diff --git a/AGENTS.md b/AGENTS.md index db60d19..f4770a2 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -23,3 +23,9 @@ No keys, tokens, or identifying secrets in the repo. Prefer `scp` or config outs - Root password: console only; set danny’s password as root once for sudo. - SSH keys: use actual key names on the machine (e.g. `id_ed25519_github`), not assumed `id_ed25519`. +## Server (nixos-server) + +- **Commit and push** before testing on the server; it clones/pulls from origin. +- Bootstrap: server has no git until first rebuild. Use `nix run --extra-experimental-features "nix-command flakes" nixpkgs#git` to clone. Enable flakes in the daemon via `server-configuration-with-flakes.nix`: scp to server `/tmp/configuration.nix`, on server `sudo cp` to `/etc/nixos/configuration.nix`, then `sudo nixos-rebuild switch`. Then build flake and run `switch-to-configuration switch` (see nixos/readme.md). +- Auto-rebuild timer (`dotfiles-rebuild`) only runs after the system has been switched to the flake config. Check with `systemctl is-active dotfiles-rebuild.timer` on the server. + diff --git a/README.md b/README.md index 1b97fc0..1bf2034 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ This repo is an extension of [dannydannydanny/methodology](https://github.com/Da ## Roadmap: * configure [firefox-scrolling](firefox-scrolling.md) via terminal -* server cluster roadmap: [server](server.md) +* server cluster roadmap: [server](server.md); NixOS server flake and bootstrap: [nixos/readme.md](nixos/readme.md) (nixos-server). * :art: check for `nvim checkhealth` status * make tmux nice: https://www.youtube.com/watch?v=DzNmUNvnB04 * [fonts](https://www.programmingfonts.org/) - how does this relate to nerdfonts? diff --git a/TODO.md b/TODO.md index e6bca4d..d078090 100644 --- a/TODO.md +++ b/TODO.md @@ -10,6 +10,6 @@ - Continue configuring the server (add more services to `hosts/nixos-server.nix` as needed). 4. **Verify** - - After 2–4: confirm server hardware in repo, flake builds, auto-rebuild works. + - After 2–4: confirm server hardware in repo, flake builds, auto-rebuild works. On server, `systemctl is-active dotfiles-rebuild.timer` should be `active` once the flake config is live (see nixos/readme.md). 5. Rename nixos-server to \ No newline at end of file diff --git a/nixos/readme.md b/nixos/readme.md index cb63860..a026554 100644 --- a/nixos/readme.md +++ b/nixos/readme.md @@ -18,11 +18,23 @@ sudo mv /tmp/dotfiles /etc/dotfiles # Enable flakes for this run (needed if the current system config does not) sudo nixos-rebuild switch --flake /etc/dotfiles/nixos#nixos-server --option accept-flake-config true ``` -If that fails with "does not provide attribute ... nixos-rebuild", build and switch manually (NIX_CONFIG makes the daemon accept flakes for this run): +If that fails with "does not provide attribute ... nixos-rebuild", enable flakes for the Nix daemon via the current config (on NixOS, `/etc/nix/nix.conf` is often read-only), then build and switch manually. + +**From your Mac:** push a config that enables flakes, then on the server copy it and rebuild: ```bash -NIX_CONFIG="extra-experimental-features = nix-command flakes" sudo nix build /etc/dotfiles/nixos#nixosConfigurations.nixos-server.config.system.build.toplevel -o /tmp/nixos-result +scp nixos/server-configuration-with-flakes.nix danny@:/tmp/configuration.nix +``` +**On the server:** +```bash +sudo cp /tmp/configuration.nix /etc/nixos/configuration.nix +sudo nixos-rebuild switch +``` +Then build and switch to the flake: +```bash +sudo nix build /etc/dotfiles/nixos#nixosConfigurations.nixos-server.config.system.build.toplevel -o /tmp/nixos-result sudo /tmp/nixos-result/bin/switch-to-configuration switch ``` + Use `git@github.com:DannyDannyDanny/dotfiles.git` if the repo is private (clone as danny then `sudo mv` and `sudo chown -R root:root /etc/dotfiles`). SSH keys for danny (not in repo): from your machine `scp ~/.ssh/*.pub danny@server:/tmp/`, then on server `mkdir -p ~/.ssh; cat /tmp/*.pub >> ~/.ssh/authorized_keys`.