hosts | ||
modules | ||
nix-secrets@1381dd4a89 | ||
.gitignore | ||
.gitmodules | ||
flake.lock | ||
flake.nix | ||
README.md |
NixOS Configuration
A full set of configuration files managed via NixOS. This project follows the general structure of https://github.com/tiredofit/nixos-config
[!WARNING] DO NOT DOWNLOAD AND RUN nixos-rebuild
ON THIS REPOSITORY! These are my personal configuration files. I invite you to look through them, modify them, and take inspiration from them, but if you run nixos-rebuild
, it will completely overwrite your current system!
Running
Note on secrets management
Secrets are stored in a separate repo called nix-secrets
, which is included here as a submodule. It gets pulled into the main config via hosts/common/default.nix
. This is a poor man's secret management solution, but y'know what, it works. These "secrets" will be readable to users on the system with access to the /nix/store/
, but for single-user systems, it's fine.
Initialize the submodule with:
git submodule update --init --recursive
Upgrading
This config comes with a script for upgrading the system called nixos-upgrade.sh
. To run this script, just run nixos-upgrade
or upgrade
.
Running this script does three things:
- Update
flake.lock
- Build the new closure and list the updates that will be applied
- (Optionally) Install the new closure
By default, the script calls nixos-rebuild boot
. You can change this to switch or any other rebuild operation by passing it as an argument when calling the script, e.g. nixos-upgrade switch
or nixos-upgrade test
.
Applying the configuration
To apply the config for the first time (e.g. on a fresh install), run this command, replacing Shura
with the name of the host:
sudo nixos-rebuild switch --flake .#Shura
For subsequent builds, you can omit the hostname:
sudo nixos-rebuild switch --flake .
switch
replaces the running system immediately, or you can use boot
to only apply the switch during the next reboot.
Testing
To quickly validate the configuration, create a dry build. This builds the config without actually adding it to the system:
nixos-rebuild dry-build --flake .
To preview changes in a virtual machine, use this command to create a virtual machine image (remove the .qcow2 image after a while, otherwise data persistence might mess things up):
nixos-rebuild build-vm --flake .
Layout
This config uses two systems: Flakes, and Home-manager.
- Flakes are the entrypoint, via
flake.nix
. This is where you include Flake modules and define Flake-specific options. - Home-manager configs live in the
users/
folders. Each user gets its ownhome-manager.nix
file too. - Modules are stored in
modules
. All of these files are imported, and you enable the ones you want to use. For example, to install Flatpak, sethost.ui.flatpak.enable = true;
.- After adding a new module, make sure to
git add
it andimport
it indefault.nix
.
- After adding a new module, make sure to
Adding a host
When adding a host:
- Create its config in
hosts/hostname/<hostname>.nix
. Add itshardware-configuration.nix
here too. - Reference a profile from
profiles/
. This sets up its base configuration. - Include user accounts from
users
. - Add any host-specific options,
- Import it in
/hosts/default.nix
. - Run
nixos-rebuild
.
Features
This Nix config features:
- Flakes
- Home Manager
- AMD and Intel hardware configurations
- Workstation and server base system configurations
- GNOME Desktop environment and KDE integrations
- Boot splash screens via Plymouth
- Secure Boot
- Disk encryption via LUKS
- Custom packages and systemd services (Duplicacy)
- Flatpaks
- Per-user configurations
- Default ZSH shell using Oh My ZSH
- Secrets (in a janky hacky kinda way)