dotfiles

Go to file

Cyryl Płotnicki 9bc0671388 remove vpsfree from the pool of distributed builders, focusing on local builds		2022-12-09 13:53:34 +00:00
.config	re-pair the trackball	2021-05-28 19:09:38 +01:00
.github	Update FUNDING.yml	2019-09-28 09:41:30 +01:00
.woodpecker	more agents with more logging	2022-12-04 13:46:47 +00:00
guix	reinstall guix vm	2022-08-14 08:31:59 +01:00
nixos	remove vpsfree from the pool of distributed builders, focusing on local builds	2022-12-09 13:53:34 +00:00
tools	remove obsolete tools	2022-07-16 23:18:08 +01:00
.build.yml	add statix check	2022-05-02 10:16:55 +01:00
.envrc	add basic devshell	2022-05-01 19:11:04 +01:00
.gdbinit	better gdb dashboard setup	2021-01-30 15:56:36 +00:00
.ghci	ghci config added	2015-02-28 22:39:29 +01:00
.gitattributes	Add windows debug tools (#93 )	2017-01-19 10:03:34 +00:00
.gitconfig.cygwin	Add windows debug tools (#93 )	2017-01-19 10:03:34 +00:00
.gitconfig.linux	Add basic Windows-specific git configs (#72 )	2017-01-24 19:53:30 +00:00
.gitconfig.linux.form3	Change key signature for work	2020-10-16 17:06:41 +01:00
.gitconfig.linux.private	use delta for git diff	2020-10-17 13:37:33 +01:00
.gitconfig.mac	Add basic Windows-specific git configs (#72 )	2017-01-24 19:53:30 +00:00
.gitconfig.windows	Add basic Windows-specific git configs (#72 )	2017-01-24 19:53:30 +00:00
.gitconfig_includes.common	more more git config to nix	2020-08-01 08:33:33 +01:00
.gitconfig_includes.cygwin	Add basic Windows-specific git configs (#72 )	2017-01-24 19:53:30 +00:00
.gitconfig_includes.mac	Add Mac support (#89 )	2017-01-26 05:44:03 +00:00
.gitconfig_includes.windows	Add basic Windows-specific git configs (#72 )	2017-01-24 19:53:30 +00:00
.gitignore	add basic devshell	2022-05-01 19:11:04 +01:00
.gitmodules	remove submodule	2020-08-01 10:44:53 +01:00
.sops.yaml	add both sops keys for thinky	2022-09-26 00:12:20 +02:00
.vimrc	update coc	2022-10-02 08:20:43 +01:00
.vimrc.coc	use old ctrl-b bindings for vim	2022-10-22 23:06:46 +01:00
.vimrc.filetypes	cleanup vim config around formatting	2022-03-08 09:56:54 +00:00
.vimrc.keymap	update coc	2022-10-02 08:20:43 +01:00
.vimrc.plugins-settings	newer nvim	2022-10-15 09:39:12 +01:00
.vimrc.settings	update neovim	2021-09-22 13:41:05 +01:00
INSTALL_MACOS.md	Minimal flake for darwin	2022-03-10 12:21:37 +00:00
LICENSE	Update LICENSE	2017-10-07 11:47:40 +01:00
README.md	add build badge to readme	2022-12-03 15:54:54 +00:00
flake.lock	add helix editor	2022-12-07 23:52:15 +00:00
flake.nix	add helix editor	2022-12-07 23:52:15 +00:00
shell.nix	add statix check	2022-05-02 10:16:55 +01:00

README.md

https://git.cyplo.dev/cyplo/dotfiles

My dotfiles - including my vim, terminal and font configs. Mostly focusing on setting things up on NixOS, but supporting other OSes where possible.

bootstrap new machine with NixOS:

boot the target machine from the livecd
change password for the default user nixos
ssh from another, already bootstrapped, machine

remote (sata + MBR):

sudo su -
parted /dev/sda -- mklabel msdos
parted /dev/sda -- rm 1
parted /dev/sda -- rm 2
parted /dev/sda -- rm 3
parted /dev/sda -- rm 4
parted /dev/sda -- mkpart primary 1MiB 1GiB
parted /dev/sda -- mkpart primary 1GiB 100%
cryptsetup luksFormat /dev/sda2

remote (sata):

sudo su -
# `efibootmgr -b 000x -B` if you want to remove entry number x
yes | parted /dev/sda -- mklabel gpt
parted /dev/sda -- rm 1
parted /dev/sda -- rm 2
parted /dev/sda -- rm 3
parted /dev/sda -- rm 4
parted /dev/sda -- mkpart ESP fat32 1MiB 1GiB
parted /dev/sda -- set 1 esp on
parted /dev/sda -- mkpart primary 1GiB 100%
cryptsetup luksFormat /dev/sda2

remote (nvme):

