My Nix configuration (Hosts, Flakes, Home Manager, ...)
Find a file
dependabot[bot] 43fffc9474
Bump DeterminateSystems/magic-nix-cache-action from 2 to 3
Bumps [DeterminateSystems/magic-nix-cache-action](https://github.com/determinatesystems/magic-nix-cache-action) from 2 to 3.
- [Release notes](https://github.com/determinatesystems/magic-nix-cache-action/releases)
- [Commits](https://github.com/determinatesystems/magic-nix-cache-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: DeterminateSystems/magic-nix-cache-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-05 07:01:21 +00:00
.github Bump DeterminateSystems/magic-nix-cache-action from 2 to 3 2024-02-05 07:01:21 +00:00
_ refinements 2023-09-29 11:54:02 -04:00
home-manager disable fh for now 2023-11-15 13:42:10 -05:00
lib platform 2023-10-02 17:14:04 +00:00
modules/home-manager home-manager modules 2023-09-26 14:39:38 -04:00
nixos packages 2023-11-15 13:16:08 -05:00
overlays home-manager gburd builds 2023-09-26 15:45:31 -04:00
pkgs wimpy-ified 2023-09-25 14:05:07 -04:00
shells update docker and podman config 2023-10-16 14:46:06 -04:00
.editorconfig A fork of Misterio77 and his standard template. 2023-09-15 10:53:38 -04:00
.envrc fixes 2023-09-22 15:38:16 -04:00
.gitattributes A fork of Misterio77 and his standard template. 2023-09-15 10:53:38 -04:00
.gitignore disk labels etc. 2023-09-22 13:06:18 -04:00
.hydra.json A fork of Misterio77 and his standard template. 2023-09-15 10:53:38 -04:00
.sops.yaml will apply, but is it right? 2023-09-26 13:44:54 -04:00
deploy.sh A fork of Misterio77 and his standard template. 2023-09-15 10:53:38 -04:00
flake.lock disable fh for now 2023-11-15 13:42:10 -05:00
flake.nix disable fh for now 2023-11-15 13:42:10 -05:00
hydra.nix wimpy-ified 2023-09-25 14:05:07 -04:00
LICENSE add LICENSE 2023-09-20 11:47:08 -04:00
nixpkgs.nix wimpy-ified 2023-09-25 14:05:07 -04:00
NOTES fixes 2023-09-29 14:59:38 -04:00
README.md update docker and podman config 2023-10-16 14:46:06 -04:00
shell.nix a few minor changes 2023-10-24 14:18:17 -04:00

built with nix

My NixOS configurations

Here's my NixOS/home-manager config files. Requires Nix flakes.

Structure

  • flake.nix: Entrypoint for hosts and home configurations. Also exposes a devshell for boostrapping (nix develop or nix-shell).
  • lib: A few lib functions for making my flake cleaner
  • hosts: NixOS Configurations, accessible via nixos-rebuild --flake.
    • common: Shared configurations consumed by the machine-specific ones.
      • global: Configurations that are globally applied to all my machines.
      • optional: Opt-in configurations my machines can use.
    • floki: Lenovo ThinkPad X1 Carbon Extreme Gen 5
  • home: My Home-manager configuration, acessible via home-manager --flake
    • Each directory here is a "feature" each hm configuration can toggle, thus customizing my setup for each machine (be it a server, desktop, laptop, anything really).
  • modules: A few actual modules (with options) I haven't upstreamed yet.
  • overlay: Patches and version overrides for some packages. Accessible via nix build.
  • pkgs: My custom packages. Also accessible via nix build. You can compose these into your own configuration by using my flake's overlay, or consume them through NUR.
  • templates: A couple project templates for different languages. Accessible via nix init.

About the installation

Home-manager is used in a standalone way, and because of opt-in persistence is activated on every boot with loginShellInit.

How to bootstrap

All you need is nix (any version). Run:

nix-shell

If you already have nix 2.4+, git, and have already enabled flakes and nix-command, you can also use the non-legacy command:

nix develop

nixos-rebuild --flake . To build system configurations

home-manager --flake . To build user configurations

nix build (or shell or run) To build and use packages

sops To manage secrets

Secrets

For deployment secrets (such as user passwords and server service secrets), I'm using the awesome sops-nix. All secrets are encrypted with my personal PGP key (stored on a YubiKey), as well as the relevant systems's SSH host keys.

On my desktop and laptop, I use pass for managing passwords, which are encrypted using (you bet) my PGP key. This same key is also used for mail signing, as well as for SSH'ing around.

Tooling and applications I use

Most relevant user apps daily drivers:

  • emacs
  • fish
  • kitty
  • qutebrowser
  • neomutt + mbsync
  • khal + khard + todoman + vdirsyncer
  • gpg + pass
  • tailscale
  • podman
  • zathura
  • wofi
  • bat + fd + rg
  • kdeconnect
  • sublime-music

Some of the services I host:

  • hydra
  • navidrome
  • deluge
  • prometheus
  • websites (such as https://burd.me ...)
  • headscale

Nixy stuff:

  • nix-colors
  • sops-nix
  • impermanence
  • home-manager
  • deploy-rs
  • and NixOS and nix itself, of course :)

Let me know if you have any questions about them :)