···44<h1 align="center">Puzzlevision<br></h1>
55<div align="center">Non-stop entertainment! The wackiest NixOS configuration to-date.</div>
66<br>
77-<div align="center">
88- <img src=".tangled/assets/powered-by-nixos.gif" width="88px" height="31px">
99- <img src=".tangled/assets/i-love-reproducing-nix-btw.gif" width="88px" height="31px">
1010- <img src=".tangled/assets/anything-but-windows.gif" width="88px" height="31px">
1111-</div>
1212-<br>
1371414-## 💡 Welcome to the 3rd iteration of this flake (new version again, yay :3)
1515-Any and all changes on this branch are officially part of the 3rd iteration of these NixOS dotfiles.
1616-1717-NOTHING here is stable or in any way ready for production use, please keep that in mind, if you ever find yourself looking through the structure/code.
88+> [!CAUTION]
99+> Any and all changes on this branch are officially part of the 3rd iteration of these NixOS dotfiles.
1010+> NOTHING here is stable or in any way ready for production use, please keep that in mind, if you ever find yourself looking through the structure/code.
18111912## 🚀 Deployment
2013To deploy a system run the following command in your terminal of choice.
···3023sudo nixos-rebuild build-vm --flake .#hostname --accept-flake-config
3124```
32253333-## 🔑 Secrets Management
3434-Secrets are managed by the [sops-nix](https://github.com/Mic92/sops-nix) nixos/home-manager modules respectively.
3535-3636-- General secrets are stored within the `secrets` directory.
3737-- System specific secrets are stored within their respective `systems/<system_type>/<system_name>/secrets` directory.
3838-- User secrets are stored within their respective `homes/<system_type>/<user_name>/secrets` directory.
3939-4040-The following command may be used to convert the SSH host key of a new machine to an age key:
4141-4242-```sh
4343-nix-shell -p ssh-to-age --run 'ssh-keyscan example.com | ssh-to-age'
4444-```
4545-4646-Additionally, the following command may be used to create a new sops secret file:
4747-4848-```sh
4949-nix-shell -p sops --run "sops secrets/example.yaml"
5050-```
5151-5252-You may also encrypt arbitrary binary formats, like .cfg, using the following command:
5353-5454-> [!IMPORTANT]
5555-> The original file location also HAS to match one of the sops creation rules, not just the output.
5656-> Yes, I know this is stupid, and yes, I've wasted way too much time dealing with this :3
5757-5858-```sh
5959-nix-shell -p sops --run "sops -e original_file.cfg > secrets/encrypted_file.cfg"
6060-```
6161-6262-Finally, when adding new systems, make sure to update any required secret files with the following command:
6363-6464-```sh
6565-nix-shell -p sops --run "sops updatekeys secrets/example.yaml"
6666-```
6767-6826## 👷 CI/CD coverage
6927There will be CI/CD coverage based on the Spindle-Pipeline-System™, when I find the time.
70287129## 🏗️ Structure
7272-This flake follows an opinionated directory structure, described below.
7373-7474-```
7575-flake.nix --> The flake.
7676-/systems --> NixOS configurations for various types of systems, using easy-hosts.
7777-/modules --> Modules that are mapped to their corresponding easy-hosts class (and home modules).
7878- /nixos --> (example) Modules specific to the nixos class configured in easy-hosts.
7979-/homes --> Directory for home-manager configurations, not specific to the system type.
8080-/lib --> A place for custom lib attributes exposed on the flake namespace (lib.puzzlevision.mkOpt).
8181-(more...) --> Additional directories have been considered (e.g. shells), but as of right now, they serve no use to me.
8282-```
3030+The folder structure of this flake will be documented here, once finalised.
83318432## 🎨 Credits
8533Parts of this flake were inspired by the likes of: