dotfiles/nixos-config: KISS NixOS configuration based on Flakes & flake-parts (supports macOS too)

mirror of https://github.com/srid/nixos-config.git synced 2026-05-05 05:16:50 +08:00

KISS NixOS configuration based on Flakes & flake-parts (supports macOS too)

Find a file

Sridhar Ratnakumar 4c648e912c Enable incus on pureintent (#113 ) * Enable incus on pureintent, rename lxd.nix, drop unused flake-parts - Add incus module import to pureintent and bind the UI to its Tailscale IP (no firewall change needed since tailscale0 is trusted). - Rename modules/nixos/linux/lxd.nix -> incus.nix since the module configures virtualisation.incus, and enable the bundled web UI. - Drop the unused modules/flake-parts/incus-image helper; the `images:nixos/` community images cover container/VM launches. Move incus module into a directory with a README The troubleshooting notes used to live as comments in the module; they belong in docs alongside a quick-start on launching containers/VMs and configuring the UI listener. * Expand incus README with VM gotchas Document the sharp edges hit while bringing up a NixOS VM for the first time: secureboot, memory/cpu/disk limits (with the error signatures that point at each), configuring the guest (flakes, firewall), and a three-step guide to exposing a service from inside.		2026-04-19 11:21:39 -04:00
.vscode	vscode: nushell	2025-07-22 10:27:01 -04:00
AI	Upstreamed	2026-04-09 17:49:46 -04:00
configurations	Enable incus on pureintent (#113 )	2026-04-19 11:21:39 -04:00
docs	one more doc	2026-03-22 11:40:14 -04:00
doom.d	doom: disable	2024-11-18 12:04:59 -05:00
modules	Enable incus on pureintent (#113 )	2026-04-19 11:21:39 -04:00
overlays	opencode: use upstream juspay/oc home module (#105 )	2026-03-12 18:18:51 -04:00
packages	add compress-video script for reducing video size	2026-04-04 12:29:03 -04:00
secrets	Update juspay llm key	2026-03-02 10:26:58 -05:00
webapps	Fix some warnings	2025-11-29 14:53:18 -05:00
.envrc	envrc: Fix devshell path	2025-06-25 18:06:30 +10:00
.gitattributes	chore: Redundant entry	2024-06-21 19:46:58 -04:00
.gitignore	ig	2026-03-31 17:38:02 -04:00
.gitmodules	Remove submodules entirely	2026-03-14 09:22:23 -04:00
CLAUDE.md	Add hackage-publish.nix, to be tested	2025-08-28 05:31:50 +05:30
config.nix	Remove unused	2024-09-28 22:51:12 -04:00
flake.lock	Update input	2026-04-19 09:46:07 -04:00
flake.nix	Update input	2026-04-19 09:46:07 -04:00
justfile	fuck pc for now	2026-03-14 09:16:34 -04:00
README.md	Remove submodules entirely	2026-03-14 09:22:23 -04:00
vira.hs	ci: Add vira	2025-10-21 08:31:21 -04:00

README.md

This is my Nix / NixOS configuration for all of my systems. See nixos-unified—specifically nixos-unified-template—if you wish to create your own configuration from scratch.

Setup

If you are using this repository as a starting template for your own configuration, perform these initial steps:

Edit config.nix in the repository root to set your primary user information (username, fullname, email, sshKey).
Replace the SSH keys in secrets/secrets.nix with your own, or delete the file if you do not use agenix.
Delete any files in configurations/ that you do not need, and create/rename files to match your hostnames.

After preparing your template, to install on a new machine running:

NixOS Linux

Tip

For a general tutorial, see https://nixos.asia/en/nixos-install-flake

Install NixOS
- Hetzner dedicated from Linux Rescue system: https://github.com/numtide/nixos-anywhere (see blog post; example PR: https://github.com/srid/nixos-config/pull/35 where I had to configure networking manually)
  - Copy from existing configuration (eg: ax41.nix)
  - Make networking configuration changes.
  - Run nixos-anywhere from a Linux system, targetting root@<ip>
  - Wait for reboot; ssh srid@<ip>; profit!
- Digital Ocean
  - Legacy/manual approach: nixos-infect
  - Modern/automate approach: Custom image + colerama; cf. Zulip and example
- X1 Carbon: https://srid.ca/x1c7-install
- Windows (via WSL): https://github.com/nix-community/NixOS-WSL
Clone this repo anywhere
Run nix run. That's it. Re-open your terminal.

macOS

Install Nix
Clone this repo anywhere
Run nix run.¹ That's it. Re-open your terminal.

Architecture

Start from flake.nix (see Flakes). flake-parts is used as the module system.

Directory layout

Tip

See flake-module.nix for autowiring of flake outputs based on this directory structure.

Path	Corresponding flake output
`./configurations/{nixos,darwin,home}/foo.nix`	`{nixos,darwin,home}Configurations.foo`
`./mdules/{nixos,darwin,home,flake-parts}/foo.nix`	`{nixos,darwin,home,flake}Modules.foo`
`./overlays/foo.nix`	`overlays.foo`
`./packages`	N/A (Nix packages)
`./secrets`	N/A (agenix data)

Tips

To update NixOS (and other inputs) run nix flake update
- You may also update only primary inputs:
```
# nix run .#update
```

To free up disk space,

sudo nix-env -p /nix/var/nix/profiles/system --delete-generations +2
sudo nixos-rebuild boot

To autoformat the project tree using nixpkgs-fmt, run just lint in Nix devShell.
To build all flake outputs (locally or in CI), run nix run nixpkgs#omnix ci
For secrets management, I use agenix, because it works with SSH keys, and functions well on macOS and NixOS.

Discussion

https://github.com/srid/nixos-config/discussions

You might have to rm -rf /etc/nix/nix.conf, so our flake.nix can do its thing. ↩︎