Comment by sroerick
17 hours ago
I've heard of people doing this and I'm really interested in this. Can you recommend a write up on this or further reading?
17 hours ago
I've heard of people doing this and I'm really interested in this. Can you recommend a write up on this or further reading?
I personally remember being inspired by Erase your Darlings and Paranoid NixOS Setup back in the day, less for the hardening measures and more because of how great the Nix syntax looked. Huge, monumental ass-pain setups could be scripted away in one or two lines like it was nothing. You could create wildly optimized configurations for your specific use-case, and then divide them into modules so they're portable.
It's not advisable to switch to one of these paranoid configurations outright, but they're a great introduction to the flexibility provided by the NixOS configuration system. I'd also recommend Xe's documentation of Nix Flakes, which can be used on any UNIX-like system including macOS: https://xeiaso.net/blog/nix-flakes-1-2022-02-21/
https://grahamc.com/blog/erase-your-darlings/
https://xeiaso.net/blog/paranoid-nixos-2021-07-18/
For what it's worth: I no longer suggest the use of NixOS for any purpose. I only have one NixOS system in my house because it's my NAS and I am a coward.
What do you use and/or suggest?
1 reply →
Do you have a solution for keeping files? Or are you all in the cloud?