Once you clone the repository, you might need to re-generate all the server secrets (as you will not have access to them, which you can do by adding your key on config.nix), then running:
server-re-generate-secretsThen, once you have access to the secrets, you can re-encrypt them with newer keys by running:
server-reencrypt-secretsInside a nix-shell, run the following command:
server-bootstrap <user>@<ip>After bootstrapping the server, there is currently some manual book-keeping you need to do:
- The SSH host keys are changed after bootstrap, so you need to remove the key on your
~/.ssh/known_hosts. - You need to add the new server host key to
config.nix. - You need to re-encrypt the secrets with the new keys, by running the following command:
server-reencrypt-secretsInside a nix-shell, run the following command:
server-deploy .#<profile> <ip>Where <profile> can be found either on the deploy.nodes key on flake.nix, or on the profiles/ folder.