Nixos

superseded by: https://hackmd.shackspace.de/nixos-deployment#

Deploying Nixos

Nixops is stateful, but shouldn't have to be.

-> They need the state to create and provision remote instances and for firewall rules etc. Also you can do remote rollbacks from nixops.

Using terraform instead allows you to make use of existing infrastructure for communicating with various cloud providers but it doesn't know about the machine state so you need to build your own nix integration on top of it.

Nixos-rebuild makes an activation script that people have been using to deploy via a short bash script but this is mostly for small scale ops.

nixos-generators are quite popular for creating new machines since you can have them be preconfigured to have ssh keys and make it a member of relevant VPNs by default.

kexec lets you start a new linux kernel from a running linux kernel so you can avoid rebooting and boot into ramdisk and repartition your drives. This is an alternative way to deploy to remote.