nix-files

top-level configurations for all my NixOS machines

Go to file

colin cd89ea884b secrets: update `moby` keys		2022-08-31 17:01:41 -07:00
helpers	port helpers/home-manager-gen-colin.nix to modules system	2022-06-09 14:50:24 -07:00
machines	servo: bump /tmp space from 16 GB -> 40 GB	2022-08-13 17:57:46 -07:00
modules	fix up /mnt/desko-root to be usable as a remote /nix store	2022-08-30 22:25:22 -07:00
nixpatches	nixpatches: remove custom zecwallet-lite patch and point upstream instead	2022-08-25 19:12:31 -07:00
pkgs	add a script to mount servo root	2022-08-30 19:55:15 -07:00
secrets	secrets: update `moby` keys	2022-08-31 17:01:41 -07:00
.gitignore	move secrets to a subdirectory, for improved overrides	2022-05-26 23:52:08 -07:00
.sops.yaml	secrets: update `moby` keys	2022-08-31 17:01:41 -07:00
TODO.md	moby: cross-compile the kernel	2022-08-08 20:36:35 -07:00
flake.lock	update nixpkgs 2022-08-12 -> 2022-08-25; impermanence, sops	2022-08-26 18:20:14 -07:00
flake.nix	formatting nits	2022-08-24 19:46:10 -07:00
readme.md	formatting nits	2022-08-24 19:46:10 -07:00

readme.md

to deploy:

nixos-rebuild --flake "./#servo" {build,switch}

more options (like building packages defined in this repo):

nix flake show

secrets

i use sops for secrets. see modules/universal/secrets.nix for some tips.

building images

to build a distributable image (GPT-formatted image with rootfs and /boot partition):

nix build ./#imgs.lappy

this can then be dd'd onto a disk and directly booted from a EFI system. there's some post-processing to do before running a rebuild on the deployed system (deploying ssh keys, optionally changing fs UUIDs, etc). refer to flake.nix for more details.