Jo/puzzlevision
1
0
Fork 0
mirror of https://github.com/Jokiller230/puzzlevision.git synced 2025-09-09 20:30:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
puzzlevision/README.md
Jo 1a01c1ef12
📝 I'm gonna kms
2025-07-03 18:26:09 +02:00

135 lines
5.2 KiB
Markdown
Raw Blame History

<br>
<div align="center"><img src=".github/assets/puzzlevision.png" width="120px" height="auto"></div>
<h1 align="center">✨ Puzzlevision ✨<br></h1>
<div align="center">Non-stop entertainment! The wackiest NixOS configuration to-date.</div>
<br>
<div align="center">
<img src=".github/assets/powered-by-nixos.gif" width="88px" height="31px">
<img src=".github/assets/i-love-reproducing-nix-btw.gif" width="88px" height="31px">
<img src=".github/assets/anything-but-windows.gif" width="88px" height="31px">
</div>
<br>
## 🚧 State of development
All the basic functionality of v2 should be working correctly, including:
- The custom lib implementation at self.lib, recursively built from the contents of the `lib` directory.
- Loading of systems from the `systems` directory, using easy-hosts.
- A basic workstation archetype for desktop systems.
- Creating users in your systems through ${self.namespace}.users,
automatically maps home-manager configurations from the `homes` directory to their corresponding users.
Since I am actively using this configuration on my main workstation, things are evolving quickly,
leftover issues are actively being resolved and the list of modules is ever-growing.
Nonetheless, one should still consider this implementation experimental.
My next goal is to setup an attic binary cache,
with a build/release workflow that runs in regular intervals.
(similar to isabelroses's workflow setup)
## 🚀 Deployment
To deploy a system run the following command in your terminal of choice.
```sh
sudo nixos-rebuild switch --flake .#hostname --accept-flake-config
```
If you're interested in a quick way to experiment with this configuration,
you may use the following command to build a VM.
```sh
sudo nixos-rebuild build-vm --flake .#hostname --accept-flake-config
```
## 🔑 Secrets Management
Secrets are managed by the [sops-nix](https://github.com/Mic92/sops-nix) nixos/home-manager modules respectively.
- General secrets are stored within the `secrets` directory.
- System specific secrets are stored within their respective `systems/<system_type>/<system_name>/secrets` directory.
The following command may be used to convert the SSH host key of a new machine to an age key:
```sh
nix-shell -p ssh-to-age --run 'ssh-keyscan example.com | ssh-to-age'
```
Additionally, the following command may be used to create a new sops secret file:
```sh
nix-shell -p sops --run "sops secrets/example.yaml"
```
You may also encrypt arbitrary binary formats, like .cfg, using the following command:
> [!IMPORTANT]
> The original file location also HAS to match one of the sops creation rules, not just the output.
> Yes, I know this is stupid, and yes, I've wasted way too much time dealing with this :3
```sh
nix-shell -p sops --run "sops -e original_file.cfg > secrets/encrypted_file.cfg"
```
Lastly, when adding new systems, make sure to update any required secret files with the following command:
```sh
nix-shell -p sops --run "sops updatekeys secrets/example.yaml"
```
## 👷 CI/CD coverage
Currently, this repository houses 2 workflows, which are executed when pushing to the v2 branch.
#### ↪️ `Nix: check for unused code`
This workflow can be found in `.github/workflows/deadnix.yml`,
and should be pretty self-explanatory.
Here's what it does:
1. Checks out current branch
2. Finds any unused variables/imports etc...
3. Creates a new commit, instantly removing any unused code
#### ↪️ `Nix: validate flake`
This workflow can be found in `.github/workflows/validate.yml`.
It simply validates a flake using `nix flake check`.
To be specific, it does the following:
1. Checks out current branch
2. Installs nix with some experimental features (flakes, nix-command, recursive-nix, pipe-operator)
3. Runs `nix flake check` on the codebase
## 📝 Goals and improvements
The main goals of this rewritten flake are:
- using flake-parts in place of Snowfall lib
- significantly improving the re-usability of all modules
- avoiding anti-patterns, such as `with lib; with lib.${namespace};`
- improved secrets management
- keeping external assets closer to their related nix file, e.g. wallpapers in
the desktop modules folder
## 🏗️ Structure
The structure this flake aims to build on is relatively simple to grasp.
```
flake.nix --> The flake.
/systems --> NixOS configurations for various types of systems, using easy-hosts.
/modules --> Modules that are mapped to their corresponding easy-hosts class (and home modules).
/nixos --> (example) Modules specific to the nixos class configured in easy-hosts.
/homes --> Directory for home-manager configurations, not specific to the system type.
/lib --> A place for custom lib attributes exposed on the flake namespace (lib.puzzlevision.mkOpt).
(more...) --> Additional directories have been considered (e.g. shells), but as of right now, they serve no use to me.
```
## 🎨 Credits
Parts of this flake were inspired by the likes of:
- [isabelroses](https://github.com/isabelroses)
- [uncenter](https://github.com/uncenter)
- [xaiyadev](https://github.com/xaiyadev)
and documentations such as:
- [flake-parts](https://flake.parts)
- [NixOS and Flakes book](https://nixos-and-flakes.thiscute.world)
many thanks to their hard work!
Reference in a new issue View git blame Copy permalink