Configuration files for my NixOS machines
- Nix 99%
- Shell 1%
| .github/assets | ||
| hosts | ||
| modules | ||
| parts | ||
| scripts | ||
| users | ||
| vars | ||
| .envrc | ||
| .gitattributes | ||
| .gitignore | ||
| .sops.yaml | ||
| flake.lock | ||
| flake.nix | ||
| README.md | ||
TyDooo's Nix Config
My personal NixOS and Home Manager configuration files. This repository contains my complete system configuration, including development environment, desktop setup, and application configurations.
Features
- 🏠 Home Manager configuration for user environment
- 🔒 Secret management with sops-nix
- 📝 Neovim configuration using nvf
- 💻 Multi-host configuration with shared modules
- 🔄 Automated system deployment with nixos-anywhere
- 💾 Disk partitioning and formatting with disko
Configuring a new host
Remotely using nixos-anywhere
A host can be configured remotely using nixos-anywhere and disko.
- Pre-provision the SSH keys used by SOPS
# Create a temporary directory with the correct permissions
install -d -m755 "./tmp/persist/etc/ssh"
# Generate the desired SSH keys in the created directory
ssh-keygen -t ed25519 -f "./tmp/persist/etc/ssh/ssh_host_ed25519_key" -N "" -C "<USER>@<HOST>"
ssh-keygen -t rsa -b 4096 -f "./tmp/persist/etc/ssh/ssh_host_rsa_key" -N "" -C "<USER>@<HOST>"
# Ensure that the SSH keys have the appropriate permissions
chmod 600 ./tmp/persist/etc/ssh/*
- Update the SOPS config (
.sops.yaml) with the newly generated key
# Add the output of this command to the .sops.yaml file
cat ./tmp/persist/etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age
# Update the relevant secrets files with the new key
find . -type f -name secrets.yaml -exec sops updatekeys {} \;
- Configure the host
nixos-anywhere --extra-files ./tmp --flake '.#<hostname>' <user>@<ip-address>
Credits
This configuration is inspired by and borrows from: