{"id":22136142,"url":"https://github.com/stunkymonkey/nixos","last_synced_at":"2025-07-25T20:32:32.152Z","repository":{"id":41507472,"uuid":"313410911","full_name":"Stunkymonkey/nixos","owner":"Stunkymonkey","description":"personal nixos config","archived":false,"fork":false,"pushed_at":"2024-10-29T22:18:02.000Z","size":661,"stargazers_count":11,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-10-30T00:43:09.082Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Nix","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Stunkymonkey.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-11-16T19:50:44.000Z","updated_at":"2024-10-29T22:18:05.000Z","dependencies_parsed_at":"2023-02-13T03:46:13.428Z","dependency_job_id":"e2bf376c-ddc9-46a9-b70f-af4446c6472c","html_url":"https://github.com/Stunkymonkey/nixos","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stunkymonkey%2Fnixos","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stunkymonkey%2Fnixos/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stunkymonkey%2Fnixos/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stunkymonkey%2Fnixos/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Stunkymonkey","download_url":"https://codeload.github.com/Stunkymonkey/nixos/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":227614750,"owners_count":17793966,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-01T19:19:29.937Z","updated_at":"2025-07-25T20:32:32.140Z","avatar_url":"https://github.com/Stunkymonkey.png","language":"Nix","funding_links":[],"categories":[],"sub_categories":[],"readme":"# nixos-config [![built with nix](https://builtwithnix.org/badge.svg)](https://builtwithnix.org)![CI](https://github.com/Stunkymonkey/nixos/actions/workflows/nix.yml/badge.svg)\n\nThis repository holds my NixOS configuration.\nIt is fully reproducible, flakes based, and position-independent, ...\n\nused flakes:\n\n- image generation: [nixos-generators](https://github.com/nix-community/nixos-generators)\n- disk partitioning: [disko](https://github.com/nix-community/disko)\n- secrets: [sops-nix](https://github.com/Mic92/sops-nix)\n- deployment: [nixinate](https://github.com/MatthewCroughan/nixinate), see [usage](#usage)\n- formatting: [git-hooks](https://github.com/cachix/git-hooks.nix)\n- install: [nixos-anywhere](https://github.com/nix-community/nixos-anywhere/)\n\n## Structure\n\n```text\n.\n├── images       # custom image generations\n├── machines     # machine definitions\n├── modules      # own nix-options, to modularize services/hardware/...\n├── overlays     # overlays\n├── pkgs         # own packages, which are not available in nixpkgs\n└── profiles     # summarize module collections into single options\n```\n\n## Usage\n\n- updating:\n\n    ```bash\n    nix flake update\n    ```\n\n- deployment/update:\n\n    ```bash\n    nix run .#\u003cflake\u003e\n    ```\n\n- secrets:\n\n    ```bash\n    sops ./machines/\u003chost\u003e/secrets.yaml\n    ```\n\n- images:\n\n    ```bash\n    nix build .#install-iso\n    nix build .#aarch64-install --system aarch64-linux\n    ```\n\n- vms:\n\n    ```bash\n    nixos-rebuild build-vm --flake .#\u003cflake\u003e\n    ```\n\n- (re-)install:\n\n    make sure you have ssh-root access to the machine and the ssh-key is used properly.\n    (It does not matter what system is installed before.)\n\n    1. generate config (only needed for new host)\n\n        get `nixos-generate-config` to run via nix and execute\n\n        ```bash\n        nixos-generate-config --no-filesystems --root $(mktemp -d)\n        ```\n\n        reuse the `hardware-configuration.nix` to create a new machine with its flake.\n\n    1. setup secrets\n\n        1. new host\n\n            then prepare the secrets in the following layout:\n\n            ```bash\n            # enter disk encryption key\n            (umask 077; echo \"my-super-safe-password\" \u003e /tmp/disk.key)\n\n            temp=$(mktemp -d)\n            # ssh-host keys\n            install -d -m755 \"$temp/etc/ssh\"\n            install -d -m755 \"$temp/etc/secrets/initrd\"\n            ssh-keygen -o -a 100 -N \"\" -t rsa     -b 4096 -f \"$temp/etc/ssh/ssh_host_rsa_key\"\n            ssh-keygen -o -a 100 -N \"\" -t ed25519         -f \"$temp/etc/ssh/ssh_host_ed25519_key\"\n            ssh-keygen -o -a 100 -N \"\" -t ed25519         -f \"$temp/etc/secrets/initrd/ssh_host_ed25519_key\"\n            ```\n\n        1. existing host\n\n            ```bash\n            (umask 077; echo \"my-super-safe-password\" \u003e /tmp/disk.key)\n            temp=$(mktemp -d)\n            find $temp -printf '%M %p\\n'\n            ```\n\n            should result in something looking like this\n\n            ```text\n            drwx------ $temp\n            drwxr-xr-x $temp/etc\n            drwxr-xr-x $temp/etc/ssh\n            -rw------- $temp/etc/ssh/ssh_host_rsa_key\n            -rw------- $temp/etc/ssh/ssh_host_ed25519_key\n            -rw-r--r-- $temp/etc/ssh/ssh_host_rsa_key.pub\n            -rw-r--r-- $temp/etc/ssh/ssh_host_ed25519_key.pub\n            drwxr-xr-x $temp/etc/secrets\n            drwxr-xr-x $temp/etc/secrets/initrd\n            -rw------- $temp/etc/secrets/initrd/ssh_host_ed25519_key\n            -rw-r--r-- $temp/etc/secrets/initrd/ssh_host_ed25519_key.pub\n            ```\n\n    1. execute install\n\n        now simply install by executing (this will delete all data!):\n\n        ```bash\n        nix run github:nix-community/nixos-anywhere -- \\\n            --disko-mode disko \\\n            --disk-encryption-keys /tmp/disk.key /tmp/disk.key \\\n            --extra-files \"$temp\" \\\n            --flake .#\u003cflake\u003e \\\n            root@\u003chost\u003e\n        ```\n\n## Inspired by\n\n- [Nix config by Mic92](https://github.com/Mic92/dotfiles)\n- [Nix config by ambroisie](https://github.com/ambroisie/nix-config)\n- [Nix config by pborzenkov](https://github.com/pborzenkov/nix-config)\n- [Nix config by nyanloutre](https://gitea.nyanlout.re/nyanloutre/nixos-config)\n- [Nix config by disassembler](https://github.com/disassembler/network)\n- [git-hook config](https://github.com/cachix/git-hooks.nix/blob/master/template/flake.nix)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstunkymonkey%2Fnixos","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstunkymonkey%2Fnixos","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstunkymonkey%2Fnixos/lists"}