feat(foreign-port): add WiFi-only laptop as clan machine ✨
Mirrors the distant-shore pattern: clan-managed (no standalone flake-module), wired into zerotier/data-mesher/dm-pull-deploy with the generated vars. WiFi via NetworkManager (PSK from /etc/secrets/nm.env); locally-signed boot chain (shim chain-loads sbsign-signed systemd-boot + kernel, refreshed every nixos-rebuild). targetHost is the LAN IP for the first push, switch to ZT IPv6 once on the mesh. buildHost = sunken-ship to avoid self-SSH on the closure copy.
This commit is contained in:
DannyDannyDanny
parent
610454f0d2
commit
e2cf93e7d6
23 changed files with 310 additions and 0 deletions
6
sops/machines/foreign-port/key.json
Executable file
6
sops/machines/foreign-port/key.json
Executable file
|
|
@ -0,0 +1,6 @@
|
|||
[
|
||||
{
|
||||
"publickey": "age1lwl2z6ymqjshknr79277qnr7hvffcc8n7qdqt98sz3t709a5yutq8d7gka",
|
||||
"type": "age"
|
||||
}
|
||||
]
|
||||
Loading…
Add table
Add a link
Reference in a new issue