Kreyren/nixos-config

Open-Source Infrastructure as Code Management Solution for Multiple Systems designed to be reliable in mission-critical tasks on paranoid and high-security environment.

NiXium (N/X)

Nix-based Open-Source Infrastructure as Code (OSS IaaC) Management Solution for Multiple Systems designed to be reliable tool for mission-critical tasks in paranoid and high-security environment. It uses disko for filesystem management, impermanence to enforce fully declarative setup, flake-parts for flakes and home-manager for user configuration.

Directory layout

...

References

Manuals

• home-manager's options

Guides

• NixOS Flakes Wiki
• Nix Flakes, Part 3: Managing NixOS systems - Eelco Dolstra
• NixOS Configuration with Flakes - jordanisaacs
• The working programmer’s guide to setting up Haskell projects - jonascarpay
• Shell Scripts with Nix - Jon Sangster
• OpenSSH security and hardening - Linux Audit
• sshd_config - How to configure the OpenSSH server - www.ssh.com
• openssh - mozilla
• Arch security wiki
• Arch openssh wiki
• Ask for a password in POSIX-compliant shell? - stackexchange
• Shell Stlye Guide - google
• Parameter Expansion - The Open Group Base Specifications Issue
• Here Documents
• getopt, getopts or manual parsing - what to use when I want to support both short and long options?
• How to autorebase MRs in GitLab CI - Marcin Wosinek
• https://elis.nu/blog/2020/05/nixos-tmpfs-as-root/

NixOS Configs

Collection of NixOS configurations that you might find useful as a reference for your configuration:

• Mic92's dotfiles repo
• jordanisaacs's dotfiles repo
• jordanisaacs's dwm repo
• https://github.com/gvolpe/nix-config
• https://github.com/divnix/digga
• https://github.com/mitchellh/nixos-config
• https://codeberg.org/matthew/nixdot
• https://github.com/terlar/nix-config
• https://github.com/qbit/xin
• https://github.com/mrjones2014/dotfiles
• https://git.sr.ht/~x4d6165/nix-configuration
• https://github.com/TLATER/dotfiles
• https://gitlab.com/engmark/root
• https://codeberg.org/samuelsung/nixos-config (flake-parts)
• https://github.com/srid/nixos-config (flake-parts)
• https://github.com/Mic92/dotfiles (flake-parts)
• https://github.com/chvp/nixos-config
• https://github.com/NickCao/flakes (agenix)
• https://github.com/ocfox/den (agenix)
• https://github.com/Clansty/flake (flakes + deploy-rs)
• https://github.com/fufexan/dotfiles (flakes + agenix + flake-parts + home-manager)
• https://github.com/gvolpe/nix-config
• https://github.com/cole-h/nixos-config (flakes + agenix)
• https://github.com/moni-dz/nix-config (flakes + flake-parts + agenix + home-manager + darwin)
• https://github.com/vkleen/machines
• https://github.com/wimpysworld/nix-config
• https://github.com/gvolpe/nix-config

Relevant GitHub Topic: https://github.com/topics/nixos-configuration

https://github.com/search?q=flake.homeManagerModules&type=code

GitHub repositories which use flake-parts: https://github.com/search?q=flake-parts+path%3Aflake.nix&type=code&p=3

Projects

• flake-compat
• sops-nix
• NixOS hardware repo
• update-flake-lock
• arkenfox's user.js
• de956's browser-privacy
• https://github.com/redcode-labs/RedNixOS
• https://xeiaso.net/blog/paranoid-nixos-2021-07-18

Tips

• To update NixOS (and other inputs) run nix flake update
  • You may also update a subset of inputs, e.g.

    nix flake lock --update-input nixpkgs --update-input home-manager
    # Or, `nix run .#update`

• To free up disk space,

  sudo nix-env -p /nix/var/nix/profiles/system --delete-generations +2
  sudo nixos-rebuild boot