Skip to content

fdnt7/nixcfgs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,004 Commits
hosts
hosts
 
 
modules
modules
 
 
overlays
overlays
 
 
pkgs
pkgs
 
 
.sops.yaml
.sops.yaml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
flake.lock
flake.lock
 
 
flake.nix
flake.nix
 
 
treefmt.nix
treefmt.nix
 
 
typos.toml
typos.toml
 
 

Repository files navigation

nixcfgs

Built with Nix License

My NixOS configurations.

This repository consolidates my previous per-host configuration files (cuties-only and autism-inside) into a single monorepo. Over time, it will also include the NixOS configurations for all of my other hosts.

Warning

Migration of cuties-only has ceased as I no longer have access to the hardware. The setup is functional but still missing some features. In the meantime, autism-inside and other hosts (e.g. oestrogen-fuelled) have not yet begun migration.

Features

  • Extensive utilisation of Nix flakes
  • Modular home configuration file management with home-manager
  • Full single Btrfs partition disk encryption using cryptsetup
  • Opt-in root persistence with impermanence where the root subvolume is cleared on every boot
  • Declarative encrypted secrets management with sops-nix
  • Customisable global constants passed down to flake.nix and reused in both NixOS and Home Manager configurations.
  • Hopefully a best practice compliant configuration structure with idiomatic nix usage as a language.

Prerequisites

Before installation, these directories and files must be present:

  • /persist/etc/nixcfgs - the flake directory
  • /persist/usr/share/fonts/seguiemj.ttf - Windows 11's Segoe UI Emoji font
  • /persist/var/lib/sops-nix/key.txt - the key file for sops

Optionally, edit the attributes of nixcfgs in flake.nix as seen fit.

Rebuild Workflow

This repo exposes two helper commands through Home Manager:

  • rebuild
  • update

rebuild is the main apply command.

  • In a clean worktree, it rebuilds the current host and writes a rebuild note to refs/notes/rebuild/<hostname>.
  • In a dirty worktree, it only accepts two cases:
    • changes only under hosts/<hostname>/
    • changes only outside hosts/
  • For dirty rebuilds, it formats the repo with nix fmt ., amends a temporary FIXME_* commit, shows the resulting diff, runs nh os build, then applies the built generation with nh os switch --ask.
  • If the rebuild produces non-empty nvd output for a host-local dirty rebuild, that output is appended to the temporary commit body before opening the editor for the final amend.
  • For clean rebuilds and non-host dirty rebuilds, the rebuild result is stored as a git note with a Rebuilt-at: footer.

update is the flake-lock update helper.

  • It requires a clean worktree.
  • It runs nix flake update.
  • It refuses to continue unless only flake.lock changed.
  • It commits the lockfile update as build(flake.lock): update, rebuilds the current host, and records the rebuild result in a git note.

Rebuild notes are written to refs/notes/rebuild/<hostname>, not to the default refs/notes/commits.

If you want plain git log to show them in this repo, add the notes ref to the local Git config once:

git config --local --add notes.displayRef refs/notes/rebuild/<hostname>

Or inspect them ad hoc with:

git log --notes=refs/notes/rebuild/<hostname>
git notes --ref=refs/notes/rebuild/<hostname> show HEAD

Attributions

About

❄️ My NixOS Configuration Files.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages