Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/divitmittal/os-nixcfg

nix (via nix-darwin, nixos, nix-on-droid, home-manager, etc.) declarative configurations to attain my deterministically reproducible layer
https://github.com/divitmittal/os-nixcfg

flake-parts flakes home-manager nix nix-darwin nix-on-droid nixos nixos-wsl

Last synced: about 1 year ago
JSON representation

nix (via nix-darwin, nixos, nix-on-droid, home-manager, etc.) declarative configurations to attain my deterministically reproducible layer

Awesome Lists containing this project

README 

          


    


        An abstract image of a donut-like object

        
OS-nixCfg


        My personal declarative Nix configurations for macOS, Android, and Linux (NixOS/WSL).

    





---





    


    


        

        

            stars

        

        

            size

        

        

            license

        

         

            nixpkgs

        

        repo-top-language

        repo-language-count

        nix-flake-check

    


    





---



## πŸ“œ Overview



This repository contains primarily [nix](https://github.com/nixos/nix) configurations, leveraging [Nix Flakes](https://nixos.wiki/wiki/Flakes), [Home Manager](https://github.com/nix-community/home-manager), and system-specific modules ([NixOS](https://nixos.org/), [nix-darwin](https://github.com/LnL7/nix-darwin), [nix-on-droid](https://github.com/nix-community/nix-on-droid)) to achieve a purely declarative, reproducible, and consistent environment across multiple OSes on multiple hosts for multiple users:



- 🍎 **macOS** (via `nix-darwin`)

- πŸ€– **Android** (via `nix-on-droid`)

- 🐧 **\*nix (NixOS)** (including WSL via `NixOS-WSL`)



## πŸ“ Project Structure



The repository is organized using [flake-parts](https://github.com/hercules-ci/flake-parts) for better modularity.



```

└── OS-nixCfg/

    β”œβ”€β”€ assets/

    β”‚Β Β  └── qezta.png

    β”œβ”€β”€ flake/

    β”‚Β Β  β”œβ”€β”€ default.nix

    β”‚Β Β  β”œβ”€β”€ devshells.nix

    β”‚Β Β  β”œβ”€β”€ formatters.nix

    β”‚Β Β  β”œβ”€β”€ mkHost.nix

    β”‚Β Β  └── pre-commit.nix

    β”œβ”€β”€ flake.lock

    β”œβ”€β”€ flake.nix

    β”œβ”€β”€ home/

    β”‚Β Β  β”œβ”€β”€ common

    β”‚Β Β  β”œβ”€β”€ comms

    β”‚Β Β  β”œβ”€β”€ default.nix

    β”‚Β Β  β”œβ”€β”€ desktop-env

    β”‚Β Β  β”œβ”€β”€ dev

    β”‚Β Β  β”œβ”€β”€ keyboard

    β”‚Β Β  β”œβ”€β”€ media

    β”‚Β Β  β”œβ”€β”€ tools

    β”‚Β Β  β”œβ”€β”€ tty

    β”‚Β Β  └── web

    β”œβ”€β”€ hosts/

    β”‚Β Β  β”œβ”€β”€ common

    β”‚Β Β  β”œβ”€β”€ darwin

    β”‚Β Β  β”œβ”€β”€ default.nix

    β”‚Β Β  β”œβ”€β”€ droid

    β”‚Β Β  └── nixos

    β”œβ”€β”€ lib/

    β”‚Β Β  └── default.nix

    β”œβ”€β”€ LICENSE

    β”œβ”€β”€ modules/

    β”‚Β Β  β”œβ”€β”€ common

    β”‚Β Β  β”œβ”€β”€ home

    β”‚Β Β  └── hosts

    β”œβ”€β”€ nix.nix

    β”œβ”€β”€ README.md

    β”œβ”€β”€ scripts/

    β”‚Β Β  β”œβ”€β”€ home_rebuild.sh

    β”‚Β Β  └── hosts_rebuild.sh

    β”œβ”€β”€ SECURITY.md

    └── shell.nix

```



## ❄️Flake Inputs



This flake relies on several external inputs to manage dependencies and configurations:



- **`nixpkgs`**: The core Nix package set (tracking `nixpkgs-unstable`).

- **`flake-parts`**: Used for structuring the flake outputs with modularity.

- **`home-manager`**: Manages user-level configurations and dotfiles.

- **`nix-darwin`**: Enables declarative macOS system configuration.

- **`nix-on-droid`**: Enables declarative Android configuration via Termux fork.

- **`NixOS-WSL`**: Provides modules for running NixOS on WSL.

- **`nix-homebrew`**: For Homebrew bootstrapping within `nix-darwin`.

- **`agenix` / `ragenix`**: Used for managing secrets declaratively via age encryption.

- **`OS-nixCfg-secrets`**: **(Private Repository)** Contains encrypted secrets managed by `agenix`.

- **`Nvim-Cfg`**: My external Neovim configuration repository.

- **`nvchad4nix`**: Integrates Neovim configurations (like NvChad or custom starters) with Home Manager.

- **`kanata-tray`**: Provides a system tray application for managing Kanata keyboard remapping presets.

- **`devshell`**: Provides a convenient development shell

- **`pre-commit-hooks`**: Manages Git hooks for code quality and formatting.

- **`systems`**: Provides standard system identifiers list (e.g., `x86_64-darwin`).

- **(Other dependencies)**: Various helper flakes and libraries.



_(See `flake.nix` for the complete list and specific sources)_



## πŸ”’ Secrets Management



Secrets (API keys, passwords, sensitive configurations) are managed using [agenix](https://github.com/ryantm/agenix) or specificaly [ragenix](https://github.com/yaxitech/ragenix).



1.  Secrets are encrypted using `ssh` keys. My public key is explicitly available to `ragenix`.

2.  The encrypted files reside in a **private** GitHub repository: `DivitMittal/OS-nixCfg-secrets`. This repository is referenced as a flake input.

3.  During the Nix build process, `agenix` decrypts these files using my private key (which must be present on the target machine at `~/.ssh/agenix/id_ed25519`).

4.  The decrypted files are placed in the Nix store and symlinked to their target locations.



⚠️ **Building this configuration requires access to the private `OS-nixCfg-secrets` repository and the corresponding private `ssh` key.**



## πŸ”— Related Repositories



- [DivitMittal/Nvim-Cfg](https://github.com/DivitMittal/Nvim-Cfg): Pure lua standalone Neovim configuration, used as an input via `nix4nvchad`.

- `DivitMittal/OS-nixCfg-secrets`: (Private) Contains encrypted secrets managed by `agenix`.

- [DivitMittal/TLTR](https://github.com/DivitMittal/TLTR): Cross-platform complex multi-layer keyboard layout tailored for programmers .






[![][back-to-top]](#top)






[back-to-top]: https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square&color=purple