This repository contains a Nix Flake for configuring my computers and/or their home environment. It is not intended to be a drop in configuration for your computer, but might serve as a reference or starting point for your own configuration. If you are looking for a more generic NixOS configuration template, I highly recommend nix-starter-configs. 👍️ These computers are managed by this Nix flake ❄️
Hostname | Board | CPU | RAM | Primary GPU | Secondary GPU | Role | OS | State |
---|---|---|---|---|---|---|---|---|
vader |
MEG-X570-UNIFY | AMD Ryzen 9 5950X | 128GB | Fighter RX 7900 GRE | RTX 2000E Ada Generation | 🖥️ | ❄️ | ✅ |
phasma |
MEG-X570-ACE | AMD Ryzen 9 5900X | 128GB | Fighter RX 7900 GRE | RTX 2000E Ada Generation | 🖥️ | ❄️ | ✅ |
sidious |
ThinkPad P1 Gen 1 | Intel Xeon E-2176M | 64GB | NVIDIA Quadro P2000 Max-Q | Intel UHD Graphics P630 | 💻️🎭️ | ❄️ | ✅ |
palpatine |
💻️🎭️ | 🪟 | ✅ | |||||
tanis |
ThinkPad Z13 Gen 1 | AMD Ryzen 5 PRO 6650U | 32GB | AMD Radeon 660M | 💻️ | ❄️ | ✅ | |
shaa |
ThinkPad T14s Gen 1 | AMD Ryzen 5 PRO 4650U | 16GB | AMD Radeon RX Vega 6 | 💻️ | ❄️ | ✅ | |
momin |
Macbook Air M2 15" | Apple M2 8-core CPU | 24GB | Apple M2 10-core GPU | 💻️ | 🍏 | ✅ | |
krall |
Macbook Pro (Mid 2015) | Intel Core i7 | 16GB | Intel Iris Pro Graphics | 💻️ | 🍏 | ✅ | |
steamdeck |
Steam Deck 64GB LCD | Zen 2 4c/8t | 16GB | 8 RDNA 2 CUs | 🎮️ | 🐧 | ✅ | |
crawler |
QEMU | - | - | VirGL | 🐄 | ❄️ | ✅ | |
dagger |
QEMU | - | - | VirGL | 🐄 | ❄️ | ✅ | |
defender |
Lima | - | - | - | 🐄 | 🐧 | ✅ | |
fighter |
Lima | - | - | - | 🐄 | 🐧 | ✅ | |
revan |
Z390-DESIGNARE | Intel Core i9-9900K | 64GB | Intel UHD Graphics 630 | NVIDIA T1000 | ☁️ | ❄️ | 🚧 |
malak |
B360 HD3P-LM | Intel Core i7-8700 | 128GB | Intel UHD Graphics 630 | - | ☁️ | ❄️ | 🚧 |
Workstation and server host names are Sith Lords and the virtual machines are named after TIE fighter series. Dual boot systems have the NixOS install named a Sith Lord and the "other" OS named after their public-facing persona.
Key
- 🎭️ : Dual boot
- 🖥️ : Desktop
- 💻️ : Laptop
- 🎮️ : Games Machine
- 🐄 : Virtual Machine
- ☁️ : Server
- 🧟 : Not in service
As featured on Linux Matters podcast! 🎙️ I am a presenter on Linux Matters and this configuration was featured in Episode 7 - Immutable Desktop Linux for Anyone.
- .github: GitHub CI/CD workflows Nix ❄️ supercharged ⚡️ by Determinate Systems
- darwin: macOS configurations
- Includes full system configuration for a MacBook Air M2 15" and MacBook Pro (Mid 2015)
- home-manager: Home Manager configurations
- Sane defaults for shell and desktop
- nixos: NixOS configurations
- Includes discrete hardware configurations that leverage the NixOS Hardware modules.
The nixos/_mixins and home-manager/_mixins are a collection of composited configurations based on the arguments defined in flake.nix.
- Boot off an .iso image created by this flake using
build-iso console
orbuild-iso <desktop>
(see below) 💿 - Put the .iso image on a USB drive, I use USBImager
- Boot the target computer from the USB drive
- Two installation options are available:
1 Run
install-system <hostname> <username>
from a terminal- The install script uses Disko to automatically partition and format the disks, then uses my flake via
nixos-install
to complete a full-system installation - This flake is copied to the target user's home directory as
~/Zero/nix-config
nixos-enter
is used to automatically chroot into the new system and apply the Home Manager configuration 2 The desktop iso image includes the graphical Calamares installer if an ad-hoc system installation is required
- The install script uses Disko to automatically partition and format the disks, then uses my flake via
- Make a cuppa 🫖
- Reboot 🥾
As Disko is used to declare the disk layout for all my NixOS hosts, each NixOS configurations can be deployed to a remote host using nixos-anywhere.
