addison/nix-config
1
0
Fork 0
Code Activity
My NixOS config
195 commits 2 branches 0 tags 437 KiB
Find a file
Exact
Addison Emig 7eecfaec35 chore: update lock
2026-01-10 06:02:13 -05:00
docker/ai-dev feat: updates 2025-11-17 10:01:28 -06:00
docs docs: update install info 2025-11-06 15:43:17 -05:00
dot-files feat: improve ghostty background color 2025-12-16 12:30:57 -05:00
hosts feat: enable printing 2026-01-08 20:07:47 -05:00
modules feat: add pandoc 2026-01-10 05:53:11 -05:00
oh-my-zsh fix: git dirty status should include staged files 2025-11-13 14:54:38 -05:00
scripts refactor: rename hosts 2025-11-26 16:52:02 -05:00
.gitignore feat: secret management for dev server 2025-11-29 08:15:39 -05:00
flake.lock chore: update lock 2026-01-10 06:02:13 -05:00
flake.nix feat: add specture CLI 2025-12-20 05:33:49 -05:00
LICENSE Initial commit 2025-09-28 06:58:34 -04:00
README.md docs: more items 2025-11-06 16:33:44 -05:00

README.md

nix-config

This repository holds my NixOS + Home-Manager configuration using the flakes approach for both a USB-drive sandbox installation and a full laptop installation.

Bootstrap / Initial Setup

  1. Get "Minimal ISO image" from the NixOS ISO Download Page

  2. Write it to a USB drive

  3. Boot from the USB drive

  4. Install to hard drive

  5. Clone this repository:

    git clone https://github.com/pertempto/nix-config.git ~/nix-config
cd ~/nix-config

  6. If you are setting up a new host - copy the automatically generated /etc/nixos/hardware-configuration.nix file to the appropriate ~/nix-config/hosts/ subdirectory.

    • Don't forget to git add the file - otherwise nix won't recognize it.
    • Verify the new file has the correct owner and group.

  7. Apply your host configuration:

    # This uses the usbSandbox host, but use the correct one for your system
sudo nixos-rebuild switch --flake .#usbSandbox

  8. Reboot

  9. Verify everything works

Note

One you have installed the flake the first time, you should be able to use the u alias in ZSH to trigger future updates.

Manual Steps

The following will need copied across manually and should be kept private and secure:

  • SSH keys
  • GitLab/GitHub auth
  • VPN connection configuration
    • OpenVPN3 for work
    • TailScale at home

The following manual tweaks I also apply:

  • Cosmic
    • Display orientation
    • Hide dock
    • Touchpad
      • Enable "Tap to click"
      • Enable "Scroll with two fingers"
    • Workspaces Span Displays
    • Tile current workspace
    • New workspace behavior: Tiled
    • Set up Startup Applications
  • Vivaldi
    • Dark mode
    • Left-side tab bar
    • Disable password manager
    • ChatGPT search engine
  • Cosmic Terminal
    • Hide header
    • Set font to FiraCode
  • Run setup-repos.sh script for the host

You will also want to switch to using SSH for the nix-config repo so that you can push changes: git remote set-url origin git@github.com:Pertempto/nix-config.git

Using the Flake

  • Rebuild system configuration:

    sudo nixos-rebuild switch --flake .#<host-name>

  • Update inputs and lock file:

    nix flake update
git add flake.lock
git commit -m "chore: update flake inputs"

Hosts & Hardware Profiles

  • Dev Server (devServer): For my homelab dev server. It runs in a ProxMox virtual machine.
  • USB Sandbox (usbSandbox): For getting started without committing to a full installation to my hard drive.
  • Work Laptop (thinkpad): For my ThinkPad T490 work laptop.
  • Additional host profiles may be added as needed.

Maintenance & Upgrades

  • Periodically run nix flake update to refresh inputs; commit changes.
  • Use Git branches when experimenting (e.g., switching compositors).

Security & Secrets

  • Do not commit secrets (API keys, private keys, credentials).
  • Store secrets next to the host/module and name them like <name>-secrets.nix or *-secrets.conf; keep examples with a .example suffix.
  • .gitignore already ignores **/*-secrets.nix and **/*-secrets.conf; restrict permissions (e.g. chmod 600).
  • For stronger protection consider encryption (age/GPG) or a secret manager.

Roadmap

  • Create flake.nix with proper inputs and outputs.
  • Define usbSandbox profile.
  • Install NixOS on USB drive (sandbox) and apply config.
  • Create Home-Manager config for user addison.
  • Test hardware (WiFi, GPU, battery, power) on sandbox.
  • List current applications from Pop!_OS and check availability.
  • Iterate configuration until system and home workflows are stable.
  • Backup Pop!_OS data.
  • Define thinkpad profile.
  • Install NixOS on internal drive.
  • Clone repo on internal install and apply thinkpad profile.
  • Verify everything works.
  • Set up nix.gc.
  • Set up nix.optimise.
  • Set up weekly slack reminder to run nix flake update

License

This configuration is licensed under the MIT License. Feel free to fork and adapt, though your hardware and preferences may differ.