My NixOS configuration. I have separated out all software into features and avoided HomeManager to make it more portable. The caveat is that you have to configure everything manually but hey it's nix so that's pretty easy!
It configures a NixOS machine, an OSX machine and a Virtual Machine (using MicroVM).
git clone git@github.com:Industrial/nixos-dotfiles.git ~/.dotfilesbin/install-osx-nix
bin/install-osx-nix-flakes
bin/install-osx-nix-confRun one command to update your entire system.
bin/update-repositories
bin/update-nixosbin/update-repositories
bin/update-osxbin/update-vm
bin/stop-vm
bin/delete-vm
bin/start-vmIf you hit the limit of derivations or you are just very happy with what you've got:
bin/delete-generationsI have several services configured to run locally on some hosts:
- Langhus:
- Media:
- Invidious (YouTube):
- Documents:
- Cryptpad:
- Passwords:
- Vaultwarden:
- Monitoring:
- Grafana:
- Prometheus:
- Media:
- Security
- Configure keys using SopsNIX.
- Firewall: All host operating systems (NixOS and OSX) should have Firewalls enabled that are closed by default.
- Virtual Machine Setup: I want to recreate an environment that works like
QubesOS. One Virtual Machine for one task.
- Firewall: This Virtial Machine acts only as a firewall. It just routes all traffic. Allows only traffic from configured virtual machines.
- Tor Bridge: Connects to Tor through the firewall. Allows only traffic from configured virtual Machines.
- I2PD Bridge: Same as the Tor Bridge but uses I2PD.
- Check out Yggdrasil.
- Monero: Monero wallet (CLI). Connects to the Tor Bridge.