motiejus/config

NixOS config
git clone https://git.jakstys.lt/motiejus/config.git
Log | Tree | Refs | README | LICENSE

README.md (2425B) - Raw


      1 Config
      2 ------
      3 
      4 Flakes:
      5 
      6     $ deploy --interactive '#fwminex'
      7 
      8     $ nix build .#deploy.nodes.fra1-c.profiles.system.path
      9 
     10 Other:
     11 
     12     $ nix build .#nixosConfigurations.vno3-rp3b.config.system.build.toplevel
     13     $ nix eval .#nixosConfigurations.fwminex.config.services.nsd
     14     $ nix why-depends .#nixosConfigurations.vno1-gdrx.config.system.build.toplevel .#legacyPackages.x86_64-linux.mbedtls_2
     15 
     16 git
     17 -------
     18 
     19 Create a new repo:
     20 
     21     ssh fwminex 'sudo -u git git-new-repo motiejus/newrepo "Short description"'
     22 
     23 Wipe stagit cache:
     24 
     25     sudo rm -rf /var/www/git.jakstys.lt/{.cache,motiejus/*/{commit,blob,tree,raw}}
     26 
     27 Install hook and regenerate all repos:
     28 
     29     for r in /var/lib/git/motiejus/*.git; do sudo -u git git-new-repo "motiejus/$(basename "$r" .git)"; done
     30 
     31 Trigger stagit regeneration for specific repos:
     32 
     33     printf '%s\n' motiejus/config motiejus/stagit | sudo -u git tee -a /var/www/git.jakstys.lt/.dirty/queue
     34 
     35 Trigger regeneration for all repos:
     36 
     37     for r in /var/lib/git/motiejus/*.git; do printf 'motiejus/%s\n' "$(basename "$r" .git)"; done | sudo -u git tee -a /var/www/git.jakstys.lt/.dirty/queue
     38 
     39 Encoding host-only secrets
     40 --------------------------
     41 
     42 Encode a secret on host:
     43 
     44     rage -e -r "$(cat /etc/ssh/ssh_host_ed25519_key.pub)" -o secret.age /path/to/plaintext
     45 
     46 Decode a secret on host (to test things out):
     47 
     48     rage -d -i /etc/ssh/ssh_host_ed25519_key secret.age
     49 
     50 Borg
     51 ----
     52 
     53     BORG_PASSCOMMAND="cat /run/agenix/borgbackup-fwminex" borg --remote-path=borg1 list zh2769@zh2769.rsync.net:fwminex.jakst.vpn-home-motiejus-annex2
     54 
     55 netboot
     56 -------
     57 
     58 1. `dmesg | grep enp0` <- find the usb interface
     59 2. Disable power saving: `echo -1 | sudo tee /sys/bus/usb/devices/2-1/power/autosuspend`.
     60 
     61 Testing netboot
     62 ---------------
     63 
     64 ```
     65 sudo ip tuntap add dev tap0 mode tap user "$USER"
     66 sudo ip link set dev tap0 up
     67 sudo ip link set dev tap0 master br0
     68 sudo brctl addif br0 tap0
     69 ```
     70 
     71 efi:
     72 
     73 ```
     74 qemu-system-x86_64 \
     75     -enable-kvm \
     76     -cpu host \
     77     -smp 4 \
     78     -m 1024 \
     79     -netdev tap,id=net0,ifname=tap0,script=no,downscript=no \
     80     -device e1000,netdev=net0 \
     81     -boot order=n \
     82     -bios $(nix build .#nixosConfigurations.vno1-gdrx.pkgs.OVMF.fd --no-link --print-out-paths)/FV/OVMF.fd
     83 ```
     84 
     85 bios:
     86 
     87 ```
     88 qemu-system-x86_64 \
     89     -enable-kvm \
     90     -cpu host \
     91     -smp 4 \
     92     -m 8192 \
     93     -netdev tap,id=net0,ifname=tap0,script=no,downscript=no \
     94     -device e1000,netdev=net0 \
     95     -boot order=n
     96 ```