Register remote machines.

2023-12-07 14:40:44 -07:00 · 2023-12-07 14:40:44 -07:00 · 5db251edfa
parent 51c36009ae
commit 5db251edfa
4 changed files with 79 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -16,7 +16,22 @@ configurations together.

 ## Remotes

-Remote machines are handled on [DigitalOcean](https://www.digitalocean.com/),
-deployed using [colmena](https://github.com/zhaofengli/colmena). The custom
-image used by each droplet can be built using the top-level `digital-ocean`
-flake.
+Remote machines are hosted on [DigitalOcean](https://www.digitalocean.com/).
+The custom image used by each droplet can be built using the top-level
+`digital-ocean` flake. This image disables a root password in favor of SSH.
+A droplet running this image will automatically pull in any enabled SSH keys
+from your DigitalOcean account at creation time.
+
+Deployment is managed using [colmena](https://github.com/zhaofengli/colmena).
+To deploy, run the following:
+```bash
+$ cd hive
+$ colmena apply
+```
+Note that colmena requires non-interactivity. If you haven't done so already,
+you'll likely need to add the private SSH key corresponding to the public one
+uploaded to DigitalOcean to your SSH agent. Do so by running:
+```bash
+$ eval $(ssh-agent -s)
+$ ssh-add <ssh-file>
+```
--- a/hive/flake.lock
+++ b/hive/flake.lock
@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1701802827,
+        "narHash": "sha256-wTn0lpV75Uv6tU6haEypNsmnJJPb0hpaMIy/4uf5AiQ=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "a804fc878d7ba1558b960b4c64b0903da426ac41",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-23.11",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
--- a/hive/flake.nix
+++ b/hive/flake.nix
@ -0,0 +1,21 @@
+{
+  description = "Configuration of all remote NixOS machines.";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
+  };
+
+  outputs = { nixpkgs, ... }:
+    {
+      colmena = {
+        meta = {
+          nixpkgs = import nixpkgs {
+            system = "x86_64-linux";
+          };
+        };
+
+        # Remote machines
+        phobos = (import ./phobos.nix);
+      };
+    };
+}
--- a/hive/phobos.nix
+++ b/hive/phobos.nix
@ -0,0 +1,12 @@
+{ modulesPath, lib, ... }:
+{
+  imports = lib.optional (builtins.pathExists ./do-userdata.nix) ./do-userdata.nix ++ [
+    (modulesPath + "/virtualisation/digital-ocean-config.nix")
+  ];
+
+  deployment.targetHost = "146.190.127.180";
+
+  networking.hostName = "phobos";
+
+  system.stateVersion = "23.11";
+}