There's also more advanced options for secret management, including some that can include them (encrypted) into your config repo and/or nix store, be sure to check them out if you're interested.
Besides just adding packages to your environment, home-manager can also manage your dotfiles. I strongly recommend you do, it's awesome!
For full nix goodness, check out the home-manager options with man home-configuration.nix. Using them, you'll be able to fully configure any
program with nix syntax and its powerful abstractions.
Alternatively, if you're still not ready to rewrite all your configs to nix
syntax, there's home-manager options (such as xdg.configFile) for including
files from your config repository into your usual dot directories. Add your
existing dotfiles to this repo and try it out!
You might have noticed that there's impurity in your NixOS system, in the form of configuration files and other cruft your system generates when running. What if you change them in a whim to get something working and forget about it? Boom, your system is not fully reproductible anymore.
You can instead fully delete your / and /home on every boot! Nix is okay
with a empty root on boot (all you need is /boot and /nix), and will
happily reapply your configurations.
There's two main approaches to this: mount a tmpfs (RAM disk) to /, or
(using a filesystem such as btrfs or zfs) mount a blank snapshot and reset it
on boot.
For stuff that can't be managed through nix (such as games downloaded from
steam, or logs), use impermanence
for mounting stuff you to keep to a separate partition/volume (such as
/nix/persist or /persist). This makes everything vanish by default, and you
can keep track of what you specifically asked to be kept.
Here's some awesome blog posts about it:
- Erase your darlings
- Encrypted BTRFS with Opt-In State on NixOS
- NixOS: tmpfs as root and tmpfs as home
Note that for home-manager to work correctly here, you need to set up its
NixOS module, as described in the previous section.
Something you want to use that's not in nixpkgs yet? You can easily build and iterate on a derivation (package) from this very repository.
Create a folder with the desired name inside pkgs, and add a default.nix
file containing a derivation. Be sure to also callPackage them on
pkgs/default.nix.
You'll be able to refer to that package from anywhere on your
home-manager/nixos configurations, build them with nix build .#package-name,
or bring them into your shell with nix shell .#package-name.
See the manual for some tips on how to package stuff.
Found some outdated package on nixpkgs you need the latest version of? Perhaps you want to apply a patch to fix a behaviour you don't like? Nix makes it easy and manageble with overlays!
Use the overlays/default.nix file for this.
If you're creating patches, you can keep them on the overlays folder as well.
See the wiki article to see how it all works.
Got some configurations you want to create an abstraction of? Modules are the answer. These awesome files can expose options and implement configurations based on how the options are set.
Create a file for them on either modules/nixos or modules/home-manager. Be
sure to also add them to the listing at modules/nixos/default.nix or
modules/home-manager/default.nix.
See the wiki article to learn more about them.
Please let me know any questions or issues you face with these templates, so I can add more info here!
Nix flakes only see files that git is currently tracked, so just git add .
and you should be good to go. Files on .gitignore, of course, are invisible
to nix - this is to guarantee your build won't depend on anything that is not
on your repo.
The nix dependencies (such as nixpkgs) used by your configuration will
strictly follow the flake.lock file, using the commits written into it when
you (re)generated.
To update your flake inputs, simply use nix flake update.