Skip to content

David-Kopczynski/proxmox

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

223 Commits
.vscode
.vscode
 
 
install
install
 
 
nixos-anywhere
nixos-anywhere
 
 
sops
sops
 
 
.sops.yaml
.sops.yaml
 
 
LICENSE.md
LICENSE.md
 
 
NOTICE
NOTICE
 
 
README.md
README.md
 
 
default.nix
default.nix
 
 
hive.nix
hive.nix
 
 

Repository files navigation

🌐 NixOS on Proxmox

This Nix installation is for multiple VMs running on my Proxmox Home-Lab server with a N100 (Intel 4 Core, Max 3.40 GHz) and 32 GB of RAM.

Installation is done remotely with the following command to build and deploy the new configuration.

nix-shell -p colmena --run "colmena apply -f PATH_TO_THIS_REPO/hive.nix [switch|test] [--on <NODES>]"

This way, the server is always up-to-date with the current channels (nixos, sops-nix) of my private NixOS configuration.

🔨 Installation

Setup is done remotely using nixos-anywhere by running nix-shell PATH_TO_THIS_REPO/nixos-anywhere/setup.sh to setup all partitions and deploying a base configuration to begin with.

Make sure the following constraints are met:

  1. The VM is created with the following settings:
    • Memory: 4 GB (4096 MB)
    • BIOS: OVMF (UEFI)
    • Hard Disk (scsi0): 8 GB
    • Hard Disk (scsi1): 1 GB
    • EFI Disk: default
  2. The VM is booted with the NixOS installation ISO.
  3. A password is set with sudo passwd to connect with the VM over SSH.
  4. Install using nix-shell PATH_TO_THIS_REPO/nixos-anywhere/setup.sh.
  5. After installation, a new password should be set with passwd. Apart from that, the VM is ready to be used, while the ISO can be removed. Ideally, the VM should also be renamed to its hostname within the router dashboard.
  6. In order to deploy with Colmena, the initial installation with deployment.targetHost should point to the hostname nixos or the IP address of the VM.

Otherwise, the installation will fail due to a lack of resources in the store or the connection being refused.
During the installation, it is possible for the IP to change. If this happens, run the installation again using the new IP.

At the time of writing, secure boot must be disabled with ESC -> Device Manager -> Secure Boot Configuration -> Disable Secure Boot -> Save & Exit (enter by pressing ESC while booting VM).

🔐 Secrets

Secrets are encrypted with sops using my private SSH key.

cd PATH_TO_THIS_REPO
nix-shell -p sops --run "sops install/$HOST/secrets.yaml"

During creation of the secrets.yaml, you need to cd into this directory to create the file.
Afterwards, you can open the file from anywhere.

Credits to Josh Lee for a great guide while setting up this configuration.

About

Proxmox Services on NixOS

davidkopczynski.com

Topics

server nixos self-hosted proxmox colmena disko

Resources

Readme

License

GPL-3.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages