Make changes to Nix.org and README

docs: Update Deployment section in README to match new repo structure feat: add wormhole-rs and inkscape to packages feat: add "mkdirp yes" to Nix.org header properties
2025-12-06 09:07:21 +01:00 · 2024-06-13 01:01:10 +02:00 · 2024-06-13 01:01:10 +02:00 · d5a18a84d5
commit d5a18a84d5
parent 4cdfd1e9ea
3 changed files with 34 additions and 46 deletions
--- a/.github/README.md
+++ b/.github/README.md
@ -50,49 +50,30 @@ Below is a rough general guide to setup this system on a new NixOS host. **Again
 For a pure Home-Manager configuration, you need a few different steps. The biggest change is that you then want to call `home-manager --flake .#<your-username>@<your-hostname> switch` as the last step instead of `nixos-rebuild [...]`. A complete general guide for that case cannot really be given since you are most likely setting up the flake on a existing machine that already has a lot of configuration. If you are setting up a new system, I would recommend to use NixOS unless circumstances force you to use something else.
 ###### To do that:
-1) adapt [flake.nix](../flake.nix):
+1) adapt [Nix.org](../.dotfiles/Nix.org)
-  - Copy either one of the nixosSystem or homeManagerConfiguration blocks depending on what configuration you are going to be using.
+    1) adapt system specific options:
  - Adapt all lines referencing the host- and username to the names chosen for your system.
  - Also adapt the file paths to reference the files where you want your specific configuration to be stored.
  - If using home-manager on the host, consider the settings for `home-manager.useGlobalPkgs` and `home-manager.useUserPackages` - in this repo they are moved to the general NixOS section to reduce code duplication.
 2) adapt [Nix.org](../Nix.org)
        - Make a copy of "System Specific Configurations/TEMPLATE".
-  - Adapt all references to TEMPLATE to your host- and usernames etc (make sure to also create that directory where it is to be tangled to).
+        - Adapt all references to TEMPLATE to your host- and usernames etc - pay special attention to the header lines in each nix source block, i.e. the "#+begin_src nix [...] :tangle profiles/TEMPLATE/[...]" lines.
        - Add the settings needed for your specific machine.
-  - Make sure Nix.org was actually tangled.
+    2) adapt flake:
        - add a configuration block to "Noweb-Ref blocks/flake.nix/nixosConfigurations" (for example, you can copy one of the other blocks),
            - adapt the paths to the files you chose to tangle to.
            - adjust the "Inputs & Inputs@Outputs" and "let" sections if needed.
        - (Use "[...]/homeConfigurations" instead if adding a home-manager config.)
 2) Make sure Nix.org was actually tangled.
 - **Beware:** This assumes you have access to a way of tangling an .org file (for most people this will mean having a working Emacs). If you do not have that, see below.
 3) Add your changes to your fork of the repository.
 ###### If you have no way of tangling .org files
-In that case make a copy of the /.dotfiles/profiles/TEMPLATE folder and adapt each file manually according to the above.
+In that case make a copy of the /.dotfiles/profiles/TEMPLATE folder and adapt each file manually according to the above, then edit the /.dotfiles/flake.nix manually.
-##### Actual system setup
+##### Basic system setup
-0) Make sure you have an internet connection (ethernet or for Wi-Fi e.g. call `nmtui`)
+0) Make sure you have an internet connection (ethernet or for Wi-Fi e.g. call `nmcli`/`nmtui`)
-1) `sudo nano /etc/nixos/configuration.nix`
+1) `nix --experimental-features 'nix-command flakes' shell nixpkgs#git`
- add the following packages to `environment.systemPackages`: 
+2) `git clone https://github.com/Swarsel/dotfiles.git`
-	- `git `
+3) `cp /etc/nixos/hardware-configuration.nix ~/.dotfiles/profiles/<YOUR_HOSTNAME>`
-	- `gnupg`
+4) `git -C ~/.dotfiles add ~/dotfiles/profiles/<YOUR_HOSTNAME>`
-	- `ssh-to-age`
+5) `sudo nixos-rebuild --flake ~/.dotfiles/#<YOUR_HOSTNAME> boot`
- add
+6) Reboot.
 ```nix
 nix = {
  package = pkgs.nixFlakes;
  extraOptions = ''
    experimental-features = nix-command flakes
  '';
 };
 ```
 2) `sudo nixos-rebuild switch`
 ###### Host SSH key setup for use with sops-nix (only needed if you want to use sops-nix for secrets management)
 3) `ssh-keygen -t ed25519 -C "<YOUR_HOSTNAME> sops"`, use e.g. "sops" as name for `<SOPS_KEY>`
 4) `cd ~/.dotfiles`
 5) `cat ~/<SOPS_KEY>.pub | ssh-to-age >> ~/.dotfiles/.sops.yaml`
 6) `nano .sops.yaml` - add last line to keys and make a new &system_<xxx> entry, make sure to remove that last line
 7) `cp ~/<SOPS_KEY>.pub ~/.dotfiles/secrets/keys/<YOUR_HOSTNAME>.pub`
 8) move `<SOPS_KEY>` to where you want to store your host private key
 9) update entry for `sops.age.sshKeyPaths` in Nix.org to the location that you have just moved the private key to (or manually edit `.dotfiles/profiles/<YOUR_HOSTNAME>/home.nix`)
 ###### Switching to the configuration
 10) `cp /etc/nixos/hardware-configuration.nix ~/.dotfiles/profiles/<YOUR_HOSTNAME>`
 11) `sudo nixos-rebuild --flake .#<YOUR_HOSTNAME> switch`
  - This build will take a while (mostly because it fully builds Emacs), so do not worry too much :)
-  - In case you get a dependency error for some of the `firefox-addons`, just comment out those specific extensions and try to uncomment them again a few days later. Sometimes when these packages are updated, the old .xpi file is deleted by the addon developer and the download link breaks. It is usually updated swiftly. If you do not want to wait, you can also package the addon yourself - there is one example in the files how this is generally done.
+  - If you want to use sops-nix for secrets management, you need to provide your own key as well as a key for each host you are going to create. Then you need to adapt `.sops.yaml` to account for these keys and the directory where you are going to store the secrets. You can edit the secrets using `sops` using your key for authentication. You also need to edit the respective sections of the configuration to account for these locations.
  - In case you get a dependency error for some of the `firefox-addons`, just comment out those specific extensions and try to uncomment them again a few days later. Sometimes when these packages are updated, the old .xpi file is deleted by the addon developer and the download link breaks. It is usually updated swiftly. If you do not want to wait, you can also package the addon yourself - there is one example in the files how this is done in general.
--- a/Nix.org
+++ b/Nix.org
@ -1,4 +1,5 @@
 #+title: Nix  Configuration
 #+PROPERTY: header-args:nix :mkdirp yes
 This file holds the entirety of all configuration files for both NixOS as well as home manager across all machines that I currently use.
@ -4725,12 +4726,15 @@ Also, I define some useful shell scripts here.
      util-linux
      nmap
      # local file sharing
      wormhole-rs
      # b2 backup @backblaze
      restic
      # "big" programs
      filebot
      gimp
      inkscape
      zoom-us
      # nomacs
      libreoffice-qt
--- a/profiles/common/home.nix
+++ b/profiles/common/home.nix
@ -24,12 +24,15 @@
    util-linux
    nmap
    # local file sharing
    wormhole-rs
    # b2 backup @backblaze
    restic
    # "big" programs
    filebot
    gimp
    inkscape
    zoom-us
    # nomacs
    libreoffice-qt