Yet another question about managing /etc/nixos directory.
I want to write a script that will format, stage and commit all files in /etc/nixos. How do I create it?
I want to keep it inside /etc/nixos to track it together with all the other files. I don’t want to use symlinks since they aren’t declarative and feel kinda messy. And I also don’t want to use (import ./script.nix { inherit pkgs }) in my environment. systemPackages since that also doesn’t look pretty.
I don’t care about having to run things as root since configuration.nix controls everything on the system and I wouldn’t want anything non-root accessing it.
All I need is a folder where I could write some basic bash scripts that would become available at PATH.
I hear you but I think experienced users tend to store their configs as git clones in their home dirs.
I keep all my configs in a single repo. I happen to have a clone of it in ~/worktrees/infra and that’s where I run NixOS commands such as nixos-rebuild from (actually I’ve been using nh for a while instead).
Fair enough, configuration in home directory it is then. But I still don’t understand how would I manage scripts. I can add them to the ~/.local/bin, but that would require that I manage two separate repositories.
Maybe I am misunderstanding what you are saying but the way I solved this (my latest dots are private for work reasons, otherwise I’d be happy to share):
have some bootstrap script in your repository root that seeds home-manager or whatever which…
puts scripts on your path that you can run from anywhere.
Requires only one repo, but you can run scripts to manage the install from anywhere.
Pretty much. You can go a step further, and have nix build those scripts as well, so as long as you have nix installed on a system you can bootstrap from there.
I.e., just a bootstrap/default.nix with the derivation for your bootstrap script, and then you run a simple nix-build && ./result. Then there’s no chance of mismatching shells, either.
This is all completely overkill IMHO, though, personally I just install home-manager manually and run home-manager switch. My editor manages formatting, I have a commit hook to tell me if I forgot to format something, and commits should be made by hand so that they are given reasonable commit messages and overall good git hygiene, with the exception of update commits for flake.lock|npins/sources.json.
I do have an update script that does the above, that can be run locally, which I do indeed build with nix. Currently I have it in a flake “app” output (wish there were better outputs for this in the scheme) so I can just nix run .#update - a non-flakey version of that could just be a derivation in ./scripts/update.nix, which I’m sure I could figure out how to conveniently run with nix-shell.
But I wouldn’t automate with hand-writen scripts beyond that - it’d be too inflexible. Good editor configuration is the way to go for everything else, and a README.md to remind me of what I need to install the first time I start on a new system.
Agree. My major conceit is a shell abbreviation that expands to npins update -d $absolute-path-to-pins and another that opens an emacs frame to my home-manager packages file.
I’ve settled with an option of a simple chown -R $USER:users /etc/nixos. I don’t see the reason to complicate things and use non-default directory for configuration.nix since I am the only user of this PC.
And for the scripts I chose @mightyiam’s suggestion of using writeShellApplication. My /etc/nixos file structure now looks like this: