greg/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
29 commits 1 branch 0 tags 69 MiB
  • Nix 97.6%
  • Shell 2.4%
Find a file
Exact
Greg Helding acb3994e94 Update
2026-04-19 20:28:01 -05:00
assets Initial commit 2026-04-13 21:44:14 -05:00
home add element 2026-04-17 13:38:26 -05:00
hosts fix bluetooth for Apple Gen 1 Trackpad 2026-04-19 10:28:04 -05:00
scripts Initial commit 2026-04-13 21:44:14 -05:00
secrets/matrix move smtp config to sops 2026-04-17 17:17:10 -05:00
.gitignore add sop-nix and matrix host config (secrets pending host key) 2026-04-16 20:25:03 -05:00
.sops.yaml add sops 2026-04-17 00:28:07 -05:00
Building Initial commit 2026-04-13 21:44:14 -05:00
flake.lock Update 2026-04-19 20:28:01 -05:00
flake.nix setup matrix 2026-04-17 00:00:37 -05:00
README.md Update readme 2026-04-17 13:43:39 -05:00

README.md

nixos-config

I'm Greg Helding. You can find me at helding.net, on GitHub at github.com/gthelding, and on Forgejo at forgejo.gth.sh/greg.

This is my personal NixOS flake for three machines, with shared Home Manager configuration for user greg. Welcome, and thanks for stopping by - feel free to explore the layout, borrow ideas, and adapt anything useful for your own setup.

Hosts

Host Hardware Role
strider ThinkPad X1 Carbon Gen 11 Laptop
wintermute AMD Ryzen desktop Workstation
matrix Proxmox VM Matrix Synapse homeserver

What this repo manages

  • NixOS system configuration per host under hosts/
  • Shared Home Manager modules under home/
  • Host-aware user services (for example, backup timers on wintermute)
  • Scripts synced into ~/.local/bin via Home Manager

Repository layout

flake.nix                  Flake entrypoint and host definitions
hosts/
  strider/                 Laptop system config + hardware
  wintermute/              Workstation system config + hardware
  matrix/                  Matrix Synapse server config + hardware
secrets/
  matrix/                  sops-encrypted Synapse secrets
home/
  greg.nix                 Home Manager entrypoint
  bash.nix                 Shell configuration
  plasma.nix               KDE Plasma 6 configuration
  syncthing.nix            Syncthing configuration
  packages/                User package sets
scripts/                   Helper scripts (backups, git helpers, rsync exclude)
assets/                    Misc assets used by the setup

Common commands

Build a host config without switching:

sudo nixos-rebuild build --flake .#strider
sudo nixos-rebuild build --flake .#wintermute
sudo nixos-rebuild build --flake .#matrix

Apply configuration to the current host:

sudo nixos-rebuild switch --flake .#strider
sudo nixos-rebuild switch --flake .#wintermute
sudo nixos-rebuild switch --flake .#matrix

Update flake lockfile:

nix flake update

Note: matrix tracks nixpkgs-stable (25.11) rather than unstable and has no Home Manager user environment — it is a headless server only. Secrets are managed via sops-nix; the encrypted file lives at secrets/matrix/synapse.yaml and is decrypted at runtime using the host's /etc/ssh/ssh_host_ed25519_key.

Distrobox

Distrobox containers are configured in hosts/common.nix with access to Nix-installed executables. Three things make this work:

  1. Bind mounts expose the Nix store and user profile symlinks into every container (read-only):

    • /nix/store
    • /etc/profiles/per-user
    • /etc/static/profiles/per-user

  2. An init hook creates /etc/profile.d/nix-path.sh inside the container on first entry, which adds /etc/profiles/per-user/$USER/bin to PATH. This is necessary because NixOS normally sets PATH via /etc/set-environment during login, and that mechanism doesn't exist inside the container.

  3. Podman is the container runtime (virtualisation.podman).

Flake input note

Inputs currently point at private Forgejo mirrors over SSH (see flake.nix). If you are not on that network/account, replace input URLs with upstream sources before running updates.