ppetru/alo-cluster
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update install docs to preserve installer ssh keys.

Browse Source
This commit is contained in:
Petru
2025-10-24 14:47:45 +01:00
parent cf2210ec77
commit ce7b3bbe16
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
setup-host.txt
View File

@@ -7,7 +7,7 @@
* copy key.bin to hosts/<target>/
* use the generated config to create new config in hosts/<target>
* set the actual device IDs in hosts/<target>/default.nix
* on base host: nix run github:nix-community/nixos-anywhere -- --flake '.#<target>' nixos@<target IP>
* set or update key for target in .sops.yaml with the output from "ssh-keyscan <host> | ssh-to-age" then "sops updatekeys secrets/*.yaml"
* if new machine, add a secrets/<machine>.yaml for it
* on base host: nix run github:nix-community/nixos-anywhere -- --copy-host-keys --flake '.#<target>' nixos@<target IP>
* after confirmed working, update hosts/<target>/default.nix to set keyFile to /dev/sdX (otherwise when the USB drive fails it's harder to replace)
* if replacing failed host in place, update key in .sops.yaml with the output from "ssh-keyscan <host> | ssh-to-age" then "sops updatekeys secrets/*.yaml"
** if installing new host, do the same for install then again after the first reboot (the installer key is not persisted)