9.6 KiB
9.6 KiB
Agent Guide
Directory Structure
/etc/nixos/
├── flake.nix # Main flake configuration
├── flake.lock # Locked versions
├── AGENTS.md # This file
├── treefmt.nix # Code formatting config
├── qemu.nix # QEMU testing config
│
├── systems/ # System configurations by architecture
│ ├── aarch64-linux/
│ │ ├── macbook-pro-nixos/ # Apple Silicon MacBook
│ │ │ ├── default.nix
│ │ │ ├── boot.nix
│ │ │ ├── services.nix # logind, gdm, gnome, flatpak, etc.
│ │ │ ├── filesystems.nix
│ │ │ ├── hardware-configuration.nix
│ │ │ └── firmware/ # Asahi firmware
│ │ └── pi5/ # Raspberry Pi 5
│ │ ├── default.nix
│ │ ├── boot.nix
│ │ ├── adguard.nix
│ │ └── sops.nix
│ ├── x86_64-linux/
│ │ ├── matt-nixos/ # Desktop AMD system
│ │ │ ├── default.nix
│ │ │ ├── boot.nix
│ │ │ ├── filesystems.nix
│ │ │ ├── sops.nix
│ │ │ └── services/
│ │ │ ├── lsfg-vk/
│ │ │ ├── ratbagd/
│ │ │ └── restic/
│ │ ├── allyx/ # ASUS ROG Ally X
│ │ │ ├── default.nix
│ │ │ └── boot.nix
│ │ ├── nuc-nixos/ # Intel NUC
│ │ ├── jallen-nas/ # NAS server
│ │ └── iso-minimal/
│ └── aarch64-darwin/
│ └── macbook-pro/ # macOS (nix-darwin)
│
├── homes/ # Home-manager configurations
│ ├── aarch64-linux/
│ │ └── matt@macbook-pro-nixos/
│ │ └── default.nix
│ ├── x86_64-linux/
│ └── aarch64-darwin/
│
├── modules/ # Shared modules
│ ├── nixos/ # NixOS system modules
│ ├── home/ # Home-manager modules
│ └── darwin/ # nix-darwin modules
│
├── packages/ # Custom package overlays
│ ├── omnissa/
│ ├── bcachefs/
│ ├── raspberrypi/
│ ├── comfyui/
│ ├── homeassistant/
│ ├── librepods-beta/
│ └── ...
│
└── secrets/ # SOPS secrets
├── secrets.yaml # Master key config
└── *-secrets.yaml # Per-host secrets
System Configurations
macbook-pro-nixos (Apple Silicon MacBook)
- Path:
systems/aarch64-linux/macbook-pro-nixos/ - Key files:
services.nix:72-81- logind/sleep settingsdefault.nix- main config, imports all partsboot.nix- systemd-boot, kernel params
- Features: Asahi Linux, GNOME, Hyprland option, battery management
matt-nixos (AMD Desktop)
- Path:
systems/x86_64-linux/matt-nixos/ - Features: AMD GPU (LACT), GNOME, gaming, Lanzaboote
allyx (ASUS ROG Ally X)
- Path:
systems/x86_64-linux/allyx/ - Features: Jovian NixOS, Steam, handheld-daemon, AMD GPU
pi5 (Raspberry Pi 5)
- Path:
systems/aarch64-linux/pi5/ - Features: Headless, AdGuard, Docker, static IP, UEFI boot
jallen-nas (NAS Server)
- Path:
systems/x86_64-linux/jallen-nas/ - Features: Headless, VPN, bcachefs, restic backups
NixOS Modules (modules/nixos/)
Desktop Environments
desktop/gnome/default.nix- GNOME configurationdesktop/hyprland/default.nix- Hyprland configurationdesktop/cosmic/default.nix- Cosmic DE configuration
Hardware
hardware/amd/default.nix- AMD GPU (LACT)hardware/nvidia/default.nix- NVIDIA GPUhardware/battery/default.nix- Battery managementhardware/raspberry-pi/- Raspberry Pi support
Boot & System
boot/common/- Common boot settingsboot/lanzaboote/- Lanzaboote (secure boot)boot/systemd-boot/- Systemd-boot configboot/plymouth/- Plymouth splash screen
Networking
network/default.nix- Network configuration (hostname, firewall, NM)network/options.nix- Network module options
Other Services
headless/default.nix- Headless server config (watchdog, no suspend)gaming/default.nix- Steam, Gamescope, Gamemodeprograms/default.nix- System programs (nix-index, gnupg, etc.)
