Link to this headingNixOS

Configurations:
Plex configuration for NixOS
Good Configuration
Walk through on Making a gaming config
Kubernetes Servers

Tools:
Install Nixos Through SSH

Rebuild System:

#rebuild system to force changes sudo nixos-rebuild switch #test out system first sudo nixos-rebuild test #Rebuild with flake sudo nixos-rebuild switch --flake /etc/nixos#default

Install single packages:

export NIXPKGS_ALLOW_INSECURE=1 ; nix-env -iA nixpkgs.sublime4

Delete packages after 15 days:

sudo nix-collect-garabge --delete-older-than 15d

Link to this headingInstall with nix-anywhere

Install with the target OS running the Nixos Live CD without an OS.

Steps:

#Get target IP ip addr #Change Password passwd #Generate Disk Encryption Key dd bs=512 count=4 if=/dev/random of=/tmp/crypto_keyfile.bin iflag=fullblock #Run Nix on nix run github:nix-community/nixos-anywhere --extra-experimental-features "nix-command flakes" -- --flake '.#devvm' --disk-encryption-keys /tmp/crypto_keyfile.bin /tmp/crypto_keyfile.bin [email protected]

Link to this headingInstall from Scratch

#Make Partitions with disko sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode disko /tmp/disk-config.nix #Set Secure Boot #sudo nix run nixpkgs#sbctl create-keys --extra-experimental-features nix-command --extra-experimental-features flakes #Install Bootloader sudo nixos-rebuild --install-bootloader boot #

Link to this headingSecure Boot

Requires UEFI mode and systemd-boot

VM Options tab -> Boot Options -> Secure Boot

Setup:

#Check UEFI bootctl status #install Secure Boot Key Manager nix-env -iA pkgs.sbctl #Create keys sudo sbctl create-keys #Install niv niv add nix-community/lanzaboote -r v0.4.1 -v 0.4.1 #Check configurations sudo nixos-rebuild test #Verify Secure Boot sudo sbctl verify #reboot # Enroll Microsoft key sudo sbctl enroll-keys --microsoft #reboot

Link to this headingEncrypted Drive

Link to this headingNix Shell

Install a package for a single command:

nix shell nixpkgs#age -c age-keygen -o ~/.config/sops/age/keys.txt

Start environment for a set of tools:

Link to this headingHome Manager

Link to this headingInstall Home-manager

#Update /etc/nixos/configuration.nix to install #Generate /etc/nixos/flake

Link to this headingHome-mamager commands

Update user config:

Home-manager switch

Link to this headingSecret Management

agenix - age-encrypted secrets for NixOS

Link to this headingConfig Biased on Hostname

{ config, ... }: mkMerge [{ # main config options } (mkIf config.networking.hostName == "x" { # ... }) (mkIf config.networking.hostName != "x" { # ... })];