Thanks to visit codestin.com
Credit goes to github.com

Skip to content
/ nixos-config Public

This repo contains the configuration for NixOS, NixDarwin and the Nix-HomeManager for all of my systems

1 star 0 forks Branches Tags Activity
Star

janbaer/nixos-config

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

224 Commits
hosts
hosts
 
 
modules
modules
 
 
secrets
secrets
 
 
.editorconfig
.editorconfig
 
 
.envrc
.envrc
 
 
.gitignore
.gitignore
 
 
.mcp.json
.mcp.json
 
 
Claude.md
Claude.md
 
 
README.md
README.md
 
 
flake.lock
flake.lock
 
 
flake.nix
flake.nix
 
 
nix-info.sh
nix-info.sh
 
 
nixos-collect-garbage.sh
nixos-collect-garbage.sh
 
 
nixos-generation-diff.sh
nixos-generation-diff.sh
 
 
nixos-list-generations.sh
nixos-list-generations.sh
 
 
nixos-reboot-required.sh
nixos-reboot-required.sh
 
 
nixos-rebuild-show-nextchanges.sh
nixos-rebuild-show-nextchanges.sh
 
 
nixos-show-allchanges.sh
nixos-show-allchanges.sh
 
 
nixos-show-lastchanges.sh
nixos-show-lastchanges.sh
 
 
nixos-switch.sh
nixos-switch.sh
 
 
shell.nix
shell.nix
 
 

Repository files navigation

Jans NixOS config

This repo contains the configuration for NixOS, NixDarwin and the Nix HomeManager for all of my systems. This repo is indexed by Ask DeepWiki

Initial steps

Before applying this config to a new machine, you need to activate the support for flakes to the current configuration.nix with adding the following line

nix.settings.experimental-features = [ "nix-command" "flakes" ];

Tooling

I use the Nix helper nh for easier execution of the Nix commands and better visibility to show diffs after a build was running. If you want to use nh before the nix-config was applied for the first time, you need to run nix shell nixpkgs#nh, to be able to use the helper.

Encryption

After creating a new VM you need to read the public SSH-Keys of the machine, to be able to encrypt the secrets with using these public keys. So you need to activate the SSHD server for having a machine key. You can read the public key with ssh-keyscan -t ed25519 -p23 $(hostname) The key needs to be added to the ./secrets/secrets.nix file. After adding the new key, you need to re-encrypt all of you secrets with agenix --rekey. See also To encrypt a file you can use either agenix with calling agenix -e secret.age or also age -R ~/.ssh/id_ed25519.pub ~/.ssh/id_ed25519 > ./secrets/id_ed25519.age. But this will only use the specified public key. You can also pipe the content of a file to the agenix command with cat ~/.ssh/id_ed25519.pub | agenix -e secret.age. The file secret.age needs to be added before to the ./secrets/secrets.nix file.

Before installing agenix, you can run agenix in a nix-shell with the command nix shell github:ryantm/agenix

NixOS Wiki Agenix See also

Steps after applying the nix-config for the first time.

GPG Key Import

After the initial system setup on a new machine, you need to manually import your GPG private key. This is a one-time operation per machine.To do it, just run gpg-import-my-keys in your terminal.

Known issues

  • In case that the command nix flake update fails with a strange error like failed to insert entry: invalid object specified - package.nix it helped, to delete the ~/.cache/nix/ directory.

Hints

  • In case you need to know the SHA256 of the NixOS configuration, you can use nix-prefetch-url command, which returns the SHA256 hash of the file.

About

This repo contains the configuration for NixOS, NixDarwin and the Nix-HomeManager for all of my systems

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages