-
Preconfigure: copy an existing setup to
machines/$HOSTNAME -
Install NixOS: https://nixos.org/nixos/manual/index.html
-
format flash drive:
dd if=$PATH_TO_ISO.iso of=/dev/sda -
boot with that flash drive
-
You may need to configure WiFi:
ifconfig wlp3s0 down ifconfig wlp3s0 up iwconfig wlp3s0 essid ... sleep 10 && ping 8.8.8.8 # repeat as needed
-
curl -s https://raw.githubusercontent.com/znewman01/dotfiles/master/scripts/pre_install.sh | bash -
cd /mnt/persist/zjn/git/dotfiles -
./scripts/actual_install.shfrom this repo (no dependencies) -
on reboot:
- log in as
zjn - deactivate root password (
sudo passwd -l root). then proceed
- log in as
-
-
Set stuff up
- Syncthing: http://localhost:8384 on both machines
- Pass (might need to run repeatedly)
- Firefox
- email (
mkdir ~/Maildir/{gmail,csail,mit,fastmail,chainguard} && mbsync -athenmu init --my-address=... --my-address=...) - GitHub SSH keys, reenable
code.nix - Tailscale
You're probably going to have to restart Firefox, Emacs a couple of times each until things work. Such is life.
- Preconfigure
- copy an existing setup to
machines/$HOSTNAME(but comment out import ofcode.nix!) - copy a block in
ops/network.nixfor the new machine
- copy an existing setup to
- Install
cd autoinstall && ln -s ../../machines/$HOSTNAME/system.nix configuration.nix && ./builddd if=autoinstall.iso of=/dev/sda- boot with that flash drive, watch it install itself
- Post-install
- tailscale (which involves logging into google)
- syncthing
- https://localhost:8384
- add introducer device, accept on it
- keys (from a working device)
- create and fetch ssh-keys
ssh $NEWDEVICE -- 'ssh-keygen -t ed25519 -f "$HOME/.ssh/id_ed25519" -N ""' ssh $NEWDEVICE -- cp ~/.ssh/id_ed25519.pub ~/Sync/keys/${NEWDEVICE}.pub cp ~/Sync/keys/${NEWDEVICE}.pub net/${NEWDEVICE}.pub sed -i "/\]/i\ ./${NEWDEVICE}.pub" net/keys.nix
- gpg keys
ssh $NEWDEVICE -- 'find "$HOME/.gnupg/" -type f -exec chmod 600 {} \;' ssh $NEWDEVICE -- 'find "$HOME/.gnupg/" -type d -exec chmod 700 {} \;' ssh $NEWDEVICE # do the GPG stuff in `install.sh` FINGERPRINT=$(ssh $NEWDEVICE -- gpg --list-keys | grep "Key fingerprint" | head -n 1 | cut -d= -f2 | sed 's/ //g') ssh $NEWDEVICE -- gpg --edit-key $FINGERPRINT # type in 'passwd<RET>' and then enter password ssh $NEWDEVICE "gpg --output $HOME/Sync/keys/${NEWDEVICE}.gpg --export z@znewman.net" gpg --import $HOME/Sync/keys/${NEWDEVICE}.gpg echo "${FINGERPRINT}:6" | gpg --import-ownertrust echo $FINGERPRINT >> $HOME/.password-store/.gpg-id
- create and fetch ssh-keys
- pass (on a working device)
# this will take a while; in the meantime import owner trust on other devices including $NEWDEVICE while true; do xargs pass init < $HOME/.password-store/.gpg-id; echo trying again; sleep 1; done
- once
pass show firefoxworks log in to Firefox - email (if applicable)
mkdir ~/Maildir/{gmail,csail,mit,fastmail,chainguard} && mbsync -amu init --my-address=... --my-address=...
- GitHub SSH keys, pull this repo
- update yourself
- reenable
code.nix - make sure you have a
hardware-configuration.nixnixos-generate-config --show-hardware-config- compare with existing
- reenable