Colin
91d8b95459
|
||
|---|---|---|
| helpers | ||
| machines | ||
| modules | ||
| pkgs | ||
| secrets | ||
| .gitignore | ||
| TODO.md | ||
| configuration.nix | ||
| flake.lock | ||
| flake.nix | ||
| image.nix | ||
| readme.md | ||
readme.md
after checking out, drop secrets into secrets/
to build:
nixos-rebuild --flake "/etc/nixos/#uninsane" {build,switch}
query with:
nix flake show
secrets
change files in secrets/. they need to be checked into git with some placeholder text for them to be exposed to the flake,
but after that you can set them to their real value and run git update-index --assume-unchanged secrets/*
building images
to build a distributable image (GPT-formatted image with rootfs and /boot partition):
nix build .#imgs.lappy
this can then be dd'd onto a disk and directly booted from a EFI system.
there's some post-processing to do before running a rebuild on the deployed system (e.g. change fstab UUIDs)
refer to flake.nix for more details
admin tips
online: https://nixos.wiki/wiki/Cheatsheet
verify ALL nix store contents with:
sudo nix-store --verify --check-contents # add the --repair flag to auto-repair as well
search for a package with:
nix search nixpkgs <query string>
find which package owns some file with:
nix-locate /bin/vim # or any other package-relative path