Skip to main content

New Host Checklist

Provisioning

    Add terraform entry for VM, then run terraform plan, verify, and then terraform apply  Follow nixOS provisioning steps

    NixOS Configuration

    • Generate SOPS/Age private key and paste to /var/lib/sops/age/keys.txt
    • Generate SOPS/Age public key and paste to .sops.yaml, create separate config section
    • If backups are needed for this host, create the borgmatic_pass section with local and remote subkeys, generate passwords in secrets/{hostname}.yml

    Manual Steps

    • If borgmatic was configured, manually run the command borgmatic -v 2  to get the unknown ssh host prompt to appear, select yes for both

    Back to top