29 lines
1.1 KiB
Markdown
29 lines
1.1 KiB
Markdown
|
# Infrastructure
|
||
|
|
|
||
|
|
Hello this is my new and improved Nix infrastructure.
|
||
|
|
|
||
|
|
## General layout
|
||
|
|
|
||
|
|
There are three main directories:
|
||
|
|
|
||
|
|
- `secret`, which contains secrets
|
||
|
|
- `shared`, which contains shared config modules
|
||
|
|
- `system`, which contains the configurations for specific machines
|
||
|
|
|
||
|
|
I have some machines that don't run NixOS so I have separated the home-manager stuff (`home`)
|
||
|
|
from the NixOS system-level stuff (`core`).
|
||
|
|
|
||
|
|
For example, `thor` and `odin` are both NixOS machines, so for these machines, there is both
|
||
|
|
a `home.nix` for the home config of my user account, and a `core.nix` containing the
|
||
|
|
system-level configuration of the machine.
|
||
|
|
|
||
|
|
### Shared configuration
|
||
|
|
|
||
|
|
NixOS and home-manager modules are used to organize the config.
|
||
|
|
|
||
|
|
A lot of config is shared between machines. This is stored within the `shared/` directory,
|
||
|
|
under either `shared/core/` for system-level NixOS modules or `shared/home/` for home-manager
|
||
|
|
modules.
|
||
|
|
|
||
|
|
There's also a shared key used by the `nix` user of each machine, for which the public key
|
||
|
|
is in `shared/data/`. This key is used to let other machines serve as remote builders.
|