artur/nixos
1
Fork 0
Code Issues 1 Pull requests Wiki Activity Actions
My NixOS and Home Manager configuration
1,751 commits 6 branches 0 tags 6 MiB
  • Nix 96.2%
  • Lua 2.2%
  • Shell 1.1%
  • Just 0.5%
Find a file
Exact
Artur Sannikov 5dd088dabc
Some checks failed
Check formatting / Formatting (push) Failing after 1m6s
Details
feat(firefox): disable menu pop-up at alt press
2026-03-24 15:15:48 +02:00
.forgejo/workflows chore(ci): change the schedule back 2026-03-04 11:14:10 +02:00
hosts fix(hetzner1): use grub without EFI 2026-03-22 12:12:18 +02:00
lib feat: Add scanPath lib 2025-05-03 17:14:57 +03:00
modules feat(firefox): disable menu pop-up at alt press 2026-03-24 15:15:48 +02:00
scripts feat: add hardware-configuration generation to script 2026-03-22 12:12:18 +02:00
.editorconfig feat: add .editorconfig 2026-03-08 13:20:18 +02:00
.gitignore chore: cleanup .gitignore 2026-02-11 21:29:34 +02:00
flake.lock Revert "chore: update flake.lock" 2026-03-24 11:57:12 +02:00
flake.nix chore: reorganize flake inputs 2026-02-22 22:28:42 +02:00
Justfile chore: update Justfile 2026-03-03 21:55:47 +02:00
LICENSE license: GPL-3 -> MIT 2025-10-04 17:11:05 +03:00
README.md feat(docs): add instructions for nixos-anywhere 2026-03-22 12:12:18 +02:00

README.md

Artur's NixOS & Nix Home Manager configurations

License Badge

This repository contains NixOS configuration for my desktop, personal, and work laptops, Hetzner VM, and a small VM running on Proxmox (for my homelab). The configurations are based on a Nix flake for easy management and configuration. Changes are made in devel branch and then merged into main branch.

Note

System Information:

  • Desktop environment: KDE Plasma 6
  • File systems: BTRFS/ZFS
  • Shell: zsh
  • Terminal: Kitty
  • Editor: Nixvim

Updates

Updates are managed via flake.lock on my Forgejo instance. The workflows are public.

Secrets

I keep secrets in a private repository and pull them into my configuration with flake. EmergentMind wrote a great post on how to implement this.

Stuff to Do Manually

Not everything is feasible (still?) to declare. Not an exhaustive list of stuff to do after the installation:

  • Login into Librewolf for syncing
  • Login into gh
  • Login into fj (forgejo-cli)
  • Login into bw
  • Set up Thunderbird if it asks for password
  • Set up tailscale
  • Install Better Bibtex for Zotero

nixos-anywhere deployment

The script scripts/nixos-anywhere-deployment.sh allows the remote deployment of NixOS machines. I use it to deploy, for example, my NixOS box. It handles everything: from disk configuration to the actual configuration.

The only required environment variable is NIXOS_ANYWHERE_HOST.

export NIXOS_ANYWHERE_HOST=<host>

For secrets, I use pass utility. The secrets are decrypted by the host SSH key, which is an entry nixos_anywhere_ed25519_hostkey.

If you are deploying a new machine, first generate a unique SSH key for this machine and add it to pass.

cd /tmp
ssh-keygen ./id_ed25519
# This will overwrite the entry
pass insert --multiline --force nixos_anywhere_ed25519_hostkey < /tmp/id_ed25519
nix-shell -p ssh-to-age --run 'cat /tmp/id_ed25519.pub | ssh-to-age'

# Add the generate age key to sops.yaml

Then update the key
sops --config ../nix-secrets/.sops.yaml updatekeys ../nix-secrets/secrets.yaml

# Update the flake in nixos main repo
nix flake update nix-secrets

# Remove the generated key
rm /tmp/id_ed25519*

Configuration mirrors

This configuration is available on my own Forgejo instance, Codeberg and GitHub.