Infrastructure as Code (IaC)
After using a shell script to automate my desktop Ubuntu installation from 2011 to 2023, I finally migrated the 2646 lines of code to Ansible, see https://github.com/JakobLichterfeld/infra-playbook
End of 2023 I migrated to Nix.
Installation process
Create a root password using the TTY
sudo su
passwdFrom your host, copy the public SSH key to the server
ssh-add ~/.ssh/jakob
ssh-copy-id -i ~/.ssh/jakob root@nixos_installation_ip
ssh root@nixos_installation_ipEnable Nix Flakes functionality
mkdir -p ~/.config/nix
echo "experimental-features = nix-command flakes" >> ~/.config/nix/nix.confPartition and mount the drives using disko (declarative disk partitioning and formatting using nix)
curl https://raw.githubusercontent.com/JakobLichterfeld/nix-config/main/machines/nixos/MainServer/filesystems/disko.nix \
-o /tmp/disko.nix
nix --experimental-features "nix-command flakes" run github:nix-community/disko \
-- --mode disko /tmp/disko.nixInstall programs needed for system installation
if ! command -v git; then nix-env -f '<nixpkgs>' -iA git; fi
if ! command -v git-crypt; then nix-env -f '<nixpkgs>' -iA git-crypt; fiClone this repository
mkdir -p /mnt/etc/nixos
git clone https://github.com/JakobLichterfeld/nix-config.git /mnt/etc/nixosPut the private and GPG key into place (required for secret management)
mkdir -p /mnt/persist/ssh
exit
scp ~/.ssh/id_ed25519_main_server root@nixos_installation_ip:/mnt/persist/ssh/id_ed25519_main_server
scp ~/.ssh/nix-config_local.key.asc root@nixos_installation_ip:/mnt/etc/nixos/nix-config_local.key.asc
ssh nixos@nixos_installation_ip
chmod 700 /mnt/persist/ssh
chmod 600 /mnt/persist/ssh/*Unlock the git-crypt vault
cd /mnt/etc/nixos
git-crypt unlock nix-config_local.key.ascInstall system and apply configuration
nixos-install \
--root "/mnt" \
--no-root-passwd \
--flake "git+file://${MNT}/etc/nixos#MainServer"Unmount the filesystems
umount "/mnt/boot/esp"
umount -Rl "/mnt"
cd /
zpool export -aReboot
rebootUpdate to newest config
sudo su
cd /etc/nixos
git pull
nixos-rebuild switch --flake /etc/nixos#MainServerManaged by nix-darwin and home-manager. Impure packages and applications are managed by homebrew and mas.
Installation process
Update dependencies: nix --experimental-features 'nix-command flakes' flake update
build: nix --experimental-features 'nix-command flakes' build .#darwinConfigurations."MainDev".system
apply: darwin-rebuild switch --flake .
as macOS does not allow writing to / write to symlink:
printf 'run\tprivate/var/run\n' | sudo tee -a /etc/synthetic.conf
/System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -tapply changes: ./result/sw/bin/darwin-rebuild switch --flake .
All contributions are welcome and greatly appreciated!
The Flake is primarily designed for personal use, so it is subject to frequent modifications and glitches. Use it at your own risk and do not anticipate guidance for its installation on your device.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent