Home

Awesome

NixOS config for my personal computer and servers

neofetch

Presentation

I have three NixOS machines:

The hosts communicate through Tailscale.

This repo is structured with the digga flake library.

Software I use on my personal computer (carokann)

Self-hosted apps on my server (najdorf)

I deploy most services as Docker containers through Arion

Important data is backed up with Restic to a local disk connected to my RaspberryPi.

Bootstrap

To create a bootstrap ISO for a personal computer run:

$ nixos-generate --flake '.#bootstrap' --format iso

To create a ready-to-boot SD card for a RaspberryPi, do the following:

$ nixos-generate --flake '.#grunfeld' --format sd-aarch64 --system aarch64-linux
$ unzstd -d {the output path from the command above} -o nixos-sd-image.img
$ sudo dd if=nixos-sd-image.img of=/dev/sda bs=64K status=progress

To deploy the server config to a new machine:

# First, comment all services imported in hosts/najdorf/default.nix and uncomment the ts-oneshot-login service line.
# Then run:
$ nixos-anywhere --copy-host-keys --flake '.#najdorf' root@<ip-address>
# Copy the old server's host key
$ scp 'root@najdorf:/etc/ssh/ssh_host_*' root@najdorf-1:/etc/ssh/
# Stop all running services, then:
$ ssh root@najdorf 'ssh-keyscan -H najdorf-1 >> ~/.ssh/known_hosts'
$ ssh -f root@najdorf 'rsync -avz /opt root@najdorf-1:/opt > /home/sweenu/rsync.log 2>&1 &'
# I made all Docker volumes bind mounts in /opt in order for this command to be enough for migrating everything important.
# Uncomment services in hosts/najdorf/default.nix and comment the tailscale-login service line.
# Remove najdorf from tailscale and change the tailscale name from najdorf-1 to najdorf.
# Change DNS records to point to the new server (on Cloudflare, change the IP scope of the API token to the new IP).
# Finally:
$ deploy '.#najdorf'
# All done!

Acknowledgment: