This is my (tejing's) personal NixOS configuration flake.
It isn't really intended for actual use by others, but examining the code may be interesting. Even so, it should build even without the keys to git-crypt unlock
it, since I use self.lib.readSecret
/self.lib.importSecret
to access the encrypted files, and provide a non-secret default value for the case where they aren't unlocked.
- My nixos config is split into many profiles which can be found under
nixosConfigurations/tejingdesk/
. - My home-manager config is split into many profiles which can be found under
homeConfigurations/tejing/
.
File layout generally follows the flake output structure through the use of various forms of self.lib.importAll
, which imports every .nix
file and every directory with a default.nix
, to form an attrset.
I've tried to expose components that may be useful on their own as flake outputs, accessing them through self
in my main configuration.
- I use
my.*
options, which are also re-supplied through themy
module argument, in both home-manager and nixos. This hierarchy contains components fromself
, and configuration options for any locally defined modules.my.lib
contains the output ofself.libFunc
, applied to whatever nixpkgs instance is appropriate, orself.lib
if there is no appropriate nixpkgs instance available.my.pkgs
contains the output ofself.packagesFunc
, applied to whatever nixpkgs instance is appropriate.my.overlays
isself.overlays
- I expose my packages through the
self.packagesFunc
output, which I then use to createself.packages.*
.self.packagesFunc
accepts a nixpkgs instantiation (apkgs
value) as an input, and uses it to generate the output packages. This way, I can expose these packages as external outputs, but also incorporate them into my nixos config and have overlays and unfree options and such apply. Not to mention my config evaluates faster if I don't have to instantiate nixpkgs multiple times. - I incorporate system-specific, but non-package, values into my personal
lib
, rather than throwing them in with my packages, as nixpkgs does. This, however, means there are multiple versions of mylib
. Non-system-specificlib
components are defined inlib/
and make it intoself.lib
. System-specificlib
components are defined inlibFunc/
and can only be accessed whenlib
has been instantiated with a specific nixpkgs instance, such as inself.libFor.${system}
. - I expose my flake inputs as
self.inputs
, which can be useful for getting at things withnix eval
.
self.packages.*.hred
packages hred through node2nix. It's the best tool I know to grab meaningful datastructures from html. Pipe the output into jq and you have a very versatile web scraping tool. I don't think there's anything better short of a headless browser.self.overlays.editline-urxvt-home-end-fix
patches editline to recognize thehome
andend
keys correctly inurxvt
, makingnix repl
much easier to work with in that terminal emulator. The patch has been accepted upstream, but has not yet made it into a release.self.overlays.steam-fix-screensaver
gets around a longtime bug in the steam client which causes it to prevent screesaver activation as long as the steam client is running at all, even just in the system tray. It does this byLD_PRELOAD
ing a special library that stubs the sdl call being used to accomplish it. Note that this overlay won't work for everyone out of the box, because it needs to know which$PLATFORM
values to build for. These can be specified easily by altering an attrset in the overlay code. See the comment there for more information.self.packages.*.starsector
packages starsector throughbuildFHSUserEnv
. I tried making it work through patchelf as well as by using a nixpkgs-built JVM, but both failed. It's ugly, but it works. It also redirects all relevant saved state to${STARSECTOR_CONFIG_DIR:-$HOME/.config/starsector}
.self.homeModules.sfeed
is a module to generate a fairly complex~/.sfeed/sfeedrc
from structured data, and automate running ofsfeed_update
. It allows overrides ofsfeed_update
's functions to be specified together with the feed, and applied by case-match on the feed name at runtime. It also uses resholve to sanity check and avoid PATH dependence in the producedsfeedrc
.