Created Wednesday 19 June 2024
OS:

NIXOS
full disk encryption, maybe with (LUKS)
ZFS
ZRAM
ZSWAP
WOL
SSH start/restart/stop

Hardware:
16gb ram
1Tb ssd
4 core cpu

Some of the main requirements for a new NIXOS pc to be set up are:
hdd encryption, to be able to remote control it via ssh, able to restart it via ssh, able to start it remotely from turned off, able to restart automatically after power supply failure, using UEFI. Web Services accessible via internet securely. Some applications will be installed directly via configuration.nix; others via docker/podman.
What are the logical procedural steps to achieve that?

Answer
To set up a new NixOS PC with the specified requirements, follow these steps:

Install NixOS with UEFI support and enable disk encryption during installation

. Use LUKS2 encryption for better security
.
Configure networking in configuration.nix to enable SSH access
. Open necessary ports in the firewall.
Set up automatic restart after power failures by enabling the systemd-networkd-wait-online.service
.
Enable remote power control by configuring IPMI or Wake-on-LAN in hardware-configuration.nix
.
Set up secure web services by configuring nginx or apache in configuration.nix
. Use Let's Encrypt for HTTPS certificates.
Install applications directly in configuration.nix or using Docker/Podman modules
. Declare services and configurations for each app.
Enable automatic updates for the system and installed packages
.
Set up monitoring and logging to track system health and detect issues
.
Backup the system configuration using a version control system like Git

.
Test the setup by rebooting remotely, starting services, and verifying web access.

The key steps are properly configuring disk encryption, networking, power management, web services, and application installation in configuration.nix and hardware-configuration.nix. Refer to the NixOS manual and community resources for detailed instructions on each component.

# PC Evolution Log

## Hardware

- CPU:
- RAM:
- Storage:
- GPU:
- Motherboard:
- Other components:

## Software

- NixOS version:

unstable

- Kernel version:

- Installed packages:

- Enabled services:

Services Installed under NIX:

Docker
grocy

Services Installed under Docker:

inventree
openproject
simpleinvoices

## Settings
- Configuration.nix changes:
- Home Manager changes:
- IP Addresses
- Ports used
- Other configuration files:

## Issues
- Encountered issues:
- Troubleshooting steps:
- Resolutions:

## Milestones
- Date:
- Change:
- Reason:

bx27 building Considerations