I've created a simple wrapper around nixos-anywhere
that makes it a bit simpler to deploy a NixOS configuration to a remote host.
For example, malak
is a Hetzner dedicated server.
To deploy it, enable the Hetzner Rescue system and then execute the following command from one of my workstations:
install-anywhere malak <ip-address>
When the deployment is complete, the remote host will be automatically rebooted. I keep my Home Manager configuration separate from my NixOS configuration, so after the NixOS configuration has been deployed, I SSH in to the remote host and activate the Home Manager configuration:
sudo chown -Rv "$USER":users "$HOME/.config"
git clone https://github.com/wimpysworld/nix-config "$HOME/Zero/nix-config"
home-manager switch -b backup --flake "$HOME/Zero/nix-config"
I clone this repo to ~/Zero/nix-config
. NixOS and Home Manager changes are applied separately because I tend to iterate on the Home Manager configuration more frequently than the NixOS configuration.
gh repo clone wimpysworld/nix-config "$HOME/Zero/nix-config"
- ❄️ NixOS & macOS: A
build-host
andswitch-host
aliases are provided that build the NixOS or nix-darwin configuration and switch to it respectively. - 🏠️ Home Manager: A
build-home
andswitch-home
aliases are provided that build the Home Manager configuration and switch to it respectively. - 🌍️ All: There are also
build-all
andswitch-all
aliases that build and switch to both the NixOS/nix-darwin and Home Manager configurations.
The build-iso
script is included that creates .iso images from this flake. The following modes are available:
build-iso console
(terminal environment): Includesinstall-system
for automated installation.build-iso gnome
(GNOME Desktop environment): Includesinstall-system
and Calamares installation.build-iso mate
(MATE Desktop environment): Includesinstall-system
and Calamares installation.build-iso pantheon
(Pantheon Desktop environment): Includesinstall-system
and Calamares installation.build-iso lomiri
(Lomiri Desktop environment): Includesinstall-system
and Calamares installation.
Live images will be left in $HOME/Zero/nix-config/result/iso/
and are also injected into ~/Quickemu/nixos-console
and ~/Quickemu/nixos-<desktop>
respectively.
The console .iso image is also periodically built and published via GitHub Actions and is available in this project's Releases.
Nix is configured with flake support and the unified CLI enabled.
Here's the directory structure I'm using:
.
├── darwin
│ ├── _mixins
│ │ ├── desktop
│ │ ├── scripts
│ │ └── users
│ ├── momin
│ ├── krall
│ └── default.nix
├── home-manager
│ ├── _mixins
│ │ ├── configs
│ │ ├── desktop
│ │ ├── features
│ │ ├── scripts
│ │ ├── services
│ │ └── users
│ └── default.nix
├── lib
│ └── default.nix
├── nixos
│ ├── _mixins
│ │ ├── configs
│ │ ├── desktop
│ │ ├── features
│ │ ├── scripts
│ │ ├── services
│ │ └── users
│ ├── iso-console
│ ├── iso-gnome -> iso-console
│ ├── iso-mate -> iso-console
│ ├── iso-pantheon -> iso-console
│ ├── iso-lomiri -> iso-console
│ ├── crawler -> dagger
│ ├── dagger
│ ├── malak
│ ├── phasma
│ ├── revan
│ ├── sidious
│ ├── tanis
│ ├── vader
│ └── default.nix
├── overlays
│ └── default.nix
├── pkgs
│ └── default.nix
├── secrets
│ └── secrets.yaml
└── flake.nix
- The NixOS, macOS (darwin) and Home Manager configurations are in the
nixos
,darwin
andhome-manager
directories respectively, they are structured in a similar way with_mixins
directories that contain the configurations applied via mixin pattern that compose the final configuration. - The
lib
directory contains helper functions for thenixos
,nix-darwin
andhome-manager
configurations. - The
overlays
directory hold my custom overlays. - The
pkgs
directory contains my custom local packages. - The
secrets
directory contains secrets managed by sops-nix. - The
default.nix
files in the root of each directory are the entry points.
Fish shell 🐟️ with Starship 🚀 and a collection of tools that deliver a "Modern Unix" experience.
The base system has a firewall enabled and also includes OpenSSH, sops-nix for secret management, Tailscale, Distrobox and, of course, a delightfully configured micro. (Fight me! 🥊)
Useful shell scripts I used to keep in muddle of git repos are now migrated to NixOS scripts and Home Manager scripts to provide a declarative, reproducible and shellcheck
validated toolbox 🧰
GNOME 👣 Hyprland 💧 MATE 🧉 Pantheon 🏛️ and Lomiri 📱 desktop options are available. The font configuration is common for all desktops using Work Sans and Fira Code. The usual creature comforts you'd expect to find in a Linux Desktop are integrated such as Pipewire, Bluetooth, Avahi, CUPS, SANE and NetworkManager.
