jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,320 Commits 2 Branches 16 Tags
cbe7c258126bc74c5d0253260c98b2617c6e0c6a
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Danilo Reyes cbe7c25812 Add multi-user support for various applications and services 
Enhanced the configuration files to support multi-user management by introducing user options for multiple applications, including art, gaming, multimedia, and development tools. Updated existing modules to utilize these new user options, improving flexibility and maintainability in user package installations.
2026-01-16 13:07:56 -06:00
.gitea/workflows
Implement retry mechanism for attic push commands in build workflows to enhance reliability and prevent pipeline failures. Update cache push logic in build-on-push, build-schemes, and weekly-build-cache workflows.
2025-11-13 18:54:29 -06:00
config
Add multi-user support for various applications and services
2026-01-16 13:07:56 -06:00
dotfiles
ignore conflicting cache syncthing librewolf
2025-10-29 00:00:39 -06:00
environments
changed Pictures path to capitalized
2025-11-30 13:14:54 -06:00
hosts
multi-user toggle init
2026-01-16 10:19:36 -06:00
modules
Add multi-user support for various applications and services
2026-01-16 13:07:56 -06:00
parts
format
2026-01-16 11:47:15 -06:00
patches
krita patch
2025-05-31 15:21:56 -06:00
scripts
new redirection
2025-10-29 14:06:29 -06:00
secrets
derek user
2026-01-16 09:53:02 -06:00
.gitignore
Add gitignore rules for secrets
2025-10-02 12:57:40 -06:00
.sops.yaml
encrypted gallery-dl secrets
2025-10-02 12:52:14 -06:00
flake.lock
Weekly flake update: 2026-01-16 10:47 UTC
2026-01-16 04:47:04 -06:00
flake.nix
25.11 beta
2025-11-26 22:58:59 -06:00
README.org
changed email
2025-10-02 23:05:29 -06:00
TODO.md
keycloak init
2025-12-10 02:00:12 -06:00

README.org

JawZ NixOS Configuration

Overview

This repository contains my personal NixOS configuration flake, managing multiple hosts with a modular approach. Designed the configuration for a self-hosted infrastructure with services and development environments.

Architecture

Hosts

workstation
Main development machine with GNOME desktop
server
Primary server with containerized services
miniserver
Secondary server for additional services
galaxy
Minimal configuration host
emacs
Development VM for Emacs configuration

Key Features

  • Modular configuration system
  • SOPS-based secrets management
  • Container orchestration with Podman
  • Automated builds and caching
  • Multi-language development environments
  • Self-hosted service stack

Quick Start

Prerequisites

  • NixOS 23.05 or later
  • SOPS configured with age keys
  • SSH keys for remote builds

Initial Setup 

# Clone the repository git clone <repository-url> /home/jawz/Development/NixOS
cd /home/jawz/Development/NixOS

# Install dependencies nix flake update

# Build and switch to configuration sudo nixos-rebuild switch --flake
.#<hostname>

Development Environment 

# Enter development shell for specific language nix develop .#<language>

# Available languages: python, rust, go, haskell, javascript, julia, zig, sh,
cc, nix

Configuration Structure

Core Configuration

config/base.nix
Common system configuration
config/jawz.nix
User and SSH configuration
config/stylix.nix
Theming configuration
config/schemes.nix
Color scheme definitions

Host Configurations

hosts/<hostname>/configuration.nix
Host-specific settings
hosts/<hostname>/hardware-configuration.nix
Hardware-specific config
hosts/<hostname>/toggles.nix
Feature toggles

Modules

modules/apps/
Application packages and configurations
modules/dev/
Development environment modules
modules/servers/
Self-hosted service configurations
modules/services/
System service configurations
modules/scripts/
Custom scripts and utilities
modules/shell/
Shell and terminal configurations

Services

Core Services

PostgreSQL 17
Database backend
Nginx
Reverse proxy and web server
Podman
Container runtime
Syncthing
File synchronization
WireGuard
VPN connectivity

Self-Hosted Applications

Nextcloud
File sharing and collaboration
Gitea
Git repository hosting
Jellyfin
Media server
Plex
Media streaming
Sonarr/Radarr/Lidarr
Media management
Vaultwarden
Password manager
Homepage
Service dashboard
?
And more…

Development

Available Development Shells

The configuration provides development shells for my favorite programming languages:

# Python development nix develop .#python

# Rust development   nix develop .#rust

# Go development nix develop .#go

# JavaScript/Node.js development nix develop .#javascript

# Haskell development nix develop .#haskell

# Julia development nix develop .#julia

# Zig development nix develop .#zig

# Shell scripting nix develop .#sh

# C/C++ development nix develop .#cc

# Nix development nix develop .#nix

Adding New Modules

  1. Create module file in appropriate directory under modules/
  2. Add module to modules/modules.nix if needed
  3. Enable module in host configuration or toggles

Adding New Hosts

  1. Create host directory under =hosts/<hostname>/
  2. Add configuration.nix and hardware-configuration.nix
  3. Add host to flake.nix outputs
  4. Create toggles.nix for feature management

Secrets Management

SOPS Configuration

Manage secrets using SOPS with age encryption:

secrets/secrets.yaml
Main secrets file
secrets/keys.yaml
SSH and encryption keys
secrets/env.yaml
Environment variables
secrets/wireguard.yaml
VPN configuration
secrets/certs.yaml
SSL certificates

Adding New Secrets 

# Edit secrets file sops secrets/secrets.yaml

# Add new secret sops -i -a 'new-secret: "value"' secrets/secrets.yaml

CI/CD

GitHub Actions

The repository includes automated workflows:

weekly-build-cache.yml
Weekly builds and cache updates
build-schemes.yml
Color scheme builds

Build Cache

Builds are automatically cached using Atticd for faster rebuilds.

Customization

Theming

The configuration uses Stylix for theming. Define color schemes in config/schemes.nix and can set them via the config/stylix.nix file.

Adding New Services

  1. Create service module in modules/servers/
  2. Add service configuration
  3. Enable service in host toggles
  4. Add to homepage if needed

Custom Scripts

Scripts are in modules/scripts/ and toggle them per host.

Troubleshooting

Common Issues

Build Failures

  • Check flake inputs are up to date: nix flake update
  • Verify all required secrets are present
  • Check host-specific configuration

Service Issues

  • Check service status: systemctl status <service>
  • View logs: journalctl -u <service>
  • Verify firewall rules

Development Environment

  • Rebuild development shell: nix develop .#<language>
  • Check available packages: nix search nixpkgs <package>

Getting Help

  • Check NixOS documentation
  • Review module documentation
  • Check service-specific documentation

Maintenance

Regular Tasks

  • Update flake inputs weekly
  • Review and rotate secrets quarterly
  • Update system packages monthly
  • Clean old generations: sudo nix-collect-garbage -d

Backup Strategy

  • Configuration is version controlled
  • Secrets are encrypted and backed up
  • BTRFS snapshots for data protection

Contributing

Code Style

  • Use consistent formatting
  • Add comments for complex configurations
  • Follow Nix conventions

Pull Requests

  • Test changes on development host first
  • Update documentation as needed
  • Ensure all secrets are properly managed

License

This configuration is for personal use. Please respect the licenses of individual packages and services used.

Contact

For questions or issues, contact danilo.reyes.251@proton.me

Last updated: 2025

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 3.8 MiB
Languages
Nix 68.2%
Shell 14.4%
Python 13.3%
Emacs Lisp 4.1%