blu/quincy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
quincy/README.md
Brandon Lucas 5a52b3c159 Add agenix secrets management 
Phase 3: Encrypted secrets

- Add secrets module with agenix integration
- Create secrets/secrets.nix template for key definitions
- Installer generates SSH key if missing
- Installer creates personalized secrets.nix with user's key
- Full documentation in docs/SECRETS.md

Features:
- Secrets encrypted with age using SSH keys
- Decrypted automatically at system activation
- Safe to commit .age files to git
- Support for WiFi passwords, API keys, service credentials

Usage:
  agenix -e secrets/my-secret.age
  age.secrets.my-secret.file = ./secrets/my-secret.age;

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-15 02:56:25 -05:00

134 lines
3.4 KiB
Markdown
Raw Permalink Blame History

# Nomarchy
An opinionated NixOS configuration featuring Hyprland, designed for developers who want a beautiful, functional, and reproducible desktop environment.
## Quick Start
### For Existing NixOS Systems
```bash
nix run github:blu/nomarchy
```
This launches an interactive installer that:
1. Prompts for your username, timezone, keyboard layout, etc.
2. Generates a configuration in `~/.config/nomarchy/`
3. Applies the configuration to your system
### From ISO (Coming Soon)
Download the ISO from the releases page and boot from it for a fresh installation with LUKS encryption.
## Features
- **Hyprland** - Modern Wayland compositor with smooth animations
- **Waybar** - Customizable status bar
- **Rofi** - Application launcher and quick actions
- **SwayNC** - Notification center
- **Neovim** - Fully configured with LSP support
- **Classical Theme** - Earthy, vintage aesthetic inspired by historical paintings
- **Bootloader Choice** - systemd-boot (default) or Limine (prettier, more features)
- **Plymouth** - Optional boot splash screen
- **Secrets Management** - Encrypted secrets with agenix (WiFi passwords, API keys, etc.)
## Keybindings
| Key | Action |
|-----|--------|
| `Super + Q` | Terminal |
| `Super + R` | App Launcher |
| `Super + E` | File Manager |
| `Super + B` | Browser |
| `Super + W` | Close Window |
| `Super + F` | Fullscreen |
| `Super + V` | Toggle Float |
| `Super + /` | Quick Actions |
| `Super + A` | Notifications |
| `Super + Escape` | Power Menu |
| `Super + 1-9` | Workspaces |
| `Print` | Screenshot |
| `Super + Shift + R` | Record Screen |
## Customization
### Changing Theme
Edit `~/.config/nomarchy/config.nix`:
```nix
{
theme = "classical"; # Currently the only theme, more coming soon
}
```
### Adding Packages
Create a custom module:
```nix
# ~/.config/nomarchy/my-packages.nix
{ pkgs, ... }: {
environment.systemPackages = with pkgs; [
my-package
];
}
```
Add it to your flake:
```nix
extraModules = [
./my-packages.nix
];
```
### Wallpapers
Copy your wallpapers to `~/.config/nomarchy/wallpapers/` and they'll be used for the random rotation.
## Secrets Management
Nomarchy uses [agenix](https://github.com/ryantm/agenix) for encrypted secrets:
```bash
# Create a secret
cd ~/.config/nomarchy
agenix -e secrets/wifi-password.age
# Use in your config
age.secrets.wifi-password.file = ./secrets/wifi-password.age;
```
See [docs/SECRETS.md](docs/SECRETS.md) for full documentation.
## Structure
```
nomarchy/
├── flake.nix # Main flake
├── lib/ # Helper functions
├── modules/
│ ├── core/ # Boot, networking, hardware
│ ├── desktop/ # Hyprland, display manager
│ ├── services/ # Syncthing, printing, VPN
│ ├── programs/ # System packages
│ ├── performance/ # Optimizations
│ └── home/ # Home-manager configs
├── themes/
│ └── classical/ # Default theme
├── installer/ # Installation scripts
└── iso/ # ISO builder
```
## Security Note
The `enableMitigationsOff` option disables CPU vulnerability mitigations (Spectre, Meltdown, etc.) for improved performance. This is **disabled by default** and should only be enabled if you understand the security implications.
## Credits
Inspired by [Omarchy](https://github.com/basecamp/omarchy) and the NixOS community.
## License
MIT
Reference in New Issue View Git Blame Copy Permalink