nix-config

NixOS configuration for bootstrapping Daniel's station (Darwin)

Description

At the current point in time, this configuration is aimed at aarch64-darwin architecture (Apple Silicon)

Installation

Install nix

1. Just follow this guide ↗ from DeterminateSystems

Install home-manager

1. it's already baked into DeterminateSystems Nix installer

Usage

# remote activation
nix run github:dminca/nix-config

# local activation
nix run .

Secret management with sops-nix

Day-1

• sample .sops.yaml & secrets/example.yaml ↗ source

# create dir where key will be added
mkdir -vp ~/.config/sops/age

# generate key
nix-shell -p age --run "age-keygen -o ~/.config/sops/age/keys.txt"

# prepare data to encrypt
vi secrets/example.yaml

# have .sops.yaml filled

# encrypt data
nix-shell -p sops --run "sops --encrypt secrets/example.yaml" | pbcopy

Day-2

# add/remove entries from secrets file
nix-shell -p sops --run "sops secrets/example.yaml"

Searching for tmux or vim plugins

Important

These plugins can only be used within home-manager setup (it's the only way I tested). The search will retrieve a list of packages from the Nix Store, this means you can add them in the plugins = [] section

nix-env -f '<nixpkgs>' -qaP -A vimPlugins

nix-env -f '<nixpkgs>' -qaP -A tmuxPlugins

Building the NixOS host remotely

To remotely build the NixOS host run

nix shell nixpkgs#nixos-rebuild \
    --command nixos-rebuild switch \
    --flake .#nixos \
    --target-host dminca@nixos \
    --build-host dminca@nixos \
    --fast \
    --use-remote-sudo

Note

Required to pass --fast and --target-host user@host if execution is triggered from a Darwin or non-linux workstation.

Roadmap [completed] 🎉

• port all brew packages (all packages are listed in Brewfile
• port dotfiles (zshrc, neovim etc.)
• install kubectl for user profile
• install helm for user profile
• install kubectx for user profile