Skip to main content

New Host Checklist

Provisioning

  • Add terraform entry for VM, then run terraform plan, verify, and then terraform apply 
  • Follow nixOS provisioning steps

NixOS Configuration

  • Generate SOPS/Age private key and paste to /var/lib/sops/age/keys.txt
  • Generate SOPS/Age public key and paste to .sops.yaml, create separate config section
  • If backups are needed for this host, create the borgmatic_pass section with local and remote subkeys, generate passwords in secrets/{hostname}.yml

Manual Steps

  • If borgmatic was configured, manually run the command borgmatic -v 2  to get the unknown ssh host prompt to appear, select yes for both

Back to top