This is my humble flakes-only collection of all and everything needed to set up and maintain all my nixified devices.
- Automation scripts to setup a fresh installation and update the system easily
- Secret management in NixOS (agenix) and home-manager (homeage) with age
- nix-on-droid-managed android phone with home-manager
- One system (
neon
) set up with ephemeral root directory using impermanence and btrfs - Generated shell scripts are always linted with shellcheck
- Checks source code with deadnix, statix and nixpkgs-fmt (using nix-formatter-pack)
- Github Actions pipeline for aarch64-linux systems
- Every output is built with Github Actions and pushed to cachix
- Weekly automatic flake input updates committed to master when CI passes
- Automatic deployments on all NixOS systems with cachix deployment agents after successful pipeline runs
- NixOS-managed
argon
(Oracle Cloud Compute Instance)krypton
(private server)neon
(private laptop)xenon
(Raspberry Pi 3B+)
- home-manager-managed
bwpm-FP2CYXKY2V
gamer
on WSL2 with Ubuntu 20.04 (windows dual boot for games and stuff)R2026
- nix-on-droid-managed
pixel7a
See flake.nix for more information like system
.
If any of these systems need to be reinstalled, you can run:
nix run \
--extra-experimental-features "nix-command flakes" \
github:Gerschtli/nix-config#setup
# Install nix via Determinate Nix Installer https://determinate.systems/posts/determinate-nix-installer
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
echo "trusted-users = $USER" | sudo tee -a /etc/nix/nix.conf
sudo launchctl stop org.nixos.nix-daemon
sudo launchctl start org.nixos.nix-daemon
# see and execute files/scripts/darwin-setup.sh
nix run github:Gerschtli/nix-config#setup
- Set up like written in the NixOS manual with image from
nix build ".#installer-image"
- Add the following to
configuration.nix
:{ users.users.root.password = "nixos"; users.users.tobias = { password = "nixos"; isNormalUser = true; extraGroups = [ "wheel" ]; }; }
- When booted in the new NixOS system, login as tobias and run setup script
- Build image
nix build ".#rpi-image"
- Copy (
dd
)result/sd-image/*.img
to sd-card - Inject sd-card in raspberry and boot
- When booted in the new NixOS system, login as tobias and run setup script
Firmware of Raspberry Pi needs to be updated manually on a regular basis with the following steps:
- Build firmware
nix build ".#rpi-firmware"
- Mount
/dev/disk/by-label/FIRMWARE
- Create backup of all files
- Copy
result/*
to firmware partition (ensure that old ones are deleted) - Unmount and reboot
# update and install system packages
sudo apt update
sudo apt upgrade
sudo apt install zsh
# install nix setup
sh <(curl -L https://nixos.org/nix/install) --no-channel-add --no-modify-profile
. ~/.nix-profile/etc/profile.d/nix.sh
nix run \
--extra-experimental-features "nix-command flakes" \
github:Gerschtli/nix-config#setup
# download and install UbuntuMono from nerdfonts.com
# set login shell
chsh -s /bin/zsh
# configure inotify watcher
echo "fs.inotify.max_user_watches = 524288" | sudo tee /etc/sysctl.d/local.conf
# set default shell (needed if using home-manager to setup xsession)
sudo ln -snf bash /bin/sh
-
Create final boot volume
- Create any instance
- Detach boot volume
-
Create bootstrap instance
-
Create "VM.Standard.A1.Flex"
- with Ubuntu 20.04
- 1 OCPUs and 6 GB of memory
- set ssh public key
- Attach previously created boot volume as block volume (via ISCSI)
-
ssh into instance with
ubuntu
user -
Login as
root
-
Set ssh public key in
/root/.ssh/authorized_keys
and run nixos-infect:cat /home/ubuntu/.ssh/authorized_keys > /root/.ssh/authorized_keys curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NIX_CHANNEL=nixos-22.05 bash -x
-
ssh into instance with
root
user -
Add the following to
/etc/nixos/configuration.nix
:{ boot.loader.grub.efiSupport = true; boot.loader.grub.device = "nodev"; services.openiscsi.enable = true; services.openiscsi.name = "x"; }
-
Activate with
nixos-rebuild switch
-
Copy and run ISCSI mount commands from Oracle Cloud WebUI
-
Partion mounted boot volume
-
Install NixOS like described in NixOS manual with following options:
{ services.openssh.enable = true; services.openssh.settings.PermitRootLogin = "yes"; users.users.root.password = "nixos"; users.users.tobias = { password = "nixos"; isNormalUser = true; extraGroups = [ "wheel" ]; }; }
-
Copy and run ISCSI unmount commands from Oracle Cloud WebUI
-
Detach volume in Oracle Cloud WebUI
-
-
Create final instance
- Create instance of previously created boot volume
- ssh into instance with
tobias
user and password - Run setup script
Note: This is all needed to be able to partition the volume to have more than 100MB available in /boot
. The boot
volume of the bootstrap instance can be reused at any time.