rix101reo101/rix101
MIT
My NixOS, nix-on-droid and nix-darwin configs.
272710
View program on GitHub20
agenix,android,home-manager,home-manager-config,homebrew,linux,lua,macos,neovim,nix,nix-darwin,nix-flake,nix-on-droid,nixos,nixos-config,wezterm,wezterm-config,wireguard,zig,zsh
README
Structure
- Everything is built upon flake-parts, with flake modules for automatic stuff extraction
- Automatic classic (
callPackage) anddream2nixpackages extraction - Automatic
nixos,nix-darwin,nix-on-droid,home-managerandflakemodules extraction - Automatic
nixos,nix-darwin,nix-on-droidandhome-managerconfigurations extraction - Automatic overlays extraction
- Automatic devShells extraction
- Automatic classic (
- Hosts can be found under
./hosts/${config-type}/${system}/${hostname}/...- Check
./modules/flake/configurationsfor more info on what is extracted from those directories
- Check
- Modules can be found under
./modules/${config-type}/...- Check
./modules/flake/modulesfor more info on what is extracted from that directory
- Check
- Packages can be found under
./pkgs/...- Check
./modules/flake/packagesfor more info on what is extracted from that directory
- Check
- Overlays can be found under
./overlays/...- Check
./modules/flake/overlaysfor more info on what is extracted from that directory
- Check
- Shells can be found under
./shells/...- Check
./modules/flake/shellsfor more info on what is extracted from that directory - Default one puts a recent
nix(as of recently -lix) together with some other useful tools for working with the repo (deploy-rs,rage,agenix-rekey, etc.), see./shells/default/default.nixfor more info
- Check
Topology
You can see the overall topology of the hosts by running
nix build ".#topology"
And opening the resulting ./result/main.svg and ./result/network.svg
Secrets
Secrets are managed by agenix and agenix-rekey
NOTE Secrets are defined by the hosts themselves,
agenix-rekeyjust collects what secrets are referenced by them and lets you generate, edit and rekey them
# To put `rage`, `agenix-rekey` and friends in `$PATH`
nix develop
Edit secret
# Select from `fzf` menu
agenix edit
Rekey all secrets
agenix rekey
Generate missing keys (with the defined generators)
agenix generate
Setups
NixOS setup
# Initial setup
nix run nixpkgs#nixos-anywhere -- --flake ".#${HOSTNAME}" --build-on-remote --ssh-port 22 "root@${HOSTNAME}" --no-reboot
# Deploy
deploy ".#${HOSTNAME}" --skip-checks
MacOS / Darwin (silicon) setup
# Setup system tools
softwareupdate --install-rosetta --agree-to-license
sudo xcodebuild -license
# Install nix
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
# Apply configuration
git clone https://www.github.com/reo101/rix101 ~/.config/rix101
cd ~/.config/rix101
nix build ".#darwinConfigurations.${HOSTNAME}.system"
./result/sw/bin/darwin-rebuild switch --flake .
# System setup for `yabai` (in system recovery)
# NOTE: <https://support.apple.com/guide/mac-help/macos-recovery-a-mac-apple-silicon-mchl82829c17/mac>
csrutil enable --without fs --without debug --without nvram
Credits
Misterio77for his amazingnix-starter-configs, on which this was based originallydiskofor making disk partioning a breezeoddlamafor creating the amazingagenix-rekeyandnix-topologyprojects