top-level configurations for all my NixOS machines

Go to file

colin bbb384c70a pkg megi's kernel this won't likely build cleanly: it uses floats in places, which isn't supported in kernel build well.		2022-08-09 14:39:42 -07:00
helpers	port helpers/home-manager-gen-colin.nix to modules system	2022-06-09 14:50:24 -07:00
machines	moby: package/ship the rtl8723cs bluetooth driver	2022-08-08 22:13:17 -07:00
modules	moby: cross-compile the kernel	2022-08-08 20:36:35 -07:00
nixpatches	nixpatches: remove dead jackett, Discord patches	2022-08-01 13:30:47 -07:00
pkgs	pkg megi's kernel	2022-08-09 14:39:42 -07:00
secrets	vpn: rename ovpnd -> ovpnd-us	2022-07-09 00:52:05 -07:00
.gitignore	move secrets to a subdirectory, for improved overrides	2022-05-26 23:52:08 -07:00
.sops.yaml	add aerc accounts.conf to secret store (and home-manager)	2022-06-20 23:55:43 -07:00
flake.lock	update nixpkgs: 2022-08-01 -> 2022-08-03	2022-08-05 15:49:35 -07:00
flake.nix	image building instructions: no need to manually create /persist dirs anymore	2022-08-02 17:10:32 -07:00
readme.md	cleanup TODO, readme	2022-06-26 03:44:41 -07:00
TODO.md	moby: cross-compile the kernel	2022-08-08 20:36:35 -07:00

readme.md

to deploy:

nixos-rebuild --flake "./#servo" {build,switch}

more options (like building packages defined in this repo):

nix flake show

secrets

i use sops for secrets. see modules/universal/secrets.nix for some tips.

building images

to build a distributable image (GPT-formatted image with rootfs and /boot partition):

nix build ./#imgs.lappy

this can then be dd'd onto a disk and directly booted from a EFI system. there's some post-processing to do before running a rebuild on the deployed system (deploying ssh keys, optionally changing fs UUIDs, etc). refer to flake.nix for more details.