dotfiles

Andrew McMahon's NixOS dotfiles

amcmahon NixOS configurations

NixOS/home-manager config files. Requires Nix flakes.

Shamelessly inspired/ripped-off from misterio77 and archer-65

Structure

• flake.nix: Entrypoint for hosts and home configurations. Also exposes devshells for boostrapping (nix develop or nix-shell).
• hosts: NixOS Configurations
  • common: Shared configurations consumed by the machine-specific ones.
    • common: Configurations that are applied to all machines.
    • optional: Opt-in configurations any machines can use.
  • rocinante: AMD 9950X3D / RTX 4090 Workstation
• home: Home-manager configuration
• modules: Modules (with options).
• overlays: Patches and version overrides for some packages. Accessible via nix build.
• pkgs: Custom packages. Also accessible via nix build.

Just Commands

This repo includes a justfile with common maintenance tasks: Run these from inside nix develop (which provides just).

• just fmt: Run formatting via treefmt.
• just check: Run nix flake check.
• just switch-home: Apply Home Manager config for amcmahon@rocinante.
• just rebuild-host: Apply NixOS config for rocinante.
• just update: Update flake inputs, then format and check.
• just clean: Run Nix garbage collection.

How to bootstrap

Using rocinante as an example:

1. Add following to /etc/nixos/configuration.nix:

   networking.hostName = "rocinante";
   
   nix.settings.experimental-features = [ "nix-command" "flakes" ];
   
   environment.systemPackages = with pkgs; [
     vim
     wget
     git
   ];
   
   services.openssh.enable = true;

2. Run sudo nixos-rebuild switch

3. Then:

   mkdir -p Sources
   cd Sources
   git clone git@github.com:McDamon/dotfiles.git
   cd dotfiles
   nix develop

4. Clone the generated hardware configuration (we will modify this later):

   cp /etc/nixos/hardware-configuration.nix ~/Sources/dotfiles/hosts/rocinante/

5. Add the following lines to hardware-configuration.nix:

   # Bootloader.
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;

6. Rebuild:

   sudo nixos-rebuild switch --flake .#rocinante
   home-manager switch --flake .#amcmahon@rocinante

7. Reboot, then enable Secure Boot in BIOS.

8. Enable secure boot using directions from nix-community/lanzaboote, merging in lanzaboote from the existing git hardware-configuration.nix.

9. Enable TPM boot:

   sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 /dev/nvme1n1p2

10. Rebuild and reboot.