https://github.com/dr-nekoma/trashcan

A multi-purpose server written in Nix/NixOS❄️
https://github.com/dr-nekoma/trashcan

age justfile linux nix nix-flakes nixos postgresql server terraform

Last synced: 8 months ago
JSON representation

A multi-purpose server written in Nix/NixOS❄️

• Host: GitHub
• URL: https://github.com/dr-nekoma/trashcan
• Owner: Dr-Nekoma
• License: agpl-3.0
• Created: 2024-10-17T21:30:47.000Z (over 1 year ago)
• Default Branch: master
• Last Pushed: 2024-11-28T01:23:21.000Z (over 1 year ago)
• Last Synced: 2025-08-02T05:29:05.067Z (11 months ago)
• Topics: age, justfile, linux, nix, nix-flakes, nixos, postgresql, server, terraform
• Language: Nix
• Homepage:
• Size: 105 KB
• Stars: 4
• Watchers: 1
• Forks: 1
• Open Issues: 2
• Metadata Files:
  • Readme: README.org
  • License: LICENSE

Awesome Lists containing this project

README

          
* Trashcan 🗑️

#+html: 


#+html: 

This repository contains the server configuration to host our applications,

currently we deploy the following projects here:

+ [[https://github.com/Dr-Nekoma/lyceum][Lyceum]]

** Developmennt

Enter the Nix shell via the cli, or leverage direnv:

#+begin_src shell

  # Nix CLI

  nix develop --impure

  # direnv

  direnv allow

#+end_src

*** Setting Up Local Keys

If you dont have any keys setup already:

#+begin_src shell

  cd keys

  ssh-keygen -t ed25519 -C "your.email@gmail.com"

  cd ../secrets

  # Either, if you have a key in your agent

  agenix --rekey

  # Or

  agenix --rekey -i ../keys/your_private_key

#+end_src

*** Qemu VM

#+begin_src shell

  just run

#+end_src

When inside the VM, check if a few services are running fine:

#+begin_src shell

  systemctl status sshd.service

#+end_src

Add the following to your ~$HOME/.ssh/config~:

#+begin_src shell

  Host nixos_vm

    HostName 127.0.0.1

    Port 2222

    StrictHostKeyChecking no

    User your_user

    IdentityFile your_key

#+end_src

then try to login:

#+begin_src shell

  ssh nixos_vm

#+end_src

*** Custom ISO 

You can also build an ~.iso~ to test with different tools.

#+begin_src shell

  nix build .#iso

#+end_src

** Deployment

*** Provisioning with Terraform

#+begin_src shell

  just update-vars

  just plan

  just apply

  # if you need to nuke the infra as well

  just destroy

#+end_src

After the initial terraform deploy, make sure to run:

#+begin_src shell

  just rekey

#+end_src

*** Deploying with Nix

After provisioning the infrastructure, you won't need Terraform anymore, all

deploys can be done in pure Nix.

#+begin_src shell

  just deploy

  # or

  deploy

#+end_src

* Acknowledgements

+ The Terraform-based bootstrap is a modification from the great setup found in the

  [[https://github.com/Gabriella439/nixos-in-production][NixOS in Production]] book.

+ Magalu Cloud setup is inspired by [[https://github.com/Misterio77/hackathon-mgc-factorio-terraform]][Declarative Factorio] repo.