Register remote machines.

2023-12-07 14:40:44 -07:00 · 2023-12-07 14:40:44 -07:00 · 5db251edfa
parent 51c36009ae
commit 5db251edfa
4 changed files with 79 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -16,7 +16,22 @@ configurations together.
 ## Remotes
-Remote machines are handled on [DigitalOcean](https://www.digitalocean.com/),
+Remote machines are hosted on [DigitalOcean](https://www.digitalocean.com/).
-deployed using [colmena](https://github.com/zhaofengli/colmena). The custom
+The custom image used by each droplet can be built using the top-level
-image used by each droplet can be built using the top-level `digital-ocean`
+`digital-ocean` flake. This image disables a root password in favor of SSH.
-flake.
+A droplet running this image will automatically pull in any enabled SSH keys
 from your DigitalOcean account at creation time.
 Deployment is managed using [colmena](https://github.com/zhaofengli/colmena).
 To deploy, run the following:
 ```bash
 $ cd hive
 $ colmena apply
 ```
 Note that colmena requires non-interactivity. If you haven't done so already,
 you'll likely need to add the private SSH key corresponding to the public one
 uploaded to DigitalOcean to your SSH agent. Do so by running:
 ```bash
 $ eval $(ssh-agent -s)
 $ ssh-add <ssh-file>
 ```
--- a/hive/flake.lock
+++ b/hive/flake.lock
@ -0,0 +1,27 @@
 {
  "nodes": {
    "nixpkgs": {
      "locked": {
        "lastModified": 1701802827,
        "narHash": "sha256-wTn0lpV75Uv6tU6haEypNsmnJJPb0hpaMIy/4uf5AiQ=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "a804fc878d7ba1558b960b4c64b0903da426ac41",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-23.11",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
        "nixpkgs": "nixpkgs"
      }
    }
  },
  "root": "root",
  "version": 7
 }
--- a/hive/flake.nix
+++ b/hive/flake.nix
@ -0,0 +1,21 @@
 {
  description = "Configuration of all remote NixOS machines.";
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
  };
  outputs = { nixpkgs, ... }:
    {
      colmena = {
        meta = {
          nixpkgs = import nixpkgs {
            system = "x86_64-linux";
          };
        };
        # Remote machines
        phobos = (import ./phobos.nix);
      };
    };
 }
--- a/hive/phobos.nix
+++ b/hive/phobos.nix
@ -0,0 +1,12 @@
 { modulesPath, lib, ... }:
 {
  imports = lib.optional (builtins.pathExists ./do-userdata.nix) ./do-userdata.nix ++ [
    (modulesPath + "/virtualisation/digital-ocean-config.nix")
  ];
  deployment.targetHost = "146.190.127.180";
  networking.hostName = "phobos";
  system.stateVersion = "23.11";
 }