diff --git a/README.md b/README.md index 95e8463..a9c0f18 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,7 @@ See also: * [Automount encrypted drive](#automount-encrypted-drive) * [List active and failed services](#list-active-and-failed-services) * [View system log](#view-system-log) + * [Server maintenance with a smartphone](#server-maintenance-with-a-smartphone) ## NixOS installation @@ -338,4 +339,19 @@ dmesg --ctime journalctl -p err -b # GNOME session logs since last boot. https://help.gnome.org/admin/system-admin-guide/stable/session-debug.html.en journalctl _UID="${UID}" -b -``` \ No newline at end of file +``` + +## Server maintenance with a smartphone + +While I was on a bike tour I did some config changes to update my NixOS servers using only my smartphone and Nitrokey (GPG smartcard): + +- `ome-manager.users.yoda.programs.git.signing.signByDefault = false;` +- Import `../../modules/git.nix` in `hosts/yodaNas/configuration.nix` +- Import `./../modules/docker-pushrm.nix` in `hosts/yodaNas/configuration.nix` +- In `hieve.nix`, set `allowLocalDeployment` to `true` for `yodaNas` and `yodaHedgehog` + +This allowed me to connect with my servers via `ssh`, `git clone` this NixOS configuration, build and switch to it with `colmena` and `git commit` and `git push` any changes. + +On my smartphone I was using a terminal emulator with `ssh` and GPG smartcard support. + +Another approach would have been to run `colmena` directly on the phone.