celaeno/hydra: fix github pat
celaeno/hydra: update github pat
hydra: drop hydra-restrict-eval patch
Here's my NixOS/home-manager config files. Requires Nix flakes.
Looking for something simpler to start out with flakes? Try my starter config repo.
Highlights:
flake.nix
: Entrypoint for hosts and home configurations. Also exposes a
devshell for boostrapping (nix develop
or nix-shell
).lib
: A few lib functions for making my flake cleanerhosts
: NixOS Configurations, accessible via nixos-rebuild --flake
.
common
: Shared configurations consumed by the machine-specific ones.
global
: Configurations that are globally applied to all my machines.optional
: Opt-in configurations my machines can use.atlas
: Desktop PC - 32GB RAM, R5 3600x, RX 5700XT | Hyprlandpleione
: Lenovo Ideapad 3 - 8GB RAM, R7 5700u | Hyprlandmaia
: Secondary Desktop PC - 16GB RAM, i5 6600, GTX 970 | Servermerope
: Raspberry Pi 4 - 8GB RAM | Servercelaeno
: Oracle Could VPS (Ampere) - 24GB RAM & 4vCPUs | Serveralcyone
: Vultr VPS - 1GB RAM & 1 vCPU | Serverhome
: My Home-manager configuration, acessible via home-manager --flake
modules
: A few actual modules (with options) I haven't upstreamed yet.overlay
: Patches and version overrides for some packages. Accessible via
nix build
.pkgs
: My custom packages. Also accessible via nix build
. You can compose
these into your own configuration by using my flake's overlay, or consume them through NUR.templates
: A couple project templates for different languages. Accessible
via nix init
.All my computers use a single btrfs (encrypted on all except headless systems)
partition, with subvolumes for /nix
, a /persist
directory (which I opt in
using impermanence
), swap file, and a root subvolume (cleared on every boot).
Home-manager is used in a standalone way, and because of opt-in persistence is
activated on every boot with loginShellInit
.
All you need is nix (any version). Run:
nix-shell
If you already have nix 2.4+, git, and have already enabled flakes
and
nix-command
, you can also use the non-legacy command:
nix develop
nixos-rebuild --flake .
To build system configurations
home-manager --flake .
To build user configurations
nix build
(or shell or run) To build and use packages
sops
To manage secrets
For deployment secrets (such as user passwords and server service secrets), I'm
using the awesome sops-nix
. All secrets
are encrypted with my personal PGP key (stored on a YubiKey), as well as the
relevant systems's SSH host keys.
On my desktop and laptop, I use pass
for managing passwords, which are
encrypted using (you bet) my PGP key. This same key is also used for mail
signing, as well as for SSH'ing around.
Most relevant user apps daily drivers:
Some of the services I host:
Nixy stuff:
Let me know if you have any questions about them :)
That's how my hyprland desktop setup look like (as of 2022 July).