dotfiles
nixpkgs
Our great sponsors
dotfiles | nixpkgs | |
---|---|---|
6 | 969 | |
123 | 15,581 | |
- | 4.9% | |
7.4 | 10.0 | |
25 days ago | 1 day ago | |
Nix | Nix | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dotfiles
-
RedNixOS - NixOS-based 'distro' for cybersec
Not sure about central but just search dotfiles, config, or flake on GitHub and filter by nix language. Most dotfiles are a sort of “distro” as nix let’s you configure everything from scratch in a central way. Eg my personal dotfiles are an abstracted layer of NixOS/home manager. This can be seen honestly in a lot of popular configs. Eg my WireGuard module turns high level options into automatic configs (see: module).
-
Nix and NixOS Get So Close to Perfect
What’s powerful about nix is the language IMO. I was able to build an automatic WireGuard setup[1] with tagging that automatically works on each new machine thanks to the ability to do config as code. Just provide some basic config for each machine and the code turns it into an interface with peers.
The issue to me isn’t the language persay (it’s really a tiny surface area language, see the built in/lib functions [2]) but the tooling built around packaging is a hodgepodge mess of semi-documented workarounds (with Nixpkgs blessed ways vs used libraries) and is extremely difficult to approach and understand.
-
Installing Firefox extensions through policies with nur packages.
Not entirely sure what you mean by policies. But you can use rycee’s buildFirefoxXpiAddon. All you need is the xpi. See: https://github.com/jordanisaacs/dotfiles/blob/master/modules/users/graphical/applications/firefox.nix for some manual packages.
-
Confused about Git, gnome-keyring, and libsecret
As a heads up setting up gnome-keyring is an adventure in and of itself when not using GNOME which from the sounds of it you are not. It took me a month of on and off trial and error to finally quash the last of its bugs. You can search around my dotfiles where I have it working but the solutions are all over the place (modules/system/gnome/default.nix, modules/users/graphical/shared.nix, and modules/users/graphical/wayland.nix).
-
Flake structure for multi system
I’ll just add on, I use functions in my nix file to make configs (iso, home manager, nixos),: function folder. With this logic you can create basic other hosts. How they are used in used in flake.nix
-
Conditionally import file
I am using this repo as a guide. I created a module which has the bootloader and filesystems configuration, and here I would like to conditionally load the qemu guest configuration, based on a configured attr. When you install NixOS in a qemu vm, this import is automatically added by nixos-generate-config to /etc/nixos/hardware-configuration.nix like so:
nixpkgs
- NixOS/nixpkgs: There isn't a clear canonical way to refer to a specific package
-
NixOS Is Not Reproducible
Yes, Nix doesn't actually ensure that the builds are deterministic. In fact it works just fine if they aren't. There are packages in nixpkgs that aren't reproducible: https://github.com/NixOS/nixpkgs/issues?q=is%3Aopen+is%3Aiss...
-
The xz attack shell script
I'm not familiar with Bazel, but Nix in it's current form wouldn't have solved this attack. First of all, the standard mkDerivation function calls the same configure; make; make install process that made this attack possible. Nixpkgs regularly pulls in external resources (fetchUrl and friends) that are equally vulnerable to a poisoned release tarball. Checkout the comment on the current xz entry in nixpkgs https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/comp...
-
Debian Git Monorepo
NixOS uses a monorepo and I think everyone's love it.
I love being able to easily grep through all the packages source code and there's regularly PRs that harmonizes conventions across many packages.
Nixpkgs doesn't include the packaged software source code, so it's a lot more practical than what Debian is doing.
-
From xz to ibus: more questionable tarballs
In this specific case, nix uses fetchFromGitHub to download the source archive, which are generated by GitHub for the specified revision[1]. Arch seems to just download the tarball from the releases page[2].
[1]: https://github.com/NixOS/nixpkgs/blob/3c2fdd0a4e6396fc310a6e...
[2]: https://gitlab.archlinux.org/archlinux/packaging/packages/ib...
-
GitHub Disabled the Xz Repo
True, but irrelevant -- _some packages_, _somewhere_, do depend on xz, which, if built, requires pulling the source from GitHub (see the default.nix: https://github.com/NixOS/nixpkgs/blob/nixos-23.11/pkgs/tools...)
It's not the vulnerability that's a problem right now (NixOS was protected by a couple of factors) but rather GitHub's hamfisted response.
That is the problem.
-
Combining Nix with Terraform for better DevOps
We’ve noticed that some users have been asking about how to use older versions of Terraform in their Nix setups [1, 2]. This is an example of the diverse needs of people and the importance of maintaining backward compatibility. We hope that nixpkgs-terraform will be a useful tool for these users.
-
Nix is a better Docker image builder than Docker's image builder
I think whateveracct was referring to is this link:
https://github.com/NixOS/nixpkgs/blob/master/pkgs/developmen...
What that file is doing, is building a package, and it essentially is a combination of what Makefile and what RPM spec file does.
I don't know if you're familiar with those tools, but if you aren't it takes some time to know them enough to understand what is happening. So why would be different here?
-
Use Ansible to create and start LXD virtual machines
#!/usr/bin/env nix-shell #! nix-shell -i bash #! nix-shell -p sops #! nix-shell -I https://github.com/NixOS/nixpkgs/archive/refs/tags/23.05.tar.gz source config.sh "$@"
-
What AI assistants are already bundled for Linux?
NixOS just got tabbyml[1] which is built on llama-cpp. Working on systemsd services the weekend and updating latest tabbyml release which supports rocm in addition to cuda
What are some alternatives?
nixos-configs - My NixOS and nix-darwin configs
asdf - Extendable version manager with support for Ruby, Node.js, Elixir, Erlang & more
cargo2nix - Granular builds of Rust projects for Nix
Home Manager using Nix - Manage a user environment using Nix [maintainer=@rycee]
nixos-configs - My NixOS configs
git-lfs - Git extension for versioning large files
veritas - @davidtwco's personal mono-repo - containing the declarative configuration of servers, desktops and laptops - including dotfiles; a collection of packages; a static site generator and source of "davidtw.co".
easyeffects - Limiter, compressor, convolver, equalizer and auto volume and many other plugins for PipeWire applications
jdisaacs.com - My personal website
spack - A flexible package manager that supports multiple versions, configurations, platforms, and compilers.
dotfiles
waydroid - Waydroid uses a container-based approach to boot a full Android system on a regular GNU/Linux system like Ubuntu.