No description
Find a file
reo101 51a37c25f9
chore(flake): update flake.lock
Flake lock file updates:

• Updated input 'disko':
    'github:nix-community/disko/aef9a509db64a081186af2dc185654d78dc8e344' (2024-01-03)
  → 'github:nix-community/disko/f0a3425a7b173701922e7959d8bfb136ef53aa54' (2024-01-08)
• Updated input 'neovim-nightly-overlay':
    'github:nix-community/neovim-nightly-overlay/915479ceaaed1ddf9379706da575d0d2bf7a48cf' (2024-01-07)
  → 'github:nix-community/neovim-nightly-overlay/688360dd650feff8fef1d5a539eede840ec07d14' (2024-01-08)
• Updated input 'neovim-nightly-overlay/neovim-flake':
    'github:neovim/neovim/9a2c98087b90e5306579ab2149a6192ac075df6b?dir=contrib' (2024-01-06)
  → 'github:neovim/neovim/367e52cc79a786bbee4456b30f9ec5db7e28d6a5?dir=contrib' (2024-01-07)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/bd645e8668ec6612439a9ee7e71f7eac4099d4f6' (2024-01-02)
  → 'github:nixos/nixpkgs/46ae0210ce163b3cba6c7da08840c1d63de9c701' (2024-01-06)
• Updated input 'nur':
    'github:nix-community/NUR/50c8484371ff46d77678e88c1f78cc5495d7190d' (2024-01-07)
  → 'github:nix-community/NUR/f53bd4e7be4a0511d74f4c9b977eda365af5cce2' (2024-01-08)
• Updated input 'zig-overlay':
    'github:mitchellh/zig-overlay/112cfb72e47cb85d17fc8075a4d70ab56964453d' (2024-01-06)
  → 'github:mitchellh/zig-overlay/5cf2374c87cbe48139d1571360dcd7dd4807ef1c' (2024-01-08)
2024-01-09 00:11:20 +02:00
.github/workflows chore(cicd): update install-nix-action to v20, add flakehub 2023-11-17 17:44:50 +02:00
apps feat(flake): add apps 2023-02-19 13:54:02 +02:00
machines fix(wireguard)!: AllowedIPs semantics 2024-01-08 23:44:22 +02:00
modules feat(flake): start using flake-parts 2023-12-31 19:00:18 +02:00
overlays feat(nix): use nix-monitored 2023-12-25 18:51:44 +02:00
pkgs feat(pkgs): add envsub 2023-11-17 16:06:50 +02:00
secrets fix(wireguard)!: AllowedIPs semantics 2024-01-08 23:44:22 +02:00
shells feat(agenix-rekey)!: first try 2023-12-25 18:47:17 +02:00
templates fix(templates): rm haskell template declaration 2023-07-13 14:44:12 +03:00
util chore(cheetah)!: update config 2024-01-04 01:05:54 +02:00
.envrc feat(flake): add .envrc for direnv 2023-10-23 09:05:55 +03:00
.gitignore feat(agenix-rekey)!: first try 2023-12-25 18:47:17 +02:00
default.nix feat(nix): compat default.nix && shell.nix 2023-09-06 20:48:11 +03:00
flake.lock chore(flake): update flake.lock 2024-01-09 00:11:20 +02:00
flake.nix feat(flake): start using flake-parts 2023-12-31 19:00:18 +02:00
LICENSE feat(config): initial 2022-11-20 17:23:58 +02:00
nixpkgs.nix feat(config): initial 2022-11-20 17:23:58 +02:00
README.md feat(README): add notes about secrets management 2023-11-17 15:59:32 +02:00
shell.nix feat(nix): compat default.nix && shell.nix 2023-09-06 20:48:11 +03:00

nix


Secrets

# To put `agenix` and friends in `$PATH`
nix develop
cd secrets

Make new key

rage-keygen -o key

Edit secret

agenix -i key -e sub/dir/secret_file.age

Rekey all secrets

agenix -i key --rekey

NixOS setup

# Initial setup
nix run nixpkgs#nixos-anywhere -- --flake .#${HOSTNAME} --build-on-remote --ssh-port 22 root@${HOSTNAME} --no-reboott

# Deploy
deploy .#${HOSTNAME} --skip-checks

Mac (silicon) setup

# Setup system tools
softwareupdate --install-rosetta --agree-to-license
sudo xcodebuild -license

# Install nix
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install

# Apply configuration
git clone https://www.github.com/reo101/rix101 ~/.config/rix101
cd ~/.config/rix101
nix build ".#darwinConfigurations.${HOSTNAME}.system"
./result/sw/bin/darwin-rebuild switch --flake .

# System setup for `yabai` (in system recovery)
csrutil enable --without fs --without debug --without nvram