From d574faf2535328d4c02959ef41407d87f42d5acf Mon Sep 17 00:00:00 2001 From: Qubasa Date: Sun, 12 May 2024 23:09:08 +0200 Subject: [PATCH] Heavily improve documentation and flake template --- docs/site/getting-started/configure.md | 25 ++++++++++++--- docs/site/getting-started/machines.md | 4 +-- pkgs/clan-cli/clan_cli/flakes/create.py | 4 +++ templates/new-clan/flake.nix | 16 +++++++--- .../new-clan/machines/jon/configuration.nix | 31 ++++++++++++++---- .../new-clan/machines/sara/configuration.nix | 32 +++++++++++++++---- templates/new-clan/modules/shared.nix | 3 ++ 7 files changed, 91 insertions(+), 24 deletions(-) diff --git a/docs/site/getting-started/configure.md b/docs/site/getting-started/configure.md index 9f3ade625..5e550f246 100644 --- a/docs/site/getting-started/configure.md +++ b/docs/site/getting-started/configure.md @@ -84,7 +84,7 @@ Adding or configuring a new machine requires two simple steps: === "**buildClan**" - ```nix title="clan-core.lib.buildClan" hl_lines="17" + ```nix title="clan-core.lib.buildClan" hl_lines="17 22" buildClan { # ... machines = { @@ -92,6 +92,7 @@ Adding or configuring a new machine requires two simple steps: imports = [ # ... ./modules/disko.nix + ./machines/jon/configuration.nix ]; # ... @@ -104,6 +105,10 @@ Adding or configuring a new machine requires two simple steps: device = "/dev/disk/by-id/__CHANGE_ME__"; } + # e.g. > cat ~/.ssh/id_ed25519.pub + users.users.root.openssh.authorizedKeys.keys = [ + "" + ]; # ... }; }; @@ -112,7 +117,7 @@ Adding or configuring a new machine requires two simple steps: === "**flakeParts**" - ```nix title="clan-core.flakeModules.default" hl_lines="17" + ```nix title="clan-core.flakeModules.default" hl_lines="17 22" clan = { # ... machines = { @@ -120,6 +125,7 @@ Adding or configuring a new machine requires two simple steps: imports = [ # ... ./modules/disko.nix + ./machines/jon/configuration.nix ]; # ... @@ -132,6 +138,10 @@ Adding or configuring a new machine requires two simple steps: device = "/dev/disk/by-id/__CHANGE_ME__"; } + # e.g. > cat ~/.ssh/id_ed25519.pub + users.users.root.openssh.authorizedKeys.keys = [ + "__YOUR_SSH_KEY__" + ]; # ... }; }; @@ -139,16 +149,21 @@ Adding or configuring a new machine requires two simple steps: ``` -!!! Info "In this case `__CHANGE_ME__` should be `nvme-eui.e8238fa6bf530001001b448b4aec2929`" +!!! Info "Replace `__CHANGE_ME__` with the appropriate identifier, such as `nvme-eui.e8238fa6bf530001001b448b4aec2929`" +!!! Info "Replace `__YOUR_SSH_KEY__` with your personal key, like `ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILoMI0NC5eT9pHlQExrvR5ASV3iW9+BXwhfchq0smXUJ jon@jon-desktop`" -### Step 2. Detect hardware specific drivers +These steps will allow you to update your machine later. -1. Generate a `hardware-configuration.nix` for your target computer +#### Step 2: Detect Drivers +1. Generate the `hardware-configuration.nix` file for your machine using the following command: ```bash ssh root@flash-installer.local nixos-generate-config --no-filesystems --show-hardware-config > machines/jon/hardware-configuration.nix ``` +#### Step 3: Custom Configuration +1. In `./machines/jon/configuration.nix`, you can personalize the settings to suit your needs. + --- diff --git a/docs/site/getting-started/machines.md b/docs/site/getting-started/machines.md index c9923e97a..c4bbc921b 100644 --- a/docs/site/getting-started/machines.md +++ b/docs/site/getting-started/machines.md @@ -52,7 +52,7 @@ This process involves preparing a suitable hardware and disk partitioning config This is an example of the booted installer. - ```{ .bash .annotate } + ```{ .bash .annotate .no-copy } ┌─────────────────────────────────────────────────────────────────────────────────────┐ │ ┌───────────────────────────┐ │ │ │███████████████████████████│ # This is the QR Code (1) │ @@ -93,7 +93,7 @@ This process involves preparing a suitable hardware and disk partitioning config ] } ``` - + To generate the actual QR code, that would be displayed use: ```shellSession echo '{"pass":"cheesy-capital-unwell","tor":"6evxy5yhzytwpnhc2vpscrbti3iktxdhpnf6yim6bbs25p4v6beemzyd.onion","addrs":["2001:9e8:347:ca00:21e:6ff:fe45:3c92"]}' | nix run nixpkgs#qrencode -- -s 2 -m 2 -t utf8 diff --git a/pkgs/clan-cli/clan_cli/flakes/create.py b/pkgs/clan-cli/clan_cli/flakes/create.py index a7f8ca203..d8aba488a 100644 --- a/pkgs/clan-cli/clan_cli/flakes/create.py +++ b/pkgs/clan-cli/clan_cli/flakes/create.py @@ -43,6 +43,10 @@ def create_flake(directory: Path, url: str) -> dict[str, CmdOut]: out = run(command, cwd=directory) response["git config"] = out + command = ["nix", "flake", "update"] + out = run(command, cwd=directory) + response["flake update"] = out + return response diff --git a/templates/new-clan/flake.nix b/templates/new-clan/flake.nix index d61938ee0..e3b80f068 100644 --- a/templates/new-clan/flake.nix +++ b/templates/new-clan/flake.nix @@ -33,14 +33,17 @@ # Set this for clan commands use ssh i.e. `clan machines update` clan.networking.targetHost = pkgs.lib.mkDefault "root@jon"; - # TODO: Example how to use disko for more complicated setups - # ssh root@flash-installer.local lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT disko.devices.disk.main = { device = "/dev/disk/by-id/__CHANGE_ME__"; }; - # TODO: Document that there needs to be one controller + # IMPORTANT! Add your SSH key here + # e.g. > cat ~/.ssh/id_ed25519.pub + users.users.root.openssh.authorizedKeys.keys = [ "" ]; + + # Zerotier needs one controller to accept new nodes. Once accepted + # the controller can be offline and routing still works. clan.networking.zerotier.controller.enable = true; }; sara = { @@ -57,12 +60,15 @@ # Set this for clan commands use ssh i.e. `clan machines update` clan.networking.targetHost = pkgs.lib.mkDefault "root@sara"; - # local> clan facts generate - # ssh root@flash-installer.local lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT disko.devices.disk.main = { device = "/dev/disk/by-id/__CHANGE_ME__"; }; + + # IMPORTANT! Add your SSH key here + # e.g. > cat ~/.ssh/id_ed25519.pub + users.users.root.openssh.authorizedKeys.keys = [ "" ]; + /* After jon is deployed, uncomment the following line This will allow sara to share the VPN overlay network with jon diff --git a/templates/new-clan/machines/jon/configuration.nix b/templates/new-clan/machines/jon/configuration.nix index c84ebb690..24b3ae712 100644 --- a/templates/new-clan/machines/jon/configuration.nix +++ b/templates/new-clan/machines/jon/configuration.nix @@ -1,15 +1,34 @@ -{ ... }: +{ config, ... }: +let + username = config.networking.hostName; +in { imports = [ ./hardware-configuration.nix ]; - users.users.root.openssh.authorizedKeys.keys = [ - # IMPORTANT! Add your SSH key here - # e.g. > cat ~/.ssh/id_ed25519.pub - "" - ]; services.xserver.enable = true; services.xserver.desktopManager.gnome.enable = true; services.xserver.displayManager.gdm.enable = true; # Disable the default gnome apps to speed up deployment services.gnome.core-utilities.enable = false; + + # Enable automatic login for the user. + services.displayManager.autoLogin = { + enable = true; + user = username; + }; + + users.users.${username} = { + initialPassword = username; + isNormalUser = true; + extraGroups = [ + "wheel" + "networkmanager" + "video" + "audio" + "input" + "dialout" + "disk" + ]; + uid = 1000; + }; } diff --git a/templates/new-clan/machines/sara/configuration.nix b/templates/new-clan/machines/sara/configuration.nix index c84ebb690..e45a4455a 100644 --- a/templates/new-clan/machines/sara/configuration.nix +++ b/templates/new-clan/machines/sara/configuration.nix @@ -1,15 +1,35 @@ -{ ... }: +{ config, ... }: + +let + username = config.networking.hostName; +in { imports = [ ./hardware-configuration.nix ]; - users.users.root.openssh.authorizedKeys.keys = [ - # IMPORTANT! Add your SSH key here - # e.g. > cat ~/.ssh/id_ed25519.pub - "" - ]; services.xserver.enable = true; services.xserver.desktopManager.gnome.enable = true; services.xserver.displayManager.gdm.enable = true; # Disable the default gnome apps to speed up deployment services.gnome.core-utilities.enable = false; + + # Enable automatic login for the user. + services.displayManager.autoLogin = { + enable = true; + user = username; + }; + + users.users.${username} = { + initialPassword = username; + isNormalUser = true; + extraGroups = [ + "wheel" + "networkmanager" + "video" + "audio" + "input" + "dialout" + "disk" + ]; + uid = 1000; + }; } diff --git a/templates/new-clan/modules/shared.nix b/templates/new-clan/modules/shared.nix index bcd3118ec..963b46f44 100644 --- a/templates/new-clan/modules/shared.nix +++ b/templates/new-clan/modules/shared.nix @@ -4,4 +4,7 @@ clan-core.clanModules.sshd clan-core.clanModules.root-password ]; + + # Locale service discovery and mDNS + services.avahi.enable = true; }