hunner/nix

No description

Find a file

Hunter Haugen 5071ce6368 pin beads to 0.49.6 (pre-dolt)		2026-02-20 09:26:45 -08:00
configs	initial	2025-04-20 14:36:58 -04:00
default-install-gnome	Add framework gnome configs	2025-04-21 09:38:31 -04:00
hosts	add local dev ca	2026-02-17 10:07:32 -08:00
pkgs	Update codex and beads	2026-02-19 10:48:58 -08:00
qemu	Remove some spare files	2025-12-29 13:06:56 -08:00
.sops.yaml	Add ruil and make liminal full-flake	2026-02-13 22:25:21 -08:00
flake.lock	pin beads to 0.49.6 (pre-dolt)	2026-02-20 09:26:45 -08:00
flake.nix	pin beads to 0.49.6 (pre-dolt)	2026-02-20 09:26:45 -08:00
justfile	Get beads working again	2026-02-17 09:59:34 -08:00
README.md	Add ruil and make liminal full-flake	2026-02-13 22:25:21 -08:00

NixOS Configurations

Flake-based NixOS configurations for zima, cryochamber, liminal, and ruil.

Hosts

Host	Description
zima	Local server (ZFS, impermanence)
cryochamber	zfs.rent server (impermanence)
liminal	Workstation (hardware-specific overlays)
ruil	Digital Ocean droplet (ams3)

After changing a host's config, deploy with:

# Build and activate on the remote host
just deploy ruil root@ruil.hunnur.com

# Or build and activate locally via sudo
just deploy-sudo ruil

There's also a shortcut:

just deploy-ruil

For local hosts, just run:

sudo nixos-rebuild switch --flake .#zima

Secrets are managed with sops-nix using age keys. Each host's secrets live in hosts/<name>/secrets/config.yaml.

Host age keys are derived from SSH host keys:

ssh <host> 'cat /etc/ssh/ssh_host_ed25519_key.pub' | nix run 'nixpkgs#ssh-to-age'

To edit a host's secrets:

sops edit hosts/<name>/secrets/config.yaml