Per-host NixOS configuration is at nixos/. Secrets are protected via
sops-nix.
Packages local to this flake are at pkgs/ and are managed by nvfetcher.
Standalone ones not using nvfetcher should allow arbitrary arguments (for the
source parameter from nvfetcher).
$ nix flake update
$ cd pkgs && nvfetcher buildThe docker images for deploying over CI has the kage configuration built-in.
If too much stuff had changed, rebuild docker images. This happens rather
infrequently (when the entire nixpkgs is updated) so it is not hooked up to
the CI. Make sure that you are logged into the registry with docker login,
and that the current user has access to the docker daemon (part of docker
group).
$ cd ci-images
$ makeSquid requires the cache dirs to be populated with squid -z before first
launch. As on NixOS the configuration files are generated, use systemctl status squid to find the location of the configuration file. Use nix shell .#squid to bring the squid binary into PATH.
Remember to update the lock file for blog input after updating the blog flake:
nix flake lock --update-input blog
deploy .#kage