My desired usecase(short-version):
Thumb-drive:
- partition_x: custom build nixos iso (
nix build .#nixosConfigurations.iso.config.system.build.isoImage) - partition_y: data luks+ext4
– nixcfg: my nixos-config flake (mostly based on chvp’s config)
– ssh keys extracted from newly installed host (/etc/ssh/ssh_host_ed25519_key.pub ${HOME}/.ssh/id_ed25519.pub) needed foragenix
-
Insert thumb-drive in new pc and boot
-
Run “setup-nixos-native-encrypted-zfs-boot.sh” (included in live iso)
– select_boot_drives
– drive_prep
– partition_drive
– zpool_create
– configure_and_mount_partitions
– copy_nixcfg
– generate_boot_loader_nix
– generate_hardware_configuration_nix
– nixos-install --flake “/mnt/somepath/nixcfg#${selected_hostname}” --root /mnt --no-channel-copy --no-root-passwd --impure
– installation_complete -
Currently I extract the ssh keys from the new host after a reboot using a thumbdrive. I hope to extract them to the partition_y during the installation_complete step.
-
On my main machine: Mount thumb-drive and add the extracted ssh keys to nixcfg’s agenix
-
nixos-rebuild --switch
-
nixos-rebuild --switch remote (after this step the local nixcfg can be removed)
-
On my main machine: Enable agenix for the new host in nixcfg
-
nixos-rebuild --switch remote
It looks complex but I’m not ready to make my config public in real time(github/gitlab).