teidesu/nixfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nixfiles/readme.md
teidesu 5bf0d327c3
feat(koi): backups
2024-12-29 00:06:33 +03:00

39 lines
2.1 KiB
Markdown
Executable file
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# nixos
ok hi this is my nixos config. it is pretty much a mess and the code sucks but welp
## impure dependencies
note to self on what needs to be installed on the host manually:
### common
- `/etc/ssh/agenix-key` (darwin: `~/.ssh/agenix-key`) - private key for secret decryption
- `./secrets/unsafe.key` - private key for unsafe secret decryption
> "unsafe" secrets are only secret to the "outside" world (i.e. the git repo), but are decrypted at build-time
> and are available globally to the system. this is useful for things like server ips, since i don't want to
> expose them to everyone, but they are not really secret in the sense that they are not sensitive data.
### koi:
- ~~`/etc/iso/win11.iso` - iso containing windows 11 installer (e.g. this: [magnet](magnet:?xt=urn:btih:56197d53136ffcecbae5225f0ac761121eacdac6&dn=Win11_22H2_English_x64v1.iso&tr=udp%3a%2f%2ftracker.torrent.eu.org%3a451%2fannounce&tr=udp%3a%2f%2ftracker.tiny-vps.com%3a6969%2fannounce&tr=udp%3a%2f%2fopen.stealth.si%3a80%2fannounce))~~ currently unused
- `/etc/vms/haos.img` - qcow2 image for haos vm (can be downloaded from the official website, the KVM/Proxmox image).
- `/etc/vms/bnuuy.img` - qcow2 image of an ubuntu cloud image (e.g. `https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img`)
- `/etc/secureboot/keys` - secure boot keys, generated with `sudo nix-shell -p sbctl --run "sbctl create-keys"`
- to enroll fde onto tpm: `sudo systemd-cryptenroll /dev/nvme0n1p2 --tpm2-device=auto --tpm2-pcrs=0+2+7`
- rclone config (for backups): `sudo nix-shell -p rclone --run "rclone config"` you need to set up a remote called `backups`, which will be used as the destination for all backups
### teidesu-osx
`cp /var/run/current-system/Library/Fonts/* /Library/Fonts` - copy nix-managed fonts to system fonts (waiting for [this PR](https://github.com/LnL7/nix-darwin/pull/754))
### setting up
macos:
```bash
curl -L https://nixos.org/nix/install | sh
git clone https://github.com/teidesu/nixos ~/nixos
cd ~/nixos
./switch
```
## cat in a readme 🐈
![cat](https://cataas.com/cat)
Reference in a new issue View git blame Copy permalink