Skip to content

airone01/flake

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

2 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

airone01/flake

A modular and extensible NixOS configuration system using a custom star-based architecture. This repository contains my personal NixOS configurations for multiple machines and deployments.

πŸ“š Table of Contents

πŸ—οΈ Structure

.
β”œβ”€β”€ asterisms/        # High-level configuration combinations
β”œβ”€β”€ constellations/   # Machine-specific configurations
β”‚   β”œβ”€β”€ aquarius/    # Server configuration
β”‚   β”œβ”€β”€ cassiopeia/  # Desktop configuration
β”‚   └── ursamajor/   # ISO configuration
β”œβ”€β”€ lib/             # Helper functions and core modules
β”œβ”€β”€ rockets/         # Development shells
β”œβ”€β”€ secrets/         # Encrypted secrets (using sops-nix)
└── stars/           # Modular configuration units

Key Components

  • Stars: Individual configuration modules that can be composed together
  • Asterisms: Predefined combinations of stars for specific use cases
  • Constellations: Complete system configurations for specific machines
  • Rockets: Development environments for specific tasks
  • Secrets: Encrypted configuration secrets managed with sops-nix

πŸš€ Getting Started

Prerequisites

  • NixOS or Nix with flakes enabled
  • Git
  • (Optional) sops for secret management

Installation

  1. Clone the repository:
git clone https://github.com/airone01/dotfiles2 ~/.config/nixos
  1. Review and modify the configuration:

    • Choose or create a constellation in constellations/
    • Modify flake.nix to include your system
    • Adjust hardware configuration as needed
  2. Deploy the configuration:

# For an existing system
nixos-rebuild switch --flake .#hostname

# For a new installation
nixos-install --flake .#hostname

Development Environment

The repository includes development shells for various tasks:

# For commit message linting
nix develop .#commitlint

# For Tauri development
nix develop .#tauri

πŸ›οΈ Architecture

The Star System

Stars are the fundamental building blocks of this configuration. Each star is a self-contained NixOS module that can be composed with others.

# Example star structure
stars/
β”œβ”€β”€ gui/             # GUI-related configurations
β”‚   β”œβ”€β”€ gnome.nix
β”‚   └── hyprland.nix
β”œβ”€β”€ cli/             # CLI tool configurations
β”‚   └── nvim/
└── core/            # Core system configurations
    └── sound.nix

Flake Structure

The flake.nix provides:

  • nixosConfigurations: System configurations for each machine
  • packages: Installable packages and ISO images
  • devShells: Development environments

Secret Management

Secrets are managed using sops-nix with age encryption:

  • Secrets are stored in secrets/
  • Keys are configured in .sops.yaml
  • Each constellation can access only its required secrets

🀝 Contributing

This is my flake and it's mainly personal but contributions are welcome if you have spare time. Here's how you can help:

  1. Fork the repository
  2. Create a feature branch (git checkout -b feature/amazing-feature)
  3. Make your changes
  4. Run the following checks:
    # Format code
    nix fmt
    
    # Verify builds
    nix flake check
  5. Commit your changes (following commitlint conventions)
  6. Push to your branch
  7. Open a Pull Request

Commit Message Convention

This repository uses conventional commits. Each commit message should be structured as:

type(scope): description

[optional body]
[optional footer]

Types: feat, fix, docs, style, refactor, perf, test, build, ci, chore Scopes: See .commitlintrc.yml for valid scopes

πŸ“‹ Roadmap

Category Task Priority Status
Documentation Add installation guides for each constellation High 🟑 Pending
Documentation Add architecture diagrams Medium πŸ”΄ Not Started
Documentation Create contribution guidelines Medium πŸ”΄ Not Started
Testing Add GitHub Actions workflows High πŸ”΄ Not Started
Testing Implement basic system tests Medium πŸ”΄ Not Started
Testing Add Nix formatting checks High πŸ”΄ Not Started
Security Implement firewall configuration High πŸ”΄ Not Started
Security Add fail2ban configuration Medium πŸ”΄ Not Started
Security Configure automatic security updates High πŸ”΄ Not Started
Security Implement SSH hardening High πŸ”΄ Not Started
Backup Add restic/borgbackup configuration High πŸ”΄ Not Started
Monitoring Set up Prometheus + Grafana Medium πŸ”΄ Not Started
Updates Configure automatic system updates Medium πŸ”΄ Not Started
Infrastructure Add Hydra instance Low πŸ”΄ Not Started
Infrastructure Add TeamCity instance Low πŸ”΄ Not Started
Infrastructure Add Attic binary cache Medium πŸ”΄ Not Started
Infrastructure Add Mastodon instance Low πŸ”΄ Not Started
Infrastructure Add Matrix instance Low πŸ”΄ Not Started
Infrastructure Add Lemmy instance Low πŸ”΄ Not Started
Infrastructure Add Invidious instance Low πŸ”΄ Not Started
Infrastructure Add SearXNG instance Medium πŸ”΄ Not Started
Infrastructure Add Gitea instance Medium πŸ”΄ Not Started
Infrastructure Add Jellyfin instance Low πŸ”΄ Not Started
Infrastructure Add Vaultwarden instance Low πŸ”΄ Not Started
Infrastructure Add Home Assistant instance Low πŸ”΄ Not Started
Infrastructure Add Paperless-ngx instance Low πŸ”΄ Not Started
Infrastructure Add Syncthing instance Low πŸ”΄ Not Started
Infrastructure Add Calibre-Web instance Low πŸ”΄ Not Started
Infrastructure Add Photoprism instance Low πŸ”΄ Not Started
Architecture Figuring all of this out High 🟣 Always going on

Legend:

  • 🟒 Complete
  • 🟑 In Progress/Partial
  • πŸ”΄ Not Started
  • 🟣 Special

πŸ”§ Tooling

Available Development Shells

  • commitlint: For commit message linting
  • tauri: For Tauri application development (I use it for JS/TS as well)

Useful Commands

# Rebuild the current system
./rebuild.sh <hostname>

# Build an ISO image
nix build .#ursamajor-install-iso

# Enter development shell
nix develop .#<shell-name>

πŸ“¦ Machines

aquarius

  • Purpose: Home server
  • Services: Caddy, planned hosting for various services
  • Status: Active

cassiopeia

  • Purpose: Desktop workstation
  • Features: GNOME desktop, development tools
  • Status: Active

ursamajor

  • Purpose: Installation ISO
  • Features: Basic system for testing and installation
  • Status: In Development

πŸ“„ License

This project is open source and available under the Apache v2 license.

πŸ™ Acknowledgments

  • NixOS for the amazing Linux distribution
  • All the fantastic Nix community members who share their configurations
  • NotAShelf for inspiration
  • Contributors to all the tools and packages used in this configuration