sudo su -
# `efibootmgr -b 000x -B` if you want to remove entry number x
yes | parted /dev/nvme0n1 -- mklabel gpt
parted /dev/nvme0n1 -- rm 1
parted /dev/nvme0n1 -- rm 2
parted /dev/nvme0n1 -- rm 3
parted /dev/nvme0n1 -- rm 4
parted /dev/nvme0n1 -- rm 5
parted /dev/nvme0n1 -- mkpart ESP fat32 1MiB 1GiB
parted /dev/nvme0n1 -- set 1 esp on
parted /dev/nvme0n1 -- mkpart primary 1GiB 100%
cryptsetup luksFormat /dev/nvme0n1p2

remote (sata):

cryptsetup luksOpen /dev/sda2 crypt

remote (nvme):

cryptsetup luksOpen /dev/nvme0n1p2 crypt

remote (sata+MBR):

mkfs.ext2 /dev/sda1 -L boot

remote (sata + GPT):

mkfs.fat -F 32 -n boot /dev/sda1

remote (nvme + GPT):

mkfs.fat -F 32 -n boot /dev/nvme0n1p1

remote (sata):

mkfs.btrfs -L nixos /dev/mapper/crypt
cryptsetup luksClose crypt
cryptsetup luksOpen /dev/sda2 crypt
mount /dev/disk/by-label/nixos /mnt
mkdir -p /mnt/boot
mount /dev/disk/by-label/boot /mnt/boot
nixos-generate-config --root /mnt

remote (nvme):

mkfs.fat -F 32 -n boot /dev/nvme0n1p1
mkfs.btrfs -L nixos /dev/mapper/crypt
cryptsetup luksClose crypt
cryptsetup luksOpen /dev/nvme0n1p2 crypt
mount /dev/disk/by-label/nixos /mnt
mkdir -p /mnt/boot
mount /dev/disk/by-label/boot /mnt/boot
nixos-generate-config --root /mnt

local:

tar -cvz . > ../dotfiles.tar.gz
scp ../dotfiles.tar.gz nixos@remote:/tmp

remote:

mkdir -p /mnt/home/cyryl/dev/dotfiles/
tar -xvf /tmp/dotfiles.tar.gz -C /mnt/home/cyryl/dev/dotfiles
# merge /mnt/etc/nixos/hardware-configuration.nix into /mnt/home/cyryl/dev/dotfiles/nixos/boxes/bootstrap/hardware-configuration.nix
nix-shell -p nixUnstable git
cd /mnt/home/cyryl/dev/dotfiles/
systemd-inhibit nixos-install --flake '.#bootstrap'
passwd cyryl
chown cyryl -R /home/cyryl
reboot

ctrl-alt-f1 cyryl login:

cd ~/dev/dotfiles/
mkdir -p nixos/boxes/HOSTNAME
cp nixos/boxes/bootstrap/2.nix nixos/boxes/HOSTNAME/default.nix
cp nixos/boxes/bootstrap/hardware-configuration.nix nixos/boxes/HOSTNAME/
sudo ln -vfs /home/cyryl/dev/dotfiles/nixos/boxes/HOSTNAME/default.nix /etc/nixos/configuration.nix
sudo nixos-rebuild switch --flake '.#HOSTNAME'
reboot

cd ~/dev/dotfiles/
nixos-install --flake '.#'
ssh-keygen -t ed25519
mkdir -p ~/.config/sops/age/
nix-shell -p 'import (fetchTarball "https://github.com/Mic92/ssh-to-age/archive/main.tar.gz") {}' sops age
ssh-to-age -private-key -i ~/.ssh/id_ed25519 > ~/.config/sops/age/keys.txt
age-keygen -y ~/.config/sops/age/keys.txt #add result to .sops.yaml as a 'source' key
# add machine's age public key from /var/lib/sops-nix/key.txt to .sops.yaml as a target key
sops --add-age [source-age-key] -i -r ./nixos/i3/openweathermap.sops.yaml
sops --add-age [target-age-key] -i -r ./nixos/i3/openweathermap.sops.yaml
# syncthing
# vault
# firefox sync
# bitwarden
# add key to sr.ht
cd ~/dev/dotfiles
git checkout nixos/boxes/bootstrap

Good Links [tm]

inspiration

start with flakes - 4777ae6cf1/nixos/flake.nix (L1-L10)
flakes - https://github.com/MatthewCroughan/nixcfg/blob/master/flake.nix#L45 for T480
https://github.com/cole-mickens/nixcfg/tree/main
https://git.sr.ht/~afontaine/nix/tree/main/item/andrew/mail/default.nix#L125-129 - proton mail bridge
3d6ca2c8bc/tests/home-test.nix - testing on CI
https://git.knightsofthelambdacalcul.us/hazel/etc

things to check out

https://github.com/ryantm/agenix
nix-top
naersk for genpass
https://github.com/divnix/devos
https://github.com/tazjin/nix-1p
https://github.com/nix-community/neovim-nightly-overlay
install ISO - https://christine.website/blog/my-homelab-2021-06-08

flakes

inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
};

outputs = { self, nixpkgs, ... }@inputs: {
nixosConfigurations = {
hyacinth = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
(import ./machines/hyacinth)
];
specialArgs = { inherit inputs; };
};