Home-Manager Modules (modules/home/)
Programs
programs/waybar/- Wayland barprograms/hyprland/- Hyprland configprograms/kitty/- Kitty terminalprograms/wofi/- Wofi launcherprograms/wlogout/- Logout menuprograms/btop/- System monitorprograms/git/- Git configurationprograms/zsh/- Zsh configurationprograms/mako/- Notification daemon
Desktop
desktop/gnome/- GNOME settingsdesktop/stylix/- Stylix theming
Services
services/sops/- SOPS integration
Custom Packages (packages/)
omnissa/- Omnissa Horizon clientbcachefs/- Bcachefs toolsraspberrypi/- Raspberry Pi firmware/toolscomfyui/- ComfyUI packageshomeassistant/- Home Assistant componentslibrepods-beta/- LibrePODS beta (AirPods support)
Common Patterns
Enable a desktop environment
${namespace}.desktop.gnome.enable = true;
${namespace}.desktop.hyprland.enable = true;
Enable SOPS
${namespace}.sops.enable = true;
Enable headless mode
${namespace}.headless.enable = true;
System imports
imports = [
./boot.nix
./filesystems.nix
./hardware-configuration.nix
./services.nix
];
Namespace options (flake.nix:253)
namespace = "mjallen";
SOPS Secrets
Secrets are encrypted with SOPS. Each system has its own secrets file:
secrets/mac-secrets.yaml- macbook-pro-nixossecrets/pi5-secrets.yaml- pi5secrets/allyx-secrets.yaml- allyxsecrets/nuc-secrets.yaml- nuc-nixossecrets/nas-secrets.yaml- jallen-nas
Flake Inputs (flake.nix)
Key inputs:
nixpkgs-unstable- Unstable channelnixpkgs-stable- Stable channel (25.11)home-manager-unstable- Home-managernixos-apple-silicon- Apple Silicon supportnixos-hardware- Common hardware configsdisko- Disk partitioningsops-nix- Secrets managementlanzaboote- Secure bootjovian- Steam Deck support (allyx)
Lib Module (lib/)
Custom utility library exposed via lib.mjallen.* through Snowfall Lib. Used for creating modules and managing versions.
Directory Structure
lib/
├── default.nix # Entry point: exports module, file, versioning
├── README.md # Detailed documentation
├── module/ # Module creation helpers
│ └── default.nix
├── file/ # File/path utilities
│ └── default.nix
└── versioning/ # Multi-source version pinning
└── default.nix
Module Utilities (lib.mjallen.module)
mkModule - Create NixOS service modules with standardized options:
lib.mjallen.module.mkModule {
config, name, description, options, moduleConfig, domain ? "services"
}
Standard options: enable, port, reverseProxy, firewall, createUser, configureDb, redis, puid, pgid, timeZone, etc.
mkContainerService - For Podman/OCI containers (auto-generates container definition):
lib.mjallen.module.mkContainerService {
config, name, image, internalPort, description, options, volumes, environment
}
mkSopsEnvFile - Generate SOPS secrets + template env-file:
lib.mjallen.module.mkSopsEnvFile {
secrets, name, content, restartUnit, owner, group, mode, sopsFile
}
Option Helpers:
mkOpt type default description- Standard optionmkBoolOpt default description- Boolean optionmkReverseProxyOpt name- Caddy reverse proxy sub-options
Convenience Shorthands:
enabled={ enable = true; }disabled={ enable = false; }
Home Manager Utilities
mkHomeModule - Create Home Manager modules:
lib.mjallen.module.mkHomeModule {
config, domain, name, description, options, moduleConfig
}
File Utilities (lib.mjallen.file)
readFile path- Read file contentspathExists path- Check if path existssafeImport path default- Safe Nix importgetFile relativePath- Get path relative to flake rootimportModulesRecursive path- Recursively discover Nix modulesscanSystems systemsPath- Discover system configurationsfilterNixOSSystems systems- Filter for Linux systemsfilterDarwinSystems systems- Filter for macOS systemsscanHomes homesPath- Parse home-manager configurations
Versioning Utilities (lib.mjallen.versioning)
For packages with version.json (multi-variant source pinning):
selectVariant spec variantName system- Select variant from specrender value variables- Template substitution (${var})mkSrc pkgs comp variables- Build single sourcemkAllSources pkgs selected- Build all sources for selected variant
See lib/versioning/default.nix for full API and docs/version.schema.json for schema.
Usage in Packages
Create packages/<name>/version.json with variant definitions, then use:
let
versioning = inputs.self.lib.mjallen.versioning;
spec = inputs.self.lib.mjallen.file.readFile ./version.json;
selected = versioning.selectVariant spec variantName system;
sources = versioning.mkAllSources pkgs selected;
in
# Use sources.componentName for each source