caem/albedo: NixOS configuration for all of my infrastructure.

NixOS configuration for all of my infrastructure.

Find a file

caem 15b71e3386 flake.lock: Update Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/49ca96b2714c5931e17401eff87f3edd42d2b0f2?narHash=sha256-OXcxobt7lBkh1B8AjwreU%2B24myhtKpqeLfAeIyNLFY8%3D' (2026-04-01) → 'github:nix-community/home-manager/0d02ec1d0a05f88ef9e74b516842900c41f0f2fe?narHash=sha256-KY6HsebJHEe5nHOWP7ur09mb0drGxYSzE3rQxy62rJo%3D' (2026-04-05) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/bcd464ccd2a1a7cd09aa2f8d4ffba83b761b1d0e?narHash=sha256-d3Yx83vSrN%2B2z/loBh4mJpyRqr9aAJqlke4TkpFmRJA%3D' (2026-04-01) → 'github:NixOS/nixpkgs/d96b37bbeb9840f1c0ebfe90585ef5067b69bbb3?narHash=sha256-BQb70%2BB378ECLO8iQT3P/b1hCC5/CJVHZdeulY8futc%3D' (2026-04-07) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/6201e203d09599479a3b3450ed24fa81537ebc4e?narHash=sha256-ZojAnPuCdy657PbTq5V0Y%2BAHKhZAIwSIT2cb8UgAz/U%3D' (2026-04-01) → 'github:NixOS/nixpkgs/68d8aa3d661f0e6bd5862291b5bb263b2a6595c9?narHash=sha256-vPKLpjhIVWdDrfiUM8atW6YkIggCEKdSAlJPzzhkQlw%3D' (2026-04-05) • Updated input 'sops-nix': 'github:Mic92/sops-nix/a4ee2de76efb759fe8d4868c33dec9937897916f?narHash=sha256-f50qrK0WwZ9z5EdaMGWOTtALgSF7yb7XwuE7LjCuDmw%3D' (2026-04-05) → 'github:Mic92/sops-nix/de5f2d596eb896a5728afcd15f823f59cb9ecfdb?narHash=sha256-VcC/%2BMMMldwQKcST2y/QTndGLusSxjeUvYwFwzZKKko%3D' (2026-04-08)		2026-04-08 19:29:52 +02:00
machines/skeleton	Improved user abstraction	2026-04-05 11:52:22 +02:00
modules	Add neovim configuration	2026-04-08 19:27:39 +02:00
overlays/global	Switch out dnscrypt-proxy for blocky	2026-03-23 01:21:14 +01:00
scripts	Encrypt the persist dataset for the skeleton	2026-03-30 19:34:13 +02:00
secrets@103070c359	Update secrets	2026-04-06 18:43:52 +02:00
users/skeleton	Improved user abstraction	2026-04-05 11:52:22 +02:00
.gitignore	Skip nix-portable in facter bootstrap when in nixos iso	2026-03-21 19:25:09 +01:00
.gitmodules	Rework security module	2026-03-21 21:07:20 +01:00
flake.lock	flake.lock: Update	2026-04-08 19:29:52 +02:00
flake.nix	Improved user abstraction	2026-04-05 11:52:22 +02:00
README.org	Update instructions for vm installation	2026-03-21 23:03:29 +01:00
util.nix	Improved user abstraction	2026-04-05 11:52:22 +02:00

README.org

albedo
- legacy
- useful commands
  - build the system locally before deploying to another machine
  - deploy the skeleton target to a vm

albedo

This rewrite is currently in progress.

Name may be temporary.

legacy

My old configurations are still available in the tree. Refer to the table below if interested. Note that as you go back further in time that the quality of the configuration worsens. I would not particularly recommend using the legacy configurations as examples of a well thought out, clean or architecturally sound setup.

tag	commit	descrption
legacy+1	`18565ff`	GNOME+Emacs
legacy	`fb5d4d4`	KDE/Hyprland + Neovim

useful commands

build the system locally before deploying to another machine

nix build .#nixosConfigurations.<machine>.config.system.build.toplevel

deploy the skeleton target to a vm

SSHPASS=<password> nix run github:nix-community/nixos-anywhere -- --no-disko-deps --extra-files "$(./scripts/setup-secrets.bash sops.txt)" --flake '.#skeleton' --env-password --target-host root@<ip>

This has the following requirements:

The installation disk is labeled under /dev/vda or you change it to the correct one in disko.nix
The installation disk has a serial. This is important if you're using virtio-blk.
The sops.txt exists in the root directory of the repo with the keys required for your deployment.