|Tudor Roman 53cfd3f864||3 days ago|
|ansible||4 days ago|
|hosts||1 week ago|
|modules||1 week ago|
|secrets||1 month ago|
|users||1 week ago|
|.envrc||2 months ago|
|.gitignore||2 months ago|
|.gitmodules||6 years ago|
|README.md||4 days ago|
|default.nix||11 months ago|
|flake.lock||3 days ago|
|flake.nix||3 days ago|
|id_ed25519.pub||6 months ago|
|id_ed25519_agenix.pub||6 months ago|
Tudor's Dotfiles / Nix configuration
This is my Nix configuration, which works both for NixOS and for Nix
Acknowledgements to https://github.com/mrkuz/nixos for heavily inspiring the layout of this config.
Warning The configuration codified here was made to be used by me and only me. While I am publishing them to help others to learn Nix and dotfile management, copying them verbatim will likely produce an unusable system.
First, provision a machine with NixOS.
- Clone this repo somewhere on the machine.
nix run .#nixos-rebuild -- boot --flake .#<hostname> --use-remote-sudo
nix run .#deploy-rs -- .#<hostname>
Any other Linux distro for sane people
- Provision a machine with a "normal" Linux distro (my personal choice is Fedora). For this, I prepared Ansible roles and playbooks.
- Install Nix (my installer of choice is nix-installer).
- Clone this repo somewhere on the machine
nix run .#home-manager -- switch --flake .#tudor
Considerations for WSL
The WSL setup assumes that you have 1Password and npiperelay npiperelay installed.
You can install npiperelay with winget:
winget install npiperelay
Installing the thing
Assuming you have Nix set up on some other machine, clone this repo and run:
nix build .#nixosConfigurations.wsl2.config.system.build.installer
This will build the distro tarball in
./result/tarball/. You can then import it in WSL:
# Create the directory that will store the distro's disk image New-Item -ItemType Directory c:\WSL\NixOS # Import the tarball as a distro in WSL wsl --import NixOS c:\WSL\NixOS .\result\tarball\<whatever>.tar.gz # Boot it! wsl -d NixOS
Considerations for encrypting secrets
Secrets are encrypted and used through agenix. When provisioning a new machine, make sure to take its host public key and rekey secrets accordingly.