Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/misterio77/nix-config

Personal nixos and home-manager configurations.
https://github.com/misterio77/nix-config

dotfiles nix nixos

Last synced: about 1 month ago
JSON representation

Personal nixos and home-manager configurations.

Awesome Lists containing this project

README

        

[![built with nix](https://img.shields.io/static/v1?logo=nixos&logoColor=white&label=&message=Built%20with%20Nix&color=41439a)](https://builtwithnix.org)
[![hydra status](https://img.shields.io/endpoint?url=https://hydra.m7.rs/job/nix-config/main/hosts.atlas/shield)](https://hydra.m7.rs/jobset/nix-config/main#tabs-jobs)

# My NixOS configurations

Here's my NixOS/home-manager config files. Requires [Nix flakes](https://nixos.wiki/wiki/Flakes).

Looking for something simpler to start out with flakes? Try [my starter config repo](https://github.com/Misterio77/nix-starter-config).

**Highlights**:

- Multiple **NixOS configurations**, including **desktop**, **laptop**, **server**
- **Opt-in persistence** through impermanence + blank snapshotting
- **Encrypted** single **BTRFS** partition
- Fully **declarative** **self-hosted** stuff
- Deployment **secrets** using **sops-nix**
- **Mesh networked** hosts with **tailscale** and **headscale**
- Flexible **Home Manager** Configs through **feature flags**
- Extensively configured wayland environments (**sway** and **hyprland**) and editor (**neovim**)
- **Declarative** **themes** and **wallpapers** with **nix-colors**
- **Hydra CI/CD server and binary cache** that uses the **desktops as remote builders**

## Structure

- `flake.nix`: Entrypoint for hosts and home configurations. Also exposes a
devshell for boostrapping (`nix develop` or `nix-shell`).
- `lib`: A few lib functions for making my flake cleaner
- `hosts`: NixOS Configurations, accessible via `nixos-rebuild --flake`.
- `common`: Shared configurations consumed by the machine-specific ones.
- `global`: Configurations that are globally applied to all my machines.
- `optional`: Opt-in configurations my machines can use.
- `atlas`: Desktop PC - 32GB RAM, R5 3600x, RX 5700XT | Hyprland
- `pleione`: Lenovo Ideapad 3 - 8GB RAM, R7 5700u | Hyprland
- `merope`: Raspberry Pi 4 - 8GB RAM | Server
- `celaeno`: Oracle Could VPS (Ampere) - 24GB RAM & 4vCPUs | Server
- `alcyone`: Vultr VPS - 1GB RAM & 1 vCPU | Server
- `home`: My Home-manager configuration, acessible via `home-manager --flake`
- Each directory here is a "feature" each hm configuration can toggle, thus
customizing my setup for each machine (be it a server, desktop, laptop,
anything really).
- `modules`: A few actual modules (with options) I haven't upstreamed yet.
- `overlay`: Patches and version overrides for some packages. Accessible via
`nix build`.
- `pkgs`: My custom packages. Also accessible via `nix build`. You can compose
these into your own configuration by using my flake's overlay, or consume them through NUR.
- `templates`: A couple project templates for different languages. Accessible
via `nix init`.

## About the installation

All my computers use a single btrfs (encrypted on all except headless systems)
partition, with subvolumes for `/nix`, a `/persist` directory (which I opt in
using `impermanence`), swap file, and a root subvolume (cleared on every boot).

Home-manager is used in a standalone way, and because of opt-in persistence is
activated on every boot with `loginShellInit`.

## How to bootstrap

All you need is nix (any version). Run:
```
nix-shell
```

If you already have nix 2.4+, git, and have already enabled `flakes` and
`nix-command`, you can also use the non-legacy command:
```
nix develop
```

`nixos-rebuild --flake .` To build system configurations

`home-manager --flake .` To build user configurations

`nix build` (or shell or run) To build and use packages

`sops` To manage secrets

## Secrets

For deployment secrets (such as user passwords and server service secrets), I'm
using the awesome [`sops-nix`](https://github.com/Mic92/sops-nix). All secrets
are encrypted with my personal PGP key (stored on a YubiKey), as well as the
relevant systems's SSH host keys.

On my desktop and laptop, I use `pass` for managing passwords, which are
encrypted using (you bet) my PGP key. This same key is also used for mail
signing, as well as for SSH'ing around.

## Tooling and applications I use

Most relevant user apps daily drivers:

- hyprland + swayidle + swaylock
- waybar
- neovim
- fish
- alacritty
- qutebrowser
- neomutt + mbsync
- khal + khard + todoman + vdirsyncer
- gpg + pass
- tailscale
- podman
- zathura
- wofi
- bat + fd + rg
- kdeconnect
- sublime-music

Some of the services I host:

- hydra
- navidrome
- deluge
- prometheus
- websites (such as https://m7.rs)
- minecraft
- headscale

Nixy stuff:

- nix-colors
- sops-nix
- impermanence
- home-manager
- deploy-rs
- and NixOS and nix itself, of course :)

Let me know if you have any questions about them :)

## Unixpornish stuff
![fakebusy](https://i.imgur.com/PZ4L7TR.png)
![clean](https://i.imgur.com/T5FjqbZ.jpg)

That's how my hyprland desktop setup look like (as of 2022 July).