Initial commit

anywhere/auto.sh

@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+
+set -xe
+
+if [ -z "$1" ] || [ -z "$2" ]; then
+    echo "Usage: $0 <ip-address> <ssh-pubkey-path>"
+    exit 1
+fi
+
+IP=$1
+SSHKEYPATH=$2
+
+TMPDIR=$(mktemp -d)
+
+cleanup() {
+    rm -rf "$TMPDIR"
+}
+
+trap cleanup EXIT
+
+cp configuration.nix "$TMPDIR/configuration.nix"
+cp flake.nix "$TMPDIR/flake.nix"
+if [ -f flake.lock ]; then
+    cp flake.lock "$TMPDIR/flake.lock"
+fi
+cp disk-config.nix "$TMPDIR/disk-config.nix"
+sed -i.bak "s|# REPLACEME|\"$(cat "$SSHKEYPATH" | tr -d '\n')\"|" "$TMPDIR/configuration.nix"
+
+(cd "$TMPDIR" && nix run nixpkgs#nixos-anywhere -- --flake .#cloud root@$IP)
+
+# Copy the lockfile back.
+# This will create a dirty git state but the lock file may be desirable when
+# deploying to multiple servers to keep things in sync and reuse more cache.
+cp "$TMPDIR/flake.lock" flake.lock

anywhere/configuration.nix

@@ -0,0 +1,34 @@
+# This config only configures the server, it will not be placed in /etc/nixos
+# It should include everything needed to:
+# - connect to the server
+# - configure the server further
+
+{ modulesPath, lib, pkgs, ... }: {
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/profiles/qemu-guest.nix")
+    ./disk-config.nix
+  ];
+
+  boot.loader.grub = {
+    # no need to set devices, disko will add all devices that have a EF02 partition to the list already
+    # devices = [ ];
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+  };
+
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
+  environment.systemPackages = map lib.lowPrio [
+    pkgs.vim
+    pkgs.curl
+    pkgs.git
+  ];
+
+  services.openssh.enable = true;
+  users.users.root.openssh.authorizedKeys.keys = [
+    # REPLACEME
+  ];
+
+  system.stateVersion = "25.05";
+}

anywhere/disk-config.nix

@@ -0,0 +1,56 @@
+# Example to create a bios compatible gpt partition
+# Taken from https://github.com/nix-community/nixos-anywhere-examples/blob/main/disk-config.nix
+{ lib, ... }: {
+  disko.devices = {
+    disk.disk1 = {
+      device = lib.mkDefault "/dev/sda";
+      type = "disk";
+      content = {
+        type = "gpt";
+        partitions = {
+          boot = {
+            name = "boot";
+            size = "1M";
+            type = "EF02";
+          };
+          esp = {
+            name = "ESP";
+            size = "500M";
+            type = "EF00";
+            content = {
+              type = "filesystem";
+              format = "vfat";
+              mountpoint = "/boot";
+            };
+          };
+          root = {
+            name = "root";
+            size = "100%";
+            content = {
+              type = "lvm_pv";
+              vg = "pool";
+            };
+          };
+        };
+      };
+    };
+    lvm_vg = {
+      pool = {
+        type = "lvm_vg";
+        lvs = {
+          root = {
+            size = "100%FREE";
+            content = {
+              type = "filesystem";
+              format = "ext4";
+              mountpoint = "/";
+              mountOptions = [
+                "defaults"
+              ];
+            };
+          };
+        };
+      };
+    };
+  };
+}

anywhere/flake.nix

@@ -0,0 +1,16 @@
+{
+  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
+  inputs.disko.url = "github:nix-community/disko";
+  inputs.disko.inputs.nixpkgs.follows = "nixpkgs";
+
+  outputs = { nixpkgs, disko, ... }: {
+      # See other examples at https://github.com/nix-community/nixos-anywhere-examples/blob/main/flake.nix
+      nixosConfigurations.cloud = nixpkgs.lib.nixosSystem {
+        system = "aarch64-linux";
+        modules = [
+          disko.nixosModules.disko
+          ./configuration.nix
+        ];
+      };
+    };
+}