diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000..f4cc80f --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,20 @@ +name: "CI" +on: + push: + branches: + - main + pull_request: +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Install Nix + uses: DeterminateSystems/nix-installer-action@main + # disko VM test requires a system with support for: {kvm, nixos-test} + # See https://github.com/nix-community/nixos-generators/issues/83#issuecomment-973294478 + with: + extra-conf: "system-features = nixos-test benchmark big-parallel kvm" + - uses: DeterminateSystems/magic-nix-cache-action@main + # Run disko VM test (test partition creation and whether the VM boots up later) + - run: nix build .#nixosConfigurations.office.config.system.build.installTest diff --git a/README.md b/README.md index 09c11aa..d02c1c3 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,20 @@ # remote-development NixOS configuration for shared remote development via SSH + +## Getting started + +Terminology: + +- **Host**: The machine you are installing NixOS on. + - It must already be running Linux (which could even be booted off a rescue image) +- **Guest**: Your current machine, from which you are remotely doing the install. + +| Step | Host | Guest | +| ---- | ------ | ---- | +| 1. | Add your SSH key to `authorized_keys` file in `/root/.ssh` | Add the same key in your configuration (here, `flake.nix`) under: `users.users.root.openssh.authorizedKeys.keys = [ "" ];` | +| 2. | Run `lsblk` to find the `` of the disk to partition. For example, `nvme0n1` is the device here: 
❯ lsblk
NAME        MAJ:MIN RM  SIZE RO TYPE
nvme0n1     259:0    0  1.9T  0 disk
| | +| 3. | | In `disk-config.nix`, set `disko.devices.disk.main.device = "/dev/";` | +| 4. | | `nix run github:nix-community/nixos-anywhere -- --flake .#office root@` | + +**Disclaimer**: The ``[^1] might change in kexec mode or post-installation, in which case `SSH connection will timeout`, the solution is to `Ctrl-C` and rerun `Step 4` with updated ``. +[^1]: Find the `` using `ifconfig` or `ip a`. Under the device name you will find a line that looks like: `inet ...` diff --git a/disk-config.nix b/disk-config.nix new file mode 100644 index 0000000..bab9882 --- /dev/null +++ b/disk-config.nix @@ -0,0 +1,37 @@ +{ + disko.devices = { + disk = { + main = { + type = "disk"; + device = "/dev/nvme0n1"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1M"; + type = "EF02"; # for grub MBR + }; + ESP = { + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} + diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..a2033bd --- /dev/null +++ b/flake.lock @@ -0,0 +1,48 @@ +{ + "nodes": { + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1699483000, + "narHash": "sha256-zWEj1e6r2KNJFTdj4/vpnpoJc2l+v3JHwlQCzrtkojU=", + "owner": "nix-community", + "repo": "disko", + "rev": "72bc1526268fda374cd17315e37b64ba340c5bf2", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1699343069, + "narHash": "sha256-s7BBhyLA6MI6FuJgs4F/SgpntHBzz40/qV0xLPW6A1Q=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "ec750fd01963ab6b20ee1f0cb488754e8036d89d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "disko": "disko", + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..ab3a536 --- /dev/null +++ b/flake.nix @@ -0,0 +1,41 @@ +{ + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; + disko.url = "github:nix-community/disko"; + disko.inputs.nixpkgs.follows = "nixpkgs"; + }; + outputs = { nixpkgs, disko, ... }: + { + nixosConfigurations.office = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + disko.nixosModules.disko + ({ modulesPath, ... }: { + imports = [ + ./disk-config.nix + ]; + services.openssh.enable = true; + users.users = { + root = { + # Post-installation, the IP might change if MAC is not the + # only identifier used by DHCP server to lease an IP, by setting a + # password you can find the changed IP. + initialHashedPassword = ""; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFN5Ov2zDIG59/DaYKjT0sMWIY15er1DZCT9SIak07vK" + ]; + }; + }; + boot.loader.grub = { + # adding devices is managed by disko + # devices = [ ]; + efiSupport = true; + efiInstallAsRemovable = true; + }; + system.stateVersion = "23.11"; + } + ) + ]; + }; + }; +}