SkaraboxOS provides a flake template which combines:
- Creating a bootable ISO, installable on an USB key.
-
nixos-anywhere to install NixOS headlessly.
-
disko to format the drives.
-
sops-nix to handle secrets.
-
deploy-rs to deploy updates.
SkaraboxOS expects a particular hardware layout:
- 1 SSD or NVMe drive for the OS.
- 2 Hard drives that will store data. Capacity depends on the amount of data that will be stored. They will be formatted in Raid 1 (mirror) so each hard drive should have the same size.
WARNING: The 3 disks will be formatted and completely wiped out of data.
At the end of the process, the server will:
- Have an encrypted ZFS root partition using the NVMe drive, unlockable remotely through ssh.
- Have an encrypted ZFS data hard drives.
- Be accessible through ssh for administration and updates.
7 Likes
seems like a cool tool, i will be sure to try it out when i install NixOS on a new machine.
1 Like
You picked all the libraries I’ve been looking at recently! Thank you so much for putting this together.
1 Like
I just did something which I find really really cool. A 2 step demo to install NixOS with some goodies in a VM GitHub - ibizaman/skarabox: Opinionated and simplified headless NixOS installer.
It’s really just a demo, because it’s insecure since I store the ssh private key in the repo and nix store. That’s fine for a demo, the goal was to make it deterministic to be able to cache it.
But the extra cool factor is I use it in CI to make sure my changes do not impact negatively the installation skarabox/tests/default.nix at 2b8a8e3948357a7f802db6c1edd00a9bd948a410 · ibizaman/skarabox · GitHub
The repo’s initial goal is not to install on a VM but on a real server. You must burn an ISO on a USB key then boot on that. The normal path is thus to create a flake template and follow these instructions GitHub - ibizaman/skarabox: Opinionated and simplified headless NixOS installer. But I’ll be adding those to CI and use much less manual steps and then it will be really nice.
2 Likes