/systems

The declaration on my systems (soon)

Primary LanguageNix

The declaration of my systems

I grew tired of confusing flake based NixOS configuration frameworks, so here goes an attempt to have saner and more reliable system configuration repository.

Currently this repository contains a rough sketch of the configuration framework, so it's not fully functional yet with important features missing. It's possible to test out the current bare bones example with the following command:

nixos-rebuild build-vm --flake .#test

Goals

  • Have all of my systems configured in one place in declarative, stateless and reproducable fashion,
  • Have modular configuration that I can share between systems and that can be copied by others,
  • Have a very stable core configuration, so that I don't have to worry that everything will break on flake update,
  • Keep the codebase readable enough so that future me and other potential readers can find what they're looking for and understand how different parts of the codebase interact with each other.

Structure

  • Everything starts from flake.nix. To keep it concise, flake outputs are generated by functions under ./lib.

  • All hosts are declared as directories under ./hosts. Hostname by default matches the directory name, but can be overriden for networking purposes. The host directories contain nix source files, which will be loaded as NixOS configuration modules.

    Each host module is expected to evaluate as lambda which can accept the following arguments:

    • pkgs - The instantiated default nixpkgs attr set.
    • config - The current systems root configuration attr set.
    • options - The declarations of NixOS configuration options.
    • lib - Alias to pkgs.lib.
    • inputs - Flake's inputs.
    • presets - Presets recursively loaded from ./presets, see the next point for details.
    • host - The name of the current NixOS host.
    • hostCfg - Host specific config that was defined in flake.nix.

    Host module is expected to contain only host specific configuration and should be kept as minimal as possible. Majority of configuration is expected to be defined in form of presets, which are described in the next point.

  • For modularity almost all system configuration should be split into atomic presets under ./presets directory tree. Nix files in this directory tree follow the same format as described in previous point. This directory may contain arbitrary subdirectory structure, which will get recursively loaded as deep attr set exposed as flake output presets. Presets may import other presets, which can be useful for grouping together presets that, for example each laptop or server should have. For example, common server configuration preset could be defined in the following way:

    {presets, ...}: {
  imports = [
    presets.networking.ssh
    presets.tools.vim
    presets.tools.htop
  ];
}

  • Secrets are managed with agenix and it's files are kept in ./secrets. Nothing magical is going on here, consult official agenix documentation.