cd7658f452
- Updated AGENTS.md to specify one key per purpose for SSH access, including naming conventions and configuration tips. - Revised README.md to streamline the roadmap and link to SSH and secrets documentation. - Created docs/ssh-and-secrets.md to outline the strategy for managing SSH keys and secrets in a public repo. - Refined TODO.md to reflect the new approach for secrets and server configuration tasks. |
||
|---|---|---|
| .. | ||
| home/danny | ||
| hosts | ||
| fish.nix | ||
| flake.lock | ||
| flake.nix | ||
| hardware-configuration.nix | ||
| neovim.nix | ||
| ollama.nix | ||
| readme.md | ||
| server-configuration-with-flakes.nix | ||
| server-install-configuration.nix | ||
| tmux.nix | ||
| uxplay.nix | ||
| wsl.conf | ||
NixOS flake
Rebuild from dotfiles dir:
sudo nixos-rebuild switch --flake ~/dotfiles/nixos#macbookair
# or #wsl
# macOS: cd ~/dotfiles/nixos && darwin-rebuild switch --flake .
Server (nixos-server)
One-time bootstrap (no git until first rebuild):
nix run --extra-experimental-features "nix-command flakes" nixpkgs#git -- clone https://github.com/DannyDannyDanny/dotfiles.git /tmp/dotfiles
sudo mv /tmp/dotfiles /etc/dotfiles
sudo nixos-rebuild switch --flake /etc/dotfiles/nixos#nixos-server --option accept-flake-config true
If the daemon doesn’t have flakes: copy server-configuration-with-flakes.nix to /etc/nixos/configuration.nix, run sudo nixos-rebuild switch, then build and switch to the flake (see server-quickstart.md for SSH keys).
SSH keys (not in repo): scp ~/.ssh/*.pub danny@server:/tmp/, then on server mkdir -p ~/.ssh; cat /tmp/*.pub >> ~/.ssh/authorized_keys. See docs/ssh-and-secrets.md.
Timer: every 15 min the server pulls and rebuilds when main changes. Config: hosts/nixos-server.nix, hosts/nixos-server-hardware.nix.
No git in PATH: sudo nix run nixpkgs#git -- -C /etc/dotfiles pull origin main.