# NixOS Configuration

A modular NixOS configuration setup for multiple systems.

## Project Structure

- `modules/`: Reusable NixOS/Darwin modules
    - `common.nix`: Common module imports and definitions
    - `nixos/`: NixOS-specific modules
        - `home/`: Home Manager integration for NixOS
        - `nix/`: Nix package manager configuration
        - `nix-ld/`: Dynamic linking support
        - `network/`: Network configuration modules
            - `resolved/`: DNS resolution configuration
        - `security/`: Security-related modules
            - `ssh-host-keys/`: SSH host key management
        - `services/`: Service configuration modules
            - `base/`: Basic system configuration
            - `gui/`: Graphical interface setup
            - `homeprinter/`: Home printer support
            - `podman/`: Container runtime
            - `secureboot/`: Secure boot configuration
        - `sgx/`: Intel SGX support
            - `aesmd_dcap/`: SGX AESMD DCAP service
            - `pccs/`: SGX Provisioning Certificate Caching Service
        - `system/`: System configuration modules
            - `auto-upgrade/`: Automatic system upgrades
            - `limits/`: System resource limits
            - `zram/`: ZRAM swap configuration
        - `tools/`: Common tools configuration
            - `direnv/`: Direnv integration
            - `git/`: Git configuration
        - `user/`: User account configuration
        - `virtualization/`: Virtualization support
    - `home/`: Home Manager modules
        - `cli-apps/`: Command-line applications
        - `gui/`: GUI application configuration
        - `tools/`: User tools configuration
        - `user/`: User preferences
    - `darwin/`: Darwin-specific modules
        - `home/`, `nix/`, `security/`, etc.
- `systems/`: Individual system configurations
    - `x86_64-linux/`: Linux systems on x86_64
    - `aarch64-linux/`: Linux systems on ARM
    - `x86_64-darwin/`: macOS systems on x86_64
    - `aarch64-darwin/`: macOS systems on ARM
- `homes/`: Home Manager configurations for each user/system
- `lib/`: Helper functions and utilities
- `overlays/`: Nixpkgs overlays
- `packages/`: Custom packages

## Using the Configurations

### Install a system via nixos-anywhere

```bash
$ nix run github:numtide/nixos-anywhere -- \
  --flake 'git+https://git.hoyer.xyz/harald/nixcfg'.#hostname \
  root@hostname --no-reboot --tty -i $HOME/.ssh/id_ed25519
... enter disk password
$ ssh -t root@hostname systemd-cryptenroll /dev/luksdev --wipe-slot=tpm2 --tpm2-device=auto --tpm2-pcrs=1,15
```

### Update NixOS system

```bash
$ nixos-rebuild --use-remote-sudo -L --show-trace --refresh --flake git+https://git.hoyer.xyz/harald/nixcfg boot
```

### Update macOS system

```bash
$ darwin-rebuild -L --show-trace --refresh --flake git+https://git.hoyer.xyz/harald/nixcfg switch
```

### Update home-manager configuration

```bash
$ nix --refresh run 'git+https://git.hoyer.xyz/harald/nixcfg' -- \
  switch -b backup --flake 'git+https://git.hoyer.xyz/harald/nixcfg'
```