1
0
Fork 0
NixOS configuration files for Aires. https://aires.fyi/blog/my-nixos-configuration/
Find a file
2024-04-15 12:00:08 -04:00
hosts Add Kubectl environment variables 2024-04-13 17:02:35 -04:00
modules Update nix-flatpak to 0.4.1 2024-04-15 12:00:08 -04:00
nix-secrets@1381dd4a89 Update Xbox controller bluetooth profile 2024-03-04 11:48:12 -05:00
.gitignore Initial public commit! 2024-02-29 09:53:34 -05:00
.gitmodules I'm an idiot. I could've just used fetchgit and a submodule this whole time. 2024-02-29 17:50:18 -05:00
flake.lock Update nix-flatpak to 0.4.1 2024-04-15 12:00:08 -04:00
flake.nix Update nix-flatpak to 0.4.1 2024-04-15 12:00:08 -04:00
README.md Create new install script that shows package diffs 2024-03-30 02:29:37 -04:00

NixOS Configuration

A full set of configuration files managed via NixOS. This project follows the general structure of https://github.com/tiredofit/nixos-config

[!WARNING] DO NOT DOWNLOAD AND RUN nixos-rebuild ON THIS REPOSITORY! These are my personal configuration files. I invite you to look through them, modify them, and take inspiration from them, but if you run nixos-rebuild, it will completely overwrite your current system!

Running

Note on secrets management

Secrets are stored in a separate repo called nix-secrets, which is included here as a submodule. It gets pulled into the main config via hosts/common/default.nix. This is a poor man's secret management solution, but y'know what, it works. These "secrets" will be readable to users on the system with access to the /nix/store/, but for single-user systems, it's fine.

Initialize the submodule with:

git submodule update --init --recursive

Upgrading

This config comes with a script for upgrading the system called nixos-upgrade.sh. To run this script, just run nixos-upgrade or upgrade.

Running this script does three things:

  1. Update flake.lock
  2. Build the new closure and list the updates that will be applied
  3. (Optionally) Install the new closure

By default, the script calls nixos-rebuild boot. You can change this to switch or any other rebuild operation by passing it as an argument when calling the script, e.g. nixos-upgrade switch or nixos-upgrade test.

Applying the configuration

To apply the config for the first time (e.g. on a fresh install), run this command, replacing Shura with the name of the host:

sudo nixos-rebuild switch --flake .#Shura

For subsequent builds, you can omit the hostname:

sudo nixos-rebuild switch --flake .

switch replaces the running system immediately, or you can use boot to only apply the switch during the next reboot.

Testing

To quickly validate the configuration, create a dry build. This builds the config without actually adding it to the system:

nixos-rebuild dry-build --flake .

To preview changes in a virtual machine, use this command to create a virtual machine image (remove the .qcow2 image after a while, otherwise data persistence might mess things up):

nixos-rebuild build-vm --flake .

Layout

This config uses two systems: Flakes, and Home-manager.

  • Flakes are the entrypoint, via flake.nix. This is where you include Flake modules and define Flake-specific options.
  • Home-manager configs live in the users/ folders. Each user gets its own home-manager.nix file too.
  • Modules are stored in modules. All of these files are imported, and you enable the ones you want to use. For example, to install Flatpak, set host.ui.flatpak.enable = true;.
    • After adding a new module, make sure to git add it and import it in default.nix.

Adding a host

When adding a host:

  1. Create its config in hosts/hostname/<hostname>.nix. Add its hardware-configuration.nix here too.
  2. Reference a profile from profiles/. This sets up its base configuration.
  3. Include user accounts from users.
  4. Add any host-specific options,
  5. Import it in /hosts/default.nix.
  6. Run nixos-rebuild.

Features

This Nix config features:

  • Flakes
  • Home Manager
  • AMD and Intel hardware configurations
  • Workstation and server base system configurations
  • GNOME Desktop environment and KDE integrations
  • Boot splash screens via Plymouth
  • Secure Boot
  • Disk encryption via LUKS
  • Custom packages and systemd services (Duplicacy)
  • Flatpaks
  • Per-user configurations
  • Default ZSH shell using Oh My ZSH
  • Secrets (in a janky hacky kinda way)