All my nix stuff, in a single flake

Find a file

William 45f89a1663 add claude-code back		2025-11-07 07:15:12 -03:00
hosts	add claude-code back	2025-11-07 07:15:12 -03:00
modules	added error handling to ephemeral.nix	2025-10-15 20:07:51 -03:00
packages	wrap fastfetch with config; run fastfetch on ssh login	2025-11-03 10:55:14 -03:00
secrets	fix up secrets	2025-10-17 15:39:56 -03:00
terranix	add recipient to oci alert	2025-11-07 06:17:28 -03:00
users	openssh greeting fixes	2025-11-03 14:46:37 -03:00
.envrc	simplify .envrc	2024-09-25 08:43:28 -03:00
.gitignore	trator terranix config functional; move disko configs to individual outputs; touching up trantor	2025-11-03 08:07:43 -03:00
deploy.nix	local build on io deploy	2025-10-20 11:41:15 -03:00
devShells.nix	fix agenix in devshell	2025-10-18 16:20:43 -03:00
flake.lock	added ai tag for desktop hosts	2025-11-06 19:57:04 -03:00
flake.nix	added ai tag for desktop hosts	2025-11-06 19:57:04 -03:00
homeConfigurations.nix	finalising niri config on io	2025-10-20 14:10:18 -03:00
nixosConfigurations.nix	added ai tag for desktop hosts	2025-11-06 19:57:04 -03:00
nixosModules.nix	ephemeral is now a nixosModule	2025-10-15 19:59:31 -03:00
overlays.nix	wrap fastfetch with config; run fastfetch on ssh login	2025-11-03 10:55:14 -03:00
packages.nix	wrap fastfetch with config; run fastfetch on ssh login	2025-11-03 10:55:14 -03:00
readme.md	readme glowup	2025-10-21 22:01:34 -03:00
terranixConfigurations.nix	trator terranix config functional; move disko configs to individual outputs; touching up trantor	2025-11-03 08:07:43 -03:00
utils.nix	use terranix flake parts module directly	2025-10-29 11:14:52 -03:00

readme.md

NixOS Configuration

A declarative, modular NixOS/Home Manager flake configuration managing multiple systems with a tag-based architecture for maximum code reuse and flexibility.

Hosts

Host	Type	System	Version	Description
rotterdam	Desktop	x86_64-linux	NixOS Unstable	Primary workstation with gaming, development
io	Laptop	x86_64-linux	NixOS Unstable	Mobile workstation
alexandria	Server/NAS	x86_64-linux	NixOS 25.05	Personal server running Nextcloud, Forgejo, Jellyfin, Vaultwarden
trantor	VPS	aarch64-linux	NixOS 25.05	Oracle Cloud instance

Key Features

Architecture

Tag-based module system - Compose configurations using tags instead of traditional inheritance
Flake-based - Fully reproducible builds with locked dependencies
Multi-platform - Supports both x86_64 and aarch64 architectures
Deployment automation - Remote deployment via deploy-rs

Desktop Experience

Niri compositor - Custom fork with auto-centering window columns
Unified theming - Stylix-based theming
Wayland-native - Full Wayland support
Ephemeral root - Impermanent filesystem using BTRFS for atomic rollback capability

Self-Hosted Services

Nextcloud - Cloud storage with calendar, contacts, and notes
Forgejo - Self-hosted Git server
Jellyfin - Media streaming
Vaultwarden - Password manager backend
LibreSpeed - Network speed testing
All services behind Nginx and Tailscale with automatic SSL via Let's Encrypt

Security

Agenix - Encrypted secrets management
Tailscale - Zero-config VPN mesh network
Firewall - Configured on all hosts
SSH key-based authentication

Repository Structure

.
├── flake.nix                    # Main flake definition
├── utils.nix                    # Tag-based module system utilities
├── nixosConfigurations.nix      # Host definitions with tags
├── homeConfigurations.nix       # User configurations
├── deploy.nix                   # Remote deployment configuration
├── hosts/
│   ├── alexandria/              # Server-specific config
│   ├── io/                      # Laptop-specific config
│   ├── rotterdam/               # Desktop-specific config
│   ├── trantor/                 # VPS-specific config
│   └── modules/
│       ├── common/              # Shared base configuration
│       ├── desktop/             # Desktop environment setup
│       ├── server/              # Server-specific modules
│       └── [tag].nix            # Optional feature modules
├── users/
│   └── modules/                 # Home Manager configurations
│       └── [tag].nix            # Optional feature modules
├── packages/                    # Custom package definitions
└── secrets/                     # Encrypted secrets (agenix)

Tag System

Configurations are composed using tags that map to modules:

Common Tags (all hosts):

common - Base system configuration (automatically applied)

General Tags:

desktop - Mostly full desktop environment with Niri WM
dev - Development tools and environments
gaming - Steam, Heroic, gamemode, controller support
ephemeral - Impermanent root filesystem
networkmanager - WiFi and network management
libvirtd - KVM/QEMU virtualization
podman - Container runtime
bluetooth - Bluetooth support
fwupd - Firmware update daemon

Server Tags:

server - Server-specific configuration

Usage

Rebuilding a Configuration

# Local rebuild
sudo nixos-rebuild switch --flake .#hostname

# Remote deployment
deploy .#hostname

Updating Dependencies

nix flake update

Adding a New Host

Create host directory in hosts/
Define configuration in nixosConfigurations.nix with appropriate tags
Add deployment profile in deploy.nix if needed

Dependencies

nixpkgs - Stable (25.05) and unstable channels
home-manager - User configuration
agenix - Secrets management
disko - Declarative disk partitioning
stylix - System-wide theming
niri-flake - Wayland compositor (custom fork)
impermanence - Ephemeral filesystem support
deploy-rs - Remote deployment
nix-flatpak - Declarative Flatpak management