Configuration files for my NixOS and nix-darwin machines
- Nix 94.1%
- Python 3.4%
- CSS 2.2%
- Just 0.3%
| .github/workflows | ||
| bin | ||
| modules | ||
| .envrc | ||
| .gitignore | ||
| flake.lock | ||
| flake.nix | ||
| justfile | ||
| LICENSE | ||
| README.md | ||
nix-config
Configuration files for my NixOS and nix-darwin machines.
Very much a work in progress.
Services
This section is generated automatically from the Nix configuration using GitHub Actions and this cursed Nix script
alison
| Icon | Name | Description | Category |
|---|---|---|---|
 |
Grafana | Platform for data analytics and monitoring | Observability |
 |
Home Assistant | Home automation platform | Smart Home |
 |
Prometheus | Monitoring system & time series database | Observability |
 |
RaspberryMatic | Homematic IP CCU | Smart Home |
 |
Uptime Kuma | Service monitoring tool | Services |
aria
| Icon | Name | Description | Category |
|---|---|---|---|
 |
Immich | Self-hosted photo and video management solution | Media |
emily
| Icon | Name | Description | Category |
|---|---|---|---|
 |
Audiobookshelf | Audiobook and podcast player | Media |
 |
Bazarr | Subtitle manager | Arr |
 |
Deluge | Torrent client | Downloads |
|
Immich | Self-hosted photo and video management solution | Media |
 |
InvoicePlane | Invoicing application | Services |
 |
Jellyfin | The Free Software Media System | Media |
 |
Jellyseerr | Media request and discovery manager | Arr |
 |
Keycloak | Open Source Identity and Access Management | Services |
 |
Microbin | A minimal pastebin | Services |
 |
Miniflux | Minimalist and opinionated feed reader | Services |
 |
Navidrome | Self-hosted music streaming service | Media |
 |
Nextcloud | Enterprise File Storage and Collaboration | Services |
 |
Paperless-ngx | Document management system | Services |
 |
Prowlarr | PVR indexer | Arr |
 |
Radarr | Movie collection manager | Arr |
 |
Radicale | Free and Open-Source CalDAV and CardDAV Server | Services |
 |
SABnzbd | The free and easy binary newsreader | Downloads |
 |
slskd | Web-based Soulseek client | Downloads |
 |
Sonarr | TV show collection manager | Arr |
 |
Vaultwarden | Password manager | Services |
spencer
| Icon | Name | Description | Category |
|---|---|---|---|
 |
Forgejo | A painless, self-hosted Git service | Services |
 |
Plausible | Open-source web analytics platform | Observability |
Installation runbook (NixOS)
Create a root password using the TTY
sudo su
passwd
From your host, copy the public SSH key to the server
export NIXOS_HOST=192.168.2.xxx
ssh-add ~/.ssh/notthebee
ssh-copy-id -i ~/.ssh/notthebee root@$NIXOS_HOST
SSH into the host with agent forwarding enabled (for the secrets repo access)
ssh -A root@$NIXOS_HOST
Enable flakes
mkdir -p ~/.config/nix
echo "experimental-features = nix-command flakes" >> ~/.config/nix/nix.conf
Partition and mount the drives using disko
DISK='/dev/disk/by-id/ata-Samsung_SSD_870_EVO_250GB_S6PENL0T902873K'
DISK2='/dev/disk/by-id/ata-Samsung_SSD_870_EVO_250GB_S6PE58S586SAER'
curl https://raw.githubusercontent.com/notthebee/nix-config/main/disko/zfs-root/default.nix \
-o /tmp/disko.nix
sed -i "s|to-be-filled-during-installation|$DISK|" /tmp/disko.nix
nix --experimental-features "nix-command flakes" run github:nix-community/disko \
-- -m destroy,format,mount /tmp/disko.nix
Install git
nix-env -f '<nixpkgs>' -iA git
Clone this repository
mkdir -p /mnt/etc/nixos
git clone https://github.com/notthebee/nix-config.git /mnt/etc/nixos
Put the private key into place (required for secret management)
mkdir -p /mnt/home/notthebee/.ssh
exit
scp ~/.ssh/notthebee root@$NIXOS_HOST:/mnt/home/notthebee/.ssh
ssh root@$NIXOS_HOST
chmod 700 /mnt/home/notthebee/.ssh
chmod 600 /mnt/home/notthebee/.ssh/*
Install the system
nixos-install \
--root "/mnt" \
--no-root-passwd \
--flake "git+file:///mnt/etc/nixos#hostname" # alison, emily, etc.
Unmount the filesystems
umount "/mnt/boot/efis/*"
umount -Rl "/mnt"
zpool export -a
Reboot
reboot