NixOS Config

Install

1. Get the NixOS
2. Copy the Installer to a USB Stick:

sudo cp /path/to/iso /dev/to/disk

3. Boot on the ISO
4. Clone this repository

git clone https://github.com/jocelynthode/nixos-config
cd nixos-config

5. Run bootstrap.sh

nix develop
# This will wipe the disk and create a bootloader
./bootstrap.sh [--encrypt-root] --hostname=<hostname> --disk=/dev/to/disk

7. Setup new age key if needed

8. Rekey your secrets

sops updatekeys secrets/common/secrets.yaml
sops updatekeys secrets/servetek/secrets.yaml

9. Bootstrap system

nixos-install --no-root-password --flake ".#<hostname>"

umount -R /mnt
# if needed
cryptsetup close <hostname>

10. Reboot

Rebuild

To rebuild after changes have made it to the repo use:

sudo nixos-rebuild switch --flake github:jocelynthode/nixos-config

Secrets

Add new secrets

nix develop
# Then create file
sops hosts/common/secrets.yaml

Rekey files after new users and/or host

nix develop
cat /persist/etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'
sops hosts/common/secrets.yaml

Build ISO

To Build the custom iso run the following commands:

nix build .#nixosConfigurations.iso.config.system.build.isoImage
dd if=result/iso/*.iso of=/dev/sdX status=progress
sync

Showcase

Inspiration

• chvp config

• Misterio77 config