Using Git to Deploy NixOS Configurations

Heya! I wrote a small blog post about how you can use Git to backup and deploy your nix configurations to a remote machine. It covers how you can set up pre+post validation hooks to validate your config before deploying it.


Side note: Hetzner Cloud has NixOS ISOs available for installation. It’s just not supported for initial provisioning of a new VM.

You have to create your VM with another OS (doesn’t matter which) first, then go to the list where you can select ISOs to mount and that should contain a few NixOS ISOs. Then you can follow the usual manual installation steps.

At least that’s what it was like a few months ago. IDK if they’ve changed anything since then.


In your guide you have

# Start of by adding git to our configuration.nix, we will levarage this to
# be able to easily make changes to our machine without SSH.
sed -i 's/}/  programs.git.enable = true;\n}/g' /etc/nixos/configuration.nix

as a first step, but doesn’t this also match the closing } in unpacking param1 in configuration.nix?

you could do

perl -0777 -pi -e 's/(}\s*)$/  programs.git.enable = true;\n$1/s' /etc/nixos/configuration.nix

What it does is replace all occurances of ‘}’ with programs.git.enable = true;\n}, notice bracket at the end putting it back. So the result on a fresh installation is that it enables git on the last line of the nix configuration.

In hindsight, it might have been better to replace the very first ocurance of {, I.E.

sed -i 's/{/{\n  programs.git.enable = true\n/'

I used nix-infect and can only ssh in my remote using my ssh key. So I’d change the git clone cmd to

GIT_SSH_COMMAND="ssh -i ~/.ssh/my-key -o IdentitiesOnly=yes" git clone root@my-machine:/etc/nixos

Great guide, love the use of git and git hooks.

The heredoc to create var containing text for push-to-checkout is expanding $result causing it to create a conditional with syntax error. Could fix with

# Store a push-to-checkout script to variable $validate_script
read -r -d '' validate_script <<-'EOF'

Hey good catch! Thanks for reporting if something isn’t working.

I tested out all the commands post to see that they worked on my computer but it might be that there were some errors. I’ll update the article and credit you.

Also reg. the ssh key, I forgot to add a section on that. To set up git with ssh, I inially followed the tutorial on Sourcehut: Setting up your account and first git repository - Once that is done you should be able to clone and push to your machine, assuming that your key has access to it.