/nixos-predigerseminar

Some nixos setups for demo purposes

Primary LanguageNix

NixOS Predigerseminar

Example NixOS-setups based on nixos-containers.

church of nixos logo

Install

Using NixOS ≥ 21.11, the host system only requires one config option to run the examples from this repo:

programs.extra-container.enable = true;

For other systemd-based Linux distros: RTFM ;)

Usage

Ephemeral

Using nix run .#buildContainer_$NAME starts the container and provides an interactive shell, allowing to run commands in the container. Once the shell is closed, the container will be stopped and it's state will be deleted.

nix run .#buildContainer_$NAME

Persistant

To create a persistant container, use nix run .#buildContainer_$NAME -- create --start.

To create all defined containers, you can use:

nix run . -- create --start

The state of the created machines will be stored at /var/lib/nixos-containers.

You can control the machines with machinectl:

machinectl list

machinectl shell $NAME
machinectl poweroff $NAME

machinectl --help

For other features of extra-container see:

nix run . -- --help

Examples

Nextcloud

nextcloud-simple-insecure

Minimal Nextcloud setup based on https://nixos.wiki/wiki/Nextcloud.

This trivial setup contains a cleartext admin-password in the configuration 🤦

nix run .#buildContainer_nextcloud0
# or
nix run github:johannesloetzsch/nixos-predigerseminar#buildContainer_nextcloud0

http://192.0.2.20

User: root

Password: nix

nextcloud-sops

This setups differs from nextcloud-simple-insecure by using an sops-encrypted password 🤩

Only the users and hosts with the keys defined at .sops.yaml are able to decrypt sops/secrets/nextcloud/root-password.

To use this example:

## 1. create your own key
mkdir -p ~/.config/sops/age
nix shell nixpkgs#age --run age-keygen -o ~/.config/sops/age/keys.txt

## 2. copy it to the container
sudo cp ~/.config/sops/age/keys.txt /var/lib/nixos-containers/nextcloud1/root/sops.age

## 3. add the public key to `.sops.yaml`

## 4. change and reencrypt the password file
nix run nixpkgs#sops sops/secrets/nextcloud/root-password
nix run .#buildContainer_nextcloud1
# or
nix run github:johannesloetzsch/nixos-predigerseminar#buildContainer_nextcloud1

http://192.0.2.21

nextcloud-apps

Like nextcloud-sops, but with some Nextcloud-Apps.

This configuration shows, how to use arbitrary Apps from the Nextcloud App Store.

For this demo we use nextcloud as a Solid pod server 🤩

nix run .#buildContainer_nextcloud2
# or
nix run github:johannesloetzsch/nixos-predigerseminar#buildContainer_nextcloud2

http://192.0.2.22/apps/solid