jordan/nix-config
1
1
Fork 0
Code Issues 14 Pull Requests Actions Projects 3 Wiki Activity
571 Commits 12 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jordan Holt 637c14b4ef
All checks were successful
Check flake / build-amd64-linux (push) Successful in 3m7s
Details
flake.lock: Update 
Flake lock file updates:

• Updated input 'disko':
    'github:nix-community/disko/b709e1cc33fcde71c7db43850a55ebe6449d0959' (2024-09-28)
  → 'github:nix-community/disko/574400001b3ffe555c7a21e0ff846230759be2ed' (2024-10-03)
• Updated input 'firefox-gnome-theme':
    'github:rafaelmardojai/firefox-gnome-theme/fb5b578a4f49ae8705e5fea0419242ed1b8dba70' (2024-08-08)
  → 'github:rafaelmardojai/firefox-gnome-theme/59eee4080aa79a0671e98358f91ae1ef0c0806e1' (2024-10-03)
• Updated input 'nixos-hardware':
    'github:NixOS/nixos-hardware/f5c239fa9acb27f0a5326ba2949c00fada89ca9f' (2024-09-29)
  → 'github:NixOS/nixos-hardware/b7ca02c7565fbf6d27ff20dd6dbd49c5b82eef28' (2024-10-04)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/fbca5e745367ae7632731639de5c21f29c8744ed' (2024-09-28)
  → 'github:NixOS/nixpkgs/5966581aa04be7eff830b9e1457d56dc70a0b798' (2024-10-02)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/1925c603f17fc89f4c8f6bf6f631a802ad85d784' (2024-09-26)
  → 'github:NixOS/nixpkgs/27e30d177e57d912d614c88c622dcfdb2e6e6515' (2024-10-01)
• Updated input 'plasma-manager':
    'github:nix-community/plasma-manager/29ad64f0ac4ae84710dfeb1d37572d95c94cbfd8' (2024-09-27)
  → 'github:nix-community/plasma-manager/bc14b17bff1557de8f103172508f896a87bb9cdb' (2024-10-03)
2024-10-04 19:14:23 +01:00
.gitea/workflows
Check flake instead of dry building
2024-05-07 09:03:39 +01:00
hosts
Disable printing
2024-09-28 10:37:50 +01:00
modules
Allow insecure olm package
2024-09-08 12:38:17 +01:00
overlays
Bump GNOME overlay
2024-08-23 09:44:00 +01:00
pkgs
Patch out libdatachannel in camera-streamer
2024-08-10 21:51:35 +01:00
flake.lock
flake.lock: Update
2024-10-04 19:14:23 +01:00
flake.nix
Only deploy non-Pi servers
2024-08-12 21:13:57 +01:00
LICENSE
Migrate config from dotfiles
2023-06-26 14:40:59 +01:00
README.md
Add host provisioning steps
2024-04-14 15:29:25 +01:00

README.md

nix-config

System and user configuration for NixOS-based systems.
Shell: zsh
DE: GNOME
Theme: adwaita
Terminal: Console

Provisioning a new host

nixos-anywhere is the module used for provisioning

Generate a new SSH host key in "$temp/etc/ssh" as per this guide.

ssh-keygen -t ed25519 -f /tmp/ssh_host_ed25519_key

Update nix-secrets with the new host key to enable the system to decrypt any relevant secrets.

In order to use the borgmatic module for backups, go to borgbase.com. Add the generated SSH host key and create a new repository for the system.

Create a new directory under hosts/ with a system configuration and disk layout.

Boot the NixOS installer (or any Linux distribution) on the target.

Then run:

nix run github:nix-community/nixos-anywhere -- \
  --disk-encryption-keys /tmp/secret.key /tmp/secret.key \
  --extra-files "$temp" \
  --flake .#<hostname> \
  root@<target-ip>

Post install

If backups are configured, you'll need to run:

borgmatic init --encryption repokey-blake2

then restart borgmatic.

To join the Tailscale network, run:

tailscale up --login-server https://headscale.vimium.net

then visit the URL, SSH onto vps1 and run headscale --user mesh nodes register --key <key>.

The new node can optionally be given a friendly name with headscale node rename -i <index> <hostname>.

Description
Configuration flake for NixOS systems
linuxnixnixos
Readme 0BSD 4 MiB
Languages
Nix 99.6%
CSS 0.4%