- You're connected to wired internet (eth)
- You're me; To directly run/use this config, you have to be me (i.e. have my ssh private keys to pull in quasiSecrets and my age keys to decrypt with sops-nix)
- Flash NixOS onto the server hardware
- Create a sudo password for root
sudo passwd - Get IP address with
ip addr - From the nixos directory, run the bash script
bootstrap.shusing IP address from step 3 (./bootstrap.sh -hfor options) - If you want to make changes/rebuild the machine from the machine, you'll need to add an ssh key to the user, and then put that public key into github to authorize the server to read from your secrets repository
- Any time the quasiSecret repository is updated, run
nix flake lock --update-input quasiSecretsto ensure you're using the most recent pushed commit - If you aren't me, replace my quasiSecrets repo with your own, update the .sops.yaml file with your own age key to update the
secrets/*files, place your own hashed user password into theusers.users.<userName>.hashedPassord, and your own public key intousers.users.<userName>.openssh.authorizedKeys.keys