ||
| keys | ||
| miscellaneous | ||
| modules | ||
| pkgs | ||
| secrets | ||
| .gitignore | ||
| .sops.yaml | ||
| flake.lock | ||
| flake.nix | ||
| README.md | ||
Infrastructure configuration for FSR-operated machines
This repository contains the NixOS configuration files for FSR machines.
Machines configures by this repository:
birne(the printer notebook)tomate(backup endpoint and office computer)quitte(new server predestined to run all important services)
Setup
Clone this repository on the target machine to /etc/nixos and build the desired host configuration e.g.
# you may need to copy the generated hardware-configuration.nix to hosts/<hostname>/hardware-configuraion.nix
nixos-rebuild switch --flake .#<hostname>
Tips and Tricks
Resolving merge conflicts in sops files
Required steps
- Manually resolve the conflicts in the encrypted file
- Open the file using
sops --ignore-mac secrets/<hostname>.yml - Change one letter in one of the yml entries to let sops know it has to regenerate the MAC
- Close the file. Open it again and revert the change you just did in step 3.
DKIM Key generation
Commands to create the dkim key:
cd /var/lib/rspamd/dkim
DOMAIN=ifsr.de;rspamadm dkim_keygen -d "$DOMAIN" -s quitte -k "$DOMAIN".quitte.key >> "$DOMAIN".quitte.pub