docs: add more info in main README
All checks were successful
Discord / discord commits (push) Has been skipped
All checks were successful
Discord / discord commits (push) Has been skipped
This commit is contained in:
parent
d56c451874
commit
9631dfbd21
1 changed files with 93 additions and 6 deletions
99
README.md
99
README.md
|
@ -3,15 +3,102 @@
|
||||||
## Ags
|
## Ags
|
||||||
|
|
||||||
You might find it weird that most of my config is written in TypeScript.
|
You might find it weird that most of my config is written in TypeScript.
|
||||||
That is because all my desktops run [AGS](https://github.com/Aylur/ags) for UI.
|
That's because all my desktops run
|
||||||
Click on [this](https://git.nelim.org/matt1432/nixos-configs/src/branch/master/modules/ags) to see my configuration.
|
[AGS](https://github.com/Aylur/ags)
|
||||||
|
for UI. Click on
|
||||||
|
[this](https://git.nelim.org/matt1432/nixos-configs/src/branch/master/modules/ags)
|
||||||
|
to see my configuration.
|
||||||
|
|
||||||
## About
|
## About
|
||||||
|
|
||||||
This repo is my complete configuration of machines I own,
|
### General
|
||||||
|
|
||||||
|
This repo is the complete configuration of machines I own,
|
||||||
running NixOS or Nix. I tend to mix Home-Manager and NixOS
|
running NixOS or Nix. I tend to mix Home-Manager and NixOS
|
||||||
a lot to make my custom modules by using my global vars system
|
a lot to make my custom modules by using my global vars system
|
||||||
explained [here](https://git.nelim.org/matt1432/nixos-configs/src/branch/master/devices)
|
explained
|
||||||
|
[here](https://git.nelim.org/matt1432/nixos-configs/src/branch/master/devices)
|
||||||
|
|
||||||
For QOL, I symlink the configs to my main user's home
|
### Flake Location
|
||||||
directory following the tutorial [here](https://nixos.wiki/wiki/NixOS_configuration_editors)
|
|
||||||
|
This git repo will always be located at `/home/${mainUser}/.nix`
|
||||||
|
and symlinked to `/etc/nixos` to have everything where NixOS tools
|
||||||
|
expect things to be.
|
||||||
|
|
||||||
|
ie.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
sudo rm -r /etc/nixos
|
||||||
|
sudo ln -sf /home/matt/.nix /etc/nixos
|
||||||
|
```
|
||||||
|
|
||||||
|
### Flake Outputs
|
||||||
|
|
||||||
|
| Output | Description |
|
||||||
|
| ---------------------------------- | ----------- |
|
||||||
|
| `nixosConfigurations` | [devices](https://git.nelim.org/matt1432/nixos-configs/src/branch/master/devices)' + ISO's configurations |
|
||||||
|
| `nixOnDroidConfigurations.default` | [Nix-On-Droid](https://git.nelim.org/matt1432/nixos-configs/src/branch/master/devices/android)'s configuration |
|
||||||
|
| `formatter` | I have yet to know if this has any uses but I format with [alejandra](https://github.com/kamadorueda/alejandra) |
|
||||||
|
| `devShells.default` | A dev shell to build an ISO from the live-image nixosConfiguration |
|
||||||
|
|
||||||
|
### Flake Inputs
|
||||||
|
|
||||||
|
I prefer using a more descriptive format for my inputs like so:
|
||||||
|
|
||||||
|
```nix
|
||||||
|
nixpkgs = {
|
||||||
|
type = "github";
|
||||||
|
owner = "NixOS";
|
||||||
|
repo = "nixpkgs";
|
||||||
|
|
||||||
|
# Branch name
|
||||||
|
ref = "nixos-unstable";
|
||||||
|
|
||||||
|
# Pin this input to a specific commit
|
||||||
|
rev = "842d9d80cfd4560648c785f8a4e6f3b096790e19";
|
||||||
|
};
|
||||||
|
```
|
||||||
|
|
||||||
|
to make it more clear what is what in the flake URI
|
||||||
|
|
||||||
|
I also have a long list of inputs with `flake = false;` because
|
||||||
|
it makes it easier to update non-flake custom packages or overlays
|
||||||
|
to have the latest git. I make sure to end the names of these inputs
|
||||||
|
with `src` to make it clear what they are.
|
||||||
|
|
||||||
|
### Secrets
|
||||||
|
|
||||||
|
All my secrets are in a private git repo that makes use of
|
||||||
|
[sops-nix](https://github.com/Mic92/sops-nix).
|
||||||
|
I only use secrets stored in `JSON` and generate `.sops.yaml`
|
||||||
|
from `.sops.nix`:
|
||||||
|
|
||||||
|
```nix
|
||||||
|
let
|
||||||
|
wim = "somekey";
|
||||||
|
oksys = "somekey2";
|
||||||
|
in {
|
||||||
|
creation_rules = [
|
||||||
|
{
|
||||||
|
path_regex = "secrets/[^/]+\\.(yaml|json|env|ini)$";
|
||||||
|
key_groups = [
|
||||||
|
{
|
||||||
|
age = [wim oksys];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
which is then converted to `.sops.yaml` using
|
||||||
|
[remarshal](https://github.com/remarshal-project/remarshal)
|
||||||
|
and this shell command:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
nix eval --json --file ./.sops.nix | remarshal --if json --of yaml > .sops.yaml
|
||||||
|
```
|
||||||
|
|
||||||
|
TLDR: I
|
||||||
|
**[hate](https://ruudvanasseldonk.com/2023/01/11/the-yaml-document-from-hell)**
|
||||||
|
YAML
|
||||||
|
|
Loading…
Reference in a new issue