No description

Find a file

Leyla Becker 6a8daadb4e fixed gnome tour showing on reboot		2025-01-06 14:07:19 -06:00
.hooks	switched to using dev shells for local development environment	2024-11-11 18:38:44 -06:00
.vscode	restructured repo to support nix-darwin	2024-11-25 16:58:12 -06:00
configurations	fixed gnome tour showing on reboot	2025-01-06 14:07:19 -06:00
const	switched to using dev shells for local development environment	2024-11-11 18:38:44 -06:00
modules	fixed gnome tour showing on reboot	2025-01-06 14:07:19 -06:00
util	made disko/impermanence config into a module	2024-12-10 23:43:53 -06:00
.envrc	switched to using dev shells for local development environment	2024-11-11 18:38:44 -06:00
.gitconfig	updated hooks folder location	2024-09-21 12:24:54 -05:00
.gitignore	moved spellcheck to separate file	2024-11-25 15:14:50 -06:00
.gitmodules	switched submodule files to non flake input	2024-09-24 02:30:54 -05:00
.sops.yaml	updated secrets files	2024-09-22 19:24:59 -05:00
build-installer.sh	started draft for installer	2024-11-25 22:37:08 -06:00
flake.lock	updated flake.lock	2025-01-03 17:51:08 -06:00
flake.nix	updated flake	2024-12-22 15:24:28 -06:00
install.sh	added note to install script	2024-12-01 18:37:36 -06:00
README.md	removed completed tasks from README.md	2025-01-05 10:46:43 -06:00
rebuild.sh	added show-trace option to rebuild	2024-10-03 15:38:03 +02:00
shell.nix	switched to using dev shells for local development environment	2024-11-11 18:38:44 -06:00

README.md

nix-config

https://git.jan-leila.com/jan-leila/nix-config

nix multi user, multi system, configuration with sops secret management, home-manager, and nixos-anywhere setup via disko with zfs + impermanence

Hosts

Host Map

Hostname	Device Description	Primary User	Role
`twilight`	Desktop Computer	Leyla	Desktop
`horizon`	13 inch Framework Laptop	Leyla	Laptop
`defiant`	NAS Server	Leyla	Server
`hesperium`	Mac	?????	???
`emergent`	Desktop Computer	Eve	Desktop
`threshold`	Laptop	Eve	Laptop
`wolfram`	Steam Deck	House	Handheld
`ceder`	A5 Tablet (not using nix)	Leyla	Tablet
`skate`	A6 Tablet (not using nix)	Leyla	Tablet
`shale`	A6 Tablet (not using nix)	Eve	Tablet
`coven`	Pixel 8 (not using nix)	Leyla	Android

Tooling

Rebuilding

./rebuild.sh

Updating

nix flake update

New host setup

./install.sh --target 192.168.1.130 --flake hostname

Updating Secrets

sops -c sops secrets/secrets_file_here.yaml

Inspecting a configuration

nix-inspect -p .

Notes:

Research topics

Look into this for auto rotating sops keys https://technotim.live/posts/rotate-sops-encryption-keys/
Look into this for flake templates https://nix.dev/manual/nix/2.22/command-ref/new-cli/nix3-flake-init
Look into this for headscale https://carlosvaz.com/posts/setting-up-headscale-on-nixos/
https://nixos-and-flakes.thiscute.world/

Tasks:

Tech Debt

monitor configuration in ~/.config/monitors.xml should be sym linked to /run/gdm/.config/monitors.xml (https://www.reddit.com/r/NixOS/comments/u09cz9/home_manager_create_my_own_symlinks_automatically/)
syncthing password

New Features

offline access for nfs mounts (overlay with rsync might be a good option here? https://www.spinics.net/lists/linux-unionfs/msg07105.html note about nfs4 and overlay fs)
Flake templates - we need to add these to some kind of local registry??? nix flake show templates - https://nix.dev/manual/nix/2.18/command-ref/new-cli/nix3-flake-init
samba mounts
figure out steam vr things?
Open GL?
rotate sops encryption keys periodically (and somehow sync between devices?)
zfs email after scrubbing
tail scale clients
wake on LAN for updates
ISO target that contains authorized keys for nixos-anywhere 4acc43ebc7/hosts/bootstrap/default.nix
Immich
zfs encryption FIDO2 2fa