Skip to content

brenix/nix-config

BranchesTags

Repository files navigation


Nix Config

Usage

Install

To remotely install NixOS onto a target system, I use nixos-anywhere.

On the target system:

  1. Boot the NixOS iso

  2. Configure SSH authorized keys to enable SSH into the system

    [nixos@nixos:~]$ mkdir .ssh && curl https://github.com/brenix.keys > .ssh/authorized_keys

  3. Note the IP address of the system

On a separate NixOS host:

  1. Pull or cd to the directory for this repository

  2. Enter the dev shell

    $ nix develop

  3. Run ssh-to-age to get a pubkey for SOPS

    $ ssh-keyscan $TARGET_HOST | ssh-to-age

  4. Update the .sops.yaml file and add a new host to the keys and creation rules

  5. Update all of the secrets in the repo to include the new key

    $ make updatekeys

  6. Run nixos-anywhere to remotely install NixOS on the target system

    $ nixos-anywhere --no-reboot --flake '.#neo' [email protected] # Replace with the target system IP from above

On the target system:

  1. Copy the livecd ssh host keys to the persist directory

    $ sudo mkdir -p /mnt/persist/etc/ssh && sudo cp /etc/ssh/ssh_host_ed25519* /mnt/persist/etc/ssh/

Building

I use a Makefile to simplify running of some commands

NixOS

Make Target:

make nixos

CLI:

sudo nixos-rebuild switch --verbose --flake ".#hostname"

Home-Manager Only

Make Target:

make home

CLI:

home-manager switch --flake ".#username@hostname"

Bootstrap:

nix run home-manager -- switch --flake ".#username@hostname"

Darwin

Make Target:

make nixos

CLI:

darwin-rebuild switch --verbose --flake ".#macbook"

Bootstrap:

nix run darwin-rebuild -- switch --flake ".#macbook"

Features

Some features of my nix-config:

  • Structured to allow multiple NixOS configurations, including desktop, laptop
  • Declarative config including themes and wallpapers
  • Opt-in persistance through impermanence + blank snapshot
  • Encrypted btrfs partition
  • sops-nix for secrets management
  • Custom live media ISO, with an "automated" install script
  • Supports vfio for playing games on Windows

Hosts

  • neo: My primary desktop computer
  • morpheus: Framework 13th gen laptop
  • trinity: My spare desktop now used as a K8S server
  • vm: Qemu VM for testing
  • iso: Builds custom installer ISO

Applications

Type Program
OS NixOS
Editor Helix
Multiplexer Zellij
Prompt Starship
Launcher Rofi
Shell Fish
Status Bar Waybar
Terminal Foot
Window Manager Hyprland
Fonts Monaco
Colorscheme Catppuccin Mocha

Acknowledgements

About

NixOS configuration

Resources

Readme

License

Unlicense license
Activity

Stars

9 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages