From c2d9914916eda9a1db57dc840f8352173d405a27 Mon Sep 17 00:00:00 2001 From: MDLeom <2809763-curben@users.noreply.gitlab.com> Date: Sun, 8 Nov 2020 05:38:06 +0000 Subject: [PATCH] post(nixos): switch 'magic-wormhole' to 'wormhole-william' --- source/_posts/caddy-nixos-part-1.md | 27 ++++++++++++++++----------- source/_posts/caddy-nixos-part-2.md | 6 ++---- 2 files changed, 18 insertions(+), 15 deletions(-) diff --git a/source/_posts/caddy-nixos-part-1.md b/source/_posts/caddy-nixos-part-1.md index 3867489..a33e47e 100644 --- a/source/_posts/caddy-nixos-part-1.md +++ b/source/_posts/caddy-nixos-part-1.md @@ -102,18 +102,18 @@ nixos-generate-config --root /mnt 2. Replace "eth0" to "ens3" in firewall config (check output of `ifconfig`) 3. Encrypt the file using 7zip before upload. -``` sh -# This is much less memory-intensive than `nix-env -i package` -# ffsend (unofficial CLI client of Firefox Send) is a good alternative to magic-wormhole, -# but it has a long URL so it's only usable in ssh where you can copy-paste. -nix-env -f '' -iA magic-wormhole p7zip + ``` sh + # This is much less memory-intensive than `nix-env -i package` + # wormhole-william is Go-implementation of magic-wormhole + # Available in 20.09+ + nix-env -f '' -iA google-authenticator p7zip usbguard wormhole-william -cd /tmp -wormhole receive configuration.7z -7z x configuration.7z + cd /tmp + wormhole-william receive configuration.7z + 7z x configuration.7z -cp configuration.nix /mnt/etc/nixos/ -``` + cp configuration.nix /mnt/etc/nixos/ + ``` 7. Install it without setting root password (so that root remains disabled) @@ -153,9 +153,14 @@ Following is my "configuration.nix". I'll show you how to secure NixOS using has networking.interfaces.ens3.useDHCP = true; environment.systemPackages = with pkgs; [ - dnsutils usbguard magic-wormhole p7zip google-authenticator + dnsutils p7zip wormhole-william ]; + # Save some typing + environment.shellAliases = { + wormhole = "wormhole-william"; + }; + time.timeZone = "UTC"; ## Create service users diff --git a/source/_posts/caddy-nixos-part-2.md b/source/_posts/caddy-nixos-part-2.md index 050539f..8fdfd7b 100644 --- a/source/_posts/caddy-nixos-part-2.md +++ b/source/_posts/caddy-nixos-part-2.md @@ -26,12 +26,10 @@ Following diagram shows the architecture behind this website. ## Prerequisites -Before proceeding to the rest of this guide, there are some system packages that you need to install. Add the packages to `environment.systemPackages` option in "configuration.nix" and run `# nixos-rebuild switch` to install them. +Before proceeding to the rest of this guide, there are some system packages that you need to install. ``` - environment.systemPackages = with pkgs; [ - dnsutils usbguard magic-wormhole p7zip google-authenticator - ]; +$ nix-env -f '' -iA google-authenticator p7zip usbguard wormhole-william ``` ## Disable mutableUsers