[MIRRORED] My personal nixos configuration
https://gitlab.org/papanito/nixos-configuration/
- Nix 98.8%
- Shell 1.2%
| common | ||
| hosts | ||
| infra | ||
| modules | ||
| profiles | ||
| scripts | ||
| secrets | ||
| shells | ||
| .commitlintrc.js | ||
| .gitattributes | ||
| .gitignore | ||
| .gitleaks-report.json | ||
| .pre-commit-config.yaml | ||
| .sops.yaml | ||
| flake.lock | ||
| flake.nix | ||
| README.md | ||
My NIXOS Configuration
Setup all my devices using nixos (WIP)
General Setup
I use nix-sops
nix-shell -p sops --run "sops secrets/secrets.yaml"
nix-shell -p spos --run 'sops updatekeys secrets/secrets.yaml'
Setup remote system
-
Boot system in live mode
-
Use nixos-anywhere
nix run github:nix-community/nixos-anywhere -- \ --flake ".#FLAKE" \ <[email protected]> -
Install/Update system using colmena
colmena apply --on lenovo,envy -
Add host key to
.spps.yaml -
Update secrets
sops updatekeys profiles/servers/secrets.yaml
sops updatekeys secrets/secrets.yaml
...
Alternatively you can also run:
sudo -E nixos-rebuild switch --flake '.#envy' \
--upgrade --target-host \
[email protected] --sudo
If there is a problem with ssh, you can specify the key to use:
NIX_SSHOPTS="-i /home/papanito/.ssh/[email protected]"
Raspberry PI
Follows https://github.com/nvmd/nixos-raspberrypi?tab=readme-ov-file
- Build image
nix build '.#nixosConfigurations.rpi4-demo.config.system.build.sdImage'
- Unzstd image
unzstd result/sd-image/nixos-sd-image-rpi4-uboot.img.zst -o nixos-sd-image-rpi4-uboot.img
- Burn it to sdcard
sudo dd if=nixos-sd-image-rpi4-uboot.img of=/dev/sda bs=4M status=progress