1
0
Fork 0
NixOS configuration files for Aires. https://aires.fyi/blog/my-nixos-configuration/
Find a file
2024-05-01 21:10:26 -04:00
hosts Tidying 2024-05-01 21:10:26 -04:00
modules Tidying 2024-05-01 21:10:26 -04:00
nix-secrets@1381dd4a89 Update Xbox controller bluetooth profile 2024-03-04 11:48:12 -05:00
.gitignore Initial public commit! 2024-02-29 09:53:34 -05:00
.gitmodules I'm an idiot. I could've just used fetchgit and a submodule this whole time. 2024-02-29 17:50:18 -05:00
flake.lock Tidying 2024-05-01 21:10:26 -04:00
flake.nix Add support for remote Nix builders 2024-05-01 09:35:38 -04:00
README.md Tweaks for Khanda (go back to Surface kernel, use remote builds) 2024-04-30 16:44:48 -04:00

NixOS Configuration

A full set of configuration files managed via NixOS. This project follows the general structure of https://github.com/tiredofit/nixos-config

Warning

DO NOT DOWNLOAD AND RUN nixos-rebuild ON THIS REPOSITORY! These are my personal configuration files. I invite you to look through them, modify them, and take inspiration from them, but if you run nixos-rebuild, it will completely overwrite your current system!

Running

Note on secrets management

Secrets are stored in a separate repo called nix-secrets, which is included here as a submodule. It gets pulled into the main config via hosts/common/default.nix. This is a poor man's secret management solution, but y'know what, it works. These "secrets" will be readable to users on the system with access to the /nix/store/, but for single-user systems, it's fine.

Initialize the submodule with:

git submodule update --init --recursive

Applying the configuration

To apply the config for the first time (e.g. on a fresh install), run this command, replacing Shura with the name of the host:

sudo nixos-rebuild switch --flake .#Shura

For subsequent builds, you can omit the hostname, and/or use nh:

nh os switch
sudo nixos-rebuild switch --flake .

switch replaces the running system immediately, or you can use boot to only apply the switch during the next reboot.

Remote builds

You can build any Nix or NixOS expression on a remote system before copying it over, as long as you have SSH access to the build target.

Note

Run this command without sudo, otherwise SSHing into haven won't work.

nixos-rebuild boot --flake . --build-host haven

Upgrading

This config installs a Nix wrapper called nh. To use it, run:

nh os boot --update

You can replace boot with switch, or add --ask to confirm before installing.

Testing

To quickly validate the configuration, create a dry build. This builds the config without actually adding it to the system:

nixos-rebuild dry-build --flake .

To preview changes in a virtual machine, use this command to create a virtual machine image (remove the .qcow2 image after a while, otherwise data persistence might mess things up):

nixos-rebuild build-vm --flake .

Layout

This config uses two systems: Flakes, and Home-manager.

  • Flakes are the entrypoint, via flake.nix. This is where you include Flake modules and define Flake-specific options.
  • Home-manager configs live in the users/ folders. Each user gets its own home-manager.nix file too.
  • Modules are stored in modules. All of these files are imported, and you enable the ones you want to use. For example, to install Flatpak, set host.ui.flatpak.enable = true;.
    • After adding a new module, make sure to git add it and import it in default.nix.

Adding a host

When adding a host:

  1. Create its config in hosts/hostname/<hostname>.nix. Add its hardware-configuration.nix here too.
  2. Reference a profile from profiles/. This sets up its base configuration.
  3. Include user accounts from users.
  4. Add any host-specific options,
  5. Import it in /hosts/default.nix.
  6. Run nixos-rebuild.

Features

This Nix config features:

  • Flakes
  • Home Manager
  • AMD and Intel hardware configurations
  • Workstation and server base system configurations
  • GNOME Desktop environment and KDE integrations
  • Boot splash screens via Plymouth
  • Secure Boot
  • Disk encryption via LUKS
  • Custom packages and systemd services (Duplicacy)
  • Flatpaks
  • Per-user configurations
  • Default ZSH shell using Oh My ZSH
  • Secrets (in a janky hacky kinda way)