From 8560beb50543eed972514bd5f667b50bcf061cb2 Mon Sep 17 00:00:00 2001 From: TheWanderingCrow Date: Wed, 22 Oct 2025 13:51:14 -0400 Subject: [PATCH] documentation and no fail2ban --- hosts/common/core/ssh.nix | 2 +- modules/services/forgejo/default.nix | 6 ++++++ nixos-bootstrap/README.md | 12 ++++++++++++ 3 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 modules/services/forgejo/default.nix diff --git a/hosts/common/core/ssh.nix b/hosts/common/core/ssh.nix index 18afcec..717dc86 100644 --- a/hosts/common/core/ssh.nix +++ b/hosts/common/core/ssh.nix @@ -31,5 +31,5 @@ }; }; - services.fail2ban.enable = lib.mkDefault true; # This comes with an SSH jail preconfigured, expanded fail2ban can be found in modules/services + #services.fail2ban.enable = lib.mkDefault true; # This comes with an SSH jail preconfigured, expanded fail2ban can be found in modules/services } diff --git a/modules/services/forgejo/default.nix b/modules/services/forgejo/default.nix new file mode 100644 index 0000000..b254473 --- /dev/null +++ b/modules/services/forgejo/default.nix @@ -0,0 +1,6 @@ +{ + services.forgejo = { + enable = true; + lfs.enable = true; + }; +} diff --git a/nixos-bootstrap/README.md b/nixos-bootstrap/README.md index 70a01e6..a46028e 100644 --- a/nixos-bootstrap/README.md +++ b/nixos-bootstrap/README.md @@ -1,3 +1,15 @@ # Bootstrap ISO for NixOS From this subdirectory directory, run `just iso` to generate the ISO file + +## Typical installation flow + +1. Flash iso with `sudo dd if=install.iso of= status=progress` +2. Boot image on install host +3. Connect to network via Ethernet or `nmcli` +4. From a donor machine, + `nixos-anywwhere -i --flake .# nixos@` +5. There is a bit of a snag here, but the current protocol is to connect to + ethernet and SSH in using the installer key in order to setup SOPS, this + section will be amended when we figure this out +6. Connect new host to ethernet and SSH in