nix-config

NixOS configuration for bootstrapping Daniel's station (Darwin)

Description

At the current point in time, this configuration is aimed at aarch64-darwin architecture (Apple Silicon)

Installation

Install nix

• ↗ NixOS docs

sh <(curl -L https://nixos.org/nix/install) --daemon

Install nix-darwin

• ↗ nix-darwin

nix-build https://github.com/LnL7/nix-darwin/archive/master.tar.gz -A installer
./result/bin/darwin-installer

Install home-manager

• ↗ home-manager

nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager
nix-channel --update

Usage

# with the repo cloned and available locally
darwin-rebuild switch --flake ~/Projects/codeberg.org/dminca/nix-config/

# remote bootstrap
nix run nix-darwin -- switch --flake git+https://codeberg.org/dminca/nix-config.git

# home-manager bootstrap
home-manager switch -f ~/Projects/codeberg.org/dminca/nix-config/home.nix

# run the flake and activate
nix run . -- switch --flake .

Secret management with sops-nix

Day-1

• sample .sops.yaml & secrets/example.yaml ↗ source

# create dir where key will be added
mkdir -vp ~/.config/sops/age

# generate key
nix-shell -p age --run "age-keygen -o ~/.config/sops/age/keys.txt"

# prepare data to encrypt
vi secrets/example.yaml

# have .sops.yaml filled

# encrypt data
nix-shell -p sops --run "sops --encrypt secrets/example.yaml" | pbcopy

Day-2

# add/remove entries from secrets file
nix-shell -p sops --run "sops secrets/example.yaml"

Searching for tmux or vim plugins

[!IMPORTANT] These plugins can only be used within home-manager setup (it's the only way I tested). The search will retrieve a list of packages from the Nix Store, this means you can add them in the plugins = [] section

nix-env -f '<nixpkgs>' -qaP -A vimPlugins

nix-env -f '<nixpkgs>' -qaP -A tmuxPlugins

Installing fonts

It's just not straightforward. This case covers only fonts installed via Home-Manager

After nix run -- switch --flake . this needs to be executed

# reload font cache
fc-cache

# check font was installed; in this case 'Hack' (part of nerdfonts family)
fc-list -v | grep -i 'hack'

Should retrieve a list of garbled stuff referencing 'Hack' in there.

More info ↗ here.

Roadmap

• [ ] port all brew packages (all packages are listed in Brewfile
• [x] port dotfiles (zshrc, neovim etc.)
• [x] install kubectl for user profile
• [x] install helm for user profile
• [x] install kubectx for user profile