1---
  2layout: post
  3title: "Notes on getting my local setup up to speed"
  4date: 2025-10-18
  5lastmod: 2025-10-18
  6tags: ['alpine', 'nix']
  7---
  8
  9Before we get to the actual setup, I'll first share some background on how I
 10arrived at the solution I'm currently using. If you want to go to the actual
 11steps jump to [provisioning](#provisioning).
 12
 13# Git
 14
 15One of the many chores in my day to day digital life is keeping the
 16configurations between my home and work machines synced and tidy. I tried
 17chezmoi[^1] at some point but it didn't stick (I don't recall why as it was many
 18years ago). After some trial and error I have settled on using simple git
 19repository in my home folder which I used for many years. The setup would be
 20like:
 21
 22```bash
 23cd $HOME
 24git init
 25echo "*" > .gitignore
 26```
 27
 28And for every new file I wanted to keep track I'd add it  by `git add -f <FILE>`
 29and once I'm on a new computer I'd git clone the repository on home folder to
 30get configuration in their correct place.
 31
 32That repository contains all my essential configuration; shell files (.profile,
 33fish configuration), applications (waybar, git, niri), my email configuration
 34(aerc, maildir, notmuch), and yes, some of those have secrets stored in plain
 35text (in a private repository, of course 😅).
 36
 37However that approach has some shortcomings when the configuration between
 38computers differ. For example I can't simply commit my mail connection
 39configuration (`aerc/accounts.conf`) since I have one for work with corporate
 40email and one on my home machine with my private email as they would conflict.
 41
 42# Nix to rescue
 43
 44Now it comes Nix to the rescue! Or more specifically home-manger[^2].
 45
 46It all started at work where we had expanded our nix usage as a way to share
 47resource between repositories (e.g.: linter configuration, required binaries to
 48run tests). This daily exposure helped me to better understand its capabilities
 49and it gradually started to grow with me.
 50
 51So naturally I have gravitated toward home-manger as way to have a global
 52configuration for nix without having to use nixos, and the more I learned the
 53more I saw the potential to use as my local configuration. After a couple of
 54months gradually migrating my setup, I've now moved everything over to
 55home-manager.
 56
 57Besides just dotfiles managing home-mamager allows me to supplement my setup
 58with binaries that are not available on latest alpine. So lets share some
 59details how I'm setting up home manger. Here[^7] is my full configuration
 60repository for reference which runs on flake mode[^8]. I won't go into every
 61details of all those files. You're better off following a dedicated guide on nix
 62for that, but I'll share some key points.
 63
 64Looking at `flake.nix` we have two hostnames/profiles; home and work.
 65
 66```nix
 67    "gabrielgio@workstation.lan" = home-manager.lib.homeManagerConfiguration {
 68        inherit pkgs;
 69
 70        extraSpecialArgs = {
 71          inherit inputs;
 72          git = {
 73            name = "Gabriel A. Giovanini";
 74            email = "g.arakakigiovanini@gridx.de";
 75          };
 76        };
 77
 78        modules = [
 79          ./home.nix
 80          ./secrets/gridx/gridx.nix
 81        ];
 82      };
 83      "gabrielgio@homestation.lan" = home-manager.lib.homeManagerConfiguration {
 84        inherit pkgs;
 85
 86        extraSpecialArgs = {
 87          inherit inputs;
 88          git = {
 89            name = "Gabriel A. Giovanini";
 90            email = "mail@gabrielgio.me";
 91          };
 92        };
 93
 94        modules = [
 95          ./home.nix
 96        ];
 97      };
 98```
 99
100Both inherit the base packages and share the same core configuration on
101`home.nix`, which contains shared dotfiles and packages. While you won't be able
102to see the contents for obvious reasons, this file includes work related tools,
103terraform linter, awscli2, internal tooling and much more.
104
105Now that extra git configuration is used to configure the proper git
106configuration for each profiles. That later[^9] is used to set the jj config
107files with the correct values.
108
109```nix
110{
111  pkgs,
112  inputs,
113  git,
114  ...
115}: let
116  tomlFormat = pkgs.formats.toml {};
117in {
118  xdg.configFile."jj/config.toml".source = tomlFormat.generate "config.toml" {
119    user = {
120      name = git.name;
121      email = git.email;
122    };
123    ...
124}
125```
126
127### Git crypt
128
129I use git-crypt[^10] to be able so share secrets between machines and still be
130able to publicly share most of my configuration.
131
132## Why not nix-os?
133
134Pretty much because I like alpine. It is a simple, small and because of that,
135the entire distro fits on my head[^4]. APK is straightforward to understand and
136build yourself[^3]. OpenRC follows a simple model that's easy to make sense of
137and dead simple to configure. I run it as my home and work computer as well as
138my server (even running on diskless mode). It gets out of my way, and I haven't
139seen any major issues even on major upgrades. 
140
141Also there's something about having 12 version of glibc installed that just does
142not sit well with me. (some could argue I have felt for the sunk cost fallacy
143but I will deny it!)
144
145# Provisioning {#provisioning}
146
147I have recently formatted my home computer and as always I forgot to take notes
148so as ~~punishiment~~ exercise, I'll setup a VM from scratch to validate all
149the steps are correct. In the end it should be a couple steps only.
150
151Similar to my other post[^5] we will be using qemu. First create the disk:
152
153```bash
154qemu-img create -f qcow2 var.cow2 30G
155```
156
157Later go to alpine and download the latest image for virtual[^6].
158
159Now we can start VM with:
160
161```bash
162qemu-system-x86_64 \
163    -machine accel=kvm \
164    -display gtk \
165    -smp $(nproc) \
166    -m 2048 \
167    -cdrom alpine-virt-3.22.2-x86_64.iso \
168    -drive file=var.cow2,if=virtio
169```
170
171Now run the classic `setup-alpine` then reboot and run `setup-desktop sway` and
172`setup-devd udev`.
173
174## Niri for 3.22 and bonus building APKBUILD
175
176Now there is niri. On alpine it is already on community folder but it is not
177available on 3.22. This means I need to setup APK building to build that
178package. This approach is actually easier than build from source code directly,
179since APKBUILD takes care of all development dependencies.
180
181```bash
182# make sure you have community repository enabled on /etc/apk/repositories
183doas apk add git alpine-sdk
184addgroup <USER> abuild # might need to re-login or run: su <USER>
185abuild-keygen -a -i
186git clone --depth 1 https://gitlab.alpinelinux.org/alpine/aports.git
187cd aports/community/niri
188abuild -r
189```
190
191Depending on your system configuration it will take some time to build but at
192the end there will be a new folder `$HOME/packages` which contains the result of
193the build. Add it to your `/etc/apk/repositories`.
194
195```bash
196echo "/home/<USER>/packages/community" >> /etc/apk/repositories
197apk add -U niri
198```
199
200
201To continue, here are the basic packages I typically install. I maintain a
202shared list of common packages that can all be installed with a single command:
203
204```bash
205curl https://artifacts.gabrielgio.me/world | xargs -I{} apk add {}
206```
207
208## Getting home-manager off the ground
209
210Before we do anything with nix make sure you have `nix-daemon` running and your
211user added to `/etc/nix/nix.conf`
212
213```bash
214allowed-users = @nix <USERNAME>
215build-users-group = nixbld
216max-jobs = <CPU_COUNT>
217extra-nix-path = nixpkgs=flake:nixpkgs
218experimental-features = nix-command flakes
219```
220
221Then:
222
223```bash
224rc-service nix-daemon restart
225```
226
227Clone home-manager repository:
228
229```bash
230cd .config
231git clone https://git.gabrielgio.me/home-manager
232```
233
234Now run the shell with nh utility inside of the cloned folder:
235
236```bash
237nix shell nixpkgs#nh
238# inside of the shell run:
239nh home switch .
240```
241
242Now on the home folder we should see .profile linked `ls -lha $HOME`. Once here
243exit tty1 and log in again and you should see niri. After that I have to add ssh
244and pgp keys and I'm set.
245
246[^1]: https://github.com/twpayne/chezmoi
247[^2]: https://github.com/nix-community/home-manager
248[^3]: https://apkdoc.gabrielgio.me/
249[^4]: https://drewdevault.com/2021/05/06/Praise-for-Alpine-Linux.html
250[^5]: https://gabrielgio.me/posts/2023-04-30-using-data-mode-alpine/
251[^6]: https://alpinelinux.org/downloads/
252[^7]: https://git.gabrielgio.me/home-manager/tree/
253[^8]: https://nix-community.github.io/home-manager/index.xhtml#ch-nix-flakes
254[^9]: https://git.gabrielgio.me/home-manager/tree/jj.nix
255[^10]: https://github.com/AGWA/git-crypt