A declarative, modular NixOS/Home Manager flake configuration managing multiple systems with a tag-based architecture for maximum code reuse and flexibility.
| Host | Type | System | Version | Description |
|---|---|---|---|---|
| rotterdam | Desktop | x86_64-linux | NixOS Unstable | Primary workstation with gaming, development |
| io | Laptop | x86_64-linux | NixOS Unstable | Mobile workstation |
| alexandria | Server/NAS | x86_64-linux | NixOS 25.05 | Personal server running Nextcloud, Forgejo, Jellyfin, Vaultwarden |
| trantor | VPS | aarch64-linux | NixOS 25.05 | Oracle Cloud instance |
- Tag-based module system - Compose configurations using tags instead of traditional inheritance
- Flake-based - Fully reproducible builds with locked dependencies
- Multi-platform - Supports both x86_64 and aarch64 architectures
- Deployment automation - Remote deployment via deploy-rs
- Niri compositor - Custom fork with auto-centering window columns
- Unified theming - Stylix-based theming
- Wayland-native - Full Wayland support
- Ephemeral root - Impermanent filesystem using BTRFS for atomic rollback capability
- Nextcloud - Cloud storage with calendar, contacts, and notes
- Forgejo - Self-hosted Git server
- Jellyfin - Media streaming
- Vaultwarden - Password manager backend
- LibreSpeed - Network speed testing
- All services behind Nginx and Tailscale with automatic SSL via Let's Encrypt
- Agenix - Encrypted secrets management
- Tailscale - Zero-config VPN mesh network
- Firewall - Configured on all hosts
- SSH key-based authentication
.
├── flake.nix # Main flake definition
├── utils.nix # Tag-based module system utilities
├── nixosConfigurations.nix # Host definitions with tags
├── homeConfigurations.nix # User configurations
├── deploy.nix # Remote deployment configuration
├── hosts/
│ ├── alexandria/ # Server-specific config
│ ├── io/ # Laptop-specific config
│ ├── rotterdam/ # Desktop-specific config
│ ├── trantor/ # VPS-specific config
│ └── modules/
│ ├── common/ # Shared base configuration
│ ├── desktop/ # Desktop environment setup
│ ├── server/ # Server-specific modules
│ └── [tag].nix # Optional feature modules
├── users/
│ └── modules/ # Home Manager configurations
│ └── [tag].nix # Optional feature modules
├── packages/ # Custom package definitions
└── secrets/ # Encrypted secrets (agenix)
Configurations are composed using tags that map to modules:
Common Tags (all hosts):
common- Base system configuration (automatically applied)
General Tags:
desktop- Mostly full desktop environment with Niri WMdev- Development tools and environmentsgaming- Steam, Heroic, gamemode, controller supportephemeral- Impermanent root filesystemnetworkmanager- WiFi and network managementlibvirtd- KVM/QEMU virtualizationpodman- Container runtimebluetooth- Bluetooth supportfwupd- Firmware update daemon
Server Tags:
server- Server-specific configuration
# Local rebuild
sudo nixos-rebuild switch --flake .#hostname
# Remote deployment
deploy .#hostnamenix flake update- Create host directory in
hosts/ - Define configuration in
nixosConfigurations.nixwith appropriate tags - Add deployment profile in
deploy.nixif needed
- nixpkgs - Stable (25.05) and unstable channels
- home-manager - User configuration
- agenix - Secrets management
- disko - Declarative disk partitioning
- stylix - System-wide theming
- niri-flake - Wayland compositor (custom fork)
- impermanence - Ephemeral filesystem support
- deploy-rs - Remote deployment
- nix-flatpak - Declarative Flatpak management