This repo contains the nix based system configurations used across my different devices.
This installation follows along with the nix manual installation chapter until we get to the “Cloning the configs” step. I’ve kept the full steps here as a reminder to myself of exactly how I set things up in case I need to debug issues.
I do use some shell variables throughout the different snippets. Here’s a starter that will make copy and paste easier:
export EDITOR=nano
export HOSTNAME=fixme
export PATH_TO_CONFIGS=$HOME/Code/configsThe installation steps are pretty different between NixOS and MacOSX so I’ve kept them totally separate here.
OSX configuration is a special kind of hell. This setup uses the wonderful nix-darwin for a NixOS like system configuration.
Nix needs to use /nix as the directory for it’s store. OSX post Catalina has a read-only system volume. See this nix github issue for more details.
The point is we need to create a synthetic volume for /nix that looks like a system directory but is writable. This can be accomplished via the installer.
sh <(curl -L https://nixos.org/nix/install) --darwin-use-unencrypted-nix-store-volumeSecurity Note: This assumes that you’re using FileVault to encrypt the whole disk at rest
nix-build https://github.com/LnL7/nix-darwin/archive/master.tar.gz -A installer
./result/bin/darwin-installerI use home-manager for a lot of the dirty work of changing dotfiles.
The install process for this is dead simple, just add the channel.
nix-channel --add https://github.com/rycee/home-manager/archive/master.tar.gz home-manager
nix-channel --updateYou’ll want to git clone this repo somewhere.
git clone https://github.com/a4wc6n/configs.git $PATH_TO_CONFIGSThere are a fair number of things that I don’t want out in public, passwords, private keys, etc.
For this I use git-crypt
All you need to do to create a new host is copy the template to a host and fill it out.
mkdir $PATH_TO_CONFIGS/hosts/$HOSTNAME
cp $PATH_TO_CONFIGS/templates/hosts/darwin/configuration.nix $PATH_TO_CONFIGS/hosts/$HOSTNAME
$EDITOR $PATH_TO_CONFIGS/hosts/$HOSTNAMEBy default darwin-rebuild will look in \~/.nixpkgs/darwin-configuration.nix. In order to get it to look in the right place we’ll need to run like:
darwin-rebuild switch -I darwin-config=$PATH_TO_CONFIGS/hosts/$HOSTNAME/configuration.nixAfter the first time you should be able to run it without the -I argument as long as you don’t move the configs directory.
You’ll need some secrets that shouldn’t be published on the internet. First create `/etc/nixos/secrets.nix`. You can start with copying the template `./nix/secrets.template.nix`
“`sh cp ./nix/secrets.template.nix /etc/nixos/secrets.nix chown root:root /etc/nixos/secrets.nix sudo $EDITOR /etc/nixos/secrets.nix “`
Actually, I’m now doing it via symlinks.
“`sh ln -s $CONFIG_REPO_PATH/nix/devices/$DEVICE/configuration.nix /mnt/etc/nixos/configuration.nix “`
The repo is broken out into the following directories:
The hosts directory contains the entry point for the configuration of different hosts based on their host name.
The profiles directory contains groups of configuration and packages based on the different roles that a machine might play. For example, my development machines should include emacs, web servers shouldn’t.
The config directory contains isolated configuration for packages and services.
- modules
- secrets
- nix-darwin
- nixos
- home-manager
-
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent