This repository contains the Nix / NixOS configuration for all of my systems using flake-parts.
See an overview of the flake outputs by running below command
nix flake show github:sinrohit/nixos-config| 📂 Directory | 📝 Description |
|---|---|
| 🏠 home | Home Manager Configuration for user specific settings and packages. |
| 🔧 lib | Helper functions to create NixOS/Darwin system configurations with common settings |
| 💻 machines | Host-specific configurations for different systems |
| 📂 modules | Custom NixOS modules including flakes integration, xmonad configuration, etc. |
| 📦 overlays | Package overlays to extend or upgrade packages |
| 🎁 pkgs | Custom package definitions |
| 🔐 secrets | Age-encrypted secrets management |
This configuration uses ragenix for secret management. Secrets are stored in secrets directory.
Secrets are stored in the Git repo as age-encrypted files. Access roles for each secret is defined in Nix, in the ./secrets/secrets.nix file.
Read the agenix tutorial for details.
In the nix develop shell,
agenix -e ./<secret-file>.ageAdd the new host to the systems list of ./secrets/secrets.nix , and the new user to the users list of the same file, followed by running:
cd ./secrets/
agenix -rThe above will re-encrypt the secrets authorizing the new set of hosts and users to decrypt them.