My computing environment, in code form. Nix & Ansible for my personal computer and my server.
Go to file
Tudor Roman cd7300f41f
Flake Check / flake-check (pull_request) Successful in 1m14s Details
forgejo: no need for a token
2024-03-04 18:24:59 +01:00
.gitea/workflows just run nix flake check in the action 2024-01-30 10:46:54 +01:00
ansible run ansible-lint through pre-commit 2024-01-28 17:46:42 +01:00
hosts forgejo: no need for a token 2024-03-04 18:24:59 +01:00
lib try using the much better setup from (link bellow) 2024-01-30 10:29:39 +01:00
modules migrate from gitea to forgejo 2024-03-04 18:22:20 +01:00
secrets forgejo: no need for a token 2024-03-04 18:24:59 +01:00
users disable trackpoint because it broke (you'll be missed) 2024-03-03 15:01:12 +01:00
.envrc Use direnv 2023-10-11 13:41:43 +02:00
.git-blame-ignore-revs ignore grand reformat in git blame 2024-01-28 16:15:10 +01:00
.gitignore precommit hooks 2024-01-28 15:28:07 +01:00
.gitmodules remove startpage 2017-07-08 14:42:37 +03:00 ansible: readme 2023-11-26 23:29:10 +01:00
ansible.cfg run ansible-lint through pre-commit 2024-01-28 17:46:42 +01:00
default.nix reformat everything with alejandra 2024-01-28 15:51:55 +01:00
flake.lock update flakes 2024-03-03 16:35:56 +01:00
flake.nix update flakes 2024-02-16 10:30:09 +01:00 git: commit signing with ssh key 2023-06-04 20:21:03 +02:00 encrypt secrets with a new key to be able to edit them 2023-06-04 22:52:49 +02:00
statix.toml applied static 2024-01-28 15:49:42 +01:00

Tudor's Dotfiles / Nix configuration

This is my Nix configuration, which works both for NixOS and for Nix

Acknowledgements to for heavily inspiring the layout of this config.

Warning The configuration codified here was made to be used by me and only me. While I am publishing them to help others to learn Nix and dotfile management, copying them verbatim will likely produce an unusable system.



First, provision a machine with NixOS.



  1. Clone this repo somewhere on the machine.
  2. nix run .#nixos-rebuild -- boot --flake .#<hostname> --use-remote-sudo

Remote server:

  1. nix run .#deploy-rs -- .#<hostname>

Any other Linux distro for sane people

  1. Provision a machine with a "normal" Linux distro (my personal choice is Fedora). For this, I prepared Ansible roles and playbooks.
  2. Install Nix (my installer of choice is nix-installer).
  3. Clone this repo somewhere on the machine
  4. nix run .#home-manager -- switch --flake .#tudor

Considerations for WSL


The WSL setup assumes that you have 1Password and npiperelay npiperelay installed.

You can install npiperelay with winget:

winget install npiperelay

Installing the thing

Assuming you have Nix set up on some other machine, clone this repo and run:

nix build

This will build the distro tarball in ./result/tarball/. You can then import it in WSL:

# Create the directory that will store the distro's disk image
New-Item -ItemType Directory c:\WSL\NixOS
# Import the tarball as a distro in WSL
wsl --import NixOS c:\WSL\NixOS .\result\tarball\<whatever>.tar.gz
# Boot it!
wsl -d NixOS

Considerations for encrypting secrets

Secrets are encrypted and used through agenix. When provisioning a new machine, make sure to take its host public key and rekey secrets accordingly.