Leveraging nix, nix-os, nix-darwin, and home-manager to apply machine and home configurations

Structure

.
├── flake.nix                  # Simplified entry point using flake-parts
├── flake-module.nix           # Flake-parts module with autowiring logic
├── flake.lock                 # Lockfile (updated daily via GitHub Actions)
├── lib/
│   └── autowire.nix           # Helper functions for auto-discovering configs/modules
├── configurations/            # Host-specific configurations
│   ├── nixos/                 # NixOS hosts
│   │   ├── nas/               # NixOS NAS server (Proxmox, ZFS, Samba, etc.)
│   │   ├── home/              # NixOS VM running in NAS
│   │   └── cloud/             # NixOS VM running in Oracle Cloud
│   └── darwin/                # macOS hosts
│       ├── Jeffs-M3Pro.nix    # Personal MacBook Pro
│       └── work-laptop.nix    # Work MacBook Pro
├── users/                     # Home Manager configurations by user
│   ├── jeff/
│   │   ├── default.nix        # Shared jeff user settings
│   │   └── hosts/             # Per-host configurations
│   │       ├── Jeffs-M3Pro.nix
│   │       ├── work-laptop.nix
│   │       ├── home.nix
│   │       └── cloud.nix
│   └── nix/
│       ├── default.nix        # Shared nix user settings
│       └── hosts/
│           └── nas.nix
├── modules/                   # Reusable modules with enable options
│   ├── nixos/                 # NixOS modules (base, zfs, docker, etc.)
│   ├── darwin/                # Darwin modules (base, homebrew)
│   └── home/                  # Home Manager modules (cli, fish, dev, etc.)
├── overlays/                  # Custom package overlays
├── packages/                  # Custom packages not in nixpkgs
├── secrets/                   # Encrypted secrets directory (git-crypt)
└── secrets.nix                # Encrypted secrets file (git-crypt)

Key Concepts

• Autowiring: Configurations and modules are auto-discovered based on directory structure
• Modular Architecture: All features are opt-in modules with enable options
• Separation of Concerns: Configurations (what to enable) vs Modules (how it works)
• User-first Home Manager: Organized as users/<user>/hosts/<host>.nix

Background

Everyone keeps gushing about how amazing Nix is and I want to get in on the hype cycle

Goals

• Learn nix
• Mostly reproduce features from my existing dotfiles
• Replace existing ubunut-based 'home VM'
• Expand usage to other shell environments such as WSL, Macbook, etc
• handle secrets - ideally using 1Password and not SOPS - using git-crypt for now
• try agenix for secrets handling
• introduce the concept of impermanence where appropriate

References

• Misterio77/nix-starter-config
• How to learn Nix
• home-manager
• Zero to Nix: Everything I Know About Nix & NixOS
• Walkthrough of Nix Install and Setup on MacOS (YouTube)
• NixOS as a server, part 1: Impermanence
• budimanjojo/dotfiles
• wrmilling/nixos-configuration
• gshpychka/dotfiles-nix
• wimpysworld/nix-config

Old Dotfiles

Old dotfiles are still accessible in archive branch