Install script + Documentation

[different-name]

Should fetch config, run disko, generate hardware config, generate ssh keys (and add to config), and install

[different-name]

also need to rekey

[different-name]

https://discourse.nixos.org/t/custom-encrypted-installer/33244/17?u=different-name

[different-name]

also need to rekey

if i wanted to use the existing secrets, installer would probably need an ssh key with a passphrase, in order to perform the rekey which, i'd need to include the key in the repo or add manually, don't wanna do that :/

perhaps could get another machine to perform the rekey?

[different-name]

In which case, I don't think I need a custom iso with any extra files, it would likely be best to have a single script available that asks for the required inputs (host name, generate new secrets or use existing ones (and rekey from another machine somehow)), clones the repo, runs disko, generates ssh keys, adds the new keys to the config, rekeys from another machine or creates new password age file, performs the installation, copies the config into $FLAKE

[different-name]

Though to get a remote machine to rekey it, i'd need an ssh key for ssh access to that machine :laughing:

It would be best to have a separately encrypted age secret file for each user@host, and then the user can just be prompted to enter a new password during the installation, no need for rekeying

If in the future, I ever need to rekey in the installation script, it's reasonable to expect that, since the config would already have been made for the new system before the installer is even booted, that the user can generate and rekey ahead of time, and transfer the keys to the new machine themself, perhaps there can be a guide on how to do this, so the user (probably just me) can copy paste from it

[different-name]

Closing this as I don't believe an install guide is needed, and nobody who needs a guide should think about installing my configuration on their system