Apply configuration changes:
just switchUpdate the flake inputs and rebuild:
just updateOr just update flake.lock without rebuilding:
just flakeClone the repo:
git clone [email protected]:stfl/dotfiles.git ~/.config/dotfileshttps://github.com/stfl/doom.d#installation
Grant user access to system journal:
usermod -a -G systemd-journal $USERFor headless systems:
systemctl set-default multi-user.targetZSA keyboard support (ErgoDox EZ, Moonlander, Voyager) is configured in modules/hardware/zsa.nix.
The udev rules and plugdev group setup are handled automatically by NixOS.
Docker is configured via modules/docker.nix. The module handles:
- Installing docker and docker-compose
- Adding the user to the docker group
- Enabling the docker service
Symlink root’s .bashrc to the versioned config:
ln /home/slendl/.config/dotfiles/config/bash/.bashrc.root /root/.bashrc -sfTrust your password-store GPG key:
gpg --edit-key <password-store-key>
> trust
> 5 # trust ultimatelyReddit about policy Brave Doku
Install the org-protocol policy system-wide:
{
"AutoLaunchProtocolsFromOrigins": [
{
"allowed_origins": [ "*" ],
"protocol": "org-protocol2"
}
]
}Local rebuild:
sudo nixos-rebuild switch --flake ".#"Deploy to a remote host:
nixos-rebuild \
--target-host [email protected] \
--use-remote-sudo \
switch \
--flake ".#hostname"The easiest solution is to do a remote setup - have the nixos config on an existing machine and connect to the new system via ssh.
On the installation target, change the password so that ssh will work:
passwdPartitioning with an ESP and a single large partition with ext4:
Mount partitions:
mount /dev/sda3 /mnt
mkdir -p /mnt/boot
mount /dev/sda1 /mnt/boot
swapon /dev/sda2Generate the hardware-configuration.nix:
nixos-generate-config --root /mnt --dir .Copy the hardware-configuration to the git repo:
HOST=kondor
mkdir -p hosts/$HOST
scp [email protected]:hardware-configuration.nix hosts/$HOST
cp hosts/nixos-vm/{default,home}.nix hosts/$HOSTThen customize hardware-configuration.nix, default.nix and home.nix
Get the config to the target (rsync won’t work if not available on target):
rsync -ravh ./ [email protected]:dotfiles/On the target, run nixos-install:
HOST=kondor
nixos-install --root /mnt --flake .#$HOSTTo repair a NixOS installation when booted to a live ISO:
Mount the partitions to /mnt and enter the special nixos chroot:
nixos-entercd /path/to/dotfiles
nixos-rebuild switch --flake .#hostnameModify secrets/secrets.nix and add the new secret file.
cd secrets
agenix -e <name-of-secret>.ageEmacs will open. Close with SPC b k to terminate the buffer and return to the shell.
- You need to first setup NixOS without agenix
- Put the auto-generated ssh host public key
/etc/ssh/ssh_host_ed25519_key.pubinto secrets.nix - Rekey with another private key that allows decrypting all relevant keys:
agenix --rekey -i ~/.ssh/id_ed25519_stflEdit modules/iso.nix, then build:
nix build .#isoWrite to USB:
sudo dd if=results/iso/*.iso of=/dev/sda bs=4M status=progress && syncDownload the corresponding version from https://www.citrix.com/downloads/workspace-app/
Add the file to the nix store:
nix-prefetch-url file://${PWD}/packages/citrix/linuxx64-24.8.0.98.tar.gzAfterwards citrix_workspace can be installed.
https://wiki.nixos.org/wiki/Steam
Steam is configured via modules/steam.nix.
Starting steam within gamescope:
export AMD_VULKAN_ICD="RADV"
gamescope --adaptive-sync --hdr-enabled --rt --steam -- \
steam -pipewire-dmabuf -tenfootGet current output information:
swaymsg -t get_outputsDisplay profiles are configured per-host in the home-manager configuration.
Login to FlakeHub for faster downloads and cache:
determinate-nixd login