doc: apache setup

docs/apache-setup-log.md

@@ -0,0 +1,88 @@
+## Apache setup log
+
+### Nixos
+
+- create bootable usb stick from installer iso
+- boot from usb stick
+- connect to wifi
+- set keyboard layout
+- run gparted
+- create 512 MB fat32 boot partition `/dev/sda1` with an `esp` and `boot` flag
+- create unformatted partition from rest `/dev/sda2`
+- encrypt and open unformatted partition:
+  ```
+  cryptsetup -y -v luksFormat /dev/sda2
+  cryptsetup -v luksOpen /dev/sda2 nixos
+  ```
+- create lvm volumes:
+  ```
+  pvcreate /dev/mapper/nixos
+  vgcreate nixos /dev/mapper/nixos
+  lvcreate -L 16G -n swap nixos
+  lvcreate -L 100G -n nix nixos
+  lvcreate -L 20G -n root nixos
+  lvcreate -L 32G -n docker nixos
+  lvcreate -l 100%FREE -n home nixos
+  ```
+- format partitions:
+  ```
+  mkswap -L swap /dev/nixos/swap
+  mkfs.ext4 -L nix /dev/nixos/nix
+  mkfs.ext4 -L root /dev/nixos/root
+  mkfs.ext4 -L home /dev/nixos/home
+  mkfs.ext4 -L docker /dev/nixos/docker
+  ```
+- mount filesystems:
+  ```
+  mount /dev/disk/by-label/root /mnt/
+  mkdir -p /mnt/nix
+  mount /dev/disk/by-label/nix /mnt/nix
+  mkdir -p /mnt/home
+  mount /dev/disk/by-label/home /mnt/home
+  mkdir -p /mnt/var/lib/docker
+  mount /dev/disk/by-label/docker /mnt/var/lib/docker
+  mkdir -p /mnt/boot
+  mount /dev/disk/by-label/boot /mnt/boot/
+  swapon /dev/disk/by-label/swap
+  ```
+- generate nixos config:
+  `nixos-generate-config --root /mnt`
+
+- change hostname:
+  `sed -i 's/# networking\.hostName.*/networking.hostName = "apache";/' /mnt/etc/nixos/configuration.nix`
+
+- enable sshd with root login in `/mnt/etc/nixos/configuration.nix`:
+
+  ```
+  services.openssh = {
+    enable = true;
+    settings.PermitRootLogin = "yes";
+  };
+  ```
+
+- configure luks initrd device:
+
+  ```
+  boot.initrd.luks.devices = {
+    nixos = {
+      device = "/dev/disk/by-uuid/`blkid /dev/sda2`";
+      preLVM = true;
+    };
+  };
+  ```
+
+- run install and reboot:
+
+  ```
+  nixos-install
+  reboot
+  ```
+
+- from other nixos, copy config to xps:
+  `scp -r nixos-config root@apache:`
+
+- ssh to xps:
+  `ssh root@apache`
+
+- rebuild with new config:
+  `nixos-rebuild switch`