NixOS

A friend of mine just forgot the fulldisk encryption password for a laptop.. sounds like a fun little adventure! This is not exactly a new topic, there are nice posts about this problem such as this one, however this is how I’ve tried to tackle the problem. The password was generated according to a couple of rules and only partially lost. Lets assume here for the sake of this little post that the password was generated by using a word list and contained multiple words, some of which are missing....

In the last post, I wrote about how to convert a ’normal’ NixOS system to one that is managed by a flake. This one will build on top of, or rather scale out of managing single hosts and dive into how to do remote management and deployment for multiple systems. Introduction Before taking a peek into Deployments, lets set a bit of a frame of reference here first: When talking about deployments a lot of people think about quite complex setups and the use of services such as autoscaling, instance creation etc....

I’ve been meaning to write something for a while now, however before I can dive into a couple of more interesting topics here, I feel like it is the best to mention the transition to flakes. I’ll try and keep this one short, there are a bunch of other way more detailed posts on flakes already, however I didn’t find to many posts about how to switch from an existing configuration to using flakes and it seems to be quite doable....

This is the second part of my little series about tinc and NixOS, where I first shortly introduced tinc and then explained how to set it up on Linux in general as well as on NixOS. This part is more or less a rewrite of a question I posted to the NixOS discourse a while ago. For a while I’ve been using tinc on a bunch of infrastructure and so far it’s basically been rock solid: once set up nodes anywhere simply join their network and become reachable for anyone who needs to access them....

This is a post about tinc - a nifty little Mesh VPN service. It is also the first part of a little series of posts related to tinc and NixOS. In this first part I’ll just write a bit about how to set up tinc, then in the second part I’ll take a closer look into how writing a NixOS module can managing tinc networks easier. And finally in the third part I’ll present a rewrite of the module with a bunch more features....

How I yet again decided to set up another iteration of this blog. This time using nix, hugo and of course orgmode.. Introduction This is my third attempt of setting up an easy to use blogging workflow. The first time I chose to try out use ox-hugo as well as github pages. Initially everything worked, but I quickly stopped writing posts because my initial setup using a single orgmode file with ox-hugo did not match my notetaking workflow, where I basically generate a bunch of random files and some of them get reworked or updated enough for me to think about publishing them....

In this post I’ll describe how to set up a sparse VM image with full disk encryption and NixOS on ZFS, which can be uploaded to a VPS provider and then unlocked on boot using ssh. First we need to create a virtual machine image file. Initially I tried using qemu-img, but somehow the image file was missing some information and the VM would not recognize a disk. Instead I went with the easy way and used virt-manager to create a new VM with the correct image size....

This is a rather short post and the start of what will hopefully become a nice little series of posts related to NixOS. I just had to bulk install NixOS on a bunch of Intel NUCs, here is a little script to automate the installation process. Some bits and pieces are taken from other installation scripts, but it’s been a while, so I don’t know who to credit for them, I’m fairly sure this wonderful post from the NixOS discourse was involved though....