cd7658f452
- Updated AGENTS.md to specify one key per purpose for SSH access, including naming conventions and configuration tips. - Revised README.md to streamline the roadmap and link to SSH and secrets documentation. - Created docs/ssh-and-secrets.md to outline the strategy for managing SSH keys and secrets in a public repo. - Refined TODO.md to reflect the new approach for secrets and server configuration tasks.
1.2 KiB
1.2 KiB
NixOS flake
Rebuild from dotfiles dir:
sudo nixos-rebuild switch --flake ~/dotfiles/nixos#macbookair
# or #wsl
# macOS: cd ~/dotfiles/nixos && darwin-rebuild switch --flake .
Server (nixos-server)
One-time bootstrap (no git until first rebuild):
nix run --extra-experimental-features "nix-command flakes" nixpkgs#git -- clone https://github.com/DannyDannyDanny/dotfiles.git /tmp/dotfiles
sudo mv /tmp/dotfiles /etc/dotfiles
sudo nixos-rebuild switch --flake /etc/dotfiles/nixos#nixos-server --option accept-flake-config true
If the daemon doesn’t have flakes: copy server-configuration-with-flakes.nix to /etc/nixos/configuration.nix, run sudo nixos-rebuild switch, then build and switch to the flake (see server-quickstart.md for SSH keys).
SSH keys (not in repo): scp ~/.ssh/*.pub danny@server:/tmp/, then on server mkdir -p ~/.ssh; cat /tmp/*.pub >> ~/.ssh/authorized_keys. See docs/ssh-and-secrets.md.
Timer: every 15 min the server pulls and rebuilds when main changes. Config: hosts/nixos-server.nix, hosts/nixos-server-hardware.nix.
No git in PATH: sudo nix run nixpkgs#git -- -C /etc/dotfiles pull origin main.