Skip to content

aij/aij-nixos-config

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

955 Commits
install-scripts
install-scripts
 
 
installer
installer
 
 
machines
machines
 
 
pkg
pkg
 
 
profiles
profiles
 
 
services
services
 
 
stable @ ef498e1
stable @ ef498e1
 
 
tests
tests
 
 
unstable @ e4735db
unstable @ e4735db
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
.ignore
.ignore
 
 
README.org
README.org
 
 
audit.nix
audit.nix
 
 
bluetooth.nix
bluetooth.nix
 
 
bluray.nix
bluray.nix
 
 
desktop.nix
desktop.nix
 
 
dev.nix
dev.nix
 
 
flake.lock
flake.lock
 
 
flake.nix
flake.nix
 
 
hosts-home.nix
hosts-home.nix
 
 
latencytop.nix
latencytop.nix
 
 
nextcloud-container.nix
nextcloud-container.nix
 
 
nextcloud.nix
nextcloud.nix
 
 
server.nix
server.nix
 
 
sshd.nix
sshd.nix
 
 
stable.nix
stable.nix
 
 
standard.nix
standard.nix
 
 
unstable.nix
unstable.nix
 
 
update.sh
update.sh
 
 
zfs.nix
zfs.nix
 
 

Repository files navigation

These are my NixOS config files, excluding sensitive bits.

Reproducibility

I am tracking nixpkgs as git submodules for system build reproducibility. Compared to using nix-channels, using submodules allows me to more easily track nixpkgs versions corresponding to a given configuration, as I can atomically commit updates to both.

See here for more information.

Since I use both the current stable and unstable channels, I track them as separate submodules. To reduce network bandwidth and make it easier to keep both up-to-date, I use git worktree to maintain a single local nixpkgs repo with two checkouts. There does not appear to be a good way to automate this, so it needs to be set up manually when first checkingout the repo.

Ok, I think this worked:

root@nixos:~# cd /etc/nixos/aij/
root@nixos:/etc/nixos/aij# git submodule init unstable
Submodule 'unstable' (https://github.com/NixOS/nixpkgs) registered for path 'unstable'
root@nixos:/etc/nixos/aij# git submodule update
Cloning into '/etc/nixos/aij/unstable'...
Submodule path 'unstable': checked out 'd8079260a3028ae3221d7a5467443ee3a9edd2b8'
root@nixos:/etc/nixos/aij# cd unstable/
root@nixos:/etc/nixos/aij/unstable# git worktree add ../stable nixos-21.05
Preparing worktree (new branch 'nixos-21.05')
Branch 'nixos-21.05' set up to track remote branch 'nixos-21.05' from 'origin'.
HEAD is now at c06613c25df tor-browser-bundle-bin: 10.0.17 -> 10.0.18
root@nixos:/etc/nixos/aij/unstable# cd ../
root@nixos:/etc/nixos/aij# git submodule init stable
Submodule 'stable' (https://github.com/NixOS/nixpkgs) registered for path 'stable'
root@nixos:/etc/nixos/aij# git submodule update
Submodule path 'stable': checked out '21b696caf392ad6fa513caf3327d0aa0430ffb72'
root@nixos:/etc/nixos/aij#

Testing

It’s a good idea to test configs for other machines before pushing changes that might affect them.

To build a specific machine, run something like

nix build -f '<nixpkgs/nixos>' system -I nixpkgs=$PWD/stable -I nixos-config=$PWD/machines/ita

or

nix build -f '<nixpkgs/nixos>' system -I nixpkgs=$PWD/unstable -I nixos-config=$PWD/machines/tobati

New install

To install a new machine

git clone https://github.com/aij/aij-nixos-config.git aij
aij/install-scripts/part-zfs-boot.sh /dev/nvme0n1

mkfs.ext4 -L boot /dev/nvme0n1p1

# For luks+btrfs. (Alternatively, see install-scripts/format-zfs.sh for encrypted ZFS)
cryptsetup luksFormat /dev/nvme0n1p2
cryptsetup luksOpen /dev/nvme0n1p2 root
mkfs.btrfs /dev/mapper/root
mount /dev/mapper/root /mnt/ -o noatime
# TODO Subvolumes?

mkdir /mnt/boot

mount /dev/nvme0n1p1 /mnt/boot
nixos-generate-config --root /mnt/
mv aij /mnt/etc/nixos/aij

vi /mnt/etc/nixos/configuration.nix

time nixos-install

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

3 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages