Repo for nix configuration files
home-manager | ||
keys | ||
lib | ||
nixos | ||
secrets | ||
.sops.yaml | ||
flake.lock | ||
flake.nix | ||
README.md | ||
shell.nix |
NixOS Configuration Repository
NOTE: These configs expect this repo to be cloned to /etc/nixos/git/
git clone https://git.sysctl.io/albert/nix /etc/nixos/git
ln -s /etc/nixos/git/flake.nix /etc/nixos/flake.nix
nixos-rebuild switch --flake '/etc/nixos#<HOSTNAME>'
To Do List
- Fix cursor size on hyprland
- Try disko - Link
- btrfs snapshots
- weechat / weechat-matrix
- weechat overlay - Link - for weechat-matrix
- vscodium and user-config.js file?
- rofi - bitwarden-cli / bitwarden-menu (Link)
- Try and submit this as a nixpkg - Link
- doom-emacs / spacemacs overlay install / configuration
- Set up a git repo for auto syncing
- Get the video card working properly (turn off entirely unless in use by a game)
- gnome-terminal theming (or alternatives)
Done
- hyprland
- Try hyprctl
- hyprbars - Link
- libinput-gestures?
- configure programs.light - keybinds in hyprland config
- authentication agent (like polkit-kde-agent)
- Set GTK theme for GTK apps
- Possibly move away from powerline-go - I want something simpler
- Staying with powerline-go, just editing the config in
home-manager/bash.nix
- Staying with powerline-go, just editing the config in
- Set up the fingerprint reader - Link
- sublime music config / theming / integration - Link
- rofi config / theming
- nvidia drivers
- WINE configurations
- btop config / theming
- swaylock config / theming
- Get function keys working (sound, brightness, etc)
- regreet config / theming - Icons still broken for some reason
- Possibly switch to tuigreet and gruv it
- mako config / theming
- waybar config / theming
- hyprland config / theming
- Try
libinput-gestures
for gesture control of Hyprland - Link
- Try
- powerline config / theming
- neofetch config / theming
- kitty config / theming
- libadwaita theming on Gnome stuck??
Information
Home Manager
NixOS
- NixOS Documentation - Stable - Link
- NixOS Packages / Options Search - Link
- Nix User Repository (NUR) Search - Link
Useful Links
Examples
Theming
Theming
- To change system-wide themes, you need to change the following:
gnome
desktops/gnome.nix
- Change the imports at the bottom.users/albert/gnome-conf.nix
- Change the variables at the top.
neovim
home-manager/neovim.nix
- Change the following:plugins = with pkgs.vimPlugins
- Add your theme under "Themes"extraConfig
- Change thecolorscheme
andAirlineTheme
sections
hyprland
hosts/$HOSTNAME/home-manager/hyprland/hyprland-conf.nix
- Change theWALLPAPER_DIR
variable in".config/hypr/start.sh".text
hosts/$HOSTNAME/home-manager/hyprland/hyprland-conf.nix
- Changecol.active_border
andcol.inactive_border
in thegeneral
section.home-manager/bash.nix
- Update thesessionVariable
variableGTK_THEME
waybar
hosts/$HOSTNAME/home-manager/hyprland/waybar-conf.nix
- Update all relevant colors. Possibly make configs for colorschemes and import them.
swaylock
hosts/$HOSTNAME/home-manager/hyprland/swaylock-conf.nix
- Update all relevant colors. Possibly make configs for colorschemes and import them.
kitty
home-manager/kitty.nix
- Update the content ofhome.file.".config/kitty/theme.conf".text
Firefox
home-manager/firefox.nix
- Change the entry under "# Theming"
btop
home-manager/btop.nix
- Setcolor_theme
bash / powerline
home-manager/bash.nix
- Settheme
inprograms.powerline-go.settings
neofetch
home-manager/neofetch.nix
- Update the contents ofhome.file.".config/neofetch/config.conf".text
GPG Keys
- Import the user private key:
gpg import gpg/users/albert/privkey.asc
- Mark it as trusted:
gpg --edit-key albert@sysctl.io
, then typetrust
, then5
- On each new machine, run
nix-shell -p ssh-to-pgp --run "ssh-to-pgp -i /etc/ssh/ssh_host_rsa_key -o HOSTNAME.asc"
- This will output the identifier you add to
.sops.yaml
- Move
HOSTNAME.asc
tokeys/hosts/
and upload to git and rename accordingly.
- This will output the identifier you add to
Secrets
- To edit a file: cd to
/path/to/nix-files/
and run:nix-shell -p sops --run "sops secrets/secret_file.yml"
- New shell alias:
sops secrets/secret_file.yml
- When you add a new machine, you must update the secrets files encryption.
- Run
sops-update secrets/secrets.yaml
and commit the change.
- Run
Lanzaboote / SecureBoot
- Instructions here - Link
- Create your keys:
sbctl create-keys
- Verify your machine is ready for SecureBoot:
sbctl verify
- Everything except*-bzImage.efi
are signed - Enter Secureboot Setup mode in your EFI Settings on the motherboard (F10)
- Security -> SecureBoot -> Set to Enabled and "Reset to Setup Mode" and exit
- Enroll the keys:
sbctl enroll-keys --microsoft
- If you wish, you can select
--tpm-eventlog
, but checksums will change later (ie, at a kernel rebuild)
- If you wish, you can select
- Reboot and verify you are activated:
bootctl status