Desktops | NixOS | Home Manager | Theme |
---|---|---|---|
👣 GNOME | GNOME NixOS | GNOME Home Manager | Catppuccin Mocha |
💧 Hyprland | Hyprland NixOS | Hyprland Home Manager | Catppuccin Mocha |
🧉 MATE | MATE NixOS | MATE Home Manager | Catppuccin Mocha |
🏛️ Pantheon | Pantheon NixOS | Pantheon Home Manager | Catppuccin Mocha |
📱 Lomiri | Lomiri NixOS | 🚧 |
Things I currently need to do manually after installation.
- Provision
/var/lib/private/sops/age/keys.txt
- Provision
~/.config/sops/age/keys.txt
- Run
gpg-restore
- Run
determinate-nixd login
- Keybase -
keybase login
- Tailscale -
sudo tailscale up --operator="$USER"
- Fast switching - https://tailscale.com/kb/1225/fast-user-switching
- 1Password - authenticate
- LastPass - authenticate
- Atuin
atuin login -u <username>
atuin sync -f
- Brave - enroll sync
- Chatterino - authenticate
- Discord - authenticate
- GitKraken - authenticate with GitHub
- Grammarly - authenticate
- Maelstral -
maestral_qt
- Matrix - authenticate
- Syncthing - Connect API and introduce host
- Telegram - authenticate
- VSCode - authenticate with GitHub enable sync
- Wavebox - authenticate Google and restore profile
defender
and fighter
are Ubuntu virtual machines run under Lima for my Ubuntu MATE development and testing environments.
- On Linux run
incus admin init --minimal
create-defender
create-fighter
- On macOS run
install-homebrew
- Create ntfy user and ACLs
sudo ntfy user add --role=admin <username>
sudo ntfy access everyone <topic> rw
Some applications require manual configuration to apply the correct theme.
- Enable Stylus Sync to Dropbox to get Catppuccin userstyles and Enable Patch CSP
- Brave
- Chrome
- Chromium
- Firefox
- Wavebox
- Cider
- Open Cider
- Menu → Marketplace → Themes
- Find Catppuccin and your favorite flavor
- Click Install
- Discord OpenAsar
- Add Catppuccin CSS
/* mocha */
@import url("https://catppuccin.github.io/discord/dist/catppuccin-mocha.theme.css");
@import url("https://catppuccin.github.io/discord/dist/catppuccin-mocha-blue.theme.css");
One of my laptops (sidious
) is a multi-disk system with Windows 11 Pro 🪟 installed on a separate disk from NixOS.
The Windows EFI partition is not automatically detected by systemd-boot, because it is on a different disk.
The following steps are required to copy the Windows Boot Manager to the NixOS EFI partition so dual-booting is possible.
Find Windows EFI Partition
lsblk -o NAME,FSTYPE,SIZE,MOUNTPOINT
Mount Windows EFI Partition
sudo mkdir /mnt/win-efi
sudo mount /dev/nvme1n1p1 /mnt/win-efi
Copy Contents of Windows EFI to NixOS EFI
sudo rsync -av /mnt/win-efi/EFI/Microsoft/ /boot/EFI/Microsoft/
Clean up
sudo umount /mnt/win-efi
sudo rm -rf /mnt/win-efi
Reboot and systemd-boot should now offer the option to boot NixOS and Windows.
Before preparing my NixOS and Home Manager configurations I looked at what other Nix users were doing. My colleagues shared their configs and tips which included nome from Luc Perkins, nixos-config from Cole Helbling, flake from Ana Hoverbear and her Declarative GNOME configuration with NixOS blog post. A couple of friends also shared their configurations and here's Jon Seager's nixos-config and Matthew Croughan's nixcfg.
I liked the directory hierarchy in Jon Seager's nixos-config and the mixin pattern used in Matthew Croughan's nixcfg, so my Nix configuration is influenced by both of those. Ana's excellent Declarative GNOME configuration with NixOS blog post was essential to achieving a fully declaritive desktop configuration 🚀
After I created my initial flake I found nix-starter-configs by Gabriel Fontes which is an excellent starting point. I have since incorporated many of the techniques it demonstrates. Similarly, some of my nix-darwin configuration is inspired by nix-darwin-kickstarter.
There's plenty to learn from browsing other people's Nix configurations. I recommend a search of GitHub nixos configuration from time to time to see what interesting techniques you pick up and new tools you might discover ️🕵️
My use of Disko and automated installation script were inspired by the these blog posts: