This is my nixOS configuration very much based on EmergentMind's personal configuration. It is still a work in progress as I have yet to go over and reevaluate the need/value of everything in the configuration but it is at a state where I used it to satisfy my daily needs.
Things to do:
- Finish personalizing all parts of the configuration
- Look at compiling to ISO for live installer.
- Explore using sops-nix for secrets-management which I intend to do when time allows.
- Feature Highlights
- Requirements
- Structure
- Adding a New Host
- Secrets Management
- Initial Install Notes
- Troubleshooting
- Acknowledgements
- Guidance and Resources
- Flake-based multi-host, multi-user NixOS and Home-Manager configurations
- Core configs for hosts and users
- Modular, optional configs for user and host-specifc needs
- Secrets management via sops-nix and a private nix-secrets repo which is included as a flake input
- Multiple Yubikey detection
- Basic NixOs and Home-Manager build automation
The roadmap of additional features is laid across funtionally thematic stages that can be viewed, along with short term objectives, in the Roadmap of TODOs.
Completed features will be added here as each stage is complete.
- NixOS 23.11 or later to properly receive passphrase prompts when building in the private nix-secrets repo
- Patience
- Attention to detail
- Persistance
- More disk space
For details about design concepts, constraints, and how structural elements interact, see the article and/or Youtube video Anatomy of a NixOS Config available on my website.
For a large screenshot of the concept diagram, a current-state visual, as well as previous iterations see Anatomy.
flake.nix
- Entrypoint for hosts and user home configurations. Also exposes a devshell for boostrapping (nix develop
ornix-shell
).hosts
- NixOS configurations accessible viasudo nixos-rebuild switch --flake .#<host>
.common
- Shared configurations consumed by the machine specific ones.core
- Configurations present across all hosts. This is a hard rule! If something isn't core, it is optional.optional
- Optional configurations present across more than one host.users
- Host level user configurations present across at least one host.
genoa
- stage 3ghost
- stage 4grief
- Lab - VMgooey
- stage 5gusto
- Theatre - Ausus VivoPC - 1.5GHz Celeron 1007U, 4GB RAM, onboard Intel graphics
home/<user>
- Home-manager configurations accessbile viahome-manager switch --flake .#<user>@<host>
.common
- Shared home-manager configurations consumed the user's machine specific ones.core
- Home-manager configuartions present for user across all machines. This is a hard rule! If something isn't core, it is optional.optional
- Optional home-manager configurations that can be added for specific machines. These can be added by category (e.g. options/media) or individually (e.g. options/media/vlc.nix) as needed. The home-manager core and options are defined in host-specific .nix files housed inhome/<user>
.
modules
- Custom modules to enable special functionality for nixos or home-manager oriented configurations.overlays
- Custom modifications to upstream packages.pkgs
- Custom packages meant to be shared or upstreamed.scripts
- Custom scripts for automation.
Secrets for this config are stored in a private repository called nix-secrets that is pulled in as a flake input and managed using the sops-nix tool.
For details on how this is accomplished, how to approach different scenarios, and troubleshooting for some common hurdles, please see my article and accompanying YouTube video NixOS Secrets Management available on my website.
Those who have heavily influenced this strange journey into the unknown.
- FidgetingBits - You told me there was a strange door that could be opened. I'm truly grateful.
- Misterio77 - Structure and reference.
- Ryan Yin - A treasure trove of useful documentation and ideas.
- VimJoyer - Excellent videos on the highlevel concepts required to navigate NixOS.
- Official Nix Documentation
- NixOS & Flakes Book - Ryan Yin gets a second mention here. This book he's writing is fantastic.
- Impermanence
- Yubikey