top-level configurations for all my NixOS machines
colin
cd43247d2c
sent messages don't get copied to the sent mailbox, but oh well. problem for another day. |
||
|---|---|---|
| helpers | ||
| machines | ||
| modules | ||
| nixpatches | ||
| pkgs | ||
| secrets | ||
| .gitignore | ||
| .sops.yaml | ||
| configuration.nix | ||
| flake.lock | ||
| flake.nix | ||
| image.nix | ||
| readme.md | ||
| TODO.md | ||
to build:
nixos-rebuild --flake "/etc/nixos/#uninsane" {build,switch}
query with:
nix flake show
secrets
we use sops for secrets. see helpers/universal/secrets.nix for some tips.
building images
to build a distributable image (GPT-formatted image with rootfs and /boot partition):
nix build .#imgs.lappy
this can then be dd'd onto a disk and directly booted from a EFI system.
there's some post-processing to do before running a rebuild on the deployed system (e.g. change fstab UUIDs)
refer to flake.nix for more details
admin tips
online: https://nixos.wiki/wiki/Cheatsheet
verify ALL nix store contents with:
sudo nix-store --verify --check-contents # add the --repair flag to auto-repair as well
search for a package with:
nix search nixpkgs <query string>
find which package owns some file with:
nix-locate /bin/vim # or any other package-relative path