my nix configs

Find a file

Harald Hoyer 1338ced84f feat(sgx): disable Avahi service in fileserver configuration - Set `services.avahi.enable` to `false` in `fileserver.nix`. - Ensures Avahi is disabled, aligning with updated system requirements.		2025-07-30 13:56:33 +02:00
.secrets	feat: add ssh key derived age key	2025-05-23 12:28:14 +02:00
homes	feat(x1): add clipboard history GNOME extension	2025-07-07 10:04:58 +02:00
lib	nix fmt	2024-11-19 10:31:29 +01:00
modules	chore(nixsgx): remove nixsgx-flake input and overlay	2025-07-30 13:36:16 +02:00
overlays	chore(nixsgx): remove nixsgx-flake input and overlay	2025-07-30 13:36:16 +02:00
packages	fix(nixos-hosts): use arithmetic comparison in argument loop	2025-02-26 15:42:15 +01:00
systems	feat(sgx): disable Avahi service in fileserver configuration	2025-07-30 13:56:33 +02:00
.gitattributes	remove required from .gitattributes	2024-11-29 15:45:57 +01:00
.gitignore	chore: update .gitignore to include .direnv	2025-03-20 09:56:10 +01:00
.sops.yaml	feat: add ssh key derived age key	2025-05-23 12:28:14 +02:00
CLAUDE.md	docs: update CLAUDE.md with comprehensive project analysis	2025-05-03 07:24:52 +02:00
flake.lock	chore: update packages and dependencies	2025-06-30 09:49:01 +02:00
flake.nix	chore(nixsgx): remove nixsgx-flake input and overlay	2025-07-30 13:36:16 +02:00
README.md	docs: update README with project structure and instructions	2025-03-20 09:43:18 +01:00

README.md

NixOS Configuration

A modular NixOS configuration setup for multiple systems.

Project Structure

modules/: Reusable NixOS/Darwin modules
- common.nix: Common module imports and definitions
- nixos/: NixOS-specific modules
  - home/: Home Manager integration for NixOS
  - nix/: Nix package manager configuration
  - nix-ld/: Dynamic linking support
  - network/: Network configuration modules
    - resolved/: DNS resolution configuration
  - security/: Security-related modules
    - ssh-host-keys/: SSH host key management
  - services/: Service configuration modules
    - base/: Basic system configuration
    - gui/: Graphical interface setup
    - homeprinter/: Home printer support
    - podman/: Container runtime
    - secureboot/: Secure boot configuration
  - sgx/: Intel SGX support
    - aesmd_dcap/: SGX AESMD DCAP service
    - pccs/: SGX Provisioning Certificate Caching Service
  - system/: System configuration modules
    - auto-upgrade/: Automatic system upgrades
    - limits/: System resource limits
    - zram/: ZRAM swap configuration
  - tools/: Common tools configuration
    - direnv/: Direnv integration
    - git/: Git configuration
  - user/: User account configuration
  - virtualization/: Virtualization support
- home/: Home Manager modules
  - cli-apps/: Command-line applications
  - gui/: GUI application configuration
  - tools/: User tools configuration
  - user/: User preferences
- darwin/: Darwin-specific modules
  - home/, nix/, security/, etc.
systems/: Individual system configurations
- x86_64-linux/: Linux systems on x86_64
- aarch64-linux/: Linux systems on ARM
- x86_64-darwin/: macOS systems on x86_64
- aarch64-darwin/: macOS systems on ARM
homes/: Home Manager configurations for each user/system
lib/: Helper functions and utilities
overlays/: Nixpkgs overlays
packages/: Custom packages

Using the Configurations

Install a system via nixos-anywhere

$ nix run github:numtide/nixos-anywhere -- \
  --flake 'git+https://git.hoyer.xyz/harald/nixcfg'.#hostname \
  root@hostname --no-reboot --tty -i $HOME/.ssh/id_ed25519
... enter disk password
$ ssh -t root@hostname systemd-cryptenroll /dev/luksdev --wipe-slot=tpm2 --tpm2-device=auto --tpm2-pcrs=1,15

Update NixOS system

$ nixos-rebuild --use-remote-sudo -L --show-trace --refresh --flake git+https://git.hoyer.xyz/harald/nixcfg boot

Update macOS system

$ darwin-rebuild -L --show-trace --refresh --flake git+https://git.hoyer.xyz/harald/nixcfg switch

Update home-manager configuration

$ nix --refresh run 'git+https://git.hoyer.xyz/harald/nixcfg' -- \
  switch -b backup --flake 'git+https://git.hoyer.xyz/harald/nixcfg'