my nix configs

Find a file

Harald Hoyer 62f1eb0a2d Update forgejo-runner package reference Switched from `forgejo-actions-runner` to `forgejo-runner` package for the gitea actions runner instance. This aligns with the updated package naming convention in the system configuration. The change ensures proper integration with the forgejo ecosystem and maintains consistency with the project's package structure.		2025-12-03 09:43:59 +01:00
.secrets	feat: add ssh key derived age key	2025-05-23 12:28:14 +02:00
homes	feat(home-config): add default home configuration	2025-11-14 06:59:22 +01:00
lib	nix fmt	2024-11-19 10:31:29 +01:00
modules	Update forgejo-runner package reference	2025-12-03 09:43:59 +01:00
overlays	chore(nix): bump claude-code to 2.0.51	2025-11-24 21:09:36 +01:00
packages	nixos-25.11	2025-12-02 18:58:52 +01:00
systems	Update forgejo-runner package reference	2025-12-03 09:43:59 +01:00
.gitattributes	remove required from .gitattributes	2024-11-29 15:45:57 +01:00
.gitignore	chore: update .gitignore to include .direnv	2025-03-20 09:56:10 +01:00
.sops.yaml	feat: add ssh key derived age key	2025-05-23 12:28:14 +02:00
CLAUDE.md	docs: update CLAUDE.md with comprehensive project analysis	2025-05-03 07:24:52 +02:00
flake.lock	nixos-25.11	2025-12-02 18:58:52 +01:00
flake.nix	nixos-25.11	2025-12-02 18:58:52 +01:00
README.md	docs: update README with project structure and instructions	2025-03-20 09:43:18 +01:00

README.md

NixOS Configuration

A modular NixOS configuration setup for multiple systems.

Project Structure

modules/: Reusable NixOS/Darwin modules
- common.nix: Common module imports and definitions
- nixos/: NixOS-specific modules
  - home/: Home Manager integration for NixOS
  - nix/: Nix package manager configuration
  - nix-ld/: Dynamic linking support
  - network/: Network configuration modules
    - resolved/: DNS resolution configuration
  - security/: Security-related modules
    - ssh-host-keys/: SSH host key management
  - services/: Service configuration modules
    - base/: Basic system configuration
    - gui/: Graphical interface setup
    - homeprinter/: Home printer support
    - podman/: Container runtime
    - secureboot/: Secure boot configuration
  - sgx/: Intel SGX support
    - aesmd_dcap/: SGX AESMD DCAP service
    - pccs/: SGX Provisioning Certificate Caching Service
  - system/: System configuration modules
    - auto-upgrade/: Automatic system upgrades
    - limits/: System resource limits
    - zram/: ZRAM swap configuration
  - tools/: Common tools configuration
    - direnv/: Direnv integration
    - git/: Git configuration
  - user/: User account configuration
  - virtualization/: Virtualization support
- home/: Home Manager modules
  - cli-apps/: Command-line applications
  - gui/: GUI application configuration
  - tools/: User tools configuration
  - user/: User preferences
- darwin/: Darwin-specific modules
  - home/, nix/, security/, etc.
systems/: Individual system configurations
- x86_64-linux/: Linux systems on x86_64
- aarch64-linux/: Linux systems on ARM
- x86_64-darwin/: macOS systems on x86_64
- aarch64-darwin/: macOS systems on ARM
homes/: Home Manager configurations for each user/system
lib/: Helper functions and utilities
overlays/: Nixpkgs overlays
packages/: Custom packages

Using the Configurations

Install a system via nixos-anywhere

$ nix run github:numtide/nixos-anywhere -- \
  --flake 'git+https://git.hoyer.xyz/harald/nixcfg'.#hostname \
  root@hostname --no-reboot --tty -i $HOME/.ssh/id_ed25519
... enter disk password
$ ssh -t root@hostname systemd-cryptenroll /dev/luksdev --wipe-slot=tpm2 --tpm2-device=auto --tpm2-pcrs=1,15

Update NixOS system

$ nixos-rebuild --use-remote-sudo -L --show-trace --refresh --flake git+https://git.hoyer.xyz/harald/nixcfg boot

Update macOS system

$ darwin-rebuild -L --show-trace --refresh --flake git+https://git.hoyer.xyz/harald/nixcfg switch

Update home-manager configuration

$ nix --refresh run 'git+https://git.hoyer.xyz/harald/nixcfg' -- \
  switch -b backup --flake 'git+https://git.hoyer.xyz/harald/nixcfg'