From c51bfaac1e7bd072394fe666eef4c0b8bf3ae34f Mon Sep 17 00:00:00 2001 From: DannyDannyDanny Date: Fri, 27 Feb 2026 22:55:16 +0100 Subject: [PATCH] AGENTS.md: add public-repo note and concise NixOS server learnings; TODO.md: add verify step Made-with: Cursor --- AGENTS.md | 11 +++++++++++ TODO.md | 16 ++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 TODO.md diff --git a/AGENTS.md b/AGENTS.md index a28f0f2..db60d19 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -12,3 +12,14 @@ darwin-rebuild switch --flake . Do not automatically run rebuild commands - ask the user first. +## Repo is public + +No keys, tokens, or identifying secrets in the repo. Prefer `scp` or config outside the repo. + +## Learnings (NixOS server) + +- Minimal ISO: use Ethernet or the graphical installer (Wi‑Fi on minimal is fiddly). +- Server hardware: stub in repo; user replaces with `nixos-generate-config --show-hardware-config` from the server. +- Root password: console only; set danny’s password as root once for sudo. +- SSH keys: use actual key names on the machine (e.g. `id_ed25519_github`), not assumed `id_ed25519`. + diff --git a/TODO.md b/TODO.md new file mode 100644 index 0000000..3b69b5e --- /dev/null +++ b/TODO.md @@ -0,0 +1,16 @@ +# TODO + +1. ~~**AGENTS.md**~~ Done. + +2. **Secrets** + - Make sure we're not exposing any information in the repo. Prefer pushing keys via `scp` rather than committing them. + +3. **Server hardware before testing** + - Before checking if the server flake setup works: do we need to fetch anything from the server? (e.g. a hardware file?) + - The current `nixos/hosts/nixos-server-hardware.nix` is a stub, not based on the server's actual hardware. The repo's existing `hardware-configuration.nix` is for the MacBook. Fetch the server's config (e.g. `nixos-generate-config --show-hardware-config` on the server) and replace the stub. + +4. **Server** + - Continue configuring the server. + +5. **Verify** + - After 2–4: confirm server hardware in repo, flake builds, auto-rebuild works.