- Everything is built upon flake-parts, with flake modules for automatic stuff extraction
- Automatic classic (
callPackage) anddream2nixpackages extraction - Automatic
nixos,nix-darwin,nix-on-droid,home-managerandflakemodules extraction - Automatic
nixos,nix-darwin,nix-on-droidandhome-managerconfigurations extraction - Automatic overlays extraction
- Automatic devShells extraction
- Automatic classic (
- Hosts can be found under
./hosts/${config-type}/${system}/${hostname}/...- Check
./modules/flake/configurationsfor more info on what is extracted from those directories
- Check
- Modules can be found under
./modules/${config-type}/...- Check
./modules/flake/modulesfor more info on what is extracted from that directory
- Check
- Packages can be found under
./pkgs/...- Check
./modules/flake/packagesfor more info on what is extracted from that directory
- Check
- Overlays can be found under
./overlays/...- Check
./modules/flake/overlaysfor more info on what is extracted from that directory
- Check
- Shells can be found under
./shells/...- Check
./modules/flake/shellsfor more info on what is extracted from that directory - Default one puts a recent
nix(as of recently -lix) together with some other useful tools for working with the repo (deploy-rs,rage,agenix-rekey, etc.), see./shells/default/default.nixfor more info
- Check
You can see the overall topology of the hosts by running
nix build ".#topology"And opening the resulting ./result/main.svg and ./result/network.svg
Secrets are managed by agenix and agenix-rekey
Note
Secrets are defined by the hosts themselves, agenix-rekey just collects what secrets are referenced by them and lets you generate, edit and rekey them
# To put `rage`, `agenix-rekey` and friends in `$PATH`
nix develop# Select from `fzf` menu
agenix editagenix rekeyagenix generate# Initial setup
nix run nixpkgs#nixos-anywhere -- --flake ".#${HOSTNAME}" --build-on-remote --ssh-port 22 "root@${HOSTNAME}" --no-reboot
# Deploy
deploy ".#${HOSTNAME}" --skip-checks# Setup system tools
softwareupdate --install-rosetta --agree-to-license
sudo xcodebuild -license
# Install nix
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
# Apply configuration
git clone https://www.github.com/reo101/rix101 ~/.config/rix101
cd ~/.config/rix101
nix build ".#darwinConfigurations.${HOSTNAME}.system"
./result/sw/bin/darwin-rebuild switch --flake .
# System setup for `yabai` (in system recovery)
# NOTE: <https://support.apple.com/guide/mac-help/macos-recovery-a-mac-apple-silicon-mchl82829c17/mac>
csrutil enable --without fs --without debug --without nvramMisterio77for his amazingnix-starter-configs, on which this was based originallydiskofor making disk partioning a breezeoddlamafor creating the amazingagenix-rekeyandnix-topologyprojects