dotfile-mirrors/jake-ginesin_nix-dots
1
0
Fork 0
mirror of https://github.com/JakeGinesin/nix-dots.git synced 2026-06-19 18:34:35 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
wtf is a computer pls help
549 commits 2 branches 0 tags 29 MiB
  • Nix 37.5%
  • Shell 29.6%
  • Lua 18.8%
  • Emacs Lisp 6.3%
  • HTML 4%
  • Other 3.8%
Find a file
Exact
JakeGinesin c380ee7917 generation 28 25.11.20250714.62e0f05
2026-06-14 17:32:20 -04:00
.github/ISSUE_TEMPLATE
extras
home generation 28 25.11.20250714.62e0f05 2026-06-14 17:32:20 -04:00
hosts generation 24 25.11.20250714.62e0f05 2026-05-17 11:47:12 -04:00
secrets generation 24 25.11.20250714.62e0f05 2026-05-17 11:47:12 -04:00
system
.gitattributes
flake.lock generation 26 25.11.20250714.62e0f05 2026-06-14 17:13:58 -04:00
flake.nix generation 24 25.11.20250714.62e0f05 2026-06-13 13:07:51 -04:00
README.md generation 27 25.11.20250714.62e0f05 2026-06-14 17:27:00 -04:00

README.md

uhuh yeah endgame nixos config

Install

if you're me, you need to bootstrap your secrets for agenix to work right:

cp -r /home/sync/.ssh /mnt/home/sync/.ssh
cp /home/sync/Passwords.kdbx /mnt/home/sync/.config/keep

if you're not me, you probably have to go in my config and change things for nix to build everything.

then, proceed with regular installation:

sudo nixos-install --root /mnt --flake github:jakeginesin/nix-dots#thonkpad

And rebuild with:

sudo nixos-rebuild switch --flake.#thonkpad

you'll also need to run unlock-gitcrypt.sh initialize gitcrypt for eval-time secrets.

Some crazy dotfiles

For if you're not me

My setup is designed for (1) academic research in my PhD, and (2) security research, in my work as a cryptographic auditor. I would highly recommend not (not) installing this bare and trying to rawdog figure out my system. Read my system configuration manually and pick out the parts you're interested in.

Some subtleties about my setup:

  • tailscale and syncthing are automatically set up. my note system is integrated with the OS itself with nf, alacritty, and rofi. syncing of notes between my server, my phone, and my computer(s) is fully automatic, bootstrapping from the agenix'ed API keys
  • my firefox setup is decked out with all my preferred addons, css, and settings declared. i also have a nice startpage declared
  • i use dnsmasq as opposed to systemd-resolved to manage local dns. I configured nmcli to automatically set dnsmasq to resolve dns queries to certain websites (i.e. instagram.com) to 0.0.0.0 if i'm connected to certain wifi ESSID's (i.e. my university's wifi, "NUWave")
  • both neovim+emacs used
  • my many helpful scripts are autopackaged using writeScriptBin
  • custom font ttfs for polybar are directly included in my config because certain icons are no longer supported
  • i have a stacked rebuild script
  • my zsh is stacked with many nice aliases for automation. secret aliases with hard-coded IPs whatever are stored under an agenix secret
  • bspwm on x is used, with sxhkd used for most hotkeys
  • papers automatically saved with zotero are automatically searchable
  • there is an option for resolution in the configuration.nix file
  • agenix is used for runtime secrets, and git-crypt is used for eval-time secrets. My eval-time secrets aren't too important though, since I honestly have little trust in the security of GPG.