Skip to content

puyral/nixomagus

BranchesTags

Repository files navigation

This is the nixos configuration for all the computers in computers.nix.

It merges nixos configuration and home-manager configurations. It supports home-manager-only configuration (notably for vampire). lib/default.nix contains the routing logic to merge everything together.

Structure

Modules

The configuration is split quite a lot into modules. The ones for nixos are put in modules/nixos and thoses for homemanager are in modules/home-manager.

By convention, all extra modules are namespaced into extra. config.vars is reserved for cross module variables.

containers

Where possible I use nixos containers. There is some automation to include some default config for them (e.g., include vim always). See containers for their base config.

reverse proxy

I use traefik for the reverse proxy. I've added a ton of automation for it in traefik.

Also some containers run an instance of tailscale to go though the ovh-pl vps to be opened to the rest of the world.

Nixos

The configurations for nixos are in configuration. There is one folder per computer and a commun folder. Both are loaded. All modules are loaded.

Homemanager

Simlarily to nixos, there is one folder per user and computer and a commun folder for each. All modules are loaded.

devshells

There are some devshells stored into devShells. Theses can be usefull to reuse shells (e.g., lean) or avoid polutting a repo while nixifying it.

packages

contains packages usefull for the configuration but that only make sense there. Otherwise my custom packages are put in custom-nix

Secrets

Secrets are hidden using git-crypt and sops-nix depending on when I need access to the secret and if I only hidding them form github.

MicroVM

A sandbox computer is available for isolated testing. It uses a read-only share of the host's nix store and a writable overlay on a tmpfs root. This means the VM is ephemeral and starts almost instantly.

To run the sandbox:

nix run .#sandbox

Note: To exit the VM console, press Ctrl-a then x.

The VM is configured with:

  • root user: no password, permits SSH.
  • simon user: same environment as other machines (zsh, tmux, etc.).
  • Network: uses systemd-networkd.
  • Ephemeral root on tmpfs.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

 
 
 

Contributors

Languages