Skip to main content

New Host Checklist

Provisioning

  • Add terraform entry for VM, then run terraform plan, verify, and then terraform apply 
  • Follow nixOS provisioning steps

NixOS Configuration

    Create/copy config folder for host with intended name in hosts i.e. hosts/hostname. Copy the default.nix template, and the  hardware-configuration.nix file from the actual host after installation Add the systemd-boot bootloader config to hardware-configuration.nix for the host Generate SOPS/Age private key and paste to /var/lib/sops/age/keys.txt Generate SOPS/Age public key and paste to .sops.yaml, create separate config section If backups are needed for this host, create the borgmatic_pass section with local and remote subkeys, generate passwords in secrets/{hostname}.yml

    Manual Steps

    • If borgmatic was configured, manually run the command borgmatic -v 2  to get the unknown ssh host prompt to appear, select yes for both

    Back to top