my dotfiles

Find a file

chayleaf a6a9b5be12 router: enable ipv6 forwarding in wan netns		2024-07-14 06:41:26 +07:00
home	home: add minimal config	2024-07-13 05:33:43 +07:00
pkgs	split osu-wine into a separate flake	2024-07-03 19:43:27 +07:00
system	router: enable ipv6 forwarding in wan netns	2024-07-14 06:41:26 +07:00
.gitignore
COPYING
default.nix
extra-builtins.nix	flake/secrets: move from /etc/nixos/private to /secrets/nixos	2023-12-25 04:18:03 +07:00
flake.lock	router: enable ipv6 forwarding in wan netns	2024-07-14 06:41:26 +07:00
flake.nix	server: switch to systemd initrd	2024-07-14 00:13:37 +07:00
lib.nix	massive cleanup	2023-12-18 08:48:49 +07:00
overlays.nix	update inputs	2024-01-30 19:39:14 +07:00
private.nix.sample	server/certspotter: check tbs instead of pubkey	2023-10-26 02:02:48 +07:00
push.sh	update inputs	2024-05-03 16:56:29 +07:00
README.md
update.sh

README.md

My Nix config

Home-manager config and modules are in ./home, NixOS config and modules are in ./system.

Secrets are fetched using a nix plugin at evaluation time to avoid using --impure. I plan to implement a more robust secrets system later though.

To install, simply run nixos-rebuild switch --flake . --option extra-builtins-file $(pwd)/extra-builtins.nix and home-manager switch --flake . --option extra-builtins-file $(pwd)/extra-builtins.nix, since this repo relies on build-time decryption of secrets using a Nix plugin (to be fair you won't be able to use it since you don't have the secrets, such as initial root password). If you don't have nix-plugins though, you can put the secrets in plaintext to /etc/nixos/private and add --impure flag to bootstrap the config.