Inspiration from https://gitlab.aliens-lyon.fr/AliENS/infrastructure

Install

Make a disk image

From another linux system, create the build script nix build .#nixosConfigurations.midori.config.system.build.diskoImagesScript

Write your disk password to somewhere, like /tmp/secret.key, then build the image calling the result: ./result --build-memory 8192 --pre-format-files /tmp/secret.key secret.key

VMC

VMC has a weird mapping for keys (Qwerty-1 * bepo) To remap, use the following python script

a = "abcdefghijklmnopqrsuvx,.'ABCDEFHIJKLMOPQRSUX"
b = "akxipe,cdtsrq'ljbouv.yghmAKXIPECDTSRQLJBOUVY"
d = dict()
for i in range(len(b)):
  d[b[i]] = a[i]

p = "motdepasse"
pp = ''.join([c for c in p if c in b])
pc = ''.join([d[c] for c in pp])
print("Mot de passe:",pp)
print("Mot de passe:",pc)

Install with nixos-anywhere

#### Write disk encryption password to secret.key
echo "motdepasse" > secret.key
#### Connect to ssh, run kexec to nixos install rom, and format disko
nix run github:nix-community/nixos-anywhere -- --flake '.#midori' --target-host root@109.94.170.38 --disk-encryption-keys /tmp/secret.key ./secret.key --phases kexec,disko

#### Mount persistence directories that nixos will install stuff into
mkdir -p /mnt/persistence/nix
mkdir -p /mnt/persistence/var/lib/nixos
mount --bind -m -o X-fstrim.notrim /mnt/persistence/nix /mnt/nix
mount --bind -m -o X-fstrim.notrim /mnt/persistence/var/lib/nixos /mnt/var/lib/nixos

#### Run the install phase
nix run github:nix-community/nixos-anywhere -- --flake '.#midori' --target-host root@109.94.170.38 --disk-encryption-keys /tmp/secret.key ./secret.key --phases install

Update

From a nixos system, checked out in this tree:

  nixos-rebuild --flake .#midori --target-host mysaa@midori --use-remote-sudo switch

Services

External ports

SSH Port 2168

Internal ports

Gitea Port 2301