Skip to content

johnae/nixos-configuration

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,627 Commits

.buildkite

.buildkite

 
 

containers

containers

 
 

defaults

defaults

 
 

files

files

 
 

hm-modules

hm-modules

 
 

home

home

 
 

installer

installer

 
 

machines

machines

 
 

metadata @ 67b6acf

metadata @ 67b6acf

 
 

modules

modules

 
 

nix

nix

 
 

pkgs

pkgs

 
 

.envrc

.envrc

 
 

.gitignore

.gitignore

 
 

.gitmodules

.gitmodules

 
 

README.md

README.md

 
 

default.nix

default.nix

 
 

programs.sqlite

programs.sqlite

 
 

shell.nix

shell.nix

 
 

Repository files navigation

Build status

NOTE

I've recently switched to using the new experimental flake concept so this repo isn't used anymore. See this instead: johnae/world.

NixOS Configuration

This repo contains NixOS configuration for all my machines. It is basically a monorepo containing the configuration for my laptops and servers, including some container images. The initial bootstrapping of a machine is done by building a self-installing iso like this:

nix-shell --run "build -A installers.<hostname-here>"

an example:

nix-shell --run "build -A installers.europa"

This should return a path which you can dd onto a usb stick. Just boot from that and it will automatically wipe your disks and install the system - if you rely on wifi for networking, it will pause when it detects there's no network to let you connect to one. Just exit when connected and the installer will continue.

You can also just build a system - perhaps for testing that the configuration is buildable, like this:

nix-shell --run "build -A machines.europa"

To update the local system:

nix-shell --run update-system

Updating a remote system using a locally built configuration is done like this:

nix-shell --run "update-remote-system rhea"
nix-shell --run "update-remote-system rhea reboot"

To also reboot the remote system when updated.

Of course, I use direnv with Nix integration so I don't need to prefix any of the above with "nix-shell --run", I can just run build -A machines.europa. Together with lorri, direnv + nix becomes even more awesome btw.

There's a metadata submodule in this repo accessible only by me. It contains encrypted secrets which I didn't feel like sharing with the world even though they're encrypted. If anyone finds this repo it should be pretty easy to figure out what data it provides (it's basically json which becomes an imported module). These secrets are encrypted using mozilla sops - there's also a helper in this repo for integrating sops with Nix using the extra-builtins feature of Nix (which is relatively recent, see: NixOS/nix#1854 and also https://elvishjerricco.github.io/2018/06/24/secure-declarative-key-management.html).

About

I'm not using this anymore as I've moved completely to Nix Flakes: see https://github.com/johnae/world

Resources

Readme
Activity

Stars

13 stars

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages