Stick to the free tier Google Cloud limits for a completely free instance. Since the machine only has 1GB ram, it can be a challenge to rebuild a new confiuration there, in that case use remote rebuild:
nixos-rebuild --target-host tomaskrupka.cz --use-remote-sudo switch -I nixos-config=configuration.nix --no-flake
Create new machine according to https://wiki.nixos.org/wiki/Install_NixOS_on_GCE
- Connect to the new instance with Cloud Shell
sudo nano /etc/nixos/configuration.nix
- add:
nix.settings.trusted-users = [ "root" "tom" ];
- add:
nix.settings.require-sigs = false;
sudo nixos-rebuild switch
- add:
- Generate sops key for the device
nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'
- add the result to
.sops.yaml
- Rebuild the secrets file
- TODO: improve this:
sops -d secrets/gcp-instance.yaml > secrets/tmp.yaml
sops -e secrets/tmp.yaml > secrets/gcp-instance.yaml
rm secrets/tmp.yaml
sops --input-type binary -e secrets/tmp.json > secrets/encrypted.json