<disasm>
I just deployed one to my mom's office 100% remotely. She spun up a raspbian rpi, plugged in the usb serial, and I imaged a usb, had her plug it in and installed from screen on rpi
<betawaffle>
ignore the select boot device part, the usb was the default anyway
<disasm>
betawaffle: did you create the installer with serial console support?
<betawaffle>
no, probably not
<gchristensen>
oh does it require customising?
<betawaffle>
just used the minimal iso from the site
<disasm>
ok, use the iso I just linked in nixos for the other guy
<gchristensen>
really? :P
<disasm>
unless that's been added to the minimal
<gchristensen>
its compatible?
<betawaffle>
well, just the `boot.kernelParams` part?
<gchristensen>
it'll evaporate after you install, of course, betawaffle
<gchristensen>
it is just what is on the installer disk
<disasm>
I have another usb external disk with lots of TB that I send zfs snapshots to and remove the snapshots regularly
<betawaffle>
right, ok so let me make sure i know what i should do:
<disasm>
betawaffle: just checked master, it's default now
<betawaffle>
1) i should grab my usb stick again, plug it back into my mac; 2) go into my nixos VM and put that stuff in some .nix file somewhere (home directory?); 3) run some form of nix-build?; 4) not sure
<disasm>
in the installer
<disasm>
betawaffle: no, just boot the installer you have
<disasm>
sorry for the confusion
<disasm>
my instructions are about a year old :)
<betawaffle>
boot it on what machine?
<disasm>
the apu
<betawaffle>
but i can't get the console
<betawaffle>
(all i see is the output from isolinux, then nothing)
<disasm>
or you can build your own from the gist I shared
<betawaffle>
this will be fine
<disasm>
for reference: nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=usb-mac-public.ni
<disasm>
meh, missed x in there
<betawaffle>
yeah, i figured it'd be something like that. i've never actually used nix before, but i've been reading a lot
<betawaffle>
\o/
<betawaffle>
booted. thanks!
<betawaffle>
i suppose it's time for me to figure out how i'm gonna get ethernet over here
<gchristensen>
it'd be a lonely router without some IP to route
<betawaffle>
well, my computer (needed to talk to the serial port) is far away from where the router is going to live, and most of the ethernet wires i ran from the other room to my wall are dead or semi-dead
<gchristensen>
oops
<disasm>
betawaffle: if you can take a laptop over to the unit near the ethernet long enough to start ssh service and set a root pw on installer
<disasm>
and then do rest over ssh
<betawaffle>
yeah, i'll probably do something like that. but i *think* i might be able to get that going over here
<disasm>
I bridge ports 2 and 3 and have multiple VLAN trunks on those with enp1s0 as the uplink
<betawaffle>
i'm gonna have to do a weird thing to get my att fiber stuff to work without having the att router in front
<disasm>
then have 1 vlan capable switch in my attic for my wireless gear and 1 vlan capable switch in my office for all my lan/voip ports (although voip is no longer used as my old company kept the voip phone)
<disasm>
betawaffle: you might be able to set DMZ on att router to your nixos router
<betawaffle>
yeah, that's what i have now. but it's not perfect. i'd love to put my router in front
<disasm>
so you'll probably need a fibre -> ethernet bridge and setup pppoe in nixos
<gchristensen>
all y'all and y'all's fancy setups
<betawaffle>
well, they have an ONT on the wall, that (currently) plugs into their router
<disasm>
hehe, that's the whole reason for getting away from openwrt gchristensen :)
<betawaffle>
but i'm gonna go ONT -> my router -> their router
<gchristensen>
I love it!
<betawaffle>
probably by doing a bridge between eth0 and eth2
<betawaffle>
(bridge needs to be transparent to 802.1x auth
<disasm>
yeah, you might be able to bridge a vlan on eth0 -> eth2
<disasm>
I'm excited, hope you share your configs :)
<betawaffle>
yeah, definitely
<gchristensen>
woot
<betawaffle>
i want to do this all with networkd, if possible
<betawaffle>
my mac has 2 eth ports, and i just set that up for eth1 (which will eventually be the lan port)
<betawaffle>
is swap a good idea? i wouldn't have thought to do it, but it's in the manual
<gchristensen>
how much ram do you have?
<betawaffle>
4G
<gchristensen>
should be fine I think
<betawaffle>
anyone know off-hand what the command is to fix the serial console size? (to fit my window)
<betawaffle>
nvm, figured it out
<gchristensen>
what was it?
<betawaffle>
stty rows 83 columns 318
<gchristensen>
cool
<betawaffle>
(specific to my screen, of course)
<gchristensen>
:)
<disasm>
I want to switch mine to networkd... Just haven't had time
<disasm>
I'm also not sure how well vlan support with nixos/networkd is
<disasm>
betawaffle: I back it with 4 GB of swap
<disasm>
but I also run unifi controller on it which is java
<betawaffle>
do you know what the difference is between networking.useNetworkd and systemd.networkd.enable?
Guanin has quit [Ping timeout: 258 seconds]
<disasm>
you want useNetworkd
<betawaffle>
what does that do? and what does the other one do?
<disasm>
you typically only want to use systemd top-level if you're writing modules
<disasm>
useNetworkd uses the script nixos/modules/tasks/network-interfaces-systemd.nix
<disasm>
you can read through that and see what it supports and doesn't
<disasm>
looks like vlan interfaces are supported :)
<disasm>
with useNetworkd I think for the most part you configure the same as if you weren't
<betawaffle>
so, useNetworkd makes all the standard networking.* config stuff work with systemd? and the other is for low-level networkd units?
<disasm>
and it will yell at you if you use an option that isn't supported
<disasm>
yeah
<disasm>
I'm going to switch my laptop from networkmanager -> networkd here in the next few months once I have some free time
<lopsided98>
I've found that useNetworkd can break complicated network setups (whereas systemd.networkd.enable does not)
<lopsided98>
because it adds a config file that matches all interfaces
<betawaffle>
yeah... i *may* want to write all my own networkd units. not sure
<betawaffle>
i'm not sure what using networking.* does for me if i'm starting fresh
<lopsided98>
it broke my OpenVPN server because OpenVPN wants to manage the interface itself
<lopsided98>
it also caused problems with Docker and libvirt
<disasm>
ah k, I stand corrected :)
<betawaffle>
so, what's the best way to have my nixos config stored in git?
<disasm>
I share mine publicly
<disasm>
and have a secrets.nix file in my .gitignore
<disasm>
and a shared.nix file that is in my git that shares things across systems
<betawaffle>
i mean, what's the best way to actually use a git repo for it? just checkout into /etc/nixos?
<gchristensen>
that is a perfectly fine way to do it
<betawaffle>
how do other people do it?
<disasm>
My network repo I linked earlier has 3 laptops (ones running osx as a build slave), a server and a router in the same repo :)
<disasm>
yeah, checkout to /etc/nixos
<betawaffle>
k
<disasm>
I use nixops for deploying my router
<betawaffle>
oh?
<betawaffle>
haven't tried that yet]
<disasm>
just get the thing installing with a base config first
<disasm>
it's easy to move to nixops later
<betawaffle>
k
<betawaffle>
now i just need to come up with a good hostname
<disasm>
I manage all my systems from my nixos laptop which is why I use nixops
<disasm>
nixops modify -I nixpkgs=new-nixpkgs-archive and then nixops deploy and all my systems get patched in a few minutes :)
<disasm>
mine's portal, not super cool
<betawaffle>
what exactly does networking.hostId do?
<gchristensen>
ZFS requires it
<gchristensen>
don't use ZFS, don't use it
<betawaffle>
k
<gchristensen>
it seems to only create a /etc/hostid file
<disasm>
yeah, that's what it does
<disasm>
prevents you from importing a zfs pool on another host
<gchristensen>
I think it is only really a problem for remote storage?
<gchristensen>
to avoid double-mounting or something
* gchristensen
has no idea
<betawaffle>
lol, i forgot to add the console to my config
<gchristensen>
lol oops
<gchristensen>
re-run the installer, mount your disks, skip everything up to nixos-install
<betawaffle>
yeah
<gchristensen>
it is nice that nixos-install is idempotent
<betawaffle>
Feb 18 14:25:39 bifrost sshd[523]: Error loading host key "/etc/ssh/ssh_host_rsa_key": invalid format
<gchristensen>
do we generate rsa keys anymore, anyway?
<gchristensen>
I thought we stopped since they're not really good
<gchristensen>
s/really/very/
<betawaffle>
well, the ed25519 key files are empty too
<disasm>
rsa and ed25519
<disasm>
no dsa anymore :)
<disasm>
i think rsa is still fine as long as it's 2048
<gchristensen>
ah.
<gchristensen>
well
<gchristensen>
hrm
<gchristensen>
they're generated on startup
<disasm>
yeah, but I think only if those files don't exist
<gchristensen>
oh right
<disasm>
so if they're 0 byte files, it'll break
<gchristensen>
ugly
<betawaffle>
why are they 0 byte files, though?
<disasm>
no idea...
<betawaffle>
ok, deleted just the key files and restarted ssh. worked
<disasm>
nothing jumps out at me in nixpkgs creating 0 byte files...
<betawaffle>
maybe it was because of my initial mistake with the console
<betawaffle>
i cut power, maybe it was writing the files
<disasm>
when your walking people through on the phone what to plugin where you need to be really clear :) I wanted my mom to plug the apu port 2 into the switch where the pi used to be plugged in and she plugged it into the pi! oops :)
<disasm>
wait another day till she's back in the office to finish up the setup!
lopsided98 has quit [Remote host closed the connection]