| hosts | ||
| modules | ||
| nix-secrets@1381dd4a89 | ||
| .gitignore | ||
| .gitmodules | ||
| flake.lock | ||
| flake.nix | ||
| README.md | ||
NixOS Configuration
A full set of configuration files managed via NixOS. This project follows the general structure of https://github.com/tiredofit/nixos-config
[!WARNING] DO NOT DOWNLOAD AND RUN nixos-rebuild ON THIS REPOSITORY! These are my personal configuration files. I invite you to look through them, modify them, and take inspiration from them, but if you run nixos-rebuild, it will completely overwrite your current system!
Running
Note on secrets management
Secrets are stored in a separate repo called nix-secrets, which is included here as a submodule. It gets pulled into the main config via hosts/common/default.nix. This is a poor man's secret management solution, but y'know what, it works. These "secrets" will be readable to users on the system with access to the /nix/store/, but for single-user systems, it's fine.
Initialize the submodule with:
git submodule update --init --recursive
Upgrading
This config comes with a script for upgrading the system called nixos-upgrade.sh. To run this script, just run nixos-upgrade or upgrade.
Running this script does three things:
- Update
flake.lock - Build the new closure and list the updates that will be applied
- (Optionally) Install the new closure
By default, the script calls nixos-rebuild boot. You can change this to switch or any other rebuild operation by passing it as an argument when calling the script, e.g. nixos-upgrade switch or nixos-upgrade test.
Applying the configuration
To apply the config for the first time (e.g. on a fresh install), run this command, replacing Shura with the name of the host:
sudo nixos-rebuild switch --flake .#Shura
For subsequent builds, you can omit the hostname:
sudo nixos-rebuild switch --flake .
switch replaces the running system immediately, or you can use boot to only apply the switch during the next reboot.
Testing
To quickly validate the configuration, create a dry build. This builds the config without actually adding it to the system:
nixos-rebuild dry-build --flake .
To preview changes in a virtual machine, use this command to create a virtual machine image (remove the .qcow2 image after a while, otherwise data persistence might mess things up):
nixos-rebuild build-vm --flake .
Layout
This config uses two systems: Flakes, and Home-manager.
- Flakes are the entrypoint, via
flake.nix. This is where you include Flake modules and define Flake-specific options. - Home-manager configs live in the
users/folders. Each user gets its ownhome-manager.nixfile too. - Modules are stored in
modules. All of these files are imported, and you enable the ones you want to use. For example, to install Flatpak, sethost.ui.flatpak.enable = true;.- After adding a new module, make sure to
git addit andimportit indefault.nix.
- After adding a new module, make sure to
Adding a host
When adding a host:
- Create its config in
hosts/hostname/<hostname>.nix. Add itshardware-configuration.nixhere too. - Reference a profile from
profiles/. This sets up its base configuration. - Include user accounts from
users. - Add any host-specific options,
- Import it in
/hosts/default.nix. - Run
nixos-rebuild.
Features
This Nix config features:
- Flakes
- Home Manager
- AMD and Intel hardware configurations
- Workstation and server base system configurations
- GNOME Desktop environment and KDE integrations
- Boot splash screens via Plymouth
- Secure Boot
- Disk encryption via LUKS
- Custom packages and systemd services (Duplicacy)
- Flatpaks
- Per-user configurations
- Default ZSH shell using Oh My ZSH
- Secrets (in a janky hacky kinda way)