harivansh-afk/nix
1
1
Fork 0
mirror of https://github.com/harivansh-afk/nix.git synced 2026-04-15 13:03:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
nix/README.md
Harivansh Rathi 9cfe51145d finish
2026-03-30 21:44:55 -04:00

68 lines
2.1 KiB
Markdown
Raw Blame History

# nix
nix-darwin + NixOS + Home Manager config.
## machines
| name | type | manage |
|------|------|--------|
| darwin | MacBook Pro (aarch64) | `just switch` |
| netty | NixOS VPS (x86_64) | `just switch-netty` |
## new machine setup
**darwin:**
```bash
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
git clone https://github.com/harivansh-afk/nix.git ~/Documents/GitHub/nix
cd ~/Documents/GitHub/nix
sudo nix --extra-experimental-features 'nix-command flakes' run github:nix-darwin/nix-darwin/master#darwin-rebuild -- switch --flake path:.#darwin
exec zsh -l
bw login
export BW_SESSION="$(bw unlock --raw)"
just secrets-sync && just secrets-restore-files
exec zsh -l
```
**netty (from mac):**
```bash
nix run github:nix-community/nixos-anywhere -- --flake .#netty --target-host netty --build-on-remote
```
## secrets
SSH keys and credentials are stored in Bitwarden. After unlocking:
```bash
export BW_SESSION="$(bw unlock --raw)"
just secrets-sync # shell env vars -> ~/.config/secrets/shell.zsh
just secrets-restore-files # SSH keys, AWS, GCloud, Codex, GitHub CLI
```
## dev
```bash
nix develop
just check
just fmt
```
## layout
```
hosts/darwin/ - macOS host entrypoint
hosts/netty/ - NixOS VPS entrypoint (disko + hardware + services)
modules/ - shared system modules + devshells
modules/hosts/ - flake-parts host output definitions
modules/nixpkgs.nix - shared flake context (hosts, specialArgs, pkgs)
home/default.nix - unified home entry (conditional on hostConfig)
home/common.nix - modules shared across all hosts
home/xdg.nix - XDG compliance (env vars, config files)
home/security.nix - SSH/GPG permission enforcement
home/ - per-tool home-manager modules
lib/hosts.nix - host metadata + feature flags
lib/theme.nix - centralized color system (gruvbox)
lib/package-sets.nix - shared + host-gated package lists
config/ - repo-owned config files (nvim, tmux, etc.)
scripts/ - secret management and utility scripts
nix-maxxing.txt - architecture and operations guide
```
Reference in a new issue View git blame Copy permalink