For my NixOS machines, this contains a colmena setup, that can hopefully describe a unified config for all machines.
However, for my non-nixos systems, I still want to have a ~ equivalent home setup, so I'm moving as much as possible into a home-manager configuration.
- Add standalone home-manager deployment for non-NixOS machines
Some npins sources (e.g. camunda-ai-dev-kit) are private GitHub repos. Nix fetches them using credentials from ~/.config/nix/github-netrc.
- Add yourself to trusted users in
/etc/nix/nix.conf:trusted-users = root stefan - Restart the Nix daemon.
- Create the netrc file:
mkdir -p ~/.config/nix cat > ~/.config/nix/github-netrc << EOF machine github.com login stefan password $(gh auth token) machine api.github.com login stefan password $(gh auth token) EOF chmod 600 ~/.config/nix/github-netrc echo "netrc-file = /home/stefan/.config/nix/github-netrc" >> ~/.config/nix/nix.conf
When your GitHub token rotates, refresh the netrc file:
sed -i "s/password .*/password $(gh auth token)/" ~/.config/nix/github-netrcNote: access-tokens in nix.conf does not work with Lix 2.94 — netrc-file is required.
This harmless warning appears during colmena build/apply. It's caused by colmena 0.4.0 using deprecated nixpkgs API in its bundled eval.nix (line 144: inherit (npkgs) system;).
Status: Fixed in colmena main, waiting for 0.5.0 release to land in nixpkgs.
Source: lixPackageSets.git.colmena in modules/baseline.nix