My NixOS configurations

Here's my NixOS/home-manager config files. Requires Nix flakes.

Important

This config was originally forked from Misterio77's config which I strongly recommend checking out as well as all his other amazing work. If you're looking for something simpler to start out with flakes try Misterio77's starter config repo.

Highlights:

• Multiple NixOS configurations, including laptop, server
• Opt-in persistence through impermanence + blank snapshotting
• Encrypted single BTRFS partition
• Declarative disk partitioning and formatting with disko
• Fully declarative self-hosted apps like Nextcloud
• Deployment secrets using sops-nix
• Mesh networked hosts with tailscale
• Flexible Home Manager Configs through feature flags

Structure

• flake.nix: Entrypoint for hosts and home configurations. Also exposes a devshell for boostrapping (nix develop or nix-shell) and other config for tools like deploy-rs.

• hosts: NixOS Configurations, accessible via nixos-rebuild --flake.
  • common: Shared configurations consumed by the machine-specific ones.
    • global: Configurations that are globally applied to all my machines.
    • optional: Opt-in configurations my machines can use.
  • msi-nixos: Msi Laptop GS65 Stealth 8SF - 32GB RAM, i7-8750H, RTX 2070 Mobile | Hyprland
  • danix: Legion ... - 32GB RAM, i7-8750H, RTX 3070 Mobile | Hyprland
  • msi-server: Repurposed MSI Nightblade MI2 Server - 16GB RAM, i5-6400 | GTX 960 | Server
  • nixos-htb: Qemu VM for HTB | VM
  • vm-tests: Qemu VM for testing | VM
• home: My Home-manager configuration, acessible via home-manager --flake
  • Each directory here is a "feature" each hm configuration can toggle, thus customizing my setup for each machine (be it a server, desktop, laptop, anything really).
• modules: A few actual modules (with options) I haven't upstreamed yet.
• overlay: Patches and version overrides for some packages. Accessible via nix build.
• pkgs: My custom packages. Also accessible via nix build. You can compose these into your own configuration by using my flake's overlay, or consume them through NUR.

About the installation

Most installs use a single btrfs (encrypted on all except headless systems) partition, with subvolumes for /nix, a /persist directory (which I opt in using impermanence), swap file, and a root subvolume (cleared on every boot if ephemeral is enabled).

How to bootstrap

All you need is nix (any version). Run:

nix-shell

If you already have nix 2.4+, git, and have already enabled flakes and nix-command, you can also use the non-legacy command:

nix develop

nixos-rebuild --flake . To build system configurations.

home-manager --flake . To build user configurations.

nix build (or shell or run) To build and use packages.

sops To manage secrets.

disko To manage disk formatting and partitioning.

deploy To deploy configurations on remote systems.

nixos-anywhere To install NixOS on any remote system.

Secrets

For deployment secrets (such as user passwords and server service secrets), I'm using the awesome sops-nix. All secrets are encrypted with my personal PGP key, as well as the relevant systems's SSH host keys.

Tooling and applications I use

Most relevant user apps daily drivers:

• hyprland + swayidle + swaylock
• waybar
• helix
• fish
• alacritty
• gpg + pass
• tailscale
• podman
• zathura
• wofi
• bat + fd + rg
• kdeconnect
• sublime-music

Some of the services I host:

• nextcloud
• plex server
• nix binary cache

Nixy stuff:

• nix-colors
• sops-nix
• impermanence
• home-manager
• deploy-rs
• and NixOS and nix itself, of course :)

Let me know if you have any questions about them :)