From 5db251edfa28be8350218ee21545f2c8fc9b45aa Mon Sep 17 00:00:00 2001
From: Joshua Potter <jrpotter2112@gmail.com>
Date: Thu, 7 Dec 2023 14:40:44 -0700
Subject: [PATCH] Register remote machines.

---
 README.md       | 23 +++++++++++++++++++----
 hive/flake.lock | 27 +++++++++++++++++++++++++++
 hive/flake.nix  | 21 +++++++++++++++++++++
 hive/phobos.nix | 12 ++++++++++++
 4 files changed, 79 insertions(+), 4 deletions(-)
 create mode 100644 hive/flake.lock
 create mode 100644 hive/flake.nix
 create mode 100644 hive/phobos.nix

diff --git a/README.md b/README.md
index 569fe72..0d14fa0 100644
--- a/README.md
+++ b/README.md
@@ -16,7 +16,22 @@ configurations together.
 
 ## Remotes
 
-Remote machines are handled on [DigitalOcean](https://www.digitalocean.com/),
-deployed using [colmena](https://github.com/zhaofengli/colmena). The custom
-image used by each droplet can be built using the top-level `digital-ocean`
-flake.
+Remote machines are hosted on [DigitalOcean](https://www.digitalocean.com/).
+The custom image used by each droplet can be built using the top-level
+`digital-ocean` flake. This image disables a root password in favor of SSH.
+A droplet running this image will automatically pull in any enabled SSH keys
+from your DigitalOcean account at creation time.
+
+Deployment is managed using [colmena](https://github.com/zhaofengli/colmena).
+To deploy, run the following:
+```bash
+$ cd hive
+$ colmena apply
+```
+Note that colmena requires non-interactivity. If you haven't done so already,
+you'll likely need to add the private SSH key corresponding to the public one
+uploaded to DigitalOcean to your SSH agent. Do so by running:
+```bash
+$ eval $(ssh-agent -s)
+$ ssh-add <ssh-file>
+```
diff --git a/hive/flake.lock b/hive/flake.lock
new file mode 100644
index 0000000..b416269
--- /dev/null
+++ b/hive/flake.lock
@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1701802827,
+        "narHash": "sha256-wTn0lpV75Uv6tU6haEypNsmnJJPb0hpaMIy/4uf5AiQ=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "a804fc878d7ba1558b960b4c64b0903da426ac41",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-23.11",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/hive/flake.nix b/hive/flake.nix
new file mode 100644
index 0000000..35b30b5
--- /dev/null
+++ b/hive/flake.nix
@@ -0,0 +1,21 @@
+{
+  description = "Configuration of all remote NixOS machines.";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
+  };
+
+  outputs = { nixpkgs, ... }:
+    {
+      colmena = {
+        meta = {
+          nixpkgs = import nixpkgs {
+            system = "x86_64-linux";
+          };
+        };
+
+        # Remote machines
+        phobos = (import ./phobos.nix);
+      };
+    };
+}
diff --git a/hive/phobos.nix b/hive/phobos.nix
new file mode 100644
index 0000000..0b4475c
--- /dev/null
+++ b/hive/phobos.nix
@@ -0,0 +1,12 @@
+{ modulesPath, lib, ... }:
+{
+  imports = lib.optional (builtins.pathExists ./do-userdata.nix) ./do-userdata.nix ++ [
+    (modulesPath + "/virtualisation/digital-ocean-config.nix")
+  ];
+
+  deployment.targetHost = "146.190.127.180";
+
+  networking.hostName = "phobos";
+
+  system.stateVersion = "23.11";
+}