The Nest
Explore
0
README.md

NixOS Configuration

Desktop and laptop configurations.

Getting started

  1. Setup shell enviroment nix-shell -p git openssh.
  2. Create ssh key for root. sudo ssh-keygen -t ed25519 -N '' -f /root/.ssh/id_ed25519 && sudo cat /root/.ssh/id_ed25519.pub.
  3. Add root's key as a deploy key to My NixOS Secrets.
  4. Create system key for host. sudo ssh-keygen -t ed25519 -N '' -f /etc/ssh/ssh_host_ed25519_key && sudo cat /etc/ssh/ssh_host_ed25519_key.pub.
  5. Add the system's key the systems array in secrets.nix file in My NixOS Secrets. Then run agenix -r to rekey.
  6. Create a user key. ssh-keygen -t ed25519 -N '' -f ~/.ssh/id_ed25519 && cat ~/.ssh/id_ed25519.pub.
  7. Add the user's key the users array in secrets.nix file in My NixOS Secrets. Then run agenix -r to rekey.
  8. Bring down the repository git clone git@gitlab.com:marvinroman/nixos-configuration.git myNixOS && cd myNixOS.
  9. Build the system sudo nixos-rebuild switch --flake ./#[baker|toaster].

Upgrading

Flake lock file

This is not necessary for regular updates you have to be in repository directory to run.

Update secrets input.

nix flake update mysecrets

Update all flake inputs.

nix flake update

Upgrade system

This is automatically run every day so it's no necesary to run unless you want to run after updating lock file.

sudo nixos-rebuild switch --flake ./#[baker|toaster] --upgrade

Setup Yubikey

Need to authorize any keys within the user account to be available for pam by running the following commands.

nix-shell -p yubico-pam
ykpamcfg -2