I could in theory just import all flake files from particular host, but so far
there aren't a lot of files in there, and I like the explicitness, and central
point of entry in flake.nix
Not sure what went wrong the last time I tried it. This seems to be working, so
I'll keep it and keep an eye for a while
nixpkgs-unfree supposedly provides builds for non-free, but redistributable
packages that cache.nixos.org does not build.
Along with cuda-maintainers, it should reduce the burden for using heavy
packages for machine learning quite a bit. So, lets see how this one goes.
I should also start checking how the machine learning story is with NixOS at
all, it is rife with Python and Python has absolutely horrible ecosystem for
managing dependencies.
It is not perfect, it does not load private files and it generally feels a set
and forget, not-updated-often situation like every other Nix derivation.
It is promising, but the edges are sharp, and not something I'd like to invest
time in right now.
Build Doom-emacs config via Nix itself, and comine all in single monolithic,
declarative system mwahahahahaha
Except, its not working yet. It keeps complaining about missing 'beancount' :/
So, this commit will most likely be promptly reverted.
Also add new alias to `nixos-rebuild switch -v --offline`
Because offline build takes under a minute on cold-boot while without can take
multiple minutes, often wasting time and bandwidth on useless stuff like
fetching and parsing all inputs to system flake.
Lower time also makes it a as good temporary workaround for the agenix bug.
- Enable nvidia GPU in sync-mode
At least one game did not work well enough on Intel
- Move nvidia config to separate file (nvidia.nix)
- Refactor and simplify nvidia config
enabling/mode-changing of nvidia can be done via two simple
top-level variables instead of changing interdependent booleans
independently.
select GPU driver based on top level variable
Add `nvidia-offload' environment variable shell to env based on top-level variable
agenix uses age (a utility + standard) that encrypts secrets using ssh key.
This simplifies secrets management quite a bit compared to GPG (my attempts for
which have failed so far).
Changes included:
- Encrypt all current keys (mail, backups) using age, configured via
agenix
- All encrypted keys are committed to git repo and decrypted during boot
- None of the keys are used anywhere just yet. They will replace file
paths in future commit after testing
- Decrypted keys are available after boot under user name with read-only
permissions at default agenix location (as of this commit)
- The Nix variable path is provided by agenix and can be used instead of
having to recreate
- multiple keys can be specified for single key, but for now I am only
using one
For now, the code is dirty and can definitely use improvements. It is just at a
place where it is all working right now.
TODO: Get age + agenix in environment packages available at runtime in NixOS
Links:
- https://github.com/ryantm/agenix
- https://github.com/hlissner/dotfiles
Move some logically independent and consisitent parts into separate
modules (files):
1. Nix config :
Package, experimental options, automatic garbage-collection config
2. Backups :
Restic + rclone + systemd services for backup notifications
This has reduced main configuration.nix by 100+ lines. These parts are also
unlikely to be touched in tandem with other configuration and hence can be
separated out.
A change in Emacs 29 changed signature of define-key that broke doom.
Until the issue is fixed, pin emacs-overlay to commit before that.
Doom issue link: https://github.com/hlissner/doom-emacs/issues/5785
Finally fully enable binary cache for nix-community and emacs-overlay.
No I don't have to build emacs from scratch for every master update :)
This was done by means of cachix, which is a means to upload built derivations
for others to share with. Nix-community has their own, and it makes using
overlays provided by nix-community that much better. This should shave off 20-25
min per system rebuild.
I am not sure if this will work as is after moving this config to new system,
so here are the steps to follow:
1. nix shell nixpkgs#cachix
2. sudo cachix use nix-community
3. stage/commit cachix.nix and cachix/ from /etc/nixos
4. done
Hopefully this will be enough in the future system move. If not, all the best to
future me.
Use Emacs master branch with native compilation flag enabled.
I tried Pgtk branch, but it is not always kept up to date with master (currently
3+ months behind) and could have some issues that aren't always tested. It does
mean Wayland integration is imperfect, but right now it is good enough (with few
minor annoyances).
Emacs + Gcc (native-comp)
native-comp is currently in upcoming release branch (28.0.50), while pgtk branch
is yet to be merged. Using both above features is easily available with
emacs-overlay provided by nix-community.
I still haven't been able to get cachix build cache to work, so currrently this
config builds full Emacs on machine. This extends system rebuild by 30+ minutes
and reduces system useability for the same duration.
Updating system frequently is not currently on my radar anyway, and I can
probably stomach keeping the machine humming for 60+ minutes of system
rebuild (compiling Emacs itself takes 25-30 min),
as long as I do it less than once per week. Will see how it goes.
PipeWire is new Linux audio and video streams.
Previously I used PulseAudio, and while it worked, it was less than
perfect. Pulse used bit much processing, and in general had few bugs.
Pipewire is supposed to be lighter, more stable, and it can use high
quality codec for bluetooth.
I took this opportunity to move sound-related config to its separate
module (sound.nix). This is a beginning to nicely move inpendent config
sections to their own modules. Sound config has pretty much zero
relations with rest of the config, so it made sense to move it in
separate file. Perhaps I can do the same with other stuff, maybe some services.
Initial setup to email from within emacs.
That required setting up above stuff, detailed below:
mbsync : sync maildir with email host/provider (gmail)
mu : index and search maildir
msmtp : send mail
All of the above have good module under home-manager, making it *relatively*
straightforward to set the whole thing up.
For now, simply copied current configuration.nix and hardware-configuration.nix
to hostname specific directory.
Made minor modifications to remove input impurity from
hardware-configuration.nix (<nixpkgs> to 4{modulesPath}).
Created flake.nix to import the configuration.nix and just build it.
Referred to this guy : https://github.com/MatthewCroughan/nixcfg
