Kieran's opinionated (and probably slightly dumb) nix config
dunkirk.sh
1# Kieran's Dots
2
3
4
5> [!CAUTION]
6> These dots are highly prone to change / breakage.
7>
8> ~I am not a nix os expert (this is my first time touching nix), so I'm not sure if this will work or not. I'm just trying to get my dots up on github.~
9>
10> After `284` successful days of these dots being in constant operation, many many rebuilds, and `364` commits these dots have been rock solid and I have no complaints.
11
12## The layout
13
14```bash
15~/dots # symlinked to /etc/nixos
16├── dots # any config files that need to be symlinked go here, e.g. my hyprland config
17│ └── wallpapers
18├── machines
19│ ├── atalanta # my macOS M4 machine
20│ ├── ember # my dell r210 server (in my basement)
21│ ├── john # shared server for cedarville
22│ ├── moonlark # my framework 13 <dead>
23│ ├── nest # shared tilde server through hc
24│ ├── prattle # oracle cloud x86_64 server
25│ ├── tacyon # rpi 5
26│ └── terebithia # oracle cloud aarch64 server
27├── modules
28│ ├── home # home-manager modules
29│ │ ├── aesthetics # theming and wallpapers
30│ │ ├── apps # any app specific config
31│ │ │ └── crush # vendored for now
32│ │ ├── system # home-manager system configs
33│ │ └── wm # window managers; just hyprland for now
34│ │ └── hyprland
35│ └── nixos # nixos modules
36│ ├── apps # also app specific configs
37│ └── system # pam and my fancy wifi module for now
38└── secrets # keep your grubby hands (or paws) off my data
39
4016 directories
41```
42
43## Installation
44
45> [!WARNING]
46> Also to note that this configuration will **not** work if you do not change any of the [secrets](./secrets) since they are encrypted.
47
48You could either install a NixOS machine (rn there is just `moonlark`), use the home-manager instructions, or use nix-darwin for macOS.
49
50### macOS with nix-darwin
51
52For macOS machines, you can use nix-darwin:
53
541. Install Nix using the determinate systems installer:
55
56```bash
57curl -fsSL https://install.determinate.systems/nix | sh -s -- install
58```
59
602. Clone the repository:
61
62```bash
63git clone git@github.com:taciturnaxolotl/dots.git
64cd dots
65```
66
673. Apply the configuration:
68
69```bash
70darwin-rebuild switch --flake .#atalanta
71```
72
73### Home Manager
74
75Install nix via the determinate systems installer
76
77```bash
78curl -fsSL https://install.determinate.systems/nix | sh -s -- install --determinate
79```
80
81then copy ssh keys and chmod them
82
83```bash
84scp .ssh/id_rsa* nest:/home/kierank/.ssh/
85ssh nest chmod 600 ~/.ssh/id_rsa*
86```
87
88and then clone the repo
89
90```bash
91git clone git@github.com:taciturnaxolotl/dots.git
92cd dots
93```
94
95and execute the machine profile
96
97```bash
98nix-shell -p home-manager
99home-manager switch --flake .#nest
100```
101
102setup atuin and import previous shell history
103
104```bash
105atuin login
106atuin import
107```
108
109### NixOS
110
111> These instructions have been validated by installing on my friend's machine ([`Nat2-Dev/dots`](https://github.com/Nat2-Dev/dots))
112
113#### Using nixos-anywhere (Recommended for remote installations)
114
115> [!INFO]
116> This only currently works with `prattle` and `terebithia` as they have the proper disko configs setup.
117
118For remote installations (like Oracle Cloud), use [nixos-anywhere](https://github.com/nix-community/nixos-anywhere):
119
120```bash
121nix run github:nix-community/nixos-anywhere -- \
122 --flake .#prattle \
123 --generate-hardware-config nixos-facter ./machines/prattle/facter.json \
124 --build-on-remote \
125 root@<ip-address>
126```
127
128Replace `prattle` with your machine configuration and `<ip-address>` with your target machine's IP.
129
130> **Note**: Make sure your SSH key is in the target machine's `authorized_keys` and the machine configuration has the correct network settings. The `--generate-hardware-config nixos-facter` flag will generate a comprehensive hardware report using [nixos-facter](https://github.com/numtide/nixos-facter) instead of the traditional `nixos-generate-config`.
131
132#### Using the install script
133
134```bash
135curl -L https://raw.githubusercontent.com/taciturnaxolotl/dots/main/install.sh -o install.sh
136chmod +x install.sh
137./install.sh
138```
139
140#### The manual way
141
142Install NixOS via the [official guide](https://nixos.org/download.html)
143
144Connect to wifi
145
146```bash
147wpa_passphrase your-ESSID your-passphrase | sudo tee /etc/wpa_supplicant.conf
148sudo systemctl restart wpa_supplicant
149```
150
151Check with `ping 1.1.1.1` if that doesn't work then use `wpa_cli`
152
153```bash
154sudo systemctl start wpa_supplicant
155wpa_cli
156
157add_network 0
158
159set_network 0 ssid "put your ssid here"
160
161set_network 0 psk "put your password here"
162
163enable network 0
164
165exit
166```
167
168Aquire root permissions while keeping your current context with
169
170```bash
171sudo -i
172```
173
174Enable git and rebuild your flake with the following
175
176```bash
177sed -i 's/^{$/{\n programs.git.enable = true;/' /etc/nixos/configuration.nix
178nixos-rebuild switch
179```
180
181Download the disk configuration and run it
182
183```bash
184curl -L https://github.com/taciturnaxolotl/dots/raw/main/moonlark/disk-config.nix -o /tmp/disk-config.nix
185nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode destroy,format,mount /tmp/disk-config.nix
186```
187
188Run nixos generate config and cd into it
189
190```bash
191nixos-generate-config --root /mnt
192cd /mnt/etc/nixos
193```
194
195Clone this repo to your `/mnt/etc/nixos` folder
196
197```bash
198rm *
199git clone https://github.com/taciturnaxolotl/dots.git .
200```
201
202Add your ssh private key to `/mnt/etc/ssh/id_rsa`
203
204install the flake, and umount the filesystem, and then reboot
205
206```bash
207nixos-install --flake .#moonlark --no-root-passwd
208reboot
209```
210
211Pray to the nix gods that it works 🙏
212
213If it worked then you should be able to login with the user `kierank` and the password `lolzthisaintsecure!`
214
215You should immediately change the password
216
217```bash
218passwd kierank
219```
220
221Move the config to your local directory, link to `/etc/nixos`, and change permissions
222
223```bash
224sudo mv /etc/nixos ~/dots
225sudo ln -s ~/dots /etc/nixos
226sudo chown -R $(id -un):users ~/dots
227sudo chown kierank -R ~/dots
228sudo chown kierank -R ~/dots/.*
229```
230
23117. Setup the fingerprint reader and verify it works (you may need to swipe your finger across the fingerprint sensor instead of simply laying it there)
232
233```bash
234sudo fprintd-enroll -f right-index-finger kierank
235sudo fprintd-verify kierank
236```
237
238Finally enable [atuin](https://atuin.sh/)
239
240```bash
241atuin login
242atuin sync
243```
244
245## some odd things
246
247for helix if you want the grammar to work you must run the following as per [this helix discussion](https://github.com/helix-editor/helix/discussions/10035#discussioncomment-13852637)
248
249```bash
250hx -g fetch
251hx -g build
252```
253
254## Screenshots
255
256<details>
257 <summary>I've stuck the rest of the screenshots in a spoiler to preserve space</summary>
258<br/>
259
260**Last updated: 2024-12-27**
261
262
263
264
265
266
267
268
269</details>
270
271## Credits
272
273Thanks a bunch to the following people for their dots, configs, and general inspiration which i've shamelessly stolen from:
274
275- [NixOS/nixos-hardware](https://github.com/NixOS/nixos-hardware)
276- [hyprland-community/hyprnix](https://github.com/hyprland-community/hyprnix)
277- [spikespaz/dotfiles](https://github.com/spikespaz/dotfiles)
278- [Misterio77/nix-starter-configs](https://github.com/Misterio77/nix-starter-configs)
279- [mccd.space install guide](https://mccd.space/posts/git-to-deploy/)
280- [disco docs](https://github.com/nix-community/disko/blob/master/docs/quickstart.md)
281- [XDG_CONFIG_HOME setting](https://github.com/NixOS/nixpkgs/issues/224525)
282- [Daru-san/spicetify-nix](https://github.com/Daru-san/spicetify-nix)
283- [agenix](https://nixos.wiki/wiki/Agenix)
284- [wpa_supplicant env file docs](https://search.nixos.org/options?show=networking.wireless.environmentFile&from=0&size=50&sort=relevance&type=packages&query=networking.wireless)
285- [escaping nix variables](https://www.reddit.com/r/NixOS/comments/jmlohf/escaping_interpolation_in_bash_string/)
286- [nerd fonts cheat sheet](https://www.nerdfonts.com/cheat-sheet)
287- [setting the default shell in nix](https://www.reddit.com/r/NixOS/comments/z16mt8/cant_seem_to_set_default_shell_using_homemanager/)
288- [hyprwm/contrib](https://github.com/hyprwm/contrib)
289- [gtk with home manager](https://hoverbear.org/blog/declarative-gnome-configuration-in-nixos/)
290- [setting up the proper portals](https://github.com/NixOS/nixpkgs/issues/274554)
291- [tuigreet setup](https://github.com/sjcobb2022/nixos-config/blob/29077cee1fc82c5296908f0594e28276dacbe0b0/hosts/common/optional/greetd.nix)
292
293## 📜 License
294
295The code is licensed under `MIT`! That means MIT allows for free use, modification, and distribution of the software, requiring only that the original copyright notice and disclaimer are included in copies. All artwork and images are copyright reserved but may be used with proper attribution to the authors.
296
297<p align="center">
298 <img src="https://raw.githubusercontent.com/taciturnaxolotl/carriage/master/.github/images/line-break.svg" />
299</p>
300
301<p align="center">
302 <i><code>© 2025-present <a href="https://github.com/taciturnaxolotl">Kieran Klukas</a></code></i>
303</p>
304
305<p align="center">
306 <a href="https://github.com/taciturnaxolotl/dots/blob/master/LICENSE.md"><img src="https://img.shields.io/static/v1.svg?style=for-the-badge&label=License&message=MIT&logoColor=d9e0ee&colorA=363a4f&colorB=b7bdf8"/></a>
307</p>