All my nix stuff, in a single flake

Find a file

William 84e7f6c510 flake.lock: Update Flake lock file updates: • Updated input 'nix-ai-tools': 'github:numtide/llm-agents.nix/266d4d8a55eef6dd23cd0adced301053d8fc23c9?narHash=sha256-HQXK2CXAhBuTBw99Ip018Vp9MMAPfJVywgRrkwMUgMc%3D' (2026-02-12) → 'github:numtide/llm-agents.nix/db94a329058a1a37b49d3209af85708b3338559a?narHash=sha256-q5Wsb1573qDfIPJctG9CBZP0NMniejoB7SmBLZIVAHg%3D' (2026-02-23) • Updated input 'nix-ai-tools/blueprint': 'github:numtide/blueprint/c7da5c70ad1c9b60b6f5d4f674fbe205d48d8f6c?narHash=sha256-zI%2B7cbMI4wMIR57jMjDSEsVb3grapTnURDxxJPYFIW0%3D' (2026-01-25) → 'github:numtide/blueprint/06ee7190dc2620ea98af9eb225aa9627b68b0e33?narHash=sha256-bLqwib%2BrtyBRRVBWhMuBXPCL/OThfokA%2Bj6%2BuH7jDGU%3D' (2026-02-18) • Updated input 'nix-ai-tools/nixpkgs': 'github:NixOS/nixpkgs/2343bbb58f99267223bc2aac4fc9ea301a155a16?narHash=sha256-LovWTGDwXhkfCOmbgLVA10bvsi/P8eDDpRudgk68HA8%3D' (2026-02-11) → 'github:NixOS/nixpkgs/d1c15b7d5806069da59e819999d70e1cec0760bf?narHash=sha256-b9uG8yN50DRQ6A7JdZBfzq718ryYrlmGgqkRm9OOwCE%3D' (2026-02-16)		2026-02-23 08:31:38 -03:00
aspects	add ungoogled-chromium to web aspect	2026-02-22 16:08:52 -03:00
data	add data/services.nix for shared service definitions	2026-02-06 22:46:49 -03:00
packages	add niri-auto-centre script	2026-02-16 11:59:32 -03:00
secrets	forgejo: disable singup; document root password	2025-11-09 10:34:57 -03:00
shells	'system' has been renamed to/replaced by 'stdenv.hostPlatform.system'	2026-02-18 16:08:53 -03:00
terranix	nixfmt	2026-02-12 18:50:38 -03:00
.envrc	simplify .envrc	2024-09-25 08:43:28 -03:00
.gitignore	dns records only for actual services	2025-11-09 13:37:04 -03:00
flake.lock	flake.lock: Update	2026-02-23 08:31:38 -03:00
flake.nix	determinate nix breaks my systems	2026-02-19 09:10:44 -03:00
readme.md	Update readme.md	2026-02-19 18:32:43 -03:00

readme.md

NixOS Flake Configuration

Modular NixOS configuration using flake-parts with the dendritic pattern.

Structure

.
├── aspects/           # Reusable NixOS/home-manager modules (dendritic)
│   ├── base/          # Base system configuration
│   ├── hosts/         # Host-specific configurations
│   │   ├── _alexandria/
│   │   ├── _io/
│   │   ├── _rotterdam/
│   │   └── _trantor/
│   ├── systems/       # System type modules (desktop, server, cli, gaming)
│   └── users/         # User account configurations
├── data/              # Shared host/service definitions
├── packages/          # Custom packages and overlays
├── shells/            # Shell configurations
└── terranix/          # Terraform configurations for cloud resources

Hosts

Host	Architecture	Type	Description
trantor	aarch64-linux	server	ARM server running Forgejo
alexandria	x86_64-linux	server	x86 server (Kanidm, Vaultwarden, Nextcloud, Jellyfin)
rotterdam	x86_64-linux	desktop	Main workstation setup for gaming
io	x86_64-linux	desktop	Workstation

Services

git.baduhai.dev (Forgejo) - Publicly accessible on trantor

Other services (LAN/Tailscale only): Vaultwarden, Nextcloud, Jellyfin

Features

Ephemeral root: Automatic btrfs subvolume rollover with impermanence
Secrets: Managed via agenix with age encryption
Disk management: disko for declarative disk partitioning
Modular architecture: Each aspect is a separate module imported via import-tree
Dendritic pattern: Aspects are imported as a unified flake module

Building

# Build specific host
nix build .#nixosConfigurations.trantor.config.system.build.toplevel

# Rebuild host (if using nixos-cli on the host)
sudo nixos apply

Terranix

Terraform configurations for cloud infrastructure managed via terranix:

baduhai.dev DNS on CloudFlare
VPS provisioning on OCI
Tailscale subnet routers

Key Dependencies

nixpkgs (nixos-unstable for workstations, nixos for servers)
home-manager
agenix
disko
impermanence
nix-flatpak
nixos-cli