forked from pub-solar/os
doc: usage for deploy-rs
This commit is contained in:
parent
8c7631b014
commit
ad49a5e7e7
|
@ -23,4 +23,6 @@
|
|||
- [iso](./doc/flk/iso.md)
|
||||
- [install](./doc/flk/install.md)
|
||||
- [home](./doc/flk/home.md)
|
||||
- [Integrations](doc/integrations/index.md)
|
||||
- [deploy-rs](./doc/integrations/deploy.md)
|
||||
- [Contributing](./doc/README.md)
|
||||
|
|
49
doc/integrations/deploy.md
Normal file
49
doc/integrations/deploy.md
Normal file
|
@ -0,0 +1,49 @@
|
|||
# deploy-rs
|
||||
[Deploy-rs][d-rs] is a tool for managing NixOS remote machines. It was
|
||||
chosen for nixflk after the author experienced some frustrations with the
|
||||
stateful nature of nixops' db. It was also designed from scratch to support
|
||||
flake based deployments, and so is an excellent tool for the job.
|
||||
|
||||
By default, all the [hosts](../../hosts) are also available as deploy-rs nodes,
|
||||
configured with the hostname set to `networking.hostName`; overridable via
|
||||
the command line.
|
||||
|
||||
## Usage
|
||||
|
||||
Just add your ssh key to the host:
|
||||
```nix
|
||||
{ ... }:
|
||||
{
|
||||
users.users.${sshUser}.openssh.authorizedKeys.keyFiles = [
|
||||
../secrets/path/to/key.pub
|
||||
];
|
||||
}
|
||||
```
|
||||
|
||||
And the private key to your user:
|
||||
```nix
|
||||
{ ... }:
|
||||
{
|
||||
home-manager.users.${sshUser}.programs.ssh = {
|
||||
enable = true;
|
||||
|
||||
matchBlocks = {
|
||||
${host} = {
|
||||
host = hostName;
|
||||
identityFile = ../secrets/path/to/key;
|
||||
extraOptions = { AddKeysToAgent = "yes"; };
|
||||
};
|
||||
};
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
And run the deployment:
|
||||
```sh
|
||||
deploy "flk#hostName" --hostname host.example.com
|
||||
```
|
||||
|
||||
> ##### _Note:_
|
||||
> Your user will need sudo access
|
||||
|
||||
[d-rs]: https://github.com/serokell/deploy-rs
|
5
doc/integrations/index.md
Normal file
5
doc/integrations/index.md
Normal file
|
@ -0,0 +1,5 @@
|
|||
# Integrations
|
||||
This section explores some of the optional tools included with nixflk to provide
|
||||
a solution to common concerns such as ci and remote deployment. An effort is
|
||||
made to choose tools that treat nix, and where possible flakes, as first class
|
||||
citizens.
|
Loading…
Reference in a new issue