top-level configurations for all my NixOS machines

Go to file

colin fd48880a0a nixcache: only enable on moby it's annoying to rebuild on desko/lappy, and have that fail when servo is offline/unreachable. and it's really silly to have servo use its own cache over the network. long-term would be better to do properly distributed builds instead of the cache.		2022-06-28 03:44:10 -07:00
helpers	port helpers/home-manager-gen-colin.nix to modules system	2022-06-09 14:50:24 -07:00
machines	nixcache: only enable on moby	2022-06-28 03:44:10 -07:00
modules	nixcache: only enable on moby	2022-06-28 03:44:10 -07:00
nixpatches	move patch list out of flake.nix	2022-06-23 16:03:58 -07:00
pkgs	fix bootpart-uefi-x86_64 to allow selecting old nixos generations at boot	2022-06-24 01:35:52 -07:00
secrets	remove himalaya: we're using aerc now	2022-06-21 02:02:04 -07:00
.gitignore	move secrets to a subdirectory, for improved overrides	2022-05-26 23:52:08 -07:00
.sops.yaml	add aerc accounts.conf to secret store (and home-manager)	2022-06-20 23:55:43 -07:00
flake.lock	update nixpkgs, mobile-nixos, home-manager, sops-nix, nurpkgs	2022-06-27 01:34:04 -07:00
flake.nix	flake.nix: document the image building/flashing process	2022-06-24 16:04:25 -07:00
readme.md	cleanup TODO, readme	2022-06-26 03:44:41 -07:00
TODO.md	cleanup TODO, readme	2022-06-26 03:44:41 -07:00

readme.md

to deploy:

nixos-rebuild --flake "./#servo" {build,switch}

more options (like building packages defined in this repo):

nix flake show

secrets

i use sops for secrets. see modules/universal/secrets.nix for some tips.

building images

to build a distributable image (GPT-formatted image with rootfs and /boot partition):

nix build ./#imgs.lappy

this can then be dd'd onto a disk and directly booted from a EFI system. there's some post-processing to do before running a rebuild on the deployed system (deploying ssh keys, optionally changing fs UUIDs, etc). refer to flake.nix